3199 Commits

Author SHA1 Message Date
Scott McCrory
4717b64b83 Updated Siteminder auth processing filter and added test case. As of this weekend, this version is in production at a large financial org. 2005-09-25 22:48:33 +00:00
Ben Alex
0f5e9ad372 Fix NPE. Thanks to Tom Dunstan. 2005-09-22 01:49:12 +00:00
Ben Alex
f5741962ed Add createSessionAllowed property, which should be set to false to avoid unnecessary session creation. 2005-09-22 00:54:27 +00:00
Marc-Antoine Garrigue
60d3b6505b Finalizing the validation, entry point and channel processor concerning captchas. Replacing the Thread.sleep() in captchaChannelProcessorTest to avoid the build break issue. 2005-09-20 12:24:47 +00:00
Mark St. Godard
fb3f4af3b2 when extracting the original user, fix by referencing by the interface (UserDetail) rather than the concrete class (User) 2005-09-20 02:28:01 +00:00
Mark St. Godard
24394b7b2b added fix to preserve custom UserDetails implementations (Matt DeHoust fix recommendation) 2005-09-19 02:22:44 +00:00
Ben Alex
d44b570087 Disable failing tests until Marc-Antoine has a chance to look at them. 2005-09-18 22:38:37 +00:00
Ben Alex
ae9e7733db Fix broken tests. 2005-09-18 22:38:05 +00:00
Ben Alex
35ca25f085 BasicAuthenticationProcessingFilter no longer creates HttpSession via WebAuthenticationDetails call. 2005-09-08 11:15:48 +00:00
Ben Alex
c7dcceb05c Do not setAuthenticated(false) in the event of a public (unsecured) invocation. Thanks to Joseph Dane for reporting this issue on acegisecurity-developer on 3 September 2005. 2005-09-08 09:32:24 +00:00
Mark St. Godard
486bbee35d added context path to redirect 2005-09-03 21:43:08 +00:00
Mark St. Godard
9d359780d9 finish user context switch event publishing 2005-09-03 20:24:35 +00:00
Mark St. Godard
20ebb668a6 Added event for user context switching and updated switch user filter 2005-08-25 02:59:19 +00:00
Ben Alex
55f5c3397a Relocated JdbcDaoExtendedImpl.convertAclObjectIdentityToString to superclass (pursuant to suggestion made by Tim Kettering on acegisecurity-developer). 2005-08-23 22:45:17 +00:00
Ray Krueger
2bda6ec25c Fix: SEC-48 http://opensource2.atlassian.com/projects/spring/browse/SEC-48
If the principal is an instanceof UserDetails, UserDetails.getUsername();
2005-08-23 15:15:06 +00:00
Ben Alex
40a81ed220 Revisit synchonization issue and correct problem identified by Volker Malzahn. 2005-08-21 10:10:16 +00:00
Mark St. Godard
ec5e39c2e8 Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications. 2005-08-04 05:49:12 +00:00
Luke Taylor
725ec767b6 Javadoc typo corrected (as suggested on mailing list) 2005-08-01 20:05:02 +00:00
Scott McCrory
c2c48b905b Added package.html files to reamining java packages (see http://opensource.atlassian.com/projects/spring/browse/SEC-41) 2005-07-26 01:54:18 +00:00
Scott McCrory
f5975dcf30 Whoops, almost forgot to remove System.out debug lines :-/ 2005-07-26 00:55:53 +00:00
Scott McCrory
891cd7380c Mirrored Ben's FilterChainProxy.java 1.5 spelling fix to its corresponding test class, which depended on equality of the exception message. All JUnit tests pass now. 2005-07-26 00:50:43 +00:00
Scott McCrory
dc31553f2a Syntax 2005-07-25 22:49:05 +00:00
Scott McCrory
db4ed4bc44 Added debug statement to AbstractTicketValidator to help with Acegi+CAS+SSL setup (thanks Seth Ladd for the patch) (see http://opensource.atlassian.com/projects/spring/browse/SEC-34) 2005-07-25 03:46:23 +00:00
Scott McCrory
c66c5dfab5 AuthorizeTag no longer depends on JDK 1.4. Tested on Websphere 5.0 w/JDK 1.3 (see http://opensource.atlassian.com/projects/spring/browse/SEC-11) 2005-07-25 00:52:15 +00:00
Scott McCrory
32f62d1ef1 Added SiteminderAuthenticationProcessingFilter for Ben's review. <Untested>. 2005-07-24 23:59:08 +00:00
Ben Alex
f625d06cd9 Avoid expense of HttpSession when working with anonymous users. 2005-07-23 09:52:42 +00:00
Ben Alex
4ad98a7df3 Spelling correction, thanks to Zack Chandler. 2005-07-23 07:40:43 +00:00
Ben Alex
c5ba30b001 Comment how to make a signing certificate. 2005-07-23 07:39:56 +00:00
Ray Krueger
4b98d357ff SecureContextLoginModuleTest has been renamed to ...Tests as per Acegi project.
