Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,513 Commits 34 Branches 334 Tags 114 MiB
Commit Graph

1420 Commits

Author SHA1 Message Date
Luke Taylor 208d1ee8e2 SEC-456: Added test class for UserDetailsServiceLdapAuthoritiesPopulator 2008-02-07 13:31:25 +00:00
Luke Taylor 9292317e1c Deleted unused context file. 2008-02-07 13:30:03 +00:00
Luke Taylor b6d3ed135d SEC-456: Added class Javadoc 2008-02-06 17:24:45 +00:00
Luke Taylor b2cc817835 SEC-456: Basic LDAP authorities populator that delegates to a UserDetailsService. 2008-02-06 17:22:27 +00:00
Luke Taylor 99621a225d SEC-481: Refactoring commence method of AuthenticationProcessingFilterEtryPoint to allow alternative redirect options. Extracted two methods, "buildRedirectUrlToLoginPage" and "buildHttpsRedirectUrlForRequest" and introduced a RedirectUrlBuilder class for assembling the URLs from schemes, ports etc. 2008-02-06 16:38:47 +00:00
Luke Taylor adbf18a091 SEC-507: Updated JSR-250 impl to include better support for PermitAll and DenyAll as suggested by Ryan Heaton. Includes JSR-250 voter which is now used by AnnotationDriverbeanDefinitionParser. 2008-02-06 13:14:46 +00:00
Luke Taylor c1895acb6b Changed package doc which mentioned adding filter to web.xml rather than filter chain. 2008-02-06 10:36:25 +00:00
Andrei Stefan 98ccaa61e7 SEC-532: test class for ObjectIdentityRetrievalStrategyImpl 2008-02-06 09:26:39 +00:00
Andrei Stefan 5d09f1264b SEC-532: Added test method for different hashCode calculation when different Serializable classes are used (the method is commmented as, now, it doesn't pass the test) 2008-02-06 09:26:05 +00:00
Andrei Stefan 419a7a6426 SEC-532: added more test methods for JdbcAclService implementation 2008-02-06 09:24:13 +00:00
Luke Taylor 2c0c731aaa SEC-552: Removed accidentally commited incomplete caching-related classes. 2008-02-05 16:59:41 +00:00
Luke Taylor b82fbb698d SEC-641: Updated to set "source" values on BeanDefinitions where possible. 2008-02-05 14:48:39 +00:00
Luke Taylor 8859034d11 SEC-641: Reomove use of SecurityConfigException during parsing. 2008-02-05 11:46:27 +00:00
Luke Taylor 717ab0b3cc SEC-641: Replaced use of Assert with more tooling friendly calls to parserContext.getReaderContext().error() 2008-02-05 11:29:52 +00:00
Luke Taylor abb6402cec Import cleaning. 2008-02-05 10:51:52 +00:00
Luke Taylor 84c7ac5e57 SEC-664: Removed validateUserDetails method from AbstractRememberMeServices, wrapped the UserDetailsService in a status-checking one and added a catch block for AccountStatusExceptions. Also some minor tidying up of other remember-me classes. 2008-02-04 21:26:07 +00:00
Luke Taylor d3f26f09b6 Added support for locking user accounts in namespace <user-service> "user" elements (for use in testing). 2008-02-04 21:23:49 +00:00
Luke Taylor 2343577fec Update new X509 namespace config to use status checking of user accounts by default. 2008-02-04 19:43:09 +00:00
Luke Taylor 600ab04cc7 SEC-663: Added null check for pre-authenticated principal value (and skip authentication attempt if null). 2008-02-04 19:36:44 +00:00
Luke Taylor 3f1ab233dc SEC-662: Add check for a null authentication object returned by provider and skip passing it to session controller. 2008-02-04 19:27:12 +00:00
Andrei Stefan 9be3f20faa 2008-02-04 16:44:11 +00:00
