6f7590eb05
Updates to sandbox to allow it to compile against latest core changes.
2007-12-12 16:15:04 +00:00
1cae1719bc
Fix bean referencing error.
2007-12-11 19:18:44 +00:00
2655955a40
Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true".
2007-12-11 19:14:34 +00:00
9728f48adf
Convert to using AopNamespaceUtils, to avoid potentially creating
...
duplicate DefaultAdvisorAutoProxyCreator bean instances.
2007-12-11 18:46:20 +00:00
82cfa722be
Upgrade Spring-LDAP to 1.2.1 version.
2007-12-11 18:08:44 +00:00
1bbe6ca456
Proper comparison with auto-configure="true".
2007-12-11 16:44:24 +00:00
ca996de2dc
Added tests for SpringSecurityAuthenticationSource.
2007-12-10 23:37:08 +00:00
894c90dadd
Moved AbstractAuthenticationManagerTests into ProviderManager as tested methods have already been moved there (maven wasn't running Abstract* tests but they were actually failing).
2007-12-10 23:36:27 +00:00
32038d8b92
Tidying.
2007-12-10 19:14:17 +00:00
47dec4e597
Make getters in AbstractRememberMeServices protected rather than public
2007-12-10 16:00:49 +00:00
ee31305fd5
Deprecated InitialDirContextFactory
2007-12-10 15:29:26 +00:00
5382627d4a
Added property to LdapAuthenticationProvider to allow the credentials to be set either using the submitted password (the default) or the credentials from the loaded UserDetails object (which may be null if the attribute isn't readable).
2007-12-09 23:46:28 +00:00
78529f6d28
SEC-620: AuthenticationSource implementation.
2007-12-09 23:44:15 +00:00
5e0cb21c8d
SEC-619: Added test class for LdapUserDetailsService. The LdapAuthoritiesPopulator interface and also implementations have been moved to the org.springframework.security.ldap package since they are now used by both the ldap provider and the user service.
2007-12-09 18:40:28 +00:00
4770c29094
Use hyphens in attribute names, and not Camel Case. This is to maintain
...
consistency with the rest of Spring Portfolio. Camel Case was preserved
for attribute values, consistent with Spring Portfolio usage such as
autowiring modes (byName, byType etc).
2007-12-09 03:42:20 +00:00
6ad176ce1a
Tidying.
2007-12-07 17:00:40 +00:00
4984024314
SEC-618: Moved copyDetails method down to ProviderManager so that it can be called prior to checking if authentication is allowed by ConcurrentSessionController.
2007-12-07 16:26:50 +00:00
b12a4939df
SEC-619: LdapUserDetailsService implementation.
2007-12-07 13:16:44 +00:00
a569ff01e2
Tidying.
2007-12-07 12:32:54 +00:00
382dc50f3c
SEC-299: Change ConcurrentSessionFilter to delegate to an array of LogoutHandlers rather than invalidating an expired session directly.
2007-12-06 17:39:04 +00:00
cb980f12d5
Tidying.
2007-12-06 17:26:04 +00:00
628227f5e7
Corrected out of date comment (constructor doesn't create a session). Removed unnecessary default constructor.
2007-12-06 16:53:35 +00:00
4b8455c831
Tidying comments.
2007-12-06 16:40:16 +00:00
4c6e41af7d
Tidying comments.
2007-12-06 16:33:59 +00:00
c66a3ba323
@deprecate FilterToBeanProxy in favour of the simpler and Spring Core provided DelegatingFilterProxy.
2007-12-06 09:43:43 +00:00
ab23fe56ad
Added log msg for loading of ldif files.
2007-12-06 00:14:25 +00:00
a1abcc39d2
SEC-513: Minor work on LDAP UserDetailsManager implementation.
2007-12-06 00:13:42 +00:00
e3432c2407
Some changes suggested by Spring LDAP guys to improve template usage.
2007-12-06 00:13:00 +00:00
4d133be0d0
Tidying.
2007-12-06 00:12:24 +00:00
3ddcc203bf
LdapUserDetailsMapper now throws UnsupportedOperationException for mapUserToContext method as only subclasses of this which implement actual LDAP object classes should be used for writing to a directory.
2007-12-06 00:12:06 +00:00
22052115b6
SEC-617: Make LDAPAuthenticationProvider a standalone class.
2007-12-05 14:39:46 +00:00
88ab9671c6
Correct attribute name.
2007-12-04 14:24:53 +00:00
9b6c798a52
SEC-496: <annotation-driven> element.
2007-12-04 14:14:17 +00:00
949205b369
Correction of equals(Object) and hashCode() methods.
2007-12-04 12:44:40 +00:00
85085abf9e
Add namespace support for Servlet API integration.
2007-12-04 12:23:41 +00:00
a205f95c19
No need for an access denied page.
2007-12-04 11:24:54 +00:00
8c3cc5c67b
Add hash code support.
2007-12-04 11:21:39 +00:00
8e7c540b16
General refactorings and improvements to namespace support, including
...
autoDetect="true" attribute for <http> element.
2007-12-04 10:35:08 +00:00
2441ab6d9a
Move "realm" attribute to be on <http> element rather than <http-basic>.
...
This faciltiates reuse with other mechanisms (like Digest) whilst also
moving towards the <http-auto-configure> element (which benefits from
having shared configuration in <http> as opposed to mechanism-specific
elements).
2007-12-04 08:02:40 +00:00
d9ec944579
Refactor strings to static fields. To facilitate unit testing, package
...
protected visibility was adopted for all element names, attribute names,
and attribute default values. A public access modifier was used for all
bean IDs assigned to bean definitions created by the
BeanDefinitionParsers.
2007-12-04 07:12:08 +00:00
4e55bd0117
Make extend Spring Security's exception, for consistency with all other Spring Security exceptions.
2007-12-04 06:58:43 +00:00
9b4bb0ffd8
<repository> element and JdbcUserDetailsManager support.
2007-12-04 05:58:54 +00:00
5f98ee6817
<repository> element and JdbcUserDetailsManager support.
2007-12-04 05:54:58 +00:00
0b0b174eda
Support <repository> and JbcUserDetailsManager.
2007-12-04 05:27:17 +00:00
8cf46ad0f8
Remove, as not used.
2007-12-04 05:12:39 +00:00
8c9138b443
Typos.
2007-12-04 02:11:16 +00:00
021f03487e
Enhancements to correctly handle authentication failures.
2007-12-04 01:50:45 +00:00
2a83843e7d
Correct username key.
2007-12-04 01:46:26 +00:00
75391e89de
Tidied up Id tag.
2007-12-04 00:01:09 +00:00
794795712d
Parameter renamed.
2007-12-04 00:00:50 +00:00
Luke Taylor
Ben Alex