Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-15 14:53:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,172 Commits 46 Branches 348 Tags
Commit Graph

2515 Commits

Author SHA1 Message Date
Luke Taylor
bd2fd3448b SEC-1392: Mark PermissionEvaluator and MethodSecurityExpressionHandler as AopInfrastructure beans to prevent them being advised and causing premature use of MethodSecurityMetadataSource before it is initialized properly. 2010-02-06 15:42:01 +00:00
Luke Taylor
10d787ede2 Javadoc corrections to SessionRegistryImpl 2010-02-03 23:49:36 +00:00
Luke Taylor
d931495c8a SEC-1380: Trim whitespace from config attributes when building a list in SecurityConfig. 2010-01-23 02:12:30 +00:00
Luke Taylor
1a7f71fc0f SEC-1372: Return an empty list rather than null from SessionRegistryImpl.getAllSessions() 
If the principal has no sessions, null is returned which contradicts the interface contract. In practice it didn't matter as the null was checked for, but it is cleaner to disallow a null value.
 2010-01-19 01:07:33 +00:00
Luke Taylor
0f90e69004 SEC-1362: Updated French messages translation. 2010-01-13 15:37:18 +00:00
Luke Taylor
052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Luke Taylor
93973a4b75 SEC-1304: Removed compareTo method from GrantedAuthorityImpl 
This method had been left by mistake when the Comparable 
interface was removed. See also SEC-1347.
 2010-01-04 19:13:49 +00:00
Luke Taylor
80aacf447f Refactored JaasAuthenticationProvider 
The toUrl() method on File gives a deprecation warning with Java 6, so I reimplemented
the logic for building the Jaas config URL.
 2010-01-03 16:28:44 +00:00
Luke Taylor
893f212fa5 Tidying 2010-01-02 19:53:19 +00:00
Luke Taylor
bcb1ff8921 SEC-1342: Introduced extra factory method in SecurityConfig to get round problem with Spring converting a string with commas to an array 2009-12-23 14:12:59 +00:00
Luke Taylor
fcce29f8df SEC-1326: Updating dependencies to match Spring versions. Removing unused deps. 2009-12-21 17:32:38 +00:00
Luke Taylor
aeed49393c Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting). 2009-12-18 18:44:42 +00:00
Luke Taylor
354b043fd1 SEC-1337: Add Serializable interface to internal comparator 2009-12-18 14:12:32 +00:00
Luke Taylor
55679971f0 SEC-1337: Make User serializable by moving anonymous comparator class 2009-12-18 13:49:02 +00:00
Luke Taylor
cad32ffe39 SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface. 2009-12-13 17:37:24 +00:00
Luke Taylor
ef3d9c7877 Tidying Javadoc. 2009-12-13 16:20:28 +00:00
Luke Taylor
1e8ea55030 SEC-1320: JaasAuthenticationProvider can not find jaas realm defined inside service archive. Added flag to control refresh of configuration on startup. 2009-12-13 16:19:53 +00:00
Luke Taylor
33b109f0b3 Made session maps final in SessionRegistryImpl. 2009-12-08 01:33:01 +00:00
Luke Taylor
558737363f Added some extra tracing to SessionRegistryImpl. 2009-12-08 01:28:47 +00:00
Luke Taylor
cde9cd6b36 Correct toString() method in User class. 2009-12-08 00:16:08 +00:00
Luke Taylor
02a9db7bcf SEC-1317: Removed check in ProviderManager.getProviders() for empty provider list. A ProviderManager with a non-null parent may have an empty provider list. The afterPropertiesSet() method performs the necessary checks. 2009-12-07 21:38:40 +00:00
Scott Battaglia
dada789814 NOJIRA 
removed unnecessary cast and use StringBuilder rather than non-final String and concatenation.
