35093e09f6
Bump version to 1.1.0-SNAPSHOT
2006-05-31 00:52:26 +00:00
53330fd824
Undo last checkin.
2006-05-29 08:51:18 +00:00
8bef3d20af
Improve debugging.
2006-05-29 08:50:14 +00:00
03622f7011
Add missing beans from previous checkin.
2006-05-29 08:45:08 +00:00
89eb74b1b2
Refer to 1.0.0 final.
2006-05-28 00:49:38 +00:00
ab12817b7a
SEC-97: Format Acegi Security source code in accordance with latest Jalopy configuration.
2006-05-23 13:38:33 +00:00
6b5fc1efce
Correct comment in header.
2006-05-23 08:57:13 +00:00
1958d4e5aa
Change package for ldap context factory bean
2006-05-20 17:50:51 +00:00
cc07f620df
SEC-257: ExceptionTranslationFilter to use AccessDeniedHandler.
2006-04-28 06:52:50 +00:00
9a90e4e1aa
SEC-256: Contacts sample not displaying localized exceptions correctly.
2006-04-28 06:51:58 +00:00
21aaf2b9db
SEC-256: Contacts sample not displaying localized exceptions correctly.
2006-04-28 06:43:50 +00:00
d125569bd6
SEC-29: Save POST parameters on AuthenticationEntryPoint redirect.
2006-04-28 05:05:35 +00:00
8cc5dcde30
SEC-249: Support logout filter.
2006-04-26 23:36:03 +00:00
719d3af879
SVN updates.
2006-04-25 00:22:00 +00:00
5607da8d67
updated references from Yale CAS to JA-SIG CAS
2006-02-27 13:52:41 +00:00
e63b2ec9e6
Cleanup unused imports.
2006-02-09 06:00:25 +00:00
dc959b1847
Fix for SEC-159. Added clearContext() method to SecurityContextHolder and refactored code to use it instead of putting an empty context into the holder.
2006-02-08 23:27:46 +00:00
9771b7817a
SEC-144: Separate SecurityEnforcementFilter from FilterSecurityInterceptor.
2006-01-28 22:54:23 +00:00
c8c7c24822
SEC-120: Remember-me to delegate to AuthenticationManager so authentication-specific behaviour (such as concurrent user management) can be applied.
2006-01-28 01:22:36 +00:00
b0d65259b6
Changed groupId to org.acegisecurity
2005-12-22 16:40:22 +00:00
f226dfb67f
Use ISO encoding to avoid problems
2005-12-22 16:27:44 +00:00
39cf954a45
Improved m2 poms
2005-12-22 16:17:37 +00:00
8585ddf48b
Updated app. context file to match new constructor-injection changes.
2005-12-20 23:21:55 +00:00
7a0313a341
Add ldap webapp to multiwar goal.
2005-12-18 03:54:41 +00:00
a9a6f8b891
First checkin of LDAP contacts sample app.
2005-12-18 03:53:01 +00:00
a1037ddc87
Prepare 1.0.0 RC1.
2005-12-04 11:20:52 +00:00
62fde4ede3
SEC-107: Finalize rename of AuthenticationDao to UserDetailsService with corresponding change in package from .providers.dao to .userdetails.
2005-11-30 00:20:13 +00:00
a6e23d79ae
SEC-107: Rename AuthenticationDao to UserDetailsService.
2005-11-29 13:10:15 +00:00
c021362ebb
New package top level name.
2005-11-29 04:06:31 +00:00
6a1a4abb1d
SEC-104: Move to org.acegisecurity package.
2005-11-17 00:56:49 +00:00
2d74db9a0c
SEC-51 and SEC-67 related changes. Tested all functions of "filters" version in web browser OK.
2005-11-04 04:15:57 +00:00
b6dbfde55c
SEC-70: Refactor event publishing.
2005-11-03 06:55:47 +00:00
b2363dfe07
SEC-62 Add maven 2 support
2005-10-06 20:53:08 +00:00
c64a3770de
Prove that 403 errors are handled by web.xml <error-page>.
2005-09-08 10:20:34 +00:00
3f24824f66
updated config, added switchUserProcessingFilter to the filter chain, added the ROLE_SUPERVISOR the ability to switch to other users (i.e. ROLE_USER)
...
For example: 'marissa' can login, goto the /switchUser.jsp, then assume the role of another user such as 'scott'. marissa will then see scotts contacts, etc.
