3648073461
Fix EH-CACHE after web context refresh (patch thanks to Travis Gregg).
2004-07-26 22:56:00 +00:00
d1fa12a312
Fix Javadocs warning.
2004-07-26 06:52:55 +00:00
3f7f8e26fa
Reduce setAuthentication scope now that it should only be called by AbstractAuthenticationManager.
2004-07-24 07:21:18 +00:00
951c1a02df
Store failed Authentication request in AuthenticationException, using template pattern (patch thanks to Wesley Hall).
2004-07-24 07:18:04 +00:00
7ac3706eb9
Allow subclasses to add their own custom GrantedAuthority[]s.
2004-07-24 07:15:06 +00:00
3d23119b56
Following a suggestion from Scott Evans, added support for EL in the authz tag
...
library:
http://www.mail-archive.com/acegisecurity-developer%40lists.sourceforge.net/msg00189.html
* lib/spring/spring-mock.jar:
Added Spring's 1.0.2 mock JAR.
* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagExpressionLanguageTests.java:
New tests to assert that the taglib recognizes and parses EL expressions.
* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
Implemented AuthorizeTagExpressionLanguageTests by using Spring's
ExpressionEvaluationUtils.
2004-07-23 01:24:55 +00:00
f798e56d75
Contribution by Wesley Hall to improve exception handling.
2004-07-22 04:56:17 +00:00
2996d67b06
Fix bug related to detecting incorrect use of SecureContext property.
2004-07-21 02:04:42 +00:00
3e37b74e3f
Added Javadoc to all classes
2004-07-19 19:42:14 +00:00
da7895087b
Added correct @author and @version tags, more Javadocs to follow
2004-07-19 17:27:28 +00:00
3360e2d51a
Added in javadoc
2004-07-19 17:24:38 +00:00
0c7a07e4db
Adding in JAASAuthenticationProvider tests
2004-07-19 00:44:01 +00:00
1947819d73
Adding in JAASAuthenticationProvider support
2004-07-19 00:43:28 +00:00
2f2b054b7a
Resolve a Weblogic compatibility issue (patch thanks to Patrick Burleson).
2004-07-15 23:27:59 +00:00
e3be8f20bb
Refactor CasAuthoritiesPopulator to use UserDetails rather than GrantedAuthority[].
2004-07-14 09:54:09 +00:00
48b1cb7c85
Move UserDetails interface to net.sf.acegisecurity package.
2004-07-13 22:38:20 +00:00
064cd3c7bf
Add a getter for the context.
2004-07-13 22:10:52 +00:00
8b9f02e2e7
Expand test coverage.
2004-07-13 02:01:58 +00:00
491fb00ffd
Make Authentication serializable (Weblogic support).
2004-07-12 22:40:33 +00:00
957e28252e
Log stack trace to assist debugging.
2004-07-08 21:50:42 +00:00
2cb3703253
Relax restriction on empty Strings for proxy callback URL, as this should be an empty String if no proxy callback was requested during service ticket validation.
2004-07-03 00:47:46 +00:00
b957b5e25b
Convert database URL to use absolute path. Fixes test with Maven.
2004-07-02 14:07:26 +00:00
ce712eaccf
Improve organisation of DaoAuthenticationProvider to facilitate subclassing.
2004-06-30 23:18:47 +00:00
fe91639b15
Allow custom SecureContext implementations to be selected by user.
2004-06-29 23:28:59 +00:00
6314aa4efa
Refactor User to an interface.
2004-06-24 23:24:14 +00:00
04dea9e403
Patch by Mark St.Godard to resolve issues with WebSphere 5.
2004-06-23 05:52:49 +00:00
46f17bed79
Make isPasswordCorrect protected to facilitate subclass use.
2004-06-21 06:17:20 +00:00
1a0bec5bf1
Make User available from Authentication via DaoAuthenticationProvider.
