Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,965 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1013 Commits

Author SHA1 Message Date
Vishal Puri a01bb3bbee Added more bean definition parsers 2007-05-17 12:57:16 +00:00
Vishal Puri 1a06723404 fixed broken test in build 47 2007-05-17 12:49:58 +00:00
Vishal Puri 3eb9870162 SEC-271: Added more security elements 2007-05-17 12:30:36 +00:00
Vishal Puri 26b0d4d1cb SEC-271: uncommented copy of resources in META-INF directory 2007-05-17 12:23:07 +00:00
Vishal Puri e43439ba44 implemented Ordered interface 2007-05-17 12:21:02 +00:00
Vishal Puri 001dc0b1d9 SEC-271: implemented Orderd interface in all the entrypoints 2007-05-17 12:20:16 +00:00
Ray Krueger 8b1cc05518 Updated Assertion message 2007-05-17 03:18:35 +00:00
Vishal Puri 84a3c87ea4 SEC-271: Replaced Java 5 specific code with pre Java 5 2007-05-17 03:04:07 +00:00
Vishal Puri e67bff61a0 Explicity specified version 2.3 for surefire-plugin 2007-05-17 01:14:07 +00:00
Vishal Puri 74123cd234 Replace resource property with location for PropertyFactoryBean 2007-05-16 00:31:31 +00:00
Vishal Puri ee2eac5a51 SEC-271: added LogoutFilterBeanDefinitionParserTests 2007-05-15 13:54:43 +00:00
Vishal Puri 1203e9858a SEC-271: Added BeanDefitnitionParser for principal-repository, extended security schema and added unit tests 2007-05-15 13:32:06 +00:00
Vishal Puri 51f306a19a SEC-271: Added more BeanDefinitionParsers and extend spring-security.xsd to have more elements 2007-05-15 13:26:05 +00:00
Vishal Puri ced5cb4f85 added new security element in the spring-security schema and wrote a parser for the element 2007-05-13 13:33:33 +00:00
Vishal Puri e73421d7b2 Spring version upgrade to 2.0.4, changed svn urls in project.xml and poms 2007-05-13 12:30:53 +00:00
Vishal Puri 9794c518d6 SEC-271: Spring 2-based configuration simplification of Acegi Security 2007-05-11 00:09:56 +00:00
Vishal Puri 566314dae5 SEC-271: Spring 2-based configuration simplification of Acegi Security 2007-05-10 02:32:30 +00:00
Vishal Puri 09fd79bc64 SEC-419: Added the right logger class in CollectionFilterer 2007-05-10 02:25:15 +00:00
Vishal Puri 82f215700b changed svn url to https://acegisecurity.svn..... 2007-05-10 02:11:54 +00:00
Vishal Puri 62c832e366 SEC-423: Fixed IllegalArguemntException being thrown by checking for null contextFromSessionObject 2007-04-27 07:35:11 +00:00
Vishal Puri c2d1405f44 SEC-357: Added testIfSwitchUserWithNullUsernameThrowsException 2007-04-24 06:35:15 +00:00
Ray Krueger fe0c99c816 Fixed http://opensource.atlassian.com/projects/spring/browse/SEC-445 
Import servlet-api 2.4 in order to bring in the correct PageContext class
 2007-04-23 18:25:01 +00:00
Luke Taylor 6bfff55da3 Corrected Javadoc for setRejectPublicInvocations (s/true/false) and tidied up code for validation of attributes 2007-03-30 18:27:19 +00:00
Luke Taylor 993f7e4af0 Refactored to pull "public invocation" behaviour (attr==null) into a single guard clause. 2007-03-30 18:02:08 +00:00
Luke Taylor 6e5f5e15ad Refactored to introduce constants for number of ops and number of threads for tuning. 2007-03-10 21:34:53 +00:00
Luke Taylor fabca162a7 Added a customized checkstyle configuration file to tame the Maven 2 checkstyle report to the extent that it gives some useful infomation. Tidied up comments, excessively long lines, use of tabs etc. to match. 2007-02-24 21:00:24 +00:00
