Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,288 Commits 34 Branches 337 Tags
Commit Graph

632 Commits

Author SHA1 Message Date
Ben Alex
5a51f391a4 Add UsernameNotFoundException to default exception to event mappings list. 2005-11-05 09:20:14 +00:00
Ben Alex
aa4fd8586c Fix concurrent session interaction bug where UserDetails.getUsername() may have been override to be a different value than the original login request, as per email from Herryanto Siatono on acegisecurity-developer 5 November 2005. 2005-11-05 03:50:22 +00:00
Ray Krueger
0aa4989dad JaasAuthenticationProvider no longer supports the useSystemProperty setting.This is because it no longer uses the java.security.auth.login.config system property for configuring Jaas. Custom Jaas configuration needs can be implemented in a subclass that overrides the configureJaas method. 
JaasAuthenticationProvider now handles logout by associating the LoginContext with a new JaasAuthenticationToken
 2005-11-04 15:02:27 +00:00
Ray Krueger
6049e9ac65 Removed string concatenation from buffer.append methods 2005-11-04 14:54:25 +00:00
Ben Alex
9be82a3d8f SEC-67: Enhance taglib to allow retrieval of custom UserDetails methods. 2005-11-03 13:51:55 +00:00
Ben Alex
31a1f0be1a SEC-52: Move potentially useful methods to an abstract superclass so that other voters can use them. 2005-11-03 13:47:44 +00:00
Ben Alex
6e389ca1b8 SEC-51: Use long instead of int for ACL primary keys. 2005-11-03 13:38:45 +00:00
Ben Alex
633f2cfe66 SEC-39: Add equals(Object) method to User. 2005-11-03 13:20:26 +00:00
Ben Alex
7faf2741f1 SEC-32: Patches to move isPermissable(int) method to the BasicAclEntry interface. Thanks to Andres March for this patch. 2005-11-03 13:08:43 +00:00
Ben Alex
a42dec6fbf SEC-21: Initial commit. 2005-11-03 12:56:27 +00:00
Ben Alex
e9b1d9452f SEC-9 and SEC-55: Refactor DaoAuthenticationProvider and deprecate PasswordDaoAuthenticationProvider. 2005-11-03 11:31:23 +00:00
Ben Alex
f50cbd31ba SEC-38: Make InMemoryDaoImpl support external Properties objects. 2005-11-03 10:05:02 +00:00
Ben Alex
0d77abb9c1 SEC-64: Correct operation with Orion Web Application Server. Patch thanks to Paul Brooks. 2005-11-03 09:48:52 +00:00
Ben Alex
d9be0f86fd SEC-53: BasicProcessingFilter only to reauthenticate if the SecurityContextHolder contains an unauthenticated Authentication, or an Authentication with a different username. 2005-11-03 09:45:30 +00:00
Ben Alex
690ab27a52 SEC-70 and SEC-71: Refactor event publishing. 2005-11-03 09:23:49 +00:00
Ben Alex
b6dbfde55c SEC-70: Refactor event publishing. 2005-11-03 06:55:47 +00:00
Ben Alex
3811200599 Improve debug output. 2005-11-03 06:51:30 +00:00
Ben Alex
2cbe42f493 SEC-7: Allow better chaining of authentication providers. 2005-11-03 04:14:12 +00:00
Ben Alex
42c47c086a JavaDocs formatting. 2005-11-03 04:13:56 +00:00
Luke Taylor
f8b0de3459 Corrected Javadoc link to interface name. 2005-11-01 14:22:08 +00:00
Marc-Antoine Garrigue
5235727d23 SEC-2 
Refactor the CaptchaChannelProcessor and extract a CaptchaChannelProcessor that is an abstract class and add its implementations.
Jalopy on all java files.