Then marissa can goto the /exitUser.jsp, and go back to 'marissa'
This is the similar to the Unix 'su' analogy that Ben made
2005-09-04 20:09:56 +00:00
230d1946b9
added switchUserProcessingFilter config, not added to filter chain (yet)
2005-09-03 21:45:32 +00:00
3dcea7ace0
initial pages for user switching
2005-09-03 21:44:05 +00:00
27a57410c1
Update to latest Spring tld
2005-08-02 17:27:30 +00:00
2d772cbfcc
Fix bug as reported by Jared Odulio on acegisecurity-developer 29 July 2005.
2005-07-31 00:58:48 +00:00
8e1549e399
Tidying up XML formatting (removed mix of tabs/spaces)
2005-07-20 14:13:47 +00:00
de491d1767
Removed CAS references from web.xml for X.509.
2005-06-27 22:07:19 +00:00
71b8f3e515
Remove less commonly used protocols.
2005-05-18 03:01:40 +00:00
fe15b011bb
Make extra seed data and users so scalability more readily tested.
2005-05-18 03:01:34 +00:00
e08e66dec6
Refactor SecurityContextHolder to return a SecurityContext instead of Authentication.
2005-05-08 23:42:14 +00:00
6a9abe5d90
Remove ContextHolder and introduce SecurityContext.
2005-05-07 09:11:37 +00:00
1a78f9e15f
Refactored to use Spring Assert class (thanks IntelliJ :).
2005-04-15 01:21:41 +00:00
747825cda1
Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml.
2005-03-22 22:56:36 +00:00
9f66c0eae9
Update to current Spring JAR dependencies.
2005-03-22 11:17:22 +00:00
816fb07e5f
Initial commit.
2005-03-22 06:11:28 +00:00
602b1473c5
Example certificates for X.509 Contacts app.
2005-03-20 19:09:55 +00:00
a4210b5551
Rolled back to remove X.509 users. Using new certificate with existing user name instead.
2005-03-19 18:40:16 +00:00
05bd6abb22
Added cache beans.
2005-03-19 18:36:10 +00:00
645dba1fcb
Added X.509 user to contacts with user name matching certificate email address.
2005-03-11 03:05:31 +00:00
740373ad01
Removed login-config info. Client authentication has to be enabled on the server (e.g. in the Tomcat connector) for it to work.
2005-03-11 00:33:15 +00:00
466220eb50
Added build for X.509 contacts app.
2005-03-11 00:03:16 +00:00
4ec64d407c
X.509 version of contacts app.
2005-03-10 23:48:54 +00:00
3e9cd13fef
Re-enable session listener.
2005-03-01 02:35:33 +00:00
f1e071b0f1
Added remember-me services.
2005-03-01 02:30:38 +00:00
44397bb05d
Committing ConcurrentSessionController feature and tests. Documentation is needed.
2005-02-26 21:48:07 +00:00
693ac5a24a
Anonymous principal support. As requested by the community at various times, including in http://forum.springframework.org/viewtopic.php?t=1925 .
2005-02-23 06:09:56 +00:00
3c4faf58c7
HttpSessionEventPublisher, HttpSessionCreatedEvent, HttpSessionDestroyedEvent
...
Used together to provide published events in the ApplicationContext about HttpSessions.
Useful for things like Single Session logins.
2005-02-23 02:54:41 +00:00
dda66a0454
Significantly refactor "well-known location model" to authentication processing mechanism and HttpSessionContextIntegrationFilter model.
2005-02-21 06:48:31 +00:00
4922ec1bbd
Use FilterChainProxy to tidy web.xml.
2005-02-20 05:40:44 +00:00
c8706c33ac
Log4J no longer expected in servlet container classpath.
2005-01-28 06:34:01 +00:00
49974737fd
Allow site deployment from each subproject
2005-01-14 22:35:10 +00:00
6c1e2f23b2
Allow last attempted username to be displayed in views.
2004-12-25 23:38:39 +00:00
c77cb84f52
Fix group names etc as required to ensure a multiproject:install works from /docs if there is a CLEAN (empty) Maven repository.
2004-12-25 07:02:31 +00:00
6ece0fab22
Iron out some Maven bugs with our custom WAR artifact building.
2004-12-24 00:35:36 +00:00
2fe24b4357
Make multiproject:artifact (when called from /docs) properly build the Contacts Sample WARs.
2004-12-23 23:00:38 +00:00
8fb64e1e1b
Fix repository URLs so "viewcvs" URLs (associated with changelog plugin) are all correct.
2004-12-22 03:47:55 +00:00
76c82db196
Refactor EH-CACHE integration classes to work with Spring IoC provided Cache rather than manage our own cache internally.
2004-12-05 04:37:05 +00:00
589691d11e
Added distributionUrl
2004-11-20 10:28:18 +00:00
cbd842ea44
Deprecated - use "maven -Dusername=marissa -Dpassword=koala run" (from contacts directory) instead.