Luke Taylor bd2d4b013a Extracted a method to evaluate the conditions for whether basic authentication is required. 2007-02-23 19:21:44 +00:00
Luke Taylor a1886bd1e0 Made string constant RECIPIENT_FOR_CACHE_EMPTY final. 2007-02-22 23:57:49 +00:00
Luke Taylor b8a0f97fde Removed irrelevant CAS stuff from equalsWhenEqual test. 2007-02-22 23:29:01 +00:00
Luke Taylor 25bc67885d Uncommented tests which now work due to apache-ds bugfixes 2007-02-06 18:21:31 +00:00
Luke Taylor 0d9cae43bf Corrected mistake in reading java.io.tmpdir. 2007-02-06 18:20:14 +00:00
Luke Taylor 5464678355 Pass apache-ds temp working directory as a system property through the surefire plugin. 2007-02-06 18:18:14 +00:00
Luke Taylor 8b98a9d27c Added code to delete the previous contents of the ldap test server working directory as these aren't always compatible if the apache-ds version has changed. 2007-02-05 00:35:42 +00:00
Luke Taylor 1686fd0bd2 Updated ldap tests to apache directory 1.0.0 release version. 2007-02-04 20:06:36 +00:00
Ben Alex e169e63e1b SEC-404: Correct previous SEC-404 commit. 2007-01-02 23:36:38 +00:00
Ben Alex 3f62a5c868 SEC-404: NPE when logging out if user not already logged in. 2006-12-28 21:23:35 +00:00
Luke Taylor 93509dc999 Reformatted X.509 certificate in comment. 2006-11-29 01:40:14 +00:00
Luke Taylor 6a440f816c removed monkeymachine.co.uk email addresses. 2006-11-28 21:37:37 +00:00
Ben Alex 1805ab8ec4 SEC-401: internalMethod handling fixes, plus correct issue with startsWith(String) usage. 2006-11-26 04:47:43 +00:00
Ben Alex e79a28875f SEC-400: Clarify exception if getter returns null. 2006-11-26 03:24:11 +00:00
Ray Krueger 1a486e584b HttpSessionEventPublisher need not implement ServletContextListener any longer 2006-11-20 19:35:11 +00:00
Ray Krueger 74e8efc4e9 Fixed SEC-395 2006-11-20 19:09:45 +00:00
Ben Alex 6fe569556c Use type in same module (Maven requirement). 2006-11-17 03:18:07 +00:00
Ben Alex 197a011ac5 Relocate resource files to comply with Maven directory conventions. 2006-11-17 03:06:30 +00:00
Ben Alex 1081c267d9 SEC-239: New ACL module. 2006-11-17 02:03:23 +00:00
Ben Alex 9f512c384e SEC-239: New ACL module. 2006-11-17 02:01:21 +00:00
Ben Alex 2984913051 SEC-393: More elegantly deal with setProviders(List) type safety enforcement. 2006-11-16 02:15:43 +00:00
Carlos Sanchez 5e819af782 SEC-388: Upgrade other Spring dependencies to 1.2.8. 2006-11-15 22:54:54 +00:00
Ben Alex 1b4a098760 SEC-354: Add label-based voter. 2006-11-14 22:07:36 +00:00
Ben Alex 4d166a6867 SEC-333: Error in last commit, should default to regexp processor, not Ant Path processor, in the case of empty or null strings. 2006-11-14 21:52:51 +00:00
Ben Alex 780130d0f3 SEC-333: Eliminate dependecy on ORO when Ant Paths being used instead of Regular Expressions. 2006-11-14 20:55:24 +00:00
Ben Alex 775840a565 SEC-374: Allow GrantedAuthority[]s assigned to switched user identity to be filtered. 2006-11-14 05:49:56 +00:00
Ben Alex f5ce0250b4 SEC-310: Add AbstractProcessingFilter.getAuthenticationDetailsSource(). 2006-11-14 03:30:04 +00:00
Ben Alex 8dda52eeaa SEC-322: Workaround bug in WebSphere. 2006-11-14 02:21:27 +00:00
Ben Alex 5640eb0511 SEC-378: Use trim instead of replacement for space removal. 2006-11-14 01:55:44 +00:00
Ben Alex ad6c501379 SEC-360: Minor correction in patch applied yesterday. 2006-11-14 01:09:35 +00:00
Ben Alex 2a65d386d5 SEC-384: Remove Commons-Lang dependency. 2006-11-14 00:59:17 +00:00
Ben Alex 59bf8602d2 SEC-356: Add cloneFromHttpSession property. 2006-11-14 00:43:00 +00:00
Ben Alex 5911234f65 SEC-359: Logout even if not logged in. 2006-11-13 06:05:28 +00:00
Ben Alex fa6b4480b1 SEC-360: Provide server side forward option instead of redirection. 2006-11-13 00:17:07 +00:00
Ben Alex f0ae6f53a7 SEC-327: Add includeDetailsObject property. 2006-11-12 23:55:50 +00:00
Ben Alex f28ce39bde SEC-365: Provide an alwaysRemember property, together with an abstract method so subclasses can determine custom behaviour. 2006-11-12 23:28:57 +00:00
Ben Alex 71eba94cf2 SEC-371: Use AbstractTicketValidator for logger. 2006-11-12 23:10:09 +00:00
Ben Alex 0f517cb8e2 SEC-375: Publish AuthorizationFailureEvent event when AccessDeniedException thrown by AfterInvocationProvider. 2006-11-12 22:06:37 +00:00
Ben Alex b8d0722251 SEC-367: Added clarification of immutability contract. 2006-11-12 21:36:52 +00:00
Ben Alex 43dbe6c991 SEC-364: Fix context path handling. 2006-11-12 21:31:31 +00:00
Carlos Sanchez 10d6859dad Added ACL table SQL for some databases 2006-10-17 22:24:57 +00:00
Ben Alex 172026f875 SEC-377: Remove Commons Lang dependency. 2006-10-14 00:17:19 +00:00
Ben Alex c292826475 SEC-373: Add byte array encryption/decryption support. 2006-10-07 09:45:51 +00:00
Ben Alex 21dd050d7b SEC-348: Limit Basic automatic reauthentication scope to UsernamePasswordAuthenticationToken (specifically avoid CasAuthenticationToken). 2006-09-29 08:41:25 +00:00
Ben Alex d2fb473a4e Formatting only. 2006-09-29 07:33:45 +00:00
Ben Alex 49a2de8f0f SEC-366: Initial commit. 2006-09-29 07:29:13 +00:00
Ben Alex cc03675776 SEC-340: Invalidate HttpSession on logout. 2006-09-29 06:45:40 +00:00
Scott McCrory db96650d99 SEC-319: Reverted to 1.0.1 version to delay these changes to 1.1.0, based on small breakage of backward compatability. 2006-09-23 19:48:39 +00:00
Carlos Sanchez 558fd5d75d Add scm info because we don't use artifactid as folder name 2006-09-17 21:06:22 +00:00
Ben Alex b0056568f0 SEC-338: Serializable and serialVersionUID missing for Authentication-related objects. 2006-09-15 08:38:11 +00:00
Ben Alex 7313d5def0 SEC-324: Ensure IllegalStateException no longer occurs. 2006-09-15 07:55:57 +00:00
Ben Alex 324789d544 SEC-311: Must observe symmetry requirement of Object.equals(Object) contract. 2006-09-15 06:27:45 +00:00
Ben Alex 9e3ce85dd5 SEC-330: Make UserMap work with UserDetails, not User concrete class. 2006-09-15 03:47:17 +00:00
Ben Alex f0b259a32e SEC-349: GrantedAuthority constructor argument can be null. 2006-09-15 03:42:11 +00:00
Ben Alex 58d3f0c56f SEC-290: Correct bug with generation of SimpleMethodInvocation. 2006-09-15 03:38:36 +00:00
Ben Alex 5364db2c27 SEC-328: Avoid unnecessarily hitting backend a second time, if the cache wasn't used in first place. 2006-09-15 03:36:51 +00:00
Ben Alex 53beadb7bf SEC-290: Correct bug with generation of SimpleMethodInvocation. 2006-09-15 03:27:26 +00:00
Ben Alex 03df6a90eb SEC-293: Modified collection remove logic to use removeList. 2006-09-15 03:20:08 +00:00
Ben Alex 1292420476 SEC-311: Must observe symmetry requirement of Object.equals(Object) contract. 2006-09-15 03:09:05 +00:00
