Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
962 Commits 32 Branches 333 Tags 110 MiB
Commit Graph

93 Commits

Author SHA1 Message Date
Ben Alex 35ca25f085 BasicAuthenticationProcessingFilter no longer creates HttpSession via WebAuthenticationDetails call. 2005-09-08 11:15:48 +00:00
Ben Alex 55f5c3397a Relocated JdbcDaoExtendedImpl.convertAclObjectIdentityToString to superclass (pursuant to suggestion made by Tim Kettering on acegisecurity-developer). 2005-08-23 22:45:17 +00:00
Ben Alex e805aa2e73 Add annotation support. 2005-08-21 09:40:09 +00:00
Mark St. Godard ec5e39c2e8 Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications. 2005-08-04 05:49:12 +00:00
Scott McCrory c2c48b905b Added package.html files to reamining java packages (see http://opensource.atlassian.com/projects/spring/browse/SEC-41) 2005-07-26 01:54:18 +00:00
Scott McCrory f4c8211cc2 Replaced .cvsignore placeholders for package.html files (which also serve some doccumentary purpose). 2005-07-26 00:52:02 +00:00
Scott McCrory db4ed4bc44 Added debug statement to AbstractTicketValidator to help with Acegi+CAS+SSL setup (thanks Seth Ladd for the patch) (see http://opensource.atlassian.com/projects/spring/browse/SEC-34) 2005-07-25 03:46:23 +00:00
Scott McCrory c66c5dfab5 AuthorizeTag no longer depends on JDK 1.4. Tested on Websphere 5.0 w/JDK 1.3 (see http://opensource.atlassian.com/projects/spring/browse/SEC-11) 2005-07-25 00:52:15 +00:00
Ben Alex f20bc6d9d0 Catch up with recent changes. 2005-07-25 00:45:43 +00:00
Ben Alex f650289142 Avoid expense of HttpSession when working with anonymous users. 2005-07-23 10:05:32 +00:00
Ben Alex c8275c591f Reflect additional releases made for backporting SEC-20 security fix. 2005-07-14 01:12:38 +00:00
Ben Alex 3e4a29eae9 FilterSecurityInterceptor now has an observeOncePerRequest boolean property, allowing multiple fragments of the HTTP request to be individually authorized (see http://opensource.atlassian.com/projects/spring/browse/SEC-14). 2005-06-27 03:57:31 +00:00
Ben Alex d09d250656 Form, CAS, X509 and Remember-Me authentication mechanisms now publish an InteractiveAuthenticationSuccessEvent (see http://opensource.atlassian.com/projects/spring/browse/SEC-5). 2005-06-27 03:36:30 +00:00
Ben Alex 60f8095cf2 Make Authenticated.isAuthenticated() behaviour switchable. See http://opensource.atlassian.com/projects/spring/browse/SEC-13. 2005-06-27 03:05:26 +00:00
Ben Alex ef8281f534 HttpSessionContextIntegrationFilter elegantly handles IOExceptions and ServletExceptions within filter chain (see http://opensource.atlassian.com/projects/spring/browse/SEC-20). 2005-06-27 02:55:01 +00:00
Ben Alex a3d26edea3 JBoss container adapter to use getName() instead to toString() (see http://opensource.atlassian.com/projects/spring/browse/SEC-22). 2005-06-27 02:06:33 +00:00
Ben Alex a312fede74 Refactor DAO authentication failure events under a consistent abstract superclass (thanks to Mark St Godard for suggestion). 2005-06-22 08:07:52 +00:00
Ben Alex c0f1d4e19d Remove getters and setters from JdbcDaoImpl so IoC container cannot modify MappingSqlQuerys (thanks to David Durham for bug report). 2005-06-22 08:06:28 +00:00
Ben Alex a15691d9d7 Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable (thanks to Joseph Dane for reporting this bug). 2005-06-22 07:03:53 +00:00
Ben Alex 5f75e9bf9a Refactor Authentication.isAuthenticated() handling to be more performance (as per developer list discussion). 2005-06-22 06:30:46 +00:00
