1114 Commits

Author	SHA1	Message	Date
Luke Taylor	57f3d268a1	SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys.	2007-08-27 17:17:25 +00:00
Luke Taylor	1c72b7989e	Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl.	2007-08-27 17:14:23 +00:00
Luke Taylor	82599a72ba	Reformatted LogoutFilter.	2007-08-27 16:56:33 +00:00
Luke Taylor	f8689b18b2	SEC-526: Fixed. Support for different case prefixes ({SHA}, {sha} etc).	2007-08-27 16:23:14 +00:00
Luke Taylor	0425d3b638	Rolled back unnecessary changes (whitespace, imports etc) for SEC-398 to make actual change from revision 1858 clearer.	2007-08-27 13:29:39 +00:00
Ben Alex	db3024f9a4	SEC-271: Revert Ordered and ApplicationContextAware usage at this time, due to release of 1.0..	2007-08-25 00:15:30 +00:00
Vishal Puri	2b4d8a6378	Removed print statement	2007-08-22 04:48:04 +00:00
Luke Taylor	3fbc7beb88	SEC-251: Document use of {1} parameter in javadoc for DefaultLdapAuthoritiesPopulator.	2007-08-17 15:45:57 +00:00
Vishal Puri	bc30b903f8	SEC-398: Lazy update of 'filterApplied' to true	2007-07-25 05:34:40 +00:00
Luke Taylor	a499e74102	SEC-449: Add spring-ldap dependency to pom.xml.	2007-07-24 17:23:47 +00:00
Luke Taylor	b646a06443	Fix for SEC-512. Removed unnecessary context creation.	2007-07-24 17:01:36 +00:00
Luke Taylor	aea1148ffb	Fix broken test caused by null application context in AbtractAccessDecisionManager when auto-detection of voters is called.	2007-07-24 16:48:49 +00:00
Vishal Puri	c5cc42e16c	made two instance variables protected for RBA solution	2007-07-23 07:59:28 +00:00
Vishal Puri	5ea8232f84	SEC-484: fixed concurrency issue	2007-07-23 07:58:31 +00:00
Vishal Puri	0e46e5307c	SEC-271: added Ordered interface to AcessDecisionVoters	2007-07-06 13:34:43 +00:00
Vishal Puri	ef38844a6d	Improved comments and made TokenBasedRememberMeServices modular to support subclasses	2007-06-27 08:33:37 +00:00
Ray Krueger	0159b617cf	Refactored the failureUrl lookup into a protected method to allow customization	2007-06-19 13:09:57 +00:00
Vishal Puri	b2c30277f4	SEC-271: work on security:autoconfig	2007-06-19 04:08:19 +00:00
Carlos Sanchez	165d2c0122	[maven-release-plugin] prepare for next development iteration	2007-06-02 21:28:53 +00:00
Carlos Sanchez	942b5d7345	[maven-release-plugin] prepare release acegi-security-1.0.4-maven2	2007-06-02 21:21:51 +00:00
Ben Alex	4561c3a1f1	Remove unused imports that were causing warnings.	2007-05-25 05:33:06 +00:00
Ben Alex	e252f4a497	Make compatible with Assert static class in Spring 1.2.9.	2007-05-25 05:32:32 +00:00
Vishal Puri	5b97b3458c	utility class added required to copy ordering information from one object to another	2007-05-25 03:25:28 +00:00
Ben Alex	10bf40fc03	SEC-472: Provide support for subclasses to select the login form URL to use for a given request.	2007-05-25 03:21:17 +00:00
Vishal Puri	b30162191e	SEC-271: Moved spring security namespaces cnfig code to sandbox	2007-05-25 03:17:12 +00:00
Ben Alex	a8b402462e	SEC-470: Provide flexibility to customize cookie name.	2007-05-25 03:12:49 +00:00
Ben Alex	24b31c0c57	SEC-443: Provide useRelativeContext property.	2007-05-25 02:55:25 +00:00
Ben Alex	c8d5374602	SEC-436: Add hashCode() methods.	2007-05-25 02:28:40 +00:00
Ben Alex	95735017e6	SEC-421: MutableAcl.setParent(MutableAcl) method to accept Acl parameter, not MutableAcl.	2007-05-25 02:22:18 +00:00
Ben Alex	d0d645788a	SEC-405: Extract out target URL determination method.	2007-05-25 02:07:44 +00:00
Ben Alex	998fc938df	SEC-403: Add support for Chinese.	2007-05-25 02:04:44 +00:00
Ben Alex	296d235135	SEC-343: Make obtainAllDefinedFilters() protected.	2007-05-25 02:03:12 +00:00
Ben Alex	1fa89e99c4	SEC-307: Preserve result of AuthenticationManager.authenticate(Authentication).	2007-05-25 02:00:37 +00:00
Ben Alex	3b9a8dc53e	SEC-444: Handle synchronization issues if multiple authentications taking place for same session ID concurrently.	2007-05-25 01:38:42 +00:00
Ben Alex	4f13db5552	SEC-398: Delay sending of redirect until after HttpSession updated with revised SecurityContextHolder contents.	2007-05-25 01:24:07 +00:00
Vishal Puri	4c6d132ead	SEC-411: fixed broken unit tests as a consequence of adding anoter constructor argument	2007-05-24 23:35:01 +00:00
Vishal Puri	220ba29fc6	SEC-411: another constructor argument added as required in SecurityContextHolderAwareRequestWrapper	2007-05-24 23:20:40 +00:00
Ben Alex	0736f4ffa0	SEC-305: Retain SecurityContext when rendering error pages.	2007-05-24 02:04:47 +00:00
Ben Alex	6ea8899134		2007-05-24 00:47:12 +00:00
Ben Alex	5b3c633790	SEC-451: Correctly handle an empty context path.	2007-05-24 00:18:09 +00:00
Ben Alex	c8c37c8935	SEC-439: Do not modify the object (ie replace it with null) unless the provider is supposed to fire according to the processDomainObjectClass property.	2007-05-23 07:04:22 +00:00
Ben Alex	a3c992113e	SEC-459: Provide local argument to the message source accessor.	2007-05-23 06:57:07 +00:00
Ben Alex	a18bd9100c	SEC-474: Gracefully abort if username and password non-retrievable.	2007-05-23 06:48:42 +00:00
Ben Alex	f45c0944ef	SEC-478: Handle incorrect Base64 cookie encoding.	2007-05-23 06:45:45 +00:00
Ben Alex	5b8898c750	SEC-298: Ensure returned cookies have a maximum age equal to the TokenBasedRememberMeServices.tokenValiditySeconds property.	2007-05-23 06:43:47 +00:00
Ben Alex	ac3b142e4f	SEC-438: Made afterPropertiesSet() use instance variable instead of static variable.	2007-05-23 06:35:03 +00:00
Ben Alex	72a7d06ad1	SEC-476: Provide support for not logging interactive authentication events.	2007-05-23 06:31:32 +00:00
Ben Alex	f7e714b9da	Maven 2 polishing.	2007-05-23 04:20:54 +00:00
Vishal Puri	3f7e00c796	SEC-271: removed autowiring by type and explicity introspected the applicationContext to detect the required dependencies of userDetailsService	2007-05-18 03:21:21 +00:00
Vishal Puri	e3435da9ae	SEC-271: removed autowiring by type and explicity introspected the applicationContext to detect the required dependencies of userDetailsService	2007-05-18 03:20:28 +00:00