Commit Graph

4100 Commits

Author SHA1 Message Date
Luke Taylor 09176b0af4 SEC-1501: Fix bean classname in Javadoc for SwitchUserFilter. 2010-06-25 19:45:34 +01:00
Luke Taylor cd946c4e23 SEC-1493: Added namespace support. 2010-06-20 21:09:38 +01:00
Luke Taylor db913f6857 SEC-1493: Added CredentialsContainer interface and implemented it in User, AbstractAuthenticationToken and UsernamePasswordAuthenticationToken. ProviderManager makes use of this to erase the credentials of the returned Authentication object (and its contents) if configured to do so by setting the 'eraseCredentialsAfterAuthentication' property. 2010-06-20 21:09:33 +01:00
Luke Taylor ea8d37892c SEC-1496: Added support for use of any non-standard URL schemes in DefaultRedirectStrategy. 2010-06-18 03:33:49 +01:00
Luke Taylor 48016969ee Upgrade build to Spring 3.0.3.RELEASE 2010-06-18 02:07:12 +01:00
Luke Taylor 4d10d4b67f SEC-1500: Convert AbstractRetryEntryPoint to use requestURI to correctly encode URLs. 2010-06-18 01:34:07 +01:00
Luke Taylor c673a78103 Upgrade maven build to Spring 3.0.3.BUILD_SNAPSHOT. 2010-06-15 00:17:19 +01:00
Luke Taylor d56adb8ffb SEC-1495: Convert User class equals and hashcode methods to only use the "username" property.
This prevents situations where other data may have changed when a User object is reloaded (during a subsequent authentication attempt, in which case and Set.contains()/Map.containsKey() will return false even though the collection in question contains a principal representing the same user.
2010-06-10 22:27:50 +01:00
Luke Taylor 1dd4787194 Added note in namespace chapter clarifying that method security only applies to Spring beans, plus aspectj mode info to appendix. 2010-06-10 22:17:58 +01:00
Luke Taylor 5939f17708 Fix openid sample configuration. 2010-06-09 22:52:43 +01:00
Luke Taylor 76ebb759f3 Removed unnecessary casts. 2010-06-08 22:56:59 +01:00
Luke Taylor 8bddc8f820 SEC-1484: Documentation for some namespace attributes. 2010-06-05 17:35:24 +01:00
Luke Taylor 0d94e75a93 SEC-1171: Documentation of changes related to use of multiple <http> elements. 2010-06-05 17:12:33 +01:00
Luke Taylor 6a37e4be86 Fix OpenID sample to use new syntax for excluding requests. 2010-06-05 16:53:01 +01:00
Luke Taylor 2e865752ff Upgraded groovy to 1.7.2 to avoid jansi dependency issue 2010-06-03 23:13:28 +01:00
Luke Taylor efb600166a SEC-1488: Remove commons-logging dependencies from maven poms. 2010-05-28 13:10:59 +01:00
Luke Taylor f7405cef82 Removed original Java version of refactored http namespace tests. 2010-05-27 18:06:26 +01:00
Luke Taylor 34401416b0 SEC-1171: Implement parsing of empty filter chain patters via http 'secured' attribute and remove filters='none' support. 2010-05-27 15:54:15 +01:00
Luke Taylor 05c7abe191 SEC-1445: Tests for setting of username and password parameter names through the form-login element. 2010-05-27 15:54:15 +01:00
Luke Taylor 7d74b7c87e SEC-1171: Allow multiple http elements and add pattern attribute to specify filter chain mapping. 2010-05-27 15:54:15 +01:00
Luke Taylor b0758dd8de Refactoring HTTP config tests to use spock and groovy MarkupBuilder 2010-05-27 15:53:52 +01:00
Luke Taylor 080430150a SEC-187: Refactoring contact Dao to use JdbcTemplate, and removing unused query objects (which have been there since 2004!) 2010-05-25 16:47:57 +01:00
Luke Taylor 055fcd0b7d Minor tweaks to build file. 2010-05-25 16:07:18 +01:00