2004-06-21 06:10:14 +00:00
27d89f3e91
Patch by Mike Youngstrom to fix Jameleon stripping of slash.
2004-06-17 01:23:13 +00:00
b3e2d78c5d
Fix issue when encoded passwords are used. Modify Contacts sample to test encoded passwords.
2004-06-08 12:54:42 +00:00
b5cbcdc591
Refactor DaoAuthenticationProvider cache model.
2004-06-06 06:31:28 +00:00
1b24ff5ea8
Refactor DaoAuthenticationProvider cache model.
2004-05-31 04:41:22 +00:00
d9f77a7ed1
Initial commit.
2004-05-31 02:37:29 +00:00
b6cb84e937
Improve robustness so if ApplicationContext not shutdown correctly (thus destroy() not called) the cache will not fail on subsequent startups.
2004-05-31 02:08:34 +00:00
e300a90890
Improve test coverage.
2004-05-31 01:19:18 +00:00
0cbea9b452
Improve HTTP redirect URL encoding.
2004-05-26 22:17:14 +00:00
d5c14142d1
Add event capabilities.
2004-05-24 00:09:27 +00:00
42ccbfbad7
Store additional information about the authentication request.
2004-05-24 00:06:54 +00:00
b6e0c3076f
Fixed issue with hot redeploy as cache not being closed.
2004-05-24 00:04:49 +00:00
369ea24215
Extra mock functionality for new unit tests.
2004-05-24 00:02:09 +00:00
3f6961d855
Improved exception handling if response already committed.
2004-05-23 23:57:29 +00:00
d5a6ea044d
Implemented a fix for a NullPointerException as reported by Pierre-Antoine Gr�goire (pa.gregoire@free.fr)
...
"The error comes from line 115 in AuthorizeTag....It seems there's no control
for a null value here..."
* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java:
Added a new test to confirm the existence of the bug.
* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
And fixed the failing test.
2004-05-19 12:34:52 +00:00
4cac2f1a62
Made serializable as per request by Mike Youngstrom.
2004-05-15 23:37:03 +00:00
614f12448e
Create a NullRunAsManager, which is used by default by the AbstractSecurityInterceptor.
2004-05-06 23:13:32 +00:00
8713d4d52c
Authentication subclasses Principal, so it's directly usable by classes that want a Principal. No implementations need to change if they subclass AbstractAuthenticationToken, as it implements the one and only method required by Principal.
2004-05-04 07:35:41 +00:00
4152df1225
Allow filter to update multiple HttpSession attributes (useful if servlets etc expect to find an Authentication object in a given HttpSession attribute, like Jakarta Slide).
2004-05-04 07:27:57 +00:00
eaa92cd80a
Fixed issue with caching by making AbstractIntegrationFilter (and its subclasses) write the new Authentication object to the well-known location.
2004-04-30 05:16:08 +00:00
ecac5a2eed
Make ChannelDecisionManagerImpl iterate through a list of channel security processors.
2004-04-29 02:17:07 +00:00
2421268baa
Improve IE 6 bug detection logic.
2004-04-29 02:14:20 +00:00
b61c05ff89
Change classes to use PortMapperImpl and PortResolverImpl by default.
2004-04-28 00:10:56 +00:00
901c7d4752
Significantly enhance channel processing filter.
2004-04-27 06:21:00 +00:00
e555d77d4e
Move port mapping functionality into separate classes to allow reuse. Permit implementations to override the source port (required given some browsers do not respond to HTTP redirects correctly).
2004-04-27 06:17:53 +00:00
c6a1b2b608
Clarify how URLs are constructed.
2004-04-27 06:14:57 +00:00
8a4edca136
Support new key requirement on DAO authentication provider.
2004-04-27 06:00:39 +00:00
2c97583f27
Filter to ensure web requests are received over a suitable secure channel.
2004-04-23 08:57:43 +00:00
d65b0e0bd2
Add correct supports() method and tests.
2004-04-23 06:28:23 +00:00
ed68b701b2
Add toString() method and test.
