Luke Taylor
3a8daa1bf4
Gradle build improvements.
...
Added generation of source archives and trial support for maven deployment and pom generation, with "provided" configuration mapped to "provided" scope.
2010-01-13 00:44:05 +00:00
Luke Taylor
f62d97b092
SEC-1356: Fix broken tests.
...
Test cookies now require that the path be set in order for them to be recognised for auto-login purposes..
2010-01-12 01:32:02 +00:00
Luke Taylor
6eff4d90b7
SEC-1356: Modify AbstractRememberMeService to check the cookie path as well as the name when extracting it from the incoming request.
...
This makes things consistent with the cookie setting methods. If someone wants to share a cookie between multiple applications then they should modify the cookie extraction and setting methods to use a less-specific path.
2010-01-12 00:49:53 +00:00
Luke Taylor
d900829921
Added bundlor and maven support to gradle build
2010-01-12 00:35:20 +00:00
Luke Taylor
fa42d9d5ec
Fix taglibs template.mf
...
Was missing sub-packages of org.sfw.security.acls.
2010-01-12 00:33:20 +00:00
Luke Taylor
2023ca283e
SEC-1358: Support empty context path in DefaultWebInvocationPrivilegeEvaluator
...
This class was failing when an application was deployed at the root context because of an assertion which checked that the contexPath was not empty. An empty context path doesn't actually cause problems for the class so I've removed the assertion.
2010-01-12 00:30:27 +00:00
Luke Taylor
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
2010-01-10 23:31:23 +00:00
Luke Taylor
e211f9b35f
SEC-1349: Allow configuration of OpenID with parameters which should be transferred to the return_to URL.
...
The OpenIDAuthenticationFilter now has a returnToUrlParameters property (a Set). If this is set, the named parameters will be copied from the incoming submitted request to the return_to URL. If not set, it defaults to the "parameter" property of the AbstractRememberMeServices of the parent class. If remember-me is not in use, it defaults to the empty set.
Enabled remember-me in the OpenID sample.
2010-01-09 01:04:13 +00:00
Luke Taylor
bc02fc2de1
Corrected "incorrect numer of tokens" error message in TokenBasedRememberMeServices.
2010-01-08 23:57:27 +00:00
Luke Taylor
51abedcbef
Parameterize getFilter() method in HttpSecurityBeanDefinitionParserTests.
...
Removes the need for casting to specific filter type.
2010-01-08 23:20:16 +00:00
Luke Taylor
f40a1fda34
SEC-1357: Use getClass().getClassLoader() in SecurityNamespaceHandler to check for web classes.
...
This is used in preference to ClassUtils.getDefaultClassLoader() which fails to find the web classes in some situations.
2010-01-08 21:12:36 +00:00
Luke Taylor
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
Luke Taylor
9a323f15bc
Bring versions in itext module up-to-date
2010-01-07 17:56:32 +00:00
Luke Taylor
68ae49ebe1
SEC-1355: Update manual code snippet to cast to OpenIDAuthenticationToken.
2010-01-07 17:22:45 +00:00
Luke Taylor
4e4242d010
SEC-1354: Added integration tests for combinations of @PreAuthorize and @Secured annotations.
2010-01-06 22:23:01 +00:00
Luke Taylor
846aa40a7b
Updated "heavyduty" sample version information.
2010-01-06 22:21:59 +00:00
Luke Taylor
be72ed1350
Remove commented out beans from contacts sample app context.
...
These were left when the app was updated to use Spring MVC @Controller syntax and scanning.
2010-01-06 22:21:34 +00:00
Luke Taylor
9730600777
Revert bundlor version update.
...
Config was wrong, but even with the correct config
the maven jar plugin generates its own manifest
file and ignores the one generated by bundlor.
2010-01-05 23:47:27 +00:00
Luke Taylor
3c97d68346
Upgrade to bundlor RC1
2010-01-05 22:34:27 +00:00
Luke Taylor
dc5417f1d5
SEC-1352: Added support for placeholders in <user-service>
...
The username, password and authorities attributes can now be placeholders.
2010-01-05 22:34:10 +00:00
Luke Taylor
f5d36aef65
SEC-1350: Improved Javadoc for AbstractPreAuthenticatedProcessingFilter
...
Added clarification that the credentials returned
by the subclass should not be null or they will
typically be rejected by the provider. Also added
some general overview.
