Commit Graph

2258 Commits

Author SHA1 Message Date
Luke Taylor 7583aca3eb Configured contacts app to use namespaces. Removed ldap, cas, x509 files to avoid confusion. Ldap and CAS will be better served by new samples. 2008-01-01 16:51:15 +00:00
Luke Taylor b115f4aa83 Removed unecessary rethrow of AuthenticationException from AbstractSecurityInterceptor and tidied up javadoc etc. 2008-01-01 16:43:34 +00:00
Luke Taylor b91e82d91c Changed _authenticationManager -> authenticationManager to get contact app tests passing again. 2007-12-25 00:34:28 +00:00
Luke Taylor 1472aeb77d Improved html site patching. 2007-12-25 00:17:02 +00:00
Luke Taylor 7ee049c824 Refactored SwitchUserProcessingFilter to extend SpringSecurityFilter. 2007-12-23 16:41:30 +00:00
Luke Taylor 5f1eea42fc Moved configuration of security interceptors with access and authentication manangers from post processing stage to bean creation stage. 2007-12-23 16:40:29 +00:00
Luke Taylor 46c99d1991 Converted tutorial context file to match namespace changes. 2007-12-23 16:36:44 +00:00
Luke Taylor 5da5bfb7bb Added "mvn compile" with JDK 1.4 as extra check in build process. 2007-12-23 15:07:13 +00:00
Luke Taylor 27de29f469 Corrected cut and paste error when parsing jdbc-user-service within AuthenticationProvider BDP. 2007-12-23 01:26:46 +00:00
Luke Taylor ea8914f9ba Moved Http post processor bean name to BeanIds class. 2007-12-23 01:06:22 +00:00
Luke Taylor 9d671fbdbf Deleted original Ldap BD parser. 2007-12-23 01:05:35 +00:00
Luke Taylor 14e68618a5 Make constants class abstract. 2007-12-23 01:02:48 +00:00
Luke Taylor 46285a0ec0 SwitchUserProcessingFilter should come after FilterSecurityInterceptor (See SEC-376). 2007-12-23 01:02:12 +00:00
Luke Taylor a38ed3cfde Added check for multiple RememberMeServices beans. 2007-12-23 00:18:14 +00:00
Luke Taylor debfbe47cf Improvements to LDAP namespace configuration - splitting "ldap" element into ldap-server and ldap-authentication-provider. Also some minor changes to authentication-provider. 2007-12-23 00:17:37 +00:00
Luke Taylor d0490e6322 Upgraded maven surefire and cobertura plugins. 2007-12-21 15:54:38 +00:00
Luke Taylor cf80292de3 Changes to namespace reinstating authentication-provider element in preference to "repository" to wrap convey that a user-service will be used as to authenticate against. Also introduced separate password-encoder element for use within authentication-provider. 2007-12-21 15:50:56 +00:00
Luke Taylor 70286f1197 Fixed problem caused by maven-2.0.8 change in test classpath. ldif file wasn't being loaded for tests. Default path should be "classpath*:" not "classpath:". (See discussing in Spring's PathMatchingResourcePatternResolver). 2007-12-20 20:53:26 +00:00
Luke Taylor 6e74d925fb Boosted logging to try to resolve issues on bamboo server. 2007-12-20 19:45:43 +00:00
Luke Taylor 78e376312a Added logging of working directory location. 2007-12-20 18:29:05 +00:00
Luke Taylor 85b10f79c2 Made servlet-api integration into an attribute of http, rather than a child element since it has no configuration. 2007-12-20 17:51:27 +00:00
Luke Taylor 1c9bd8bf5f Updates to release description. 2007-12-20 17:47:05 +00:00
Luke Taylor e65cb9b472 Made group names singular and added "teller" role. 2007-12-14 20:41:33 +00:00
Luke Taylor 31c09896ea Fixed problem with relative name being used in (member={0}) search in DefaultAuthoritiesPopulator. 2007-12-14 20:41:00 +00:00
Ben Alex 09f68400ec Add <intercept-methods> to example, but it is disabled in favour of @Secured annotation. Still, we include it so people can have a play around and switch between the two syntaxes easily in demos etc. 2007-12-14 19:56:31 +00:00
Ben Alex 55e4568003 Throw an exception instead of sending back a HTTP error code. This is necessary so any demonstration of upgrading from Servlet Spec authorization to Spring Security authorization, as the latter's ExceptionTranslationFilter expects specific exceptions to be thrown if you wish to commence the authentication process. 2007-12-14 19:44:50 +00:00
Luke Taylor 2e4773525b Updated tutorial to allow authentication against ldap provider using <ldap /> namespace element. 2007-12-14 19:18:18 +00:00
Ben Alex d90ff50686 Use Java 5 to illustrate annotation support. 2007-12-14 16:54:10 +00:00
Luke Taylor 1a171ea316 SEC-595: Introduced loadUserAuthorities method. This can be overridden to allow loading of authorities with the authenticated user's credentials (by setting the security context). The Ldap ContextSource used in the authorities populator would also be configured with a SpringSecurityAuthentcationSource, to make use of the information in the security context. 2007-12-14 14:13:39 +00:00
Ben Alex b1bc39a0df Provide some shell scripts that help with demos. These assume the application is deployed to http://localhost:8080/spring-security-samples-tutorial. 2007-12-14 02:45:01 +00:00
Ben Alex f4c3e701d5 Enhance sample to show method authorization. 2007-12-14 02:27:48 +00:00
Ben Alex 77d286c36f Enhance tutorial to also demonstrate Spring Security method
authorization, and add a services layer accordingly.