2004-04-23 06:27:50 +00:00
e0d57de330
Add DaoAuthenticationProvider caching support.
2004-04-23 05:01:57 +00:00
babb908fea
Increase test coverage.
2004-04-23 04:51:56 +00:00
83d871cd5d
Enhance equals() method to detect key variances.
2004-04-23 03:45:16 +00:00
6eb0a47632
fix FilterInvocation so it doesn't lose the tail end (past the servlet path) of the request url
2004-04-23 02:29:18 +00:00
0537900357
Remove unnecessary code.
2004-04-23 02:08:58 +00:00
e2de3c9dbc
Enhance AuthenticationProcessingFilterEntryPoint and related classes, to support a property forcing the login page to be access via https even if the original intercepted request came in as http.
2004-04-22 21:47:05 +00:00
20025da7c7
work on unit test, still some functionality to cover later
2004-04-22 11:54:52 +00:00
2a46a975a5
allow automatic switch from http to https for login form.
...
unit tests will be updated tomorow to cover new functionality.
2004-04-22 03:56:55 +00:00
ab9e783f79
after invocation, restore pre-RunAs Authentication regardless of exception that may be thrown by method being intercepted
2004-04-21 21:09:39 +00:00
fa9b872570
Initial CAS support.
2004-04-19 07:34:32 +00:00
b3f9f6f4e9
Updated tests to relocate common filter authentication functionality to an abstract parent.
2004-04-18 12:57:49 +00:00
4500aba050
Expand unit test coverage.
2004-04-18 12:05:20 +00:00
0a856b7f15
Expand coverage to test SaltProvider integration.
2004-04-18 12:04:43 +00:00
872ace9164
Modify contract of AuthenticationProvider to allow AuthenticationProvider implementations to return null if they do not wish to process a given Authentication request, despite asserting they support it.
2004-04-18 12:03:07 +00:00
a6b5b8d828
Initial commit.
2004-04-18 12:01:18 +00:00
1cf2b333bd
Relocate common filter authentication functionality to an abstract parent, and update JavaDocs accordingly.
2004-04-18 12:00:02 +00:00
96fa2a5a75
Update encoders so they process salts.
2004-04-18 11:56:50 +00:00
b06833e0d7
Unit tests must be named *Tests (note the plural).
2004-04-18 11:55:49 +00:00
5dbef97a1d
Expand unit test coverage.
2004-04-18 11:54:51 +00:00
5b16c42e15
Enhance mock so it is told whether to grant or deny access.
2004-04-18 11:35:24 +00:00
f38ed01b29
Detect nulls within GrantedAuthority[] passed to constructor. This ensures end-user DAO implementations are creating the User correctly.
2004-04-18 11:23:01 +00:00
a0f809991d
JavaDoc updates.
2004-04-18 05:56:07 +00:00
3ceb492cb2
move password encoder tests to proper packages.
...
rename saltSource param in PasswordEncoder interfce to salt. It was already called salt in subclasses, and is in fact supposed to be the salt, not the source for the salt, although depending on the implementation it may still be treated as the latter.
2004-04-17 02:18:46 +00:00
da5101cfb4
Make salt sources pluggable.
2004-04-17 01:29:52 +00:00
03efc3e51f
Improve JavaDocs.
2004-04-17 01:28:38 +00:00
ae16d96121
Moved to net.sf.acegisecurity.providers.encoding.
2004-04-17 01:28:05 +00:00
6815e693a7
Make SecurityEnforcementFilter support pluggable authentication entry points. Enhance BASIC authentication so it's a viable alternative to form-based authentication for user agents like IE and Netscape.
2004-04-16 14:22:15 +00:00
7e85bbc054
Relaxed requirement so targetClass OR targetBean can be used (targetBean no longer requires targetClass to be specified as well).
2004-04-16 12:37:58 +00:00
38835da164
Provide a proxy so filters can be loaded directly from the application context.
