3199 Commits

Author SHA1 Message Date
Luke Taylor
f213cc5d9e SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted. 2009-10-06 19:46:44 +00:00
Luke Taylor
caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Luke Taylor
acf13c74ca SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session 2009-10-05 15:51:00 +00:00
Luke Taylor
2a1430f1ce SEC-1229: Removed legacy concurrency classes 2009-09-29 16:18:25 +00:00
Luke Taylor
9639340fef SEC-1049: RoleHierarchy in SidRetrievalStrategy. Added optional RoleHierarchy injection to SidRetrievalStrategyImpl 2009-09-16 19:59:37 +00:00
Luke Taylor
1c4a809e09 SEC-1245: Add role hierarchy support to expression handlers. Done. 2009-09-15 17:17:21 +00:00
Luke Taylor
897960cd70 Add expression string to failed expression evaluation exception message to help clarify the context. 2009-09-13 22:29:07 +00:00
Luke Taylor
6851655ea9 SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class. 2009-09-09 19:49:44 +00:00
Luke Taylor
ef2df77889 SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString(). 2009-09-09 17:41:35 +00:00
Luke Taylor
8081a1a3cc Set Id svn keyword. 2009-09-03 19:55:18 +00:00
Mike Wiesner
e14a904306 SEC-1181: fixed recursive import in template.mf 2009-09-02 15:31:22 +00:00
Mike Wiesner
660b408e6e SEC-1181: added import to template.mf for the DNS classes 2009-09-02 15:20:26 +00:00
Mike Wiesner
58ee9a364e SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers. 2009-09-02 14:29:35 +00:00
Scott Battaglia
bfd421016e SEC-1228
added constructor so a wrapper can be instanciated in one line of code.
2009-09-01 19:52:43 +00:00
Luke Taylor
471206a29d SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy 2009-08-27 10:43:01 +00:00
Luke Taylor
9bf8656d66 SEC-1201: PropertyPlaceholderConfigurer does not work for intercept-url attributes. Added use of ManagedMaps and BeanDefinitions to support placeholders in the pattern and access attributes. 2009-08-22 21:09:34 +00:00
Luke Taylor
bb4d818862 SEC-1188: Added "getContexHolderStrategy" method to SecurityContextHolder. 2009-08-22 13:31:13 +00:00
Luke Taylor
5a8772df5b Reset pom versions post release 2009-08-21 12:02:49 +00:00
Luke Taylor
0e5aa7008d [maven-release-plugin] prepare release spring-security-3.0.0.M2 2009-08-20 15:51:26 +00:00
Luke Taylor
b807f7cbdd Added comment to pom to explain spring-web requirement 2009-08-10 14:05:16 +00:00
Luke Taylor
972cd0a53c javadoc 2009-08-10 12:10:04 +00:00
Luke Taylor
d65b1b3581 SEC-1200: Ukranian messages file 2009-08-10 11:41:24 +00:00
Luke Taylor
0f6642d3ab SEC-1216: Replacement of custom-after-invocation-provider with after-invocation-provider element. Some changes to help prevent proxying of aop infrastructure classes (use of AopInfrastructureBean marker interface) 2009-08-04 00:18:07 +00:00
Luke Taylor
5953af0f6b SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements). 2009-08-03 00:21:11 +00:00
Luke Taylor
fdb7325cbc Javadoc update 2009-07-24 15:21:59 +00:00
Luke Taylor
efd1dbf54a Removed public modifier from getSessionController() method on ProviderManager. 2009-07-17 23:37:45 +00:00
Luke Taylor
1afa67c954 SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block. 2009-07-15 23:09:47 +00:00
Luke Taylor
6346e31517 SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance. Implemented "parent" AuthenticationManager in ProviderManager which is delegated to when no authentication is returned by the instances list of authentication providers. Extracted the Authentication success/failure publishing into a separate strategy. 2009-07-15 01:28:28 +00:00
Luke Taylor
1ca2e6e6fc Tidying. 2009-07-13 23:12:32 +00:00
Luke Taylor
5d389d953d RoleVoter test class. 2009-07-13 23:11:15 +00:00
Luke Taylor
946f3d1067 Converted to use mockito. 2009-07-13 23:10:52 +00:00
Luke Taylor
3b1cdc3ab4 Tidying. 2009-07-08 23:27:53 +00:00
Luke Taylor
8a3930e673 Refactoring of ProviderManager to ensure that any AuthenticationException from the ConcurrentSessionController will prevent further polling of providers. 2009-07-08 23:20:46 +00:00
Luke Taylor
6b53703e37 SEC-1187: Moved pre-authentication status check inside try/catch block and repeated the call after reloading the user during the "cacheWasUsed" logic. 2009-07-07 17:09:44 +00:00
Luke Taylor
980b9b73b8 deprecate property editor 2009-06-26 12:49:23 +00:00
Luke Taylor
c6b9371029 Updated to latest Spring build snapshot. Required minor EL changes to parser class name 2009-06-15 23:41:20 +00:00
Luke Taylor
db3f08cce4 SEC-1156: Added check for enableAuthorities setting in deleteUser method of JdbcUserDetailsManager. 2009-06-14 22:31:14 +00:00
Luke Taylor
ab7f06c108 SEC-1156: Modified JdbcUserDetailsManager to only save/update authorities if enableAuthorities is set 2009-06-14 22:26:44 +00:00
Luke Taylor
05ba2ff3f3 Improved Javadoc 2009-06-14 20:50:29 +00:00
Luke Taylor
3f603dfdd8 Removed invalid Javadoc reference to HttpSCIF 2009-06-10 12:44:06 +00:00
Luke Taylor
4e0d3c644f Committed deletion of previous AuthorityUtilsTests 2009-06-09 01:50:35 +00:00
Luke Taylor
4768e4b13c Removed methods relating to current context from AuthorityUtils, making it a simple factory for GrantedAuthority lists etc. 2009-06-09 01:42:37 +00:00
Luke Taylor
ab69a0a101 SEC-884: As per discussion in this issue. Added Javadoc to specify that Authentication object passed to decide method must not be null. 2009-06-09 01:14:55 +00:00
Luke Taylor
d2a8e43a55 SEC-1170: Some updates to UserDetails-related Javadoc. 2009-06-09 00:57:34 +00:00
Luke Taylor
cb6aa81701 Forgot to remove file 2009-06-08 19:21:22 +00:00
Luke Taylor
5808da12ff SEC-1094: Simplified WebXml attribute mapping. Removed generic jaxen-based implementation on which it was based in favour of simple DOM model traversal. Updated sample. 2009-06-08 15:23:41 +00:00
Luke Taylor
43144cd75d Javadoc updates. 2009-05-31 21:29:36 +00:00
Luke Taylor
67ad0456a1 Javadoc updates. 2009-05-31 21:28:50 +00:00
Luke Taylor
206598172c Javadoc updates. 2009-05-31 21:26:03 +00:00
Luke Taylor
d1efb4eeed generifying RowMappers in JdbcDaoImpl. 2009-05-30 13:52:39 +00:00