2007-12-14 02:26:27 +00:00
Ben Alex fa510b3187 Modify attribute names to use "ref" instead of "id", plus use a hyphen
as an attribute value separator rather than a colon. This was changed 
for compatibility with other components in the Spring Portfolio. tests 
pass.
2007-12-13 20:19:56 +00:00
Luke Taylor 0f12d31d90 Corrected code for choosing entry point in namespace configuration. 2007-12-12 19:44:54 +00:00
Ben Alex 7ff533735f Changes (made by Ben Hale) to support publishing of snapshots and
releases to Spring S3 repository.
2007-12-12 19:06:12 +00:00
Luke Taylor 6f7590eb05 Updates to sandbox to allow it to compile against latest core changes. 2007-12-12 16:15:04 +00:00
Ben Alex 1cae1719bc Fix bean referencing error. 2007-12-11 19:18:44 +00:00
Ben Alex 2655955a40 Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true". 2007-12-11 19:14:34 +00:00
Ben Alex 9728f48adf Convert to using AopNamespaceUtils, to avoid potentially creating
duplicate DefaultAdvisorAutoProxyCreator bean instances.
2007-12-11 18:46:20 +00:00
Luke Taylor 82cfa722be Upgrade Spring-LDAP to 1.2.1 version. 2007-12-11 18:08:44 +00:00
Ben Alex 1bbe6ca456 Proper comparison with auto-configure="true". 2007-12-11 16:44:24 +00:00
Luke Taylor ca996de2dc Added tests for SpringSecurityAuthenticationSource. 2007-12-10 23:37:08 +00:00
Luke Taylor 894c90dadd Moved AbstractAuthenticationManagerTests into ProviderManager as tested methods have already been moved there (maven wasn't running Abstract* tests but they were actually failing). 2007-12-10 23:36:27 +00:00
Luke Taylor 32038d8b92 Tidying. 2007-12-10 19:14:17 +00:00
Luke Taylor 47dec4e597 Make getters in AbstractRememberMeServices protected rather than public 2007-12-10 16:00:49 +00:00
Luke Taylor ee31305fd5 Deprecated InitialDirContextFactory 2007-12-10 15:29:26 +00:00
Luke Taylor 5382627d4a Added property to LdapAuthenticationProvider to allow the credentials to be set either using the submitted password (the default) or the credentials from the loaded UserDetails object (which may be null if the attribute isn't readable). 2007-12-09 23:46:28 +00:00
Luke Taylor 78529f6d28 SEC-620: AuthenticationSource implementation. 2007-12-09 23:44:15 +00:00
Luke Taylor 5e0cb21c8d SEC-619: Added test class for LdapUserDetailsService. The LdapAuthoritiesPopulator interface and also implementations have been moved to the org.springframework.security.ldap package since they are now used by both the ldap provider and the user service. 2007-12-09 18:40:28 +00:00
Ben Alex 4770c29094 Use hyphens in attribute names, and not Camel Case. This is to maintain
consistency with the rest of Spring Portfolio. Camel Case was preserved 
for attribute values, consistent with Spring Portfolio usage such as 
autowiring modes (byName, byType etc).
2007-12-09 03:42:20 +00:00