Luke Taylor 1191701d8b SEC-372: Added switchFailureUrl to SwitchUserProcessingFilter. Also did some refactoring to use the StatusCheckingUserDetailsService decorator, rather than checking status internally. 2008-02-04 14:02:30 +00:00
Luke Taylor 424ac4f117 Commented out tests which are breaking build. 2008-02-02 22:03:35 +00:00
Luke Taylor ab5d416e00 SEC-516: Make default SavedRequest a "GET" in test to prevent NPE. 2008-02-02 21:41:41 +00:00
Andrei Stefan 842dec0180 2008-02-01 15:35:20 +00:00
Luke Taylor bd9138d78a Import cleaning. 2008-02-01 14:38:03 +00:00
Luke Taylor df1def412e Changed to using new alias for security filter chain in samples. 2008-02-01 14:28:04 +00:00
Luke Taylor 298546014a SEC-659: Added authentication-manager element to allow users to define an alias for the internal authentication manager. 2008-02-01 14:25:07 +00:00
Luke Taylor 2ad0c2cbd0 Corrected check on whether delegate implements Ordered interface. 2008-02-01 14:02:01 +00:00
Luke Taylor ca75905c3e SEC-658: Add support for ldap-user-service to AuthenticationProviderBeanDefinitionParser. 2008-01-31 20:32:31 +00:00
Luke Taylor 2c6fb3d1c9 Added extra tests for jdbc-user-details service to make sure it works within an <authentication-provider> element. 2008-01-31 20:30:37 +00:00
Luke Taylor e82dfd3f1a Added some further tests for LDAP searching with a different user search base. 2008-01-31 17:44:52 +00:00
Luke Taylor feb790ea83 SEC-486: Added determineExpiredUrl method to ConcurrentSessionFilter 2008-01-31 16:25:50 +00:00
Luke Taylor feadb3582a SEC-516: TargetUrlResolver path to avoid redirecting to POST requests. 2008-01-31 16:05:25 +00:00
Luke Taylor 9f45f95fab SEC-491: Add alternative options for determining logout URL. 2008-01-31 15:48:04 +00:00
Luke Taylor a305c9111f SEC-576: Add check for null pre-auth principal and return null if found. 2008-01-31 14:50:12 +00:00
Luke Taylor 5394350cc8 SEC-576: Renamed PreAuthenticateduserDetailsService to AuthenticationUserdetailsService and changed signature accordingly. 2008-01-31 14:24:12 +00:00
Luke Taylor 311add2270 SEC-300: Applied Andreas Senft's patch for unwrapping exceptions in ExceptionTranslationFilter to obtain the cause. 2008-01-30 16:15:02 +00:00
Luke Taylor 3b6ce862f3 SEC-342: Change ObjectDefinitionSource to return a Collection instead of an Iterator. 2008-01-30 15:43:40 +00:00
Luke Taylor d695f5002c SEC-654: Made ConfigAttributeDefinition immutable, added several constructors to simplify its use. Removed MethodDefinitionMapping and FilterInvocationDefinitionMapping. 2008-01-30 15:17:30 +00:00
Luke Taylor c7754d7bee SEC-473: Reduce the number of "cookie methods" in AbstractRememberMeServices. 2008-01-29 22:28:04 +00:00
Andrei Stefan 00b5c0e61b 2008-01-29 18:36:22 +00:00
Luke Taylor f121b6ac90 Fixed tests which were making assumptions about ordering within sets. 2008-01-29 18:35:56 +00:00
Andrei Stefan aa0744a705 test class for EhCacheBasedAclCache 2008-01-29 17:42:39 +00:00
Andrei Stefan 944c7e9665 2008-01-29 17:42:05 +00:00
Luke Taylor e37d0b0bb1 SEC-543: sessionsUsedByPrincipal only needs to be added to "principals" map when it is first created. 2008-01-29 16:28:17 +00:00
Luke Taylor 379b7ab337 SEC-543: Moved logging out of synchronized block 2008-01-29 16:04:49 +00:00
Luke Taylor 9fe181046b SEC-543: Added null guard clauses to reduce nesting and increase readability. 2008-01-29 15:55:29 +00:00
