Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-21 22:05:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,096 Commits 33 Branches 337 Tags
Commit Graph

2096 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luke Taylor
15ee5b2364 SEC-540,SEC-541: Changes for maven 2 site generation and use of docbkx. 2007-09-02 13:22:24 +00:00
Luke Taylor
10b3ab6f8a Corrected tag name in site.xml 2007-09-02 10:46:17 +00:00
Luke Taylor
f9e16d6ee3 SEC-540,SEC-541: Changes for maven 2 site generation and use of docbkx. 2007-09-02 10:00:44 +00:00
Luke Taylor
4e452046ec Comment out System.out.println 2007-09-01 14:59:41 +00:00
Ray Krueger
edd7bbeceb Removed repeated downcasting of ServletRequest and ServletResponse 2007-09-01 14:43:09 +00:00
Luke Taylor
b2799985f2 SEC-398: Added patch which uses response wrapper to set context in session on redirect or error. 2007-08-31 20:39:33 +00:00
Luke Taylor
219b865c01 SEC-544: Added German localization messages from Andreas Senft. 2007-08-31 12:15:13 +00:00
Luke Taylor
976fdb0371 Rolled back changes for SEC-441. 2007-08-30 22:28:04 +00:00
Luke Taylor
0d8be5012d Corrected comment. 2007-08-30 22:27:23 +00:00
Luke Taylor
c021bf4682 SEC-542: Made SessionInformation serializable. Also remove unused default constructor. 2007-08-30 21:38:07 +00:00
Luke Taylor
0adf0d6f1c SEC-529: Added French translation of messages from Laurent Pireyn 2007-08-30 21:27:49 +00:00
Luke Taylor
bc411c7c3b SEC-457: Added Czech translation of messages from Jan Novotný 2007-08-30 21:20:19 +00:00
Luke Taylor
ea61964f56 SEC-483: Fix. Make getGroupSearchBase protected. 2007-08-30 21:15:14 +00:00
Luke Taylor
0c4916ee98 SEC-427: Fix. Added NullAuthoritiesPopulator and extra constructor. 2007-08-30 21:12:16 +00:00
Luke Taylor
301626fd6e SEC-346: Fix. Added suggested change. Also some minor tidying up of comments etc. 2007-08-30 20:55:49 +00:00
Luke Taylor
8cb836c6cf SEC-441: Fix. Added suggested changes. 2007-08-30 19:42:35 +00:00
Luke Taylor
2e8d16c538 SEC-484: Multithreaded tests for SessionRegistryImpl. 2007-08-30 19:26:24 +00:00
Luke Taylor
ad43d433b4 SEC-484: Fix for NPE concurreny issue. Also reinstated synchronized on registerNewSession (had removed it for testing). 2007-08-30 19:04:18 +00:00
Luke Taylor
aa4ee54f86 Added logging to SessionRegistryImpl. 2007-08-30 18:22:40 +00:00
Luke Taylor
7fcdd4a6ff More tidying... 2007-08-30 11:31:36 +00:00
Luke Taylor
510cd5050f Tidied up SessionRegistryImpl and rolled back reformatting of its test class to incorrect width. 2007-08-30 11:21:28 +00:00
Luke Taylor
6c169d9acf SEC-508: Added CDATA sections to multi-line text values in tutorial and contacts sample context files to prevent eclipse reforatting bug from messing them up. 2007-08-29 12:12:45 +00:00
Luke Taylor
e87956358f Added missing "'" to login page in tutorial app. 2007-08-29 12:06:25 +00:00
Luke Taylor
5f993e5627 SEC-534: Refactored JaasAuthenticationProvider to use ApplicationPublisherAware rather than ApplicationContextAware. 2007-08-29 11:51:02 +00:00
Luke Taylor
1467527c0a SEC-538: Deleted maven 1 files. 2007-08-29 11:00:28 +00:00
Luke Taylor
5b7ed79b6a SEC-539: Reformatted "divider" comments (//~ Methods=== etc). Simplified boolean expression in afterPropertiesSet. 2007-08-28 23:19:06 +00:00
Luke Taylor
d7cef1ba31 SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged. 2007-08-28 23:11:58 +00:00
Luke Taylor
47c5a6d43f SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session). 2007-08-28 22:43:13 +00:00
Luke Taylor
f7a6129657 SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter. 2007-08-28 22:40:56 +00:00
Luke Taylor
d1be9f9980 SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use. 2007-08-28 22:38:55 +00:00
Luke Taylor
3dd0716611 SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter(). 2007-08-28 21:58:30 +00:00
Luke Taylor
fa63d8ecfb SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession() 2007-08-28 21:25:17 +00:00
Luke Taylor
ce3eb599ed SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter(). 2007-08-28 21:11:48 +00:00
Luke Taylor
ba88214d1d SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic. 2007-08-28 20:16:19 +00:00
Luke Taylor
27ef2caf45 SEC-539: Removed filterApplied boolean. 2007-08-28 19:56:33 +00:00
Luke Taylor
e8d11f28f2 SEC-539: Extracted storeSecurityContextInSession() method. 2007-08-28 19:54:24 +00:00
Luke Taylor
bcf69cbe3d SEC-539: Extracted populateSecurityContextFromSession() method. 2007-08-28 19:16:37 +00:00
Luke Taylor
6651a240de Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not. 2007-08-28 18:26:04 +00:00
Luke Taylor
6fe00b3433 SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true. 
Also removed unnecessary assertions from PathBasedFilterDefinitionMapTests.
 2007-08-28 16:53:05 +00:00
Luke Taylor
036ea034ac SEC-521: Updated svn URLs to match recent repository restructuring. 2007-08-28 15:31:36 +00:00
Luke Taylor
4ba77fa736 SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected. 2007-08-28 15:26:59 +00:00
Luke Taylor
e189bc685f SEC-408: Fix. Provide getter for filterProcessesUrl. 2007-08-28 11:37:05 +00:00
Luke Taylor
c8077c5e87 SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes. 2007-08-28 00:31:30 +00:00
Luke Taylor
3f123e1478 SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache). 2007-08-27 23:41:59 +00:00
Luke Taylor
87d6b8dedd SEC-412: Fix. Added extra constructor to UsernameNotFoundException allow use of extraInformation property of parent class. 2007-08-27 23:22:48 +00:00
Luke Taylor
f47ccd81a6 SEC-487: Added documentation on use of #NONE# in FilterChainProxy. Also changed doc version to 1.0.5. 2007-08-27 23:05:16 +00:00
Luke Taylor
dda88e3931 SEC-502: Fix. Use a Map instead of HashMap in the API. Also some minor tidying of test class. 2007-08-27 17:21:16 +00:00
Luke Taylor
57f3d268a1 SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys. 2007-08-27 17:17:25 +00:00
Luke Taylor
1c72b7989e Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl. 2007-08-27 17:14:23 +00:00
Luke Taylor
82599a72ba Reformatted LogoutFilter. 2007-08-27 16:56:33 +00:00