Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-31 06:38:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,934 Commits 48 Branches 362 Tags
Commit Graph

3022 Commits

Author SHA1 Message Date
Luke Taylor
5d1cd29dfb Added tearDown method which resets the context to null to prevent occasional breaking of other test classes. 2005-03-12 13:44:00 +00:00
Luke Taylor
f578915728 Test class for X509 filter. 2005-03-11 17:42:39 +00:00
Luke Taylor
af02c42e9f First version that works. 2005-03-11 03:15:54 +00:00
Luke Taylor
fbb4bc0873 Added regexp matching within the DN to extract the user name. 2005-03-11 02:47:43 +00:00
Luke Taylor
29050b29b2 Dao populator tests for X.509. Tests matching of regexps in the certificate Subject to extract the user name. 2005-03-11 02:08:07 +00:00
Ben Alex
4763f953d3 FilterChainProxy now supports replacement of ServletRequest and ServetResponse by Filter beans. 2005-03-11 01:41:43 +00:00
Luke Taylor
5c86b97f37 First working (kind of) version. 2005-03-11 00:39:36 +00:00
Ben Alex
c5fe428400 Patch by Matt Raible which returns null if Authentication is anonymous. 2005-03-10 12:00:30 +00:00
Ben Alex
b898b87ffb Enhance test coverage as part of diagnosis of reported bug at http://forum.springframework.org/viewtopic.php?p=15751. 2005-03-10 11:39:32 +00:00
Ben Alex
15535fff41 SecurityEnforcementFilter caused NullPointerException when anonymous authentication used with BasicProcessingFilterEntryPoint. 2005-03-10 11:11:25 +00:00
Luke Taylor
08dbf66880 (Currently functionless) entry point implementation for X.509 2005-03-10 03:21:25 +00:00
Luke Taylor
aabcef4c69 Dao populator for X509, mirroring the CAS one. 2005-03-10 03:20:25 +00:00
Luke Taylor
fea1725f39 Removed inappropriate inheritance from AbstractProcessingFilter (doesn't make sense for X509 case). 2005-03-10 03:16:45 +00:00
Luke Taylor
ae91b58685 First stab at X509 authentication provider 2005-03-09 02:14:30 +00:00
Luke Taylor
da3801b914 Javadoc improvements. 2005-03-09 02:02:05 +00:00
Luke Taylor
559f480f4b Corrected Javadoc typos. 2005-03-07 22:35:28 +00:00
Luke Taylor
ab6d43ff08 Corrected Javadoc typo. 2005-03-07 16:53:42 +00:00
Ben Alex
051a34f859 Support credentialsExpiredUrl as per request made in http://forum.springframework.org/viewtopic.php?t=3862. 2005-03-07 12:23:48 +00:00
Luke Taylor
5c3799cd16 Changed "opal ticket" to "opaque ticket" in Javadoc. 2005-03-05 19:48:02 +00:00
Luke Taylor
124f33bb09 Corrected Javadoc typo 2005-03-05 18:27:05 +00:00
Luke Taylor
6b12779902 Minor Javadoc corrections 2005-03-05 18:23:04 +00:00
Luke Taylor
4ef54828c0 corrected javadoc link 2005-03-05 01:05:23 +00:00
Ben Alex
f1e071b0f1 Added remember-me services. 2005-03-01 02:30:38 +00:00
Ben Alex
0d33b06990 Fix NullPointerException if a pattern is given without any config attributes (eg /**/*.css=). Contributed by Konstantin Shaposhnikov. 2005-02-28 22:06:53 +00:00
Ben Alex
873c3f6c3d Improve Linux and non-Sun JDK (specifically IBM JDK) compatibility. 2005-02-28 03:02:32 +00:00
Ben Alex
d47a2190f7 Correct test failure on high performance JREs. 2005-02-27 07:16:38 +00:00
Ray Krueger
44397bb05d Committing ConcurrentSessionController feature and tests. Documentation is needed. 2005-02-26 21:48:07 +00:00
Ray Krueger
4125db5650 Added in a default constructor to use the original sessionid and a constructor for specifying the sessionId 2005-02-25 05:24:10 +00:00
Ben Alex
693ac5a24a Anonymous principal support. As requested by the community at various times, including in http://forum.springframework.org/viewtopic.php?t=1925. 2005-02-23 06:09:56 +00:00
Ray Krueger
3c4faf58c7 HttpSessionEventPublisher, HttpSessionCreatedEvent, HttpSessionDestroyedEvent 
Used together to provide published events in the ApplicationContext about HttpSessions.

