Luke Taylor
09176b0af4
SEC-1501: Fix bean classname in Javadoc for SwitchUserFilter.
2010-06-25 19:45:34 +01:00
Luke Taylor
cd946c4e23
SEC-1493: Added namespace support.
2010-06-20 21:09:38 +01:00
Luke Taylor
db913f6857
SEC-1493: Added CredentialsContainer interface and implemented it in User, AbstractAuthenticationToken and UsernamePasswordAuthenticationToken. ProviderManager makes use of this to erase the credentials of the returned Authentication object (and its contents) if configured to do so by setting the 'eraseCredentialsAfterAuthentication' property.
2010-06-20 21:09:33 +01:00
Luke Taylor
ea8d37892c
SEC-1496: Added support for use of any non-standard URL schemes in DefaultRedirectStrategy.
2010-06-18 03:33:49 +01:00
Luke Taylor
48016969ee
Upgrade build to Spring 3.0.3.RELEASE
2010-06-18 02:07:12 +01:00
Luke Taylor
4d10d4b67f
SEC-1500: Convert AbstractRetryEntryPoint to use requestURI to correctly encode URLs.
2010-06-18 01:34:07 +01:00
Luke Taylor
c673a78103
Upgrade maven build to Spring 3.0.3.BUILD_SNAPSHOT.
2010-06-15 00:17:19 +01:00
Luke Taylor
d56adb8ffb
SEC-1495: Convert User class equals and hashcode methods to only use the "username" property.
...
This prevents situations where other data may have changed when a User object is reloaded (during a subsequent authentication attempt, in which case and Set.contains()/Map.containsKey() will return false even though the collection in question contains a principal representing the same user.
2010-06-10 22:27:50 +01:00
Luke Taylor
1dd4787194
Added note in namespace chapter clarifying that method security only applies to Spring beans, plus aspectj mode info to appendix.
2010-06-10 22:17:58 +01:00
Luke Taylor
5939f17708
Fix openid sample configuration.
2010-06-09 22:52:43 +01:00
Luke Taylor
76ebb759f3
Removed unnecessary casts.
2010-06-08 22:56:59 +01:00
Luke Taylor
8bddc8f820
SEC-1484: Documentation for some namespace attributes.
2010-06-05 17:35:24 +01:00
Luke Taylor
0d94e75a93
SEC-1171: Documentation of changes related to use of multiple <http> elements.
2010-06-05 17:12:33 +01:00
Luke Taylor
6a37e4be86
Fix OpenID sample to use new syntax for excluding requests.
2010-06-05 16:53:01 +01:00
Luke Taylor
2e865752ff
Upgraded groovy to 1.7.2 to avoid jansi dependency issue
2010-06-03 23:13:28 +01:00
Luke Taylor
efb600166a
SEC-1488: Remove commons-logging dependencies from maven poms.
2010-05-28 13:10:59 +01:00
Luke Taylor
f7405cef82
Removed original Java version of refactored http namespace tests.
2010-05-27 18:06:26 +01:00
Luke Taylor
34401416b0
SEC-1171: Implement parsing of empty filter chain patters via http 'secured' attribute and remove filters='none' support.
2010-05-27 15:54:15 +01:00
Luke Taylor
05c7abe191
SEC-1445: Tests for setting of username and password parameter names through the form-login element.
2010-05-27 15:54:15 +01:00
Luke Taylor
7d74b7c87e
SEC-1171: Allow multiple http elements and add pattern attribute to specify filter chain mapping.
2010-05-27 15:54:15 +01:00
Luke Taylor
b0758dd8de
Refactoring HTTP config tests to use spock and groovy MarkupBuilder
2010-05-27 15:53:52 +01:00
Luke Taylor
080430150a
SEC-187: Refactoring contact Dao to use JdbcTemplate, and removing unused query objects (which have been there since 2004!)
2010-05-25 16:47:57 +01:00
Luke Taylor
055fcd0b7d
Minor tweaks to build file.
2010-05-25 16:07:18 +01:00
Luke Taylor
01308f8308
Added FAQ on using BeanPostProcessor to customize namespace-created beans.
