Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,267 Commits 34 Branches 337 Tags
Commit Graph

963 Commits

Author SHA1 Message Date
Luke Taylor
d4d45e1311 Make getHeader() methods check case-insensitive matching on header name. 2009-10-14 14:12:27 +00:00
Luke Taylor
7282eed197 Import cleaning. 2009-10-14 00:30:55 +00:00
Luke Taylor
799b96520b SEC-1269: Combining <form-login> and <open-id> fails to find entry point. Fixed entry point choice conditions when using openID and/or form-login 2009-10-14 00:30:28 +00:00
Luke Taylor
3f963ef8ca Restore versions and svn URLs in trunk (release plugin fail) 2009-10-11 21:59:38 +00:00
Luke Taylor
af563e826c [maven-release-plugin] prepare release spring-security-3.0.0.RC1 2009-10-11 21:43:42 +00:00
Luke Taylor
881632cc08 SEC-1250: Removed duplicate property. 2009-10-11 15:20:24 +00:00
Luke Taylor
0da99171da SEC-1250: RequestHeaderPreAuthenticatedProcessingFilter cannot be use to fail back to another authentication type. Added exceptionIfHeaderMissing property. 2009-10-08 16:37:53 +00:00
Luke Taylor
3f72983a1e SEC-1257: Some additional API changes to use Collection instead of List... 2009-10-07 21:08:41 +00:00
Luke Taylor
1286741c7c SEC-1259: Improve consistency of authentication filter names. 2009-10-07 14:43:55 +00:00
Luke Taylor
f213cc5d9e SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted. 2009-10-06 19:46:44 +00:00
Luke Taylor
caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Luke Taylor
07d7c0ddae Renamed form and openID filters to shorten names 2009-10-05 17:33:34 +00:00
Luke Taylor
1042305cfe Renamed web.wrapper to web.servletapi. Added some package.html files. 2009-10-05 16:59:37 +00:00
Luke Taylor
673cf300fb SEC-1229: Refactoring to remove package cycles. 2009-10-05 16:40:32 +00:00
Luke Taylor
acf13c74ca SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session 2009-10-05 15:51:00 +00:00
Luke Taylor
2b89ebdfbb SEC-1229: Further doc and mods to namespace config/naming to make it more consistent 2009-10-03 16:08:51 +00:00
Luke Taylor
073198886d SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before. 2009-10-02 17:29:43 +00:00
Luke Taylor
abba569282 Tidying. 2009-09-30 15:53:46 +00:00
Luke Taylor
1ead8472d1 SEC-1229: Added failure handler to the SessionManagementFilter to deal with concurrent login errors. 2009-09-29 16:14:31 +00:00
Luke Taylor
bf39a5bb36 Added extra logging. 2009-09-29 16:13:16 +00:00
Luke Taylor
731402e9f5 SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context. 2009-09-16 00:23:13 +00:00
Luke Taylor
1c4a809e09 SEC-1245: Add role hierarchy support to expression handlers. Done. 2009-09-15 17:17:21 +00:00
Luke Taylor
e7486fc203 Removed Ordered interface from Http403EntryPoint (unused). 2009-09-14 16:06:15 +00:00
Luke Taylor
40cf50fc98 SEC-1148: Javadoc. 2009-09-13 21:51:54 +00:00
Luke Taylor
ff78ec00f7 SEC-1226: Additional Javadoc. 2009-09-13 21:22:17 +00:00
Luke Taylor
23c8f479b8 SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework. 2009-09-13 20:45:38 +00:00
Luke Taylor
593d2e227a SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework. 2009-09-13 20:44:52 +00:00
Luke Taylor
9c7423599e SEC-1167: Extended SavedRequest interface to allow it to be used by wrapper. Removed null checks in wrapper, as the SavedRequest cannot now be null. 2009-09-13 16:27:35 +00:00
Luke Taylor
4064b7b4f6 SEC-1167: Introduce more flexible SavedRequest handling. Introduced interface for SavedRequest. 2009-09-13 15:03:14 +00:00
Luke Taylor
acd10dd716 SEC-1243: Make determineTargetUrl protected. 2009-09-11 20:48:41 +00:00
Luke Taylor
ac4e7bbadb SEC-1241: Make sure saved request is removed after a match. 2009-09-09 10:11:45 +00:00
Luke Taylor
f518da9d8b SEC-1236: Using HTTP Method-specific intercept-urls causes patterns with no method to be ignored. Fixed by also checking null key in map if no method-specific attributes are found. 2009-09-05 15:26:07 +00:00
Luke Taylor
5bdfd8cd77 Tidying imports etc to remove compiler warnings. 2009-09-05 14:14:58 +00:00
Luke Taylor
002b788a8c Minor refactoring. 2009-09-04 12:15:19 +00:00
Mike Wiesner
5623c13038 SEC-1047: Added an option to DigestProcessingFilter that the created Authentication object is now marked as "authenticated" 2009-09-02 16:12:19 +00:00
Luke Taylor
936326f4ab SEC-1180: Unreachable code inside UrlUtils.buildRequestUrl(...). Removed code block. 2009-09-01 18:13:28 +00:00
Luke Taylor
32dbb7e8bd import cleaning 2009-09-01 16:41:53 +00:00
Luke Taylor
2039200617 SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace. 2009-09-01 16:08:20 +00:00
Luke Taylor
b2c2b93545 SEC-1190: Added "invalidateSessionOnPrincipalChange" property to AbstactPreAuthenticatedProcessingFilter. If set to true (the default) and a new principal is detected, the existing session will be invalidated before proceeding to authenticate the user. 2009-09-01 00:18:48 +00:00
Luke Taylor
3cc47c9c4d SEC-1190: Added "checkForPrincipalChanges" property to AbstactPreAuthenticatedProcessingFilter. 2009-08-31 23:28:40 +00:00
Luke Taylor
dbcb13ad14 SEC-1229: Redesign Concurrent Session Control implementation. Renamed session strategy interface and introduced SessionAuthenticationException for rejection of session/Authentication combination. 2009-08-31 22:48:49 +00:00
Luke Taylor
a4ccc4ac21 Make WebSecurityExpressionRoot public to allow reuse. 2009-08-28 14:02:02 +00:00
Luke Taylor
471206a29d SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy 2009-08-27 10:43:01 +00:00
Luke Taylor
ab0d66071a SEC-1226: Introduce RedirectStrategy to replace RedirectUtils. Implemented strategy and applied throughout relevant classes. 2009-08-27 10:42:11 +00:00
Luke Taylor
fe33f08b73 SEC-1201: Allow requires-channel attribute to take placeholders. 2009-08-23 16:42:06 +00:00
Luke Taylor
0b5160d155 Javadoc correction. 2009-08-22 18:02:39 +00:00
Luke Taylor
5a8772df5b Reset pom versions post release 2009-08-21 12:02:49 +00:00
Luke Taylor
0e5aa7008d [maven-release-plugin] prepare release spring-security-3.0.0.M2 2009-08-20 15:51:26 +00:00
Luke Taylor
e6631be778 Import cleaning 2009-08-10 16:07:05 +00:00
Luke Taylor
6f76fe6fbb Import cleaning 2009-08-10 16:04:54 +00:00