50ff81033c
Add coreInstall Task
2015-09-02 00:21:40 -05:00
81e2778106
SEC-3097: Change CsrfRequestPostProcessor to use TestCsrfTokenRepository
...
This ensures that when using a wrapped HttpServletRequest (i.e. Spring
Session) that the CSRF token test support still works.
2015-09-02 00:21:40 -05:00
ea94706319
SEC-3097: Use MockMvc for SecurityMockMVcRequestPostProcessorsCsrfTests
...
This is necessary because the changes for this issue are going to make
the mocked version of the tests invalid.
2015-09-02 00:21:39 -05:00
a9a5377e4a
Unused import
...
An import unsued
2015-09-02 00:21:39 -05:00
5edfeb4091
Unused import
...
And import is unused
2015-09-02 00:21:39 -05:00
97969ea9d2
SEC-2059: Ignore Query String for Resolving Path Variables
2015-09-01 09:53:29 -05:00
adfeb96e2f
Update to Spring 4.2.1
2015-09-01 09:53:26 -05:00
bac980cbcb
SEC-2868: Simplify custom UserDetailsService Java Config
...
Exposing a UserDetailsService as a bean is now all that is necessary
for Java based configuration. Additionally, an optional PasswordEncoder
bean can be used to configure password encoding.
2015-08-27 20:41:15 -05:00
35393098f8
SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor
2015-08-27 15:17:44 -05:00
6b05b298ff
SEC-2059: Support Path Variables in Web Expressions
2015-08-20 17:11:01 -05:00
5f328b1178
SEC-2709: Fix WithSecurityContextTestExecutionListener Order
2015-08-20 10:41:09 -05:00
327695ab0c
SEC-3084: Doc SecurityContextRequestPostProcessorSupport & SecurityContextHolder
2015-08-20 09:30:24 -05:00
c79bceab03
SEC-2956: Improve AnnotationParameterNameDiscoverer Performance
2015-08-19 16:07:03 -05:00
cbed1d75ee
SEC-3076: Add Method Level Security Meta Annotations
2015-08-19 16:07:03 -05:00
7708129aad
SEC-3080: Remove invalid characters from reference
2015-08-19 16:06:56 -05:00
5ac13eb905
SEC-3079: Update to Gradle 2.6
2015-08-19 16:05:54 -05:00
567c51e109
SEC-3074: Add Test Meta Annotation Support
2015-08-19 16:05:54 -05:00
55dd247660
SEC-3078: Update Spring 4.2
2015-08-19 16:05:40 -05:00
7914b96e23
SEC-3077: Update to Groovy 2.4.4
2015-08-19 16:05:14 -05:00
26ab012b57
Start 4.1.0
2015-08-18 13:58:01 -05:00
db9584104c
Add Gitter to README
2015-08-11 11:49:46 -05:00
b0701ea770
SEC-3068: Update Tutorial to use POST /logout
2015-08-10 09:53:07 -05:00
8cc9108601
Merge pull request #209 from raindev/patch-1
...
Remove unused imports from SecureRandomBytesKeyGenerator
2015-08-06 08:54:09 -05:00
41c9431fcc
Test that form log in requires CSRF
2015-08-03 12:24:37 -05:00
453e6332da
Fix indentation of CsrfConfigTests
2015-08-03 12:03:05 -05:00
969f3a7d1b
Update pom.xml to latest snapshots
2015-08-03 09:46:01 -05:00
4c19768e54
Update to jacoco 0.7.5.201505241946
2015-08-03 09:45:42 -05:00
ad1d858e2b
SEC-3056 - Fix JavaDoc errors.
...
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
7317c090cc
SEC-2963: Disable appengineRun if contains functional tests
2015-07-29 09:57:57 -05:00
485fbdc1ee
SEC-2963: Select Available Port for appengine
2015-07-28 22:47:21 -05:00
22aa91c8e1
Next development version
2015-07-22 22:08:15 -07:00
ea873fb1b8
SEC-2963: Disable appengineFunctionalTest
2015-07-22 21:27:28 -05:00
117f892c91
SEC-3031: DelegatingSecurityContext(Runnable|Callable) only modify SecurityContext on new Thread
...
Modifying the SecurityContext on the same Thread can cause issues. For example, with a
RejectedExecutionHandler the SecurityContext may be cleared out on the original Thread.
This change modifies both the DelegatingSecurityContextRunnable and DelegatingSecurityContextCallable to,
by default, only modify the SecurityContext if they are invoked on a new Thread. The behavior can be changed
by setting the property enableOnOrigionalThread to true.
2015-07-22 16:07:21 -05:00
113b61e3a0
SEC-2957: Polish
2015-07-22 13:57:28 -05:00
dab4cf18b8
SEC-3032: Correct documented logout-success-url default
2015-07-22 13:48:07 -05:00
be27ede0e9
SEC-2957: Add missing provided dependencies to samples
2015-07-22 13:33:52 -05:00
e8c9f75f9c
Update pom.xml to latest versions
2015-07-22 12:51:04 -05:00
bc53945d89
Remove unused import in WithSecurityContextTestExecutionListenerTests
2015-07-22 12:44:34 -05:00
432123daa2
SEC-2964: Fix CsrfTokenArgumentResolver Javadoc
2015-07-22 11:32:36 -05:00
92ae45a04d
SEC-3051: Add AbstractPreAuthenticatedProcessingFilter#principalChanged
2015-07-22 08:41:33 -05:00
a50d297f3a
SEC-2953: Add index-docinfo.xml
...
This removes the "please define title in your docbook file"
2015-07-21 11:48:44 -05:00
54dabb6433
SEC-2993: OpenID Sample now uses me.yahoo.com
2015-07-21 10:44:54 -05:00
cd4a7e95cc
SEC-2991: Add CSRF Token to OpenID XML Sample
2015-07-21 10:42:24 -05:00
07fb2af74b
SEC-3011: AbstractUrlAuthorizationConfigurer postProcess default AccessDecisionManager
2015-07-21 08:52:36 -05:00
ab1b7a1eb6
Remove unnecessary @SuppressWarnings
2015-07-21 08:51:32 -05:00
7c725a60e2
SEC-3047: SecurityContextHolderAwareRequestFactory update RequestFactory
2015-07-20 14:06:44 -05:00
9b92d5a1e7
SEC-2963: Fix tests
2015-07-20 12:53:21 -05:00
e25b84c902
SEC-2963: Update to latest Google AppEngine
2015-07-20 12:36:29 -05:00
9654df2cc3
SEC-3045: Conditionally add MethodSecurityMetadataSourceAdvisor
2015-07-17 15:16:09 -05:00
a3df41b380
Clean Import Statements
2015-07-17 14:52:23 -05:00
Rob Winch
David Avenante
Rob Winch
Thomas Darimont
Spring Buildmaster