Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,718 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

4718 Commits

Author SHA1 Message Date
Rob Winch 22225effcc Call SecurityContextHolder.clearContext() in tear down of HttpSessionSecurityContextRepositoryTests 2011-12-30 16:05:35 -06:00
Rob Winch 5d94cd5e13 SEC-1735: Do not remove SecurityContext from HttpSession when anonymous Authentication is saved if original SecurityContext was anonymous 2011-12-30 16:04:02 -06:00
Rob Winch 1f835fec43 SEC-1867: Perform null check on Authentication.getCredentials() prior to calling toString() 2011-12-30 14:00:13 -06:00
Rob Winch 448a42916d SEC-1880: Corrected error message when using both logout-success-url and success-handler-ref 2011-12-30 11:31:24 -06:00
Rob Winch ea56a98883 SEC-1868: Remove error level logs from SecurityNamespaceHandler when the web classes are not available and not required 
To get the detailed errors the FilterChainProxy is loaded again in reportMissingWebClasses
and included in the readerContext fatal log.
 2011-12-30 10:51:17 -06:00
Rob Winch 6fe6e18939 SEC-1870: Updated HttpSessionDestroyedEvent to properly look for SecurityContexts as session attribute values instead of session attribute names 2011-12-29 15:44:49 -06:00
Rob Winch 044861eb20 Renamed **/*Spec.groovy to **/*Tests.groovy to better follow conventions 2011-12-29 12:59:24 -06:00
Rob Winch 8ca2927761 Renamed **/Test.java to **/Tests.java to better follow conventions 2011-12-28 17:39:29 -06:00
Rob Winch aabb16912f SEC-1878: DefaultFilterChainValidator properly handles AccessDecisionManager throwing exceptions other than AccessDeniedException 2011-12-28 16:43:19 -06:00
Luke Taylor 00936c6b49 Switch to post release snapshot version. 2011-12-05 23:44:55 +00:00
Luke Taylor 9b423a7726 Set 3.1.0 release version. 2011-12-05 23:42:39 +00:00
Luke Taylor 9fa6e78770 SEC-1857: Use Principal.getName() in ContextPropagatingRemoteInvocation 
This is a better option than using the toString() method 
where the latter doesn't return the username. e.g when the
principal is a UserDetails.
 2011-12-05 21:23:42 +00:00
Steffen Ryll 0de067ae63 SEC-1793: Added convenience constructor to DefaultSpringSecuritySontextSource 
This makes it easier to configure more than one
LDAP URL (fail-over scenario).
 2011-12-05 19:24:00 +00:00
Rob Winch 999adbc6ee SEC-1827: If use-secure-cookie is set to false explicitly set useSecureCookie to false on AbstractRememberMeServices 2011-11-21 09:11:17 -06:00
Rob Winch 53483df1f5 SEC-1678: Added What's new section to reference 2011-11-18 13:52:37 -06:00
Rob Winch 041cb1dcc3 SEC-1858: Included the updates for logout-success-url documentation 2011-11-18 11:22:22 -06:00
Rob Winch 3dca70403d Suppress compiler warnings and minor javadoc fix for ProviderManager 2011-11-11 11:45:02 -06:00
Rob Winch ff495b698e SEC-1858: Removed methods for generating docbook for xsd 
Not squashing so this is around if needed again
 2011-11-11 11:45:02 -06:00
Rob Winch c8b847f1ed SEC-1858: Added integration tests to validate that the xsd is documented in the reference 2011-11-11 11:44:55 -06:00
Rob Winch f88b6f75ff SEC-1858: Overhall the namespace appendix of the reference to include missing elements and attributes 2011-11-11 09:00:53 -05:00
Rob Winch de397bc0ce SEC-1858: Updated xsd documentation to have documentation for all elements/attributes and added documentation of default values where appropriate 2011-11-11 09:00:53 -05:00
Dave Syer 8565116f20 SEC-1472: Add crypto wrappers for BCrypt 2011-11-02 18:10:19 +00:00
Dave Syer 944d762da9 Add eclipse generated meta-inf to ignores 2011-11-02 17:47:44 +00:00
Luke Taylor 3b13a3fb25 SEC-1812: Replace assertion with warning message when overriding the global AuthenticationManager. 2011-11-02 14:23:59 +00:00
Luke Taylor 8e1d407e3e SEC-1848: LDAP encode name when using user DN patterns in AbstractLdapAuthenticator. 2011-11-01 13:28:56 +00:00
Luke Taylor 8fd2963e6b Deprecate storage of Authentication object in AuthenticationException. 2011-11-01 13:05:53 +00:00
Luke Taylor b60367e30c Upgrade to validater 4.2 2011-11-01 00:20:45 +00:00
Luke Taylor 0bccbbfc18 SