Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-30 22:28:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,934 Commits 48 Branches 362 Tags
Commit Graph

3022 Commits

Author SHA1 Message Date
Ben Alex
369ea24215 Extra mock functionality for new unit tests. 2004-05-24 00:02:09 +00:00
Ben Alex
3f6961d855 Improved exception handling if response already committed. 2004-05-23 23:57:29 +00:00
Francois Beausoleil
d5a6ea044d Implemented a fix for a NullPointerException as reported by Pierre-Antoine Gr�goire (pa.gregoire@free.fr) 
"The error comes from line 115 in AuthorizeTag....It seems there's no control
for a null value here..."

* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java:
  Added a new test to confirm the existence of the bug.

* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
  And fixed the failing test.
 2004-05-19 12:34:52 +00:00
Ben Alex
4cac2f1a62 Made serializable as per request by Mike Youngstrom. 2004-05-15 23:37:03 +00:00
Ben Alex
614f12448e Create a NullRunAsManager, which is used by default by the AbstractSecurityInterceptor. 2004-05-06 23:13:32 +00:00
Ben Alex
8713d4d52c Authentication subclasses Principal, so it's directly usable by classes that want a Principal. No implementations need to change if they subclass AbstractAuthenticationToken, as it implements the one and only method required by Principal. 2004-05-04 07:35:41 +00:00
Ben Alex
4152df1225 Allow filter to update multiple HttpSession attributes (useful if servlets etc expect to find an Authentication object in a given HttpSession attribute, like Jakarta Slide). 2004-05-04 07:27:57 +00:00
Ben Alex
eaa92cd80a Fixed issue with caching by making AbstractIntegrationFilter (and its subclasses) write the new Authentication object to the well-known location. 2004-04-30 05:16:08 +00:00
Ben Alex
ecac5a2eed Make ChannelDecisionManagerImpl iterate through a list of channel security processors. 2004-04-29 02:17:07 +00:00
Ben Alex
2421268baa Improve IE 6 bug detection logic. 2004-04-29 02:14:20 +00:00
Ben Alex
b61c05ff89 Change classes to use PortMapperImpl and PortResolverImpl by default. 2004-04-28 00:10:56 +00:00
Ben Alex
901c7d4752 Significantly enhance channel processing filter. 2004-04-27 06:21:00 +00:00
Ben Alex
e555d77d4e Move port mapping functionality into separate classes to allow reuse. Permit implementations to override the source port (required given some browsers do not respond to HTTP redirects correctly). 2004-04-27 06:17:53 +00:00
Ben Alex
c6a1b2b608 Clarify how URLs are constructed. 2004-04-27 06:14:57 +00:00
Ben Alex
8a4edca136 Support new key requirement on DAO authentication provider. 2004-04-27 06:00:39 +00:00
Ben Alex
2c97583f27 Filter to ensure web requests are received over a suitable secure channel. 2004-04-23 08:57:43 +00:00
Ben Alex
d65b0e0bd2 Add correct supports() method and tests. 2004-04-23 06:28:23 +00:00
Ben Alex
ed68b701b2 Add toString() method and test. 2004-04-23 06:27:50 +00:00
Ben Alex
e0d57de330 Add DaoAuthenticationProvider caching support. 2004-04-23 05:01:57 +00:00
Ben Alex
babb908fea Increase test coverage. 2004-04-23 04:51:56 +00:00
Ben Alex
83d871cd5d Enhance equals() method to detect key variances. 2004-04-23 03:45:16 +00:00
Colin Sampaleanu
6eb0a47632 fix FilterInvocation so it doesn't lose the tail end (past the servlet path) of the request url 2004-04-23 02:29:18 +00:00
Ben Alex
0537900357 Remove unnecessary code. 2004-04-23 02:08:58 +00:00
Colin Sampaleanu
e2de3c9dbc Enhance AuthenticationProcessingFilterEntryPoint and related classes, to support a property forcing the login page to be access via https even if the original intercepted request came in as http. 2004-04-22 21:47:05 +00:00
Colin Sampaleanu
20025da7c7 work on unit test, still some functionality to cover later 2004-04-22 11:54:52 +00:00
Colin Sampaleanu
2a46a975a5 allow automatic switch from http to https for login form. 
unit tests will be updated tomorow to cover new functionality.
 2004-04-22 03:56:55 +00:00
Colin Sampaleanu
ab9e783f79 after invocation, restore pre-RunAs Authentication regardless of exception that may be thrown by method being intercepted 2004-04-21 21:09:39 +00:00
Ben Alex
fa9b872570 Initial CAS support. 2004-04-19 07:34:32 +00:00
Ben Alex
b3f9f6f4e9 Updated tests to relocate common filter authentication functionality to an abstract parent. 2004-04-18 12:57:49 +00:00
Ben Alex
4500aba050 Expand unit test coverage. 2004-04-18 12:05:20 +00:00
Ben Alex
0a856b7f15 Expand coverage to test SaltProvider integration. 2004-04-18 12:04:43 +00:00
Ben Alex
872ace9164 Modify contract of AuthenticationProvider to allow AuthenticationProvider implementations to return null if they do not wish to process a given Authentication request, despite asserting they support it. 2004-04-18 12:03:07 +00:00
Ben Alex
a6b5b8d828 Initial commit. 2004-04-18 12:01:18 +00:00
Ben Alex
1cf2b333bd Relocate common filter authentication functionality to an abstract parent, and update JavaDocs accordingly. 2004-04-18 12:00:02 +00:00
Ben Alex
96fa2a5a75 Update encoders so they process salts. 2004-04-18 11:56:50 +00:00
Ben Alex
b06833e0d7 Unit tests must be named *Tests (note the plural). 2004-04-18 11:55:49 +00:00
Ben Alex
5dbef97a1d Expand unit test coverage. 2004-04-18 11:54:51 +00:00
Ben Alex
5b16c42e15 Enhance mock so it is told whether to grant or deny access. 2004-04-18 11:35:24 +00:00
Ben Alex
f38ed01b29 Detect nulls within GrantedAuthority[] passed to constructor. This ensures end-user DAO implementations are creating the User correctly. 2004-04-18 11:23:01 +00:00
Ben Alex
a0f809991d JavaDoc updates. 2004-04-18 05:56:07 +00:00
Colin Sampaleanu
3ceb492cb2 move password encoder tests to proper packages. 
rename saltSource param in PasswordEncoder interfce to salt. It was already called salt in subclasses, and is in fact supposed to be the salt, not the source for the salt, although depending on the implementation it may still be treated as the latter.
 2004-04-17 02:18:46 +00:00
Ben Alex
da5101cfb4 Make salt sources pluggable. 2004-04-17 01:29:52 +00:00
Ben Alex
03efc3e51f Improve JavaDocs. 2004-04-17 01:28:38 +00:00
Ben Alex
ae16d96121 Moved to net.sf.acegisecurity.providers.encoding. 2004-04-17 01:28:05 +00:00
Ben Alex
6815e693a7 Make SecurityEnforcementFilter support pluggable authentication entry points. Enhance BASIC authentication so it's a viable alternative to form-based authentication for user agents like IE and Netscape. 2004-04-16 14:22:15 +00:00
Ben Alex
7e85bbc054 Relaxed requirement so targetClass OR targetBean can be used (targetBean no longer requires targetClass to be specified as well). 2004-04-16 12:37:58 +00:00
Ben Alex
38835da164 Provide a proxy so filters can be loaded directly from the application context. 2004-04-16 06:31:48 +00:00
Ben Alex
7b59d5f189 Expand test coverage now that prefix is configurable. 2004-04-16 06:28:21 +00:00
Colin Sampaleanu
3d089aaa67 move and rename password encoding classes. 
change saltSource arument to salt argument, which impl may or may not use.
 2004-04-16 03:44:04 +00:00
Colin Sampaleanu
5d9d734735 more final version of the various PasswordEncoder implementations. 
add unit tests for PasswordEncoder implementations.
remove ignore password case and ignore username case flags and handling from DaoAuthenticationProvider.
remove requirement described in JavaDoc for AuthenticationDao that it ignore case when returning a user by username. Implementations may still do so if configured as such.
 2004-04-15 16:32:09 +00:00