2010-01-05 16:01:55 +00:00
Luke Taylor
93973a4b75
SEC-1304: Removed compareTo method from GrantedAuthorityImpl
...
This method had been left by mistake when the Comparable
interface was removed. See also SEC-1347.
2010-01-04 19:13:49 +00:00
Luke Taylor
c6b8fe5e55
SEC-1346: Added missing 'return' statements after redirects.
...
ConcurrentSessionFilter and SessionManagementFilter now return immediately after redirecting to the expired URL and invalid session URLs respectively. Extra tests added to check.
2010-01-03 19:06:58 +00:00
Luke Taylor
80aacf447f
Refactored JaasAuthenticationProvider
...
The toUrl() method on File gives a deprecation warning with Java 6, so I reimplemented
the logic for building the Jaas config URL.
2010-01-03 16:28:44 +00:00
Luke Taylor
893f212fa5
Tidying
2010-01-02 19:53:19 +00:00
Luke Taylor
b737fa451d
SEC-1344: Minor CAS doc updates
2009-12-29 14:45:29 +00:00
Luke Taylor
0aab19ed4b
Added additional info on concurrent session usage
2009-12-28 14:32:54 +00:00
Luke Taylor
744ed95b51
SEC-1343: ref manual typos
2009-12-28 13:59:21 +00:00
Scott Battaglia
7e817b9640
NOJIRA formatting fix
2009-12-24 14:40:24 +00:00
Scott Battaglia
4afe6c2c6a
SEC-1341
...
made it more extensible
2009-12-24 14:39:40 +00:00
Scott Battaglia
3bb5ca5d4b
NOJIRA
...
upgraded to latest CAS client (3.1.10)
2009-12-24 14:26:58 +00:00
Luke Taylor
bcb1ff8921
SEC-1342: Introduced extra factory method in SecurityConfig to get round problem with Spring converting a string with commas to an array
2009-12-23 14:12:59 +00:00
Luke Taylor
115d5b84ff
[maven-release-plugin] prepare for next development iteration
2009-12-22 22:20:01 +00:00
Luke Taylor
6c6ef08353
[maven-release-plugin] prepare release spring-security-3.0.0.RELEASE
2009-12-22 22:19:38 +00:00
Luke Taylor
d695c85ad8
Removed maven structure from sandbox, and 'other' module, which is out of date.
2009-12-22 22:00:34 +00:00
Luke Taylor
a7770a64d3
Update cas server version in runall.sh
2009-12-22 21:31:26 +00:00
Luke Taylor
48be79108a
Gradle build file for 'heavyduty' sample
2009-12-22 19:55:53 +00:00
Luke Taylor
aad7d01c84
Updated CAS server version for sample use to 3.3.5
2009-12-22 19:35:20 +00:00
Luke Taylor
b96b14c5d0
Changed 'Advanced Topics' to more general 'Additional Topics'
2009-12-22 19:02:34 +00:00
Luke Taylor
1af9f8efea
SEC-1327: Minor doc update
2009-12-22 13:40:05 +00:00
Luke Taylor
be56d72912
SEC-1340: Minor doc corrections
2009-12-22 13:25:10 +00:00
Luke Taylor
e64866ae6a
Updated bundlor templates and introduced spring.version variable
2009-12-22 01:10:04 +00:00
Luke Taylor
052685e154
Add taglibs chapter to manual
2009-12-22 01:09:56 +00:00
Luke Taylor
3418aab46e
SEC-1327: Javadoc additions to clarify some behaviour
2009-12-21 17:32:54 +00:00
Luke Taylor
dd90f9332c
SEC-1326: Removed unncecessary exclusions
2009-12-21 17:32:45 +00:00
Luke Taylor
fcce29f8df
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
2009-12-21 17:32:38 +00:00
Luke Taylor
89809e9029
SEC-1329: Added info on attribute-exchange configuration to the namespace chapter
2009-12-19 18:32:57 +00:00
Luke Taylor
97a31cae04
SEC-1333: Added error message for invalid redirect URL assertion
2009-12-18 19:29:36 +00:00
Luke Taylor
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
2009-12-18 18:44:42 +00:00
Luke Taylor
fac07ba8ff
Schema updates to Spring 3.0
2009-12-18 18:44:17 +00:00