Commit Graph

3804 Commits

Author SHA1 Message Date
Luke Taylor b27d7afd24 SEC-1315: Modify HttpSessionSecurityContextRepository to check for anonymous token before creating a session. Moved the anonymity check to be before the session creation. 2009-12-06 15:28:03 +00:00
Luke Taylor aee6b8f3f9 SEC-1314: Deprecate cloneFromHttpSession and securityContextClass in HttpSessionSecurityContextRepository. Both deprecated. 2009-12-06 15:09:33 +00:00
Luke Taylor dab76249db Added gradle build files (experimental) 2009-12-04 21:33:17 +00:00
Luke Taylor 40056f2e4a Minor doc corrections 2009-12-02 23:45:29 +00:00
Luke Taylor 48dcc211e9 SEC-1148: Simple classname mapping from 2.0 to 3.0 2009-12-02 22:44:30 +00:00
Luke Taylor 2d1a5db9a0 Updated to Spring RC3 2009-12-01 17:48:35 +00:00
Luke Taylor 910c1163e8 Minor doc updates 2009-12-01 16:49:42 +00:00
Scott Battaglia dada789814 NOJIRA
removed unnecessary cast and use StringBuilder rather than non-final String and concatenation.
2009-12-01 15:19:56 +00:00
Luke Taylor ed92d5ea71 SEC-1304: Removed unused compareTo method from custom GrantedAuthority. 2009-12-01 14:32:57 +00:00
Luke Taylor eddde8ea28 SEC-1309: Namespace configurations should support Spring EL. Removed premature conversion of URL paths to lower case, which messes up if they are case-sensitive expressions or placeholders. Some other minor changes to suppport EL configuration. 2009-12-01 14:23:58 +00:00
Luke Taylor 8a0f69b955 SEC-1295: Placing Security on Roo Aspected method fails. Added suggested fix - check for null target and use Signature.declaredType instead. 2009-11-30 22:00:49 +00:00
Luke Taylor 7e0c7ffc0e SEC-1304: Removed "Comparable" from GrantedAuthority 2009-11-30 21:27:13 +00:00
Luke Taylor e72cfd58d4 SEC-1304: Remove Comparable interface from GrantedAuthority to enable it to be imlemented by an enum. 2009-11-30 21:22:11 +00:00
Luke Taylor 1df82654e3 SEC-1310: Added toString() implementations to Pre and PostInvocationExpressionAttribute classes. 2009-11-30 17:32:03 +00:00
Luke Taylor 4582afa739 Spelling fix in Javadoc 2009-11-29 13:17:58 +00:00
Luke Taylor 38dcf3859e Minor doc correction 2009-11-28 12:35:38 +00:00
Luke Taylor c9ab463af7 Minor docbook updates and fixes to class/interface index generation script and xsl 2009-11-27 19:04:35 +00:00
Luke Taylor 6688d41705 Added faq on role prefix 2009-11-27 13:30:11 +00:00
Luke Taylor 999eadc540 Minor refactoring to use generics and avoid converting collections to arrays. 2009-11-25 22:51:53 +00:00
Luke Taylor 330e71eb8f Minor Javadoc. 2009-11-25 21:01:04 +00:00
Luke Taylor 8571571eaa SEC-1306: OpenIDAttribute class is not marked as Serializable. Added Serializable interface. 2009-11-24 14:50:01 +00:00
Luke Taylor 30b7000875 SEC-1178: Updates to EL docs 2009-11-24 14:41:17 +00:00
Luke Taylor e9402fa0f9 Removed commented deps from pom. 2009-11-24 09:34:05 +00:00
Luke Taylor 69699431b1 SEC-1303: Added internal Hex and Base64 classes, and moved commons-codec dependency to test scope 2009-11-24 09:31:03 +00:00
Luke Taylor cd6711d21a Doc updates. 2009-11-24 09:29:22 +00:00
Scott Battaglia 46ef4239ca SEC-1228
added NO_PASSWORD instead of passing in NULL since the User object does not allowe NULL for the password.