Ray Krueger cf91104b69 Made parameters case-insensitive 2006-09-14 20:47:17 +00:00
Ray Krueger 6779d97546 Made parameters case-insensitive 2006-09-14 20:39:37 +00:00
Carlos Sanchez 757062e8f9 Initialization of exceptionMappings was broken in last commit 2006-09-13 08:20:08 +00:00
Carlos Sanchez 4d070eab25 Add setAuthoritiesAsString to UserAttribute 2006-09-04 21:54:15 +00:00
Luke Taylor 000f9ab7ac SEC-321: truncate from first question mark, not last. 2006-09-03 22:12:13 +00:00
Luke Taylor 4e65b24253 SEC-245: Add mapPassword method to allow customized translation of password attribute. 2006-08-28 20:58:26 +00:00
Luke Taylor 57a8d2adb3 Added handleBindException method to allow subclasses to inspect the reason for bind failure. 2006-08-25 16:06:20 +00:00
Luke Taylor dc13f25dee Tidied up formatting. 2006-08-25 16:04:27 +00:00
Luke Taylor 8dd1177c02 Added property to force use of LdapContext instead of DirContext 2006-08-25 16:03:50 +00:00
Luke Taylor 92dcf694b4 added createTarget method on Essence class to allow subclassing. 2006-08-25 15:32:39 +00:00
Luke Taylor b5cbc977e1 Javadoc correction 2006-08-24 10:56:26 +00:00
Luke Taylor 3889894d16 Added extra mapping of OperationNotSupportedException to BadCredentialsException as some servers return a 53 code (unwilling to perform) when attempting a bind (e.g. is password has expired). This shouldn't be treated as an outright failure. 2006-08-24 10:32:38 +00:00
Luke Taylor 67fcf426eb Close returned context in nameExists method 2006-08-24 10:10:24 +00:00
Luke Taylor e96fee6ec1 Updated apacheds version to RC3 and slf4j to 1.0.1 2006-08-24 10:07:39 +00:00
Carlos Sanchez 27d2db9e22 Ensure that array of valid permissions can't be modified outside the class 2006-08-22 17:57:18 +00:00
Carlos Sanchez 38ec0f0d30 SEC-286: Reverted rev# 1588 as build fails without log4j (class not found exception) 2006-08-22 16:17:46 +00:00
Carlos Sanchez 69ec903088 Add MethodDefinitionSourceMapping for easier configuration 2006-08-22 16:02:44 +00:00
Carlos Sanchez 0298851ca3 Allow setting ACLs by its name 2006-08-22 16:01:34 +00:00
Carlos Sanchez 3487da0e85 Added javadoc 2006-08-22 15:53:41 +00:00
Luke Taylor 3498b36c14 SEC-285: Removed duplicate commons-lang dependency from pom.xml 2006-08-19 20:03:58 +00:00
Scott McCrory 8d3a2b42d9 SEC-319: Improvements to Siteminder integration: Create its own authentication provider & reeval strategy. Note that documentation not yet complete, but code is functional, test-covered and validated in a Siteminder environment. 2006-07-27 01:13:46 +00:00
Luke Taylor 52a167acfa SEC-286: removed log4j dep as it is in the parent pom and tests run fine without it.. 2006-07-25 23:53:42 +00:00
Carlos Sanchez f7cb31a301 Fix broken test 2006-07-20 18:43:58 +00:00
Carlos Sanchez 9a337d2fea Removed default constructors added in rev# 1573 2006-07-20 13:15:55 +00:00
Luke Taylor 4930657e57 Remove typo in method name "getAuthoritiesPopulator" 2006-07-16 20:17:20 +00:00
Scott McCrory 442c51bb30 SEC-318: Rename AuthenticationDao to UserDetailsService in local variables and logging messages 2006-07-15 15:18:51 +00:00
Ray Krueger d485e30fd5 SavedCookieTest was renamed to SavedCookieTests 2006-07-12 10:33:14 +00:00
Ray Krueger ca863ce4f7 http://opensource.atlassian.com/projects/spring/browse/SEC-308 
Headers should remain case-insensitive.