SecureContextLoginModule now throws a LoginException if there is no authentication present, if the ignoreMissingAuthentication option is true, the login() method will simply return false.
2005-07-22 04:35:31 +00:00
Luke Taylor
e51c38aec9 Removed reference in Javadoc to obtaining and validating the SecureContext (checking for null etc), as this is no longer relevant. 2005-07-21 22:59:30 +00:00
Luke Taylor
c89d4a8add Added trimming of whitespace to tokens and use of Springs StringUtils.hasText() to check for content in the string passed to setAsText. 2005-07-21 22:55:27 +00:00
Marc-Antoine Garrigue
3287439421 Initial commit for captcha adapter 2005-07-19 12:35:50 +00:00
Luke Taylor
74588c8e53 Move acegifier code from core. 2005-07-16 19:35:30 +00:00
Luke Taylor
5bbc54ac42 Javadoc typo corrected 2005-07-15 14:28:44 +00:00
Ben Alex
d9b1a8e83c Fix typo in InteractiveAuthenticationSucces(s)Event 2005-07-11 01:23:20 +00:00
Ben Alex
c7bfeeaf58 Clarify local variable name given it was the same as a member variable. 2005-07-11 01:19:41 +00:00
Luke Taylor
ab065923d4 Correct doctype for generated web.xml files and add declaration to test file. 2005-07-09 23:32:08 +00:00
Luke Taylor
22a28f3b39 Separate InMemoryResource class for use in Acegifier web application. 2005-07-09 21:37:50 +00:00
Luke Taylor
7268c81192 Fix for SEC-27. Now checks for a null authentication before proceeding to fire the success event. 2005-07-08 21:16:12 +00:00
Luke Taylor
f1656ee7fd Tidying: removed unused intermediate variable. 2005-07-08 21:10:26 +00:00
Luke Taylor
6f467def90 Added conversion of URLs ending in '*' to the ant '**' form. 2005-07-06 17:22:19 +00:00
Luke Taylor
9e1a773cc7 Add xsl resources to build. 2005-07-06 15:22:52 +00:00
Luke Taylor
d13faf0815 Renaming and refactoring of web.xml converter. 2005-06-30 21:23:50 +00:00
Luke Taylor
118f6401d8 XSL file for converting web.xml to acegified version. 2005-06-29 23:00:54 +00:00
Luke Taylor
a2bc398915 Refactoring and commenting XSL 2005-06-27 21:56:13 +00:00
Ben Alex
3e4a29eae9 FilterSecurityInterceptor now has an observeOncePerRequest boolean property, allowing multiple fragments of the HTTP request to be individually authorized (see http://opensource.atlassian.com/projects/spring/browse/SEC-14). 2005-06-27 03:57:31 +00:00
Ben Alex
5c883e639f Add InteractiveAuthenticationSuccessEvent handling to authentication mechanisms. 2005-06-27 03:34:36 +00:00
Ben Alex
60f8095cf2 Make Authenticated.isAuthenticated() behaviour switchable. See http://opensource.atlassian.com/projects/spring/browse/SEC-13. 2005-06-27 03:05:26 +00:00
Ben Alex
ef8281f534 HttpSessionContextIntegrationFilter elegantly handles IOExceptions and ServletExceptions within filter chain (see http://opensource.atlassian.com/projects/spring/browse/SEC-20). 2005-06-27 02:55:01 +00:00
Luke Taylor
25fa471779 First version of web.xml to acegi translator 2005-06-26 17:30:36 +00:00