2004-11-20 05:31:07 +00:00
44b7cccc1f
Add RMI + HTTP Invoker remoting protocols and fixes related to Maven migration.
2004-11-20 05:28:20 +00:00
889edece9f
Add additional packages.
2004-11-20 05:26:02 +00:00
09cfe6eb96
Make Serializable (required by RMI).
2004-11-20 05:25:13 +00:00
d8c5143e97
Added support so client application can be run from Maven.
2004-11-20 05:24:52 +00:00
75a3876322
Use FieldRetrievingFactoryBean to specify static fields.
2004-11-16 12:15:03 +00:00
1d81f4d1b7
Upgrade to Spring 1.1.2.
2004-11-16 12:14:09 +00:00
f286c34312
Use new BasicAclExtendedDao for DAO CRUD operations instead of ContactDao.
2004-11-15 13:04:54 +00:00
6e687d47d4
Refactor Contacts Sample to use new ACL security.
2004-11-15 03:25:39 +00:00
d159f6c5e1
Renamed artifactId
2004-11-14 21:49:42 +00:00
2067effa4a
Migrated to maven
2004-11-13 19:57:48 +00:00
8219778e1f
Ignore target directory.
2004-11-13 01:21:35 +00:00
ec86643982
More dependencies.
2004-11-13 01:20:12 +00:00
f98b926da4
Add dependency on Spring MVC classes.
2004-11-12 23:52:47 +00:00
518ee40740
Migrated to maven
2004-11-12 21:47:08 +00:00
6b266bc677
Moved to xdocs
2004-11-12 21:45:42 +00:00
447549cf01
Added maven files
2004-11-12 21:42:43 +00:00
b4b32a2e63
Correction.
2004-11-10 23:09:57 +00:00
9b7996254e
Improve troubleshooting help.
2004-11-08 21:52:57 +00:00
992cf44b36
Refactor MethodDefinitionMap to use Method, not MethodInvocation. Refactor AbstractSecurityInterceptor to not force use of Throwable. Move AOP Alliance based MethodSecurityInterceptor to separate package.
2004-10-18 06:38:44 +00:00
6b54784915
Improved sample applications' bean reference notation.
2004-09-24 00:47:53 +00:00
9e59374477
Corrected typo "configuaration" in comments. Removed indentation tab characters.
2004-09-06 23:57:28 +00:00
fa396c6cdf
Load AutoIntegrationFilter via FilterToBeanProxy.
2004-08-03 07:18:33 +00:00
48b1cb7c85
Move UserDetails interface to net.sf.acegisecurity package.
2004-07-13 22:38:20 +00:00
6314aa4efa
Refactor User to an interface.
2004-06-24 23:24:14 +00:00
1a0bec5bf1
Make User available from Authentication via DaoAuthenticationProvider.
2004-06-21 06:10:14 +00:00
12c58006b0
Initial Maven support, thanks to Carlos Sanchez.
2004-06-08 23:46:41 +00:00
b3e2d78c5d
Fix issue when encoded passwords are used. Modify Contacts sample to test encoded passwords.
2004-06-08 12:54:42 +00:00
1b24ff5ea8
Refactor DaoAuthenticationProvider cache model.
2004-05-31 04:41:22 +00:00
d5c14142d1
Add event capabilities.
2004-05-24 00:09:27 +00:00
c7991d8555
Channel filter should be commented out by default.
2004-04-29 02:18:16 +00:00
ecac5a2eed
Make ChannelDecisionManagerImpl iterate through a list of channel security processors.
2004-04-29 02:17:07 +00:00
136c27aff3
Corrected welcome page to display appropriate information depending on WAR being used.
2004-04-29 02:13:00 +00:00
901c7d4752
Significantly enhance channel processing filter.
2004-04-27 06:21:00 +00:00
2c97583f27
Filter to ensure web requests are received over a suitable secure channel.
2004-04-23 08:57:43 +00:00
e0d57de330
Add DaoAuthenticationProvider caching support.
2004-04-23 05:01:57 +00:00
26ff665dee
Correct <A HREF> tags to use proper URL encoding.
2004-04-23 01:39:21 +00:00
fa9b872570
Initial CAS support.
2004-04-19 07:34:32 +00:00
ff38767efd
Update to refer to new static location of ACEGI_SECURITY_LAST_EXCEPTION_KEY.
2004-04-18 11:37:57 +00:00
6815e693a7
Make SecurityEnforcementFilter support pluggable authentication entry points. Enhance BASIC authentication so it's a viable alternative to form-based authentication for user agents like IE and Netscape.