 2006-07-12 10:25:32 +00:00
Carlos Sanchez 91799c9290 Added missing resources 2006-07-11 21:42:42 +00:00
Carlos Sanchez 156af5b8b6 Added missing tld and notice file to jar 2006-07-11 18:54:04 +00:00
Carlos Sanchez 94a9acedad Added checks to ensure object is properly initialized 2006-07-10 11:48:35 +00:00
Carlos Sanchez 488abe58fb Added default constructor for easier use 2006-07-10 11:24:18 +00:00
Carlos Sanchez 80c1ae3bde fix problems when not loaded through Spring context 2006-07-09 22:08:21 +00:00
Carlos Sanchez 00b73e8331 Fix failing tests keeping old behaviour. 2006-07-06 17:56:50 +00:00
Carlos Sanchez 46af400466 Added FilterInvocationDefinition interface to unify FilterInvocationDefinitionSource and FilterInvocationDefinitionMap 2006-07-06 17:05:08 +00:00
Carlos Sanchez 9e87bd6789 Add javadocs 2006-07-06 17:03:48 +00:00
Carlos Sanchez aa52124d72 Simplify configuration of FilterInvocationDefinitionMap 2006-07-05 22:00:21 +00:00
Carlos Sanchez 9560636380 Simplify configuration of FilterInvocationDefinitionMap 2006-07-05 20:58:50 +00:00
Carlos Sanchez 9d539a13d9 Use accessor instead of field 2006-07-05 20:03:52 +00:00
Carlos Sanchez 0edb75d4aa Added setUsers and setAuthorities for easier configuration 2006-07-05 16:16:13 +00:00
Carlos Sanchez 41f7bb3755 Improve javadoc formatting 2006-07-05 16:00:51 +00:00
Carlos Sanchez 27de814d54 Prevent NullPointerException when not loaded from application context 2006-07-05 15:59:17 +00:00
Carlos Sanchez d847772c81 Prevent NullPointerException when not loaded from application context 2006-07-05 15:58:20 +00:00
Luke Taylor ae55e04522 SEC-297: Stop prepending of context path to full url default targets. Also added more stringent checks on format of injected defaultTargetUrl property. 2006-06-27 23:26:25 +00:00
Carlos Sanchez 18c6838bec [maven-release-plugin] prepare for next development iteration 2006-06-22 17:29:52 +00:00
Carlos Sanchez c7bcbe1b35 [maven-release-plugin] prepare release release_1_0_1 2006-06-22 17:27:29 +00:00
Carlos Sanchez 4e612922ac SEC-281: Go back to spring 1.2.7 to prevent backwards compatibility issues 2006-06-16 17:25:05 +00:00
Luke Taylor a2c3635d78 Moved class to test treee 2006-06-15 00:41:53 +00:00
Luke Taylor 552c275e8f Accidentally checked into source tree rather than test source 2006-06-15 00:37:18 +00:00
Luke Taylor aaf51c4bee Added test for non-String role. 2006-06-14 23:20:51 +00:00
Luke Taylor 49da801096 SEC-303: Check from null role attribute in LdapUserDetailsMapper 2006-06-14 22:44:39 +00:00
Luke Taylor eb3e954ae4 Added chained append call in toString method 2006-06-14 21:46:21 +00:00
Luke Taylor b0caa72e80 Added template method for role creation, as requested in the forum. 2006-06-13 13:18:45 +00:00
Luke Taylor 7475906218 Remove Javadoc errors 2006-06-12 22:32:59 +00:00
Luke Taylor 18680e8fab Remove Jalopy mistakes 2006-06-12 22:31:10 +00:00
Ray Krueger cada23f57d Synchronized MockFilterConfig uses for Spring 1.2.6 and 1.2.8 2006-06-11 01:20:29 +00:00
Ray Krueger fa3c61b19b Call to getCookies() should return Cookies, not SavedCookies 2006-06-11 01:19:44 +00:00
Luke Taylor 88825089a7 Removed "final" from getGroupMembershipRoles 2006-06-07 13:31:11 +00:00
Luke Taylor 2a7caff95f SEC-295: Changed to use getDefaultTargetUrl() accessor internally rather than accessing property directly. Allows for overriding method to supply different Urls. 2006-06-04 15:14:33 +00:00
Ray Krueger 9fd0bbd694 Added Serializable check just to be sure... 2006-06-03 13:40:39 +00:00
Ray Krueger 1a9629b197 http://opensource.atlassian.com/projects/spring/browse/SEC-289 
Wraps disassembles cookies into a SavedCookie that is serializable
 2006-06-03 13:36:51 +00:00
Ben Alex f7020755be SEC-291: Avoid unnecessary creation of SecurityContextHolderStrategy. 2006-06-01 14:02:56 +00:00
Luke Taylor da780e4567 Tidy up XML formatting in comment 2006-05-31 21:56:16 +00:00
Luke Taylor 9f41b9f470 Wrap any DataAccessExceptions thrown by the Ldaptemplate with AuthenticationServiceFailureExceptions 2006-05-31 21:46:16 +00:00
Luke Taylor 5d7a75a421 SEC-284: Removed allowEmptyPassword flag.. 2006-05-31 20:12:12 +00:00