2004-04-16 06:31:48 +00:00
7b59d5f189
Expand test coverage now that prefix is configurable.
2004-04-16 06:28:21 +00:00
3d089aaa67
move and rename password encoding classes.
...
change saltSource arument to salt argument, which impl may or may not use.
2004-04-16 03:44:04 +00:00
5d9d734735
more final version of the various PasswordEncoder implementations.
...
add unit tests for PasswordEncoder implementations.
remove ignore password case and ignore username case flags and handling from DaoAuthenticationProvider.
remove requirement described in JavaDoc for AuthenticationDao that it ignore case when returning a user by username. Implementations may still do so if configured as such.
2004-04-15 16:32:09 +00:00
41a837f8cd
add back HSQL db in test dir, as it turns out _it is_ supposed to be in CVS
...
modify JdbcDaoTests to test for role prefix functionality
fix glitch in JdbcDaoImpl
modify Eclipse classpath so HSQL lib is loaded, so unit tests can run in Eclipse as well.
2004-04-15 03:34:18 +00:00
18d5c59532
'ant format' strikes again.
2004-04-14 21:31:22 +00:00
aed9d2a1d8
initial cut at allowing pluggable digest strategy for use in password handling in DaoAuthenticationProvider
2004-04-14 21:30:59 +00:00
fad252b0fe
allow special ROLE_ prefix to be overriden
2004-04-14 03:38:10 +00:00
a09f2a4c18
ant format seems to have reformated these differently than what is in CVS
2004-04-13 21:59:02 +00:00
2786312b8e
allow query strings to be specified
...
allow MappingSqlQuery to be specified
2004-04-13 21:58:03 +00:00
f1abf780b5
Add support for HTTP Basic Authentication.
2004-04-11 12:09:08 +00:00
670d007630
JavaDoc updates.
2004-04-11 12:05:46 +00:00
bd35a47233
Support configuration via Apache Ant paths (not only regular expressions).
2004-04-09 09:51:23 +00:00
5488bf4ca8
Renamed to RegExpBasedFilterDefinitionMapTests.
2004-04-09 09:49:07 +00:00
7eefbd3bb2
Update to use contextConfigLocation.
2004-04-09 05:41:42 +00:00
6c26e79a0f
change AuthenticationProcessingFilter and SecurityEnforcementFilter to use Spring's WebApplicationContextUtils by defualt to find their config context.
2004-04-09 02:44:17 +00:00
ea0e6b2577
* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagAttributeTests.java,
...
src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
Added three new tests to assert that whitespace is ignored in the
attribute's content.
2004-04-02 20:59:16 +00:00
1b1d119836
Modifications consistent with changes to the objects being tested.
2004-04-02 12:20:41 +00:00
a278db8df9
Functionality moved to new tests or mocks.
2004-04-02 12:18:58 +00:00
eaffc00fc4
Initial commit.
2004-04-02 12:16:39 +00:00
852cea437c
Reflect new secure object API, which is no longer bound to MethodInvocations.
2004-04-02 12:13:56 +00:00
f026b3a08a
Documentation improvements.
2004-04-02 12:11:13 +00:00
15588123ba
Additional import statement.
2004-04-02 12:10:31 +00:00
33edeb5a2f
Moved to net.sf.acegisecurity.ui
2004-04-02 12:07:24 +00:00
e54ad9b4e8
Reflect new secure object API, which is no longer bound to MethodInvocations.
2004-04-02 12:05:49 +00:00
3ece12c386
Moved to net.sf.acegisecurity.intercept.method.
2004-04-02 12:03:18 +00:00
738fd2161d
Initial commit.
2004-04-02 12:02:01 +00:00
dd39d747d5
Improved documentation and added methods to facilitate unit testing.
2004-03-29 13:39:30 +00:00
c220ff583c
Initial commit.
2004-03-29 13:36:45 +00:00
0a17d65d37
Initial commit.