 2009-12-01 15:19:56 +00:00
Luke Taylor
ed92d5ea71 SEC-1304: Removed unused compareTo method from custom GrantedAuthority. 2009-12-01 14:32:57 +00:00
Luke Taylor
8a0f69b955 SEC-1295: Placing Security on Roo Aspected method fails. Added suggested fix - check for null target and use Signature.declaredType instead. 2009-11-30 22:00:49 +00:00
Luke Taylor
7e0c7ffc0e SEC-1304: Removed "Comparable" from GrantedAuthority 2009-11-30 21:27:13 +00:00
Luke Taylor
e72cfd58d4 SEC-1304: Remove Comparable interface from GrantedAuthority to enable it to be imlemented by an enum. 2009-11-30 21:22:11 +00:00
Luke Taylor
1df82654e3 SEC-1310: Added toString() implementations to Pre and PostInvocationExpressionAttribute classes. 2009-11-30 17:32:03 +00:00
Luke Taylor
69699431b1 SEC-1303: Added internal Hex and Base64 classes, and moved commons-codec dependency to test scope 2009-11-24 09:31:03 +00:00
Luke Taylor
d4d5012035 SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Update AuthenticationManagerBeanDefinitionParser to register a DefaultAuthenticationeventPublisher and set it on the registered ProviderManager. 2009-11-17 12:55:53 +00:00
Luke Taylor
248e826342 SEC-1282: Clarified javadoc 2009-11-03 16:31:55 +00:00
Luke Taylor
0615b94f55 Converted expression test to use static method. 2009-10-09 23:42:23 +00:00
Luke Taylor
4dcb9de67a SEC-1257: Some additional API changes to use Collection instead of List... 2009-10-07 21:08:20 +00:00
Luke Taylor
f213cc5d9e SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted. 2009-10-06 19:46:44 +00:00
Luke Taylor
caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Luke Taylor
acf13c74ca SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session 2009-10-05 15:51:00 +00:00
Luke Taylor
2a1430f1ce SEC-1229: Removed legacy concurrency classes 2009-09-29 16:18:25 +00:00
Luke Taylor
9639340fef SEC-1049: RoleHierarchy in SidRetrievalStrategy. Added optional RoleHierarchy injection to SidRetrievalStrategyImpl 2009-09-16 19:59:37 +00:00
Luke Taylor
1c4a809e09 SEC-1245: Add role hierarchy support to expression handlers. Done. 2009-09-15 17:17:21 +00:00
Luke Taylor
897960cd70 Add expression string to failed expression evaluation exception message to help clarify the context. 2009-09-13 22:29:07 +00:00
Luke Taylor
6851655ea9 SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class. 2009-09-09 19:49:44 +00:00
Luke Taylor
ef2df77889 SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString(). 2009-09-09 17:41:35 +00:00
Luke Taylor
8081a1a3cc Set Id svn keyword. 2009-09-03 19:55:18 +00:00
Mike Wiesner
58ee9a364e SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers. 2009-09-02 14:29:35 +00:00
Scott Battaglia
bfd421016e SEC-1228 
added constructor so a wrapper can be instanciated in one line of code.
 2009-09-01 19:52:43 +00:00
Luke Taylor
471206a29d SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy 2009-08-27 10:43:01 +00:00
Luke Taylor
9bf8656d66 SEC-1201: PropertyPlaceholderConfigurer does not work for intercept-url attributes. Added use of ManagedMaps and BeanDefinitions to support placeholders in the pattern and access attributes. 2009-08-22 21:09:34 +00:00
Luke Taylor
bb4d818862 SEC-1188: Added "getContexHolderStrategy" method to SecurityContextHolder. 2009-08-22 13:31:13 +00:00
Luke Taylor
972cd0a53c javadoc 2009-08-10 12:10:04 +00:00
Luke Taylor
d65b1b3581 SEC-1200: Ukranian messages file 2009-08-10 11:41:24 +00:00
Luke Taylor
0f6642d3ab SEC-1216: Replacement of custom-after-invocation-provider with after-invocation-provider element. Some changes to help prevent proxying of aop infrastructure classes (use of AopInfrastructureBean marker interface) 2009-08-04 00:18:07 +00:00