 2005-10-24 17:08:18 +00:00
Ben Alex
1ae07779a2 SEC-710: Refactor concurrent session handling support. 2005-10-22 01:53:03 +00:00
Ben Alex
a5ffda7369 SEC-63: Do not return an absolute URL unless switching from HTTP to HTTPS. 2005-10-21 08:00:15 +00:00
Ben Alex
c6d5363e5d SEC-60: Make method more friendly towards Hibernate detached object. Please note my comments in the JIRA task, as I believing calling toString() is not an unreasonable expectation. 2005-10-21 07:53:34 +00:00
Ben Alex
d49198a944 SEC-43: Eliminate id column. 2005-10-21 07:32:48 +00:00
Ben Alex
41202112bc SEC-37: Only update HttpSession if SecurityContext has actually been changed. 2005-10-21 07:26:16 +00:00
Ben Alex
494e35f009 Jalopy styling. 2005-10-21 07:23:33 +00:00
Luke Taylor
24a78be159 Corrected link in Javadoc. 2005-10-19 21:19:16 +00:00
Luke Taylor
c065c46668 Javadoc correction: ContextHolder -> SecurityContextHolder 2005-10-18 15:44:22 +00:00
Luke Taylor
df4b8f602f Javadoc correction: SecureContext -> SecurityContext 2005-10-18 15:43:41 +00:00
Carlos Sanchez
b2363dfe07 SEC-62 Add maven 2 support 2005-10-06 20:53:08 +00:00
Ray Krueger
a39339674e login.config.url should be set to a url, not a file path 
The System property java.security.auth.login.config will only be used if the useSystemProperty option is enabled. This is the default.
 2005-09-26 14:14:42 +00:00
Scott McCrory
bc14dd62db Fixed CVS line break 2005-09-25 22:49:45 +00:00
Scott McCrory
4717b64b83 Updated Siteminder auth processing filter and added test case. As of this weekend, this version is in production at a large financial org. 2005-09-25 22:48:33 +00:00
Ben Alex
0f5e9ad372 Fix NPE. Thanks to Tom Dunstan. 2005-09-22 01:49:12 +00:00
Ben Alex
f5741962ed Add createSessionAllowed property, which should be set to false to avoid unnecessary session creation. 2005-09-22 00:54:27 +00:00
Marc-Antoine Garrigue
60d3b6505b Finalizing the validation, entry point and channel processor concerning captchas. Replacing the Thread.sleep() in captchaChannelProcessorTest to avoid the build break issue. 2005-09-20 12:24:47 +00:00
Mark St. Godard
fb3f4af3b2 when extracting the original user, fix by referencing by the interface (UserDetail) rather than the concrete class (User) 2005-09-20 02:28:01 +00:00
Mark St. Godard
24394b7b2b added fix to preserve custom UserDetails implementations (Matt DeHoust fix recommendation) 2005-09-19 02:22:44 +00:00
Ben Alex
d44b570087 Disable failing tests until Marc-Antoine has a chance to look at them. 2005-09-18 22:38:37 +00:00
Ben Alex
ae9e7733db Fix broken tests. 2005-09-18 22:38:05 +00:00
Ben Alex
35ca25f085 BasicAuthenticationProcessingFilter no longer creates HttpSession via WebAuthenticationDetails call. 2005-09-08 11:15:48 +00:00
Ben Alex
c7dcceb05c Do not setAuthenticated(false) in the event of a public (unsecured) invocation. Thanks to Joseph Dane for reporting this issue on acegisecurity-developer on 3 September 2005. 2005-09-08 09:32:24 +00:00
Mark St. Godard
486bbee35d added context path to redirect 2005-09-03 21:43:08 +00:00
Mark St. Godard
9d359780d9 finish user context switch event publishing 2005-09-03 20:24:35 +00:00
Mark St. Godard
20ebb668a6 Added event for user context switching and updated switch user filter 2005-08-25 02:59:19 +00:00
Ben Alex
55f5c3397a Relocated JdbcDaoExtendedImpl.convertAclObjectIdentityToString to superclass (pursuant to suggestion made by Tim Kettering on acegisecurity-developer). 2005-08-23 22:45:17 +00:00
Ray Krueger
2bda6ec25c Fix: SEC-48 http://opensource2.atlassian.com/projects/spring/browse/SEC-48 
If the principal is an instanceof UserDetails, UserDetails.getUsername();
 2005-08-23 15:15:06 +00:00
Ben Alex
40a81ed220 Revisit synchonization issue and correct problem identified by Volker Malzahn. 2005-08-21 10:10:16 +00:00
Mark St. Godard
ec5e39c2e8 Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications. 2005-08-04 05:49:12 +00:00