2004-04-16 14:22:15 +00:00
38835da164
Provide a proxy so filters can be loaded directly from the application context.
2004-04-16 06:31:48 +00:00
239370ab96
Initial commit.
2004-04-16 06:25:57 +00:00
3d089aaa67
move and rename password encoding classes.
...
change saltSource arument to salt argument, which impl may or may not use.
2004-04-16 03:44:04 +00:00
5d9d734735
more final version of the various PasswordEncoder implementations.
...
add unit tests for PasswordEncoder implementations.
remove ignore password case and ignore username case flags and handling from DaoAuthenticationProvider.
remove requirement described in JavaDoc for AuthenticationDao that it ignore case when returning a user by username. Implementations may still do so if configured as such.
2004-04-15 16:32:09 +00:00
a09f2a4c18
ant format seems to have reformated these differently than what is in CVS
2004-04-13 21:59:02 +00:00
7ae1844130
Improve client application by moving username/password specification to command-line.
2004-04-11 13:14:19 +00:00
66e8d741ca
Expand Contacts sample application to use Hessian and Burlap remoting.
2004-04-11 12:15:00 +00:00
7f9d7520f6
Remove duplication with contacts-servlet.xml.
2004-04-09 05:48:41 +00:00
1d225f8891
Changed filters to use ContextLoaderListener.
2004-04-09 05:42:43 +00:00
b1a3f8b182
Provide authentication failure reason to user.
2004-04-03 05:35:40 +00:00
6ddc006012
Modify MethodSecurityInterceptor to new location, remove unnecessary comments, add a DAO authentication provider so the MethodSecurityInterceptor can validate Authentication objects presented by the HTTP filter authentication system.
2004-04-02 12:00:29 +00:00
d820f64d59
Now in the etc directory.
2004-04-02 11:58:24 +00:00
c92798536a
Modified to report success for HTTP filter-based authentication, not only container adapters.
2004-04-02 11:57:17 +00:00
8c69eb6abb
Modified to support changes to interface.
2004-04-02 11:56:00 +00:00
cfb99d01c9
Build two WARs: one for deployment to containers without container adapters, and one for delpoyment to containers with them.
2004-04-02 11:54:57 +00:00
ef84c78776
Ignore temporary directory.
2004-04-02 11:54:15 +00:00
862f45e02f
Initial commit.
2004-04-02 11:53:20 +00:00
60ddb6a3c7
Modifications to support changes to Resin container adapter.
2004-03-30 04:42:09 +00:00
1affe45ced
Moved to classes directory to support changes to Resin container adapter.
2004-03-30 04:41:35 +00:00
734dd387c6
Moved to classes directory.
2004-03-30 04:39:48 +00:00
6f0f9650a0
Corrected class name of Resin Container Adapter.
2004-03-30 03:58:45 +00:00
57fd086f09
Update license.
2004-03-28 11:25:40 +00:00
14f27ae683
Make compatible with interface changes to aopalliance.jar.
2004-03-27 00:44:27 +00:00
01f27e5210
* samples/contacts/build.xml:
...
Update the way the contacts.war file is built:
1. Grab the necessary libraries from the project's lib/ folder.
2. Remove temporary staging area for WEB-INF/lib/ folder.
3. Delete the contacts.war file at all times, so a fresh
baked copy is always made.
Also renamed project, and changed usage message.
2004-03-23 17:38:41 +00:00
1490e8a707
* samples/contacts/src/sample/contact/SecureIndexController.java:
...
Prevent a NullPointerException when no SecureContext can be found.
Instead, throw a real exception, explaining what's wrong.
2004-03-23 17:27:04 +00:00
95d7ac1bf3
* samples/contacts/src/sample/contact/ContactManagerBackend.java:
...
Clean up how the contacts are returned. Do not create unnecessary
objects.
2004-03-23 17:25:34 +00:00
c3507b26c9
Change to Apache License version 2.0.
2004-03-23 04:44:48 +00:00
a92878b69f
* samples/contacts/war/WEB-INF/jsp/include.jsp:
...
Declare access to the Acegi authz taglib.
* samples/contacts/war/WEB-INF/jsp/index.jsp:
Use the Acegi authz taglib to protect access to the
delete link for users which have the ROLE_SUPERVISOR.
2004-03-22 20:23:07 +00:00
35fe1e7b73
Initial commit.
2004-03-16 23:57:17 +00:00
Carlos Sanchez
Ben Alex
Luke Taylor
Scott Battaglia
Mark St. Godard
Ray Krueger
Colin Sampaleanu
Francois Beausoleil