Ben Alex a7b5299e77 Correct synchronization issue with FilterToBeanProxy initialization (thanks to George Franciscus and Volker Malzahn as per acegisecurity-developer discussion 4 June 2005). 2005-06-22 05:22:05 +00:00
Ben Alex c699f7d40e Support non-username as primary key. 2005-05-29 09:46:51 +00:00
Ben Alex 4e55780e7c Performance optimisations thanks to Paulo Neves. 2005-05-20 00:00:22 +00:00
Ben Alex cfb8271826 Reorder DaoAuthenticationProvider exception logic as per developer list discussion. 2005-05-18 01:40:45 +00:00
Ben Alex ecbfac2ff8 Made AclEntry Serializable (correct issue with BasicAclEntryCache). 2005-05-17 11:07:00 +00:00
Ben Alex e08e66dec6 Refactor SecurityContextHolder to return a SecurityContext instead of Authentication. 2005-05-08 23:42:14 +00:00
Ben Alex 6a9abe5d90 Remove ContextHolder and introduce SecurityContext. 2005-05-07 09:11:37 +00:00
Luke Taylor d4da559ccc added entry for credential expiry modifications 2005-04-30 00:32:41 +00:00
Ben Alex d169829f27 AbstractAuthenticationToken.getName() now returns username alone if UserDetails present. 2005-04-29 22:29:00 +00:00
Ray Krueger 6f286e2054 AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name 2005-04-27 03:39:06 +00:00
Ben Alex cff9ba4988 AnonymousProcessingFilter offers protected method to control when it should execute as per http://forum.springframework.org/viewtopic.php?p=19766. 2005-04-21 23:02:58 +00:00
Ben Alex a68d720e88 Prepare for 0.9.0. 2005-04-20 22:43:46 +00:00
Ben Alex 4cf500763f Release 0.8.2. 2005-04-20 14:15:03 +00:00
Ben Alex efd8955a3d General update. 2005-04-20 12:29:36 +00:00
Ben Alex fdf5c63033 Add obtainUsername method as per http://forum.springframework.org/viewtopic.php?t=4757. 2005-04-13 22:17:05 +00:00
Ben Alex 2ee7cc1c18 General update. 2005-04-06 06:39:03 +00:00
Ben Alex 204da55a0b PasswordDaoAuthenticationProvider no longer stores String against Authentication.setDetails(). 2005-04-03 21:48:45 +00:00
Ray Krueger 9649003d57 AbstractProcessingFilter no longer uses a set*FailureUrl approach for every exception, it now uses a properties object that maps authenticationExceptions to failure urls 2005-03-28 17:42:21 +00:00
Ben Alex 684d5bc10e Handle null Authentication.getAuthorities() in AuthorizeTag. 2005-03-27 06:36:41 +00:00
Ben Alex 8e6305ae81 Update commons-codec dependency to 1.3. 2005-03-25 22:33:18 +00:00
Ben Alex 8ae2276843 TokenBasedRememberMeServices changed to use long instead of int for tokenValiditySeconds. 2005-03-25 22:07:00 +00:00
Ben Alex 8884ca51af Add credentialsExpiredFailureUrl getter/setter to AbstractProcessingFilter. 2005-03-23 23:22:51 +00:00
Ben Alex 747825cda1 Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml. 2005-03-22 22:56:36 +00:00
Ben Alex 01aaadbe0d Prepare for 0.8.2 (assuming 0.8.2 is the next version, but subject to change). 2005-03-22 11:57:32 +00:00
Ben Alex 48dd6c5c73 Release 0.8.1. 2005-03-22 11:25:41 +00:00
Ben Alex 9f66c0eae9 Update to current Spring JAR dependencies. 2005-03-22 11:17:22 +00:00
Ben Alex 2b6b81f39a Use Spring 1.1.5 JARs. 2005-03-22 08:52:22 +00:00
Ben Alex c936801842 DigestProcessingFilter now provides userCache getter and setter. 2005-03-21 08:03:11 +00:00
Ben Alex 0530351f0d Provide toString() method on User. 2005-03-21 05:33:51 +00:00
Ben Alex a2b9da7e22 StringSplitUtils.split() ignored delimiter argument. 2005-03-21 05:14:48 +00:00