Useful for things like Single Session logins.
 2005-02-23 02:54:41 +00:00
Ray Krueger
8b24b1cf7a MockFilterChain extended TestCase but had no public constructor and no test methods. 
The expectedToProceed test is internally handled by a static call to TestCase.assertTrue() and TestCase.fail()
 2005-02-23 02:47:31 +00:00
Ben Alex
a3818184f4 Added Digest Authentication support (RFC 2617 and RFC 2069). 2005-02-22 06:14:44 +00:00
Ben Alex
dda66a0454 Significantly refactor "well-known location model" to authentication processing mechanism and HttpSessionContextIntegrationFilter model. 2005-02-21 06:48:31 +00:00
Ben Alex
ba02d45677 Clean up imports. 2005-02-21 06:34:16 +00:00
Ben Alex
e52f3eacb1 Use WebAuthenticationDetails for Authentication.getDetails() by default. 2005-02-21 00:09:49 +00:00
Ben Alex
a5ea6f5436 Rewrite FilterChainProxy to separate functionality from FilterToBeanProxy and properly implement filter chaining issues. 2005-02-20 05:40:18 +00:00
Ben Alex
57842d4ba8 IoC container vs servlet container lifecycle separation. 2005-02-20 05:38:57 +00:00
Ben Alex
44f1c83dab Move MockFilterChain to external class. 2005-02-20 05:38:14 +00:00
Ben Alex
6d693ac0d4 Improve logging. 2005-02-20 05:37:13 +00:00
Carlos Sanchez
7c9fad0477 Added filter chain 2005-02-18 20:08:03 +00:00
Ben Alex
0b296e7cf0 Correct issue with JdbcDaoImpl default SQL query not using consistent case sensitivity as per http://forum.springframework.org/viewtopic.php?t=3526. 2005-02-15 07:14:59 +00:00
Ray Krueger
1949c3b27e Added AuthenticationException to the commence method signature of the AutenticationEntryPoint. The best example of this 
is the BasicProcessingFilterEntryPoint where the authException.getMessage() is used to send back an informative 401,
instead of just the error code.

Added AccessDeniedException to the sendAccessDeniedError method signature. The accessDeniedException.getMessage() result
is used to send an invormative 403 error back to the servletResponse by default.
 2005-02-15 03:28:18 +00:00
Ben Alex
beadf24610 Use static HttpServletResponse.SC_UNAUTHORIZED instead of 401 HTTP response code. 2005-02-13 00:59:48 +00:00
Ben Alex
6370fadfdc FilterSecurityInterceptor now only executes once per request (improves performance with SiteMesh). Suggested by Sanjiv Jivan. 2005-02-11 05:49:41 +00:00
Ben Alex
cbe53e21b9 HttpSessionIntegrationFilter no longer creates a HttpSession unnecessarily. 2005-02-10 07:15:20 +00:00
Ben Alex
834f69168d Support getUserPrincipal(). 2005-02-04 22:38:07 +00:00
Ben Alex
0be77abe75 Allow empty passwords as per http://forum.springframework.org/viewtopic.php?p=13343. 2005-02-04 09:43:33 +00:00
Ben Alex
4e6a4742bd Tapestry integration improvements, as per http://forum.springframework.org/viewtopic.php?p=13327 2005-02-04 07:36:46 +00:00
Ray Krueger
82c15b1874 The JaasAuthenticationCallbackHandler handle method now takes a callback and the authentication in progress, the setAuthentication method has been removed. 
The JaasAuthenticationProvider afterPropertiesSet method now makes use of the java.security.auth.login.config System property before trying to use the login.config.url.X properties.
 2005-01-31 05:16:32 +00:00
Carlos Sanchez
debc67fa6d Allow site deployment from each subproject 2005-01-19 22:18:37 +00:00