Luke Taylor c9de2f6c9f SEC-532: Remove FilterInvocationDefinitionSource-related classes which are no longer needed. 2008-01-29 15:09:20 +00:00
Luke Taylor a0ee7fb6fd SEC-532: Madded FilterinvocationDefinitionSourceMapping package scoped 2008-01-29 13:08:12 +00:00
Luke Taylor 8e5b608ee9 SEC-532: Removed FilterInvocationDecorator and tests. 2008-01-29 12:34:01 +00:00
Luke Taylor 059ac644bb SEC-645: Deprecated old X.509 provider. 2008-01-29 11:50:33 +00:00
Luke Taylor 95c6ecdb1e SEC-468: Added Mike Wiesner's patch for AspectJ annotation support. 2008-01-29 11:33:38 +00:00
Luke Taylor ef428d2c22 Moved test class to correct source tree 2008-01-29 10:57:44 +00:00
Luke Taylor e63fa0f610 SEC-418: Changed interface SwitchAuthorityChanger to return List rather than expecting modification of passed in List of authorities. 2008-01-28 19:26:30 +00:00
Luke Taylor 0be34cdcc1 SEC-536: Added messages for generic UserDetails status checks. 2008-01-28 18:19:23 +00:00
Luke Taylor c9dee10704 SEC-536: Added UserDetailsService decorator class which will throw an appropriate exception if the returned UserDetails object has a status of locked, disabled etc. 2008-01-28 18:10:43 +00:00
Luke Taylor 934e59a562 SEC-652: Fixed CasAuthenticationProvider to be compatible with Ray's recent AuthoritiesPopulator refactoring. 2008-01-28 16:05:39 +00:00
Luke Taylor 26ea65ddb1 SEC-652: Add a trustPassword to AbstractTicketValidator for use with password protected keystores (as in the sample application). 2008-01-28 16:04:38 +00:00
Luke Taylor 5738a51040 SEC-651: Support for ldap-user-service bean. 2008-01-28 00:47:34 +00:00
Luke Taylor 544df3ea09 Updated SpringSecurityLdapTemplate to include base LDAP context in returned DirContextAdapter entry to make sure the result gives a correct value for getNameInNamespace(). This is necessary when a search is used to obtain entries to pass to DefaultLdapAuthoritiesPopulator, for example. 2008-01-28 00:39:42 +00:00
Luke Taylor 80b6111641 SEC-650: Change default scope to sub-tree. 2008-01-28 00:24:54 +00:00
Luke Taylor e6d6e88117 Corrections to calculated order values from "before" and "after" attributes. 2008-01-27 22:46:24 +00:00
Luke Taylor acf5601714 SEC-645: Reimplementation of X509 provider and namespace implementation. 2008-01-27 22:45:44 +00:00
Luke Taylor 9af7ab68bf Removed duplicate setting of bean property in BasicAuthenticationBeanDefinitionParser. 2008-01-27 20:48:37 +00:00
Luke Taylor d8d657da7f Removed classname from log message (normally output by log4j anyway) 2008-01-27 20:44:58 +00:00
Luke Taylor 82940db6c8 SEC-648: Added custom-authentication-provider support. 2008-01-27 13:31:34 +00:00
Luke Taylor dbc901fba9 Deleted 2008-01-27 13:30:11 +00:00
Luke Taylor 384af268ab Import cleaning. 2008-01-27 13:28:58 +00:00
Luke Taylor c7792458b4 SEC-645: Reimplementation of X509 authentication. 2008-01-27 11:12:50 +00:00
Luke Taylor ae71e9a5bd SEC-632: Changed user-filter to custom-filter to avoid confusion with system "users". 2008-01-27 00:48:53 +00:00
Luke Taylor cd16dac290 SEC-648: Added custom-authentication-provider element. 2008-01-27 00:42:35 +00:00
Luke Taylor 619c7b0dbf SEC-632: Explicit filter chain ordering is now achieved using "after" or "before". Setting the order value directly in the context is fragile due to potential future changes in the order values of standard filters. 2008-01-26 23:56:04 +00:00