2010-05-24 17:01:55 +01:00
Luke Taylor
e156d5339a
Fix build when upload properties are missing. Added missing hsql test dependency
2010-05-24 17:01:19 +01:00
Luke Taylor
a097a47246
Refactored ssh uploading into a separate gradle task. Added "uploadFaq" task
2010-05-23 00:05:30 +01:00
Luke Taylor
ca91b9abc5
Corrected section layout in DB schema appendix of ref manual.
2010-05-23 00:05:29 +01:00
Luke Taylor
12fc73f046
Added faqs on accessing the HttpSession from a UDS andon the use of URLs with fragments.
2010-05-22 14:31:28 +01:00
Luke Taylor
0e57ce2dc3
SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection.
2010-05-21 15:59:50 +01:00
Luke Taylor
c95cf6ec7d
SEC-1483: Change User constructor to use a generic wildcard for authorities collection.
2010-05-21 15:58:35 +01:00
Luke Taylor
b0308e41cb
SEC-1455: Load namespace parsers when required, rather than on init() call, to avoid classloaded issue with dmServer failing to resolve web classes when the namespace handler is first used.
2010-05-21 15:36:37 +01:00
Luke Taylor
5aab06775e
SEC-1106: Added section on hierarchical roles to manual.
2010-05-18 16:43:55 +01:00
Luke Taylor
9bdf7efd27
Check remoteSiteDir property is available before using in build file.
2010-05-17 15:15:56 +01:00
Luke Taylor
e0d06b2b53
Added documentation on RequestCache functionality.
2010-05-16 15:18:03 +01:00
Luke Taylor
978bb9f601
Remove commented-out code in ETF.
2010-05-16 15:16:40 +01:00
Luke Taylor
f0c4cccb0d
SEC-1479: Clarify that matching is against servletPath + pathInfo for ant pattern matching. Added some extra pointers to request-matching info in namespace doc.
2010-05-16 14:14:13 +01:00
Luke Taylor
a4ce14f604
Add "provisioning" package to config bundlor template.
2010-05-16 14:14:13 +01:00
Luke Taylor
bf288101a0
Javadoc improvements
2010-05-16 14:14:13 +01:00
Luke Taylor
e1f575c545
SEC-1480: Add simple equals and hashcode methods based on DN value to LdapUserDetailsImpl to allow its use as a map key (in SessionRegistry, for example).
2010-05-15 02:29:11 +01:00
Luke Taylor
705f896209
SEC-1478: Added 'use-expressions' attribute to namespace appendix.
2010-05-11 02:25:45 +01:00
Luke Taylor
e5b0aa6850
Typo.
2010-05-07 02:07:03 +01:00
Luke Taylor
a567e32c69
Re-laying out of FAQ, plus some new questions.
2010-05-07 01:46:36 +01:00
Luke Taylor
08844f87d6
Fix javadoc upload url.
2010-05-06 20:02:32 +01:00
Luke Taylor
b3aad4cf19
Javadoc fixes.
2010-05-06 20:02:08 +01:00
Luke Taylor
5a4c81a2a5
Minor tinkering with build upload tasks.
2010-05-05 17:33:01 +01:00
Luke Taylor
0c09780644
SEC-1476: Modify AbstractPreAuthenticatedProcessingFilter to store authentication exception in request instead of creating a new session.
2010-05-05 14:13:48 +01:00
Luke Taylor
d5ffdd9c27
Import cleaning
2010-05-03 18:46:06 +01:00
Luke Taylor
64d59e1d32
Some extra FAQs and added comment to samples runall.sh script to explain that it's for dev only.
2010-05-03 14:56:22 +01:00
Luke Taylor
e7646a65f4
SEC-1421: Add setters to JdbcUserDetailsManager for group sql operations.
2010-05-03 14:53:06 +01:00
Luke Taylor
2c44461264
SEC-1473: Remove references to ContactSecurityVoter.
...
Replaced with reference to Oleg's blog article as an example of custom voter use
2010-05-03 14:53:06 +01:00