2004-03-29 02:49:51 +00:00
ea05e0b931
Simplified sub-class usage. Made compatible with changes to User constructor.
2004-03-29 02:48:10 +00:00
1b726825fa
Changed internals to use list instead of set, to preserve element ordering.
2004-03-28 12:19:13 +00:00
adb1971873
Enhancements to detect errors and faciltiate easier testing.
2004-03-28 12:17:46 +00:00
d59a5da321
Changed to not detect null returns, as the UserMap will now throw the UsernameNotFoundException.
2004-03-28 12:16:44 +00:00
f203979237
Update to be compatible to changes made to User's no-arg constructor.
2004-03-28 12:15:11 +00:00
489c941101
Improved detection of invalid parameters in constructors.
2004-03-28 12:14:11 +00:00
3179f5f1e7
Fixed support for lowercase usernames and passwords.
2004-03-28 12:10:23 +00:00
1573491fbe
Changed no-arg constructor to a form more suitable for unit testing.
2004-03-28 12:09:35 +00:00
cab961bfa6
Enhanced equals() method.
2004-03-28 12:08:20 +00:00
cff8894b99
Changed interface to extend Context. This provides interface-level compatibility with objects requiring a Context, rather than requiring implementations to also implement Context.
2004-03-28 12:07:34 +00:00
c5951ff1c0
Changed no-arg constructor to a form more suitable for unit testing.
2004-03-28 12:02:41 +00:00
3fa1534c94
Added license information.
2004-03-28 11:58:37 +00:00
4b1e738bb5
Minor formatting changes.
2004-03-28 11:57:55 +00:00
8d24027443
Added debug statement at commencement of interception and additional comment re ContextHolder.
2004-03-28 11:56:32 +00:00
cf043ad35f
Numerous formatting changes, and methods to facilitate unit testing.
2004-03-28 11:54:10 +00:00
dc6357d504
Improved JavaDocs.
2004-03-28 11:51:23 +00:00
22b8be49f0
Changed no-arg constructor to a form more suitable for unit testing. Also added an equals() method.
2004-03-28 11:49:24 +00:00
dcf78213a3
Corrected @author tag.
2004-03-28 11:48:35 +00:00
4124b1c298
Changed internals to use list instead of set, to preserve element ordering.
2004-03-28 11:44:02 +00:00
fe379d9712
Initial commit.
2004-03-28 11:41:20 +00:00
6c5a5cd311
No longer required.
2004-03-28 11:40:29 +00:00
8808f5e8dd
Expanded unit test coverage.
2004-03-28 11:39:38 +00:00
6038d56ece
Expanded unit test coverage, moving relevant methods to AbstractAdapterAuthenticationTokenTests.
2004-03-28 11:35:35 +00:00
bc847f564f
Expanded unit test coverage.
2004-03-28 11:31:22 +00:00
6a2870d8f0
No longer required.
2004-03-28 11:29:10 +00:00
ab01d829c5
Initial commit.
2004-03-27 00:46:50 +00:00
14f27ae683
Make compatible with interface changes to aopalliance.jar.
2004-03-27 00:44:27 +00:00
e3dc29ae96
No longer required.
2004-03-27 00:43:12 +00:00
94e384b944
Expand test coverage.
2004-03-26 13:17:48 +00:00
e153a54406
Expand test coverage.
2004-03-26 12:20:54 +00:00
02559344bc
Expand test coverage.
2004-03-26 12:02:30 +00:00
1a040c7ddf
Made no arg constructor protected to enable unit test coverage.
2004-03-26 11:51:47 +00:00
b4273c62b7
Expand test coverage.
2004-03-26 11:49:43 +00:00
a8c9b2c96f
No longer required.
2004-03-26 11:18:44 +00:00
22272223d2
Initial commit.
2004-03-26 11:12:54 +00:00
Ben Alex
Francois Beausoleil
Ray Krueger
Luke Taylor
Colin Sampaleanu