2009-11-18 15:19:55 +00:00
Scott Battaglia 585311aa4a SEC-1299
upgraded to CAS Client for Java 3.1.9
2009-11-18 15:10:16 +00:00
Scott Battaglia f35cb48407 NOJIRA
changed constructor back to collection.  Accidentally set to List due to old code residing on notebook.
2009-11-18 15:09:56 +00:00
Luke Taylor 6eec9c4d95 Added custom-filter element to namespace appendix in manual 2009-11-17 23:59:36 +00:00
Scott Battaglia e812c58e04 NOJIRA
fixed changed constructor
2009-11-17 23:52:26 +00:00
Luke Taylor 5546698fef SEC-1253: Decouple spring-security-config module from spring-security-web. Added ClassUtils.isPresent() check for FilterChainProxy before attempting to register web-related parsers and decorators. Added use of namespace to dms sample for testing. 2009-11-17 23:39:42 +00:00
Luke Taylor 4d8956a227 SEC-1288: Changed claimedIdentityFieldName in OpenIDAuthenticationFilter to "openid_identifier", as recommended by the 2.0 spec. 2009-11-17 22:05:38 +00:00
Luke Taylor 693d2bce03 SEC-1286: Fixed toString() output. 2009-11-17 21:44:52 +00:00
Luke Taylor 66b1b1957c SEC-1298: Deleted custom-filter BeanDefinitionDecorator 2009-11-17 21:36:11 +00:00
Luke Taylor 9b49dce8b5 SEC-1297: Added bundlor support to taglibs jar 2009-11-17 17:58:51 +00:00
Luke Taylor 3444b31615 SEC-1291: Add logout namespace support for custom success handler. Added attribute "success-handler-ref" to <logout> element in namespace. 2009-11-17 17:29:43 +00:00
Scott Battaglia f0a5572188 SEC-1228
fixed mistyped class name
2009-11-17 16:26:53 +00:00
Luke Taylor 9eae7b899c SEC-1284: Added proxy-target-class attribute to method security namespace 2009-11-17 16:19:05 +00:00
Luke Taylor d84542cf88 SEC-1285: minor vulnerability in BasicProcessingFilter. Changed logging of Basic authentication information. 2009-11-17 15:29:07 +00:00
Luke Taylor afdd80235c SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Fixed Spring RC1 - RC2 regression problem with test (addApplicationListener() behaviour has changed). 2009-11-17 14:34:43 +00:00
Luke Taylor b39db5b711 Removed jaxen from template.mf 2009-11-17 14:25:20 +00:00
Luke Taylor c922021d28 SEC-1287: Regression with fix SEC-1022 - cannot register custom permissions w/BasicLookupStrategy. Added setter method for PermissionFactory field. 2009-11-17 13:13:54 +00:00
Luke Taylor d4d5012035 SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Update AuthenticationManagerBeanDefinitionParser to register a DefaultAuthenticationeventPublisher and set it on the registered ProviderManager. 2009-11-17 12:55:53 +00:00
Luke Taylor 1898b4df52 Updated scope of commons collections to 'test' 2009-11-17 00:00:59 +00:00
Luke Taylor ea8d5a8897 Update spring version to RC2 2009-11-17 00:00:28 +00:00
Luke Taylor fdf46b99eb Corrected sample code for request-header authentication. 2009-11-14 15:20:19 +00:00
Luke Taylor 9d85168a10 Fix apache-ds shard-ldap version in template.mf (should be 0.9.15) 2009-11-04 18:18:46 +00:00
Luke Taylor a2468c523a SEC-1283: AuthenticationConfigBuilder.createAnonymousFilter uses httpElt instead of anonymousElt. Corrected element name. 2009-11-04 17:39:26 +00:00
Luke Taylor 617e517e5e SEC-1280: NullPointerException in PersistentTokenBasedRememberMeServices when logging out twice. Added check for null authentication in logout method. 2009-11-04 17:20:13 +00:00
Luke Taylor 197737a2b4 SEC-1281: make sure correct 'key' value is used for RememberMeAuthenticationProvider when external RememberMeServices is used 2009-11-04 14:55:58 +00:00