Luke Taylor 0005da3b63 Corrected spelling of class name. 2008-01-26 11:36:24 +00:00
Andrei Stefan 83ecb3e9e0 test classes 2008-01-26 11:35:49 +00:00
Andrei Stefan 0e58e816a2 2008-01-26 11:31:49 +00:00
Andrei Stefan 0f32b3fc40 reverted to junit 3 2008-01-25 15:04:29 +00:00
Andrei Stefan 630efbf536 AclFormattingUtils and AccessControlEntryImpl test classes 2008-01-24 22:11:17 +00:00
Luke Taylor d10450cfb7 SEC-531: Provide support for HTTP methods in FilterInvocationDefinitionSource. Path/Regex versions of FIDS are now deprecated and in favour of using their (no longer abstract) parent class with a UrlPathMatcher strategy. 2008-01-24 14:39:47 +00:00
Andrei Stefan b4c37db9f9 test classes for AuditLogger and security checks in AclImpl and AclAuthorizationStrategyImpl 2008-01-23 21:50:49 +00:00
Luke Taylor 837ecd85ec SEC-576: Tidied up code, added preauth sample demo app. 2008-01-23 20:02:11 +00:00
Luke Taylor a9ff309b02 Deleted as test now uses inline context snippets. 2008-01-22 21:08:33 +00:00
Luke Taylor 06f3bcbf6a Converted all namespace attributes which refer to bean IDs to use "-ref" suffix (or "ref"). 2008-01-22 20:58:12 +00:00
Luke Taylor 11570d9584 SEC-576: Test web.xml files. 2008-01-22 20:42:09 +00:00
Luke Taylor 24caad5a67 Make sure default lower/upper case is respected for regex and ant paths when not set explicitly using the lowercase-comparisons attribute. Added much more comprehensive testing of HttpSecurityBeanDefinitionParser. 2008-01-22 20:25:46 +00:00
Luke Taylor b9561cc4e0 SEC-643: Fix to allow namespace configuration without remember-me authentication. 2008-01-22 18:32:18 +00:00
Luke Taylor 7854e36029 SEC-576: Tidying. 2008-01-22 15:07:37 +00:00
Luke Taylor c8b9f24038 SEC-576: Committed pre-autheticated contribution. Still has to be more thoroughly reviewed. 2008-01-22 13:55:19 +00:00
Luke Taylor 35a7928cb9 SEC-635: Convert xsd:IDREF types to xsd:string to allow references to beans outside the current file. 2008-01-22 11:38:50 +00:00
Luke Taylor b29bcfebe8 Converted test class to use in memory XML snippets - makes it easier to work out which one is causing a failure. 2008-01-22 11:36:15 +00:00
Luke Taylor ca8dff7abb Delete unused ldap namespace test context file 2008-01-21 20:09:07 +00:00
Luke Taylor 1b8f13aa4c Use "'" for XML attributes in in-memory test contexts for readability. 2008-01-21 20:08:24 +00:00
Luke Taylor aff568efb9 Tidied up getters/setters (undoing jalopy ordering). Made getters protected. 2008-01-21 17:23:48 +00:00
Luke Taylor 9836bda5b3 SEC-630: Support for "properties" attribute in user-service namespace element. 2008-01-21 17:15:53 +00:00
Luke Taylor 59a947bbe5 SEC-636: Support for use of "ref" attribute in salt-source element. 2008-01-21 15:06:43 +00:00
Luke Taylor 568211b77f SEC-638: Fixed problem caused by using Spring 2.5.1 method from ReflectionUtils which isn't available in 2.0.6. 2008-01-21 15:00:16 +00:00
Luke Taylor eb70db1dee SEC-638: Allow property names as well as method names to be used in ReflectionSaltSource. 2008-01-21 14:45:29 +00:00
Luke Taylor fe6e297358 Added missing space to SQL query in JdbcMutableAclService. 2008-01-21 10:31:48 +00:00
Luke Taylor 437c6fb7b7 Tidying. 2008-01-21 09:33:49 +00:00
Luke Taylor 8694028b13 SEC-632: Completed comment. 2008-01-19 14:21:20 +00:00