Luke Taylor 01308f8308 Added FAQ on using BeanPostProcessor to customize namespace-created beans. 2010-05-24 17:01:55 +01:00
Luke Taylor e156d5339a Fix build when upload properties are missing. Added missing hsql test dependency 2010-05-24 17:01:19 +01:00
Luke Taylor a097a47246 Refactored ssh uploading into a separate gradle task. Added "uploadFaq" task 2010-05-23 00:05:30 +01:00
Luke Taylor ca91b9abc5 Corrected section layout in DB schema appendix of ref manual. 2010-05-23 00:05:29 +01:00
Luke Taylor 12fc73f046 Added faqs on accessing the HttpSession from a UDS andon the use of URLs with fragments. 2010-05-22 14:31:28 +01:00
Luke Taylor 0e57ce2dc3 SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection. 2010-05-21 15:59:50 +01:00
Luke Taylor c95cf6ec7d SEC-1483: Change User constructor to use a generic wildcard for authorities collection. 2010-05-21 15:58:35 +01:00
Luke Taylor b0308e41cb SEC-1455: Load namespace parsers when required, rather than on init() call, to avoid classloaded issue with dmServer failing to resolve web classes when the namespace handler is first used. 2010-05-21 15:36:37 +01:00
Luke Taylor 5aab06775e SEC-1106: Added section on hierarchical roles to manual. 2010-05-18 16:43:55 +01:00
Luke Taylor 9bdf7efd27 Check remoteSiteDir property is available before using in build file. 2010-05-17 15:15:56 +01:00
Luke Taylor e0d06b2b53 Added documentation on RequestCache functionality. 2010-05-16 15:18:03 +01:00
Luke Taylor 978bb9f601 Remove commented-out code in ETF. 2010-05-16 15:16:40 +01:00
Luke Taylor f0c4cccb0d SEC-1479: Clarify that matching is against servletPath + pathInfo for ant pattern matching. Added some extra pointers to request-matching info in namespace doc. 2010-05-16 14:14:13 +01:00
Luke Taylor a4ce14f604 Add "provisioning" package to config bundlor template. 2010-05-16 14:14:13 +01:00
Luke Taylor bf288101a0 Javadoc improvements 2010-05-16 14:14:13 +01:00
Luke Taylor e1f575c545 SEC-1480: Add simple equals and hashcode methods based on DN value to LdapUserDetailsImpl to allow its use as a map key (in SessionRegistry, for example). 2010-05-15 02:29:11 +01:00
Luke Taylor 705f896209 SEC-1478: Added 'use-expressions' attribute to namespace appendix. 2010-05-11 02:25:45 +01:00
Luke Taylor e5b0aa6850 Typo. 2010-05-07 02:07:03 +01:00
Luke Taylor a567e32c69 Re-laying out of FAQ, plus some new questions. 2010-05-07 01:46:36 +01:00
Luke Taylor 08844f87d6 Fix javadoc upload url. 2010-05-06 20:02:32 +01:00
Luke Taylor b3aad4cf19 Javadoc fixes. 2010-05-06 20:02:08 +01:00
Luke Taylor 5a4c81a2a5 Minor tinkering with build upload tasks. 2010-05-05 17:33:01 +01:00
Luke Taylor 0c09780644 SEC-1476: Modify AbstractPreAuthenticatedProcessingFilter to store authentication exception in request instead of creating a new session. 2010-05-05 14:13:48 +01:00
Luke Taylor d5ffdd9c27 Import cleaning 2010-05-03 18:46:06 +01:00
Luke Taylor 64d59e1d32 Some extra FAQs and added comment to samples runall.sh script to explain that it's for dev only. 2010-05-03 14:56:22 +01:00
Luke Taylor e7646a65f4 SEC-1421: Add setters to JdbcUserDetailsManager for group sql operations. 2010-05-03 14:53:06 +01:00
Luke Taylor 2c44461264 SEC-1473: Remove references to ContactSecurityVoter.
Replaced with reference to Oleg's blog article as an example of custom voter use
2010-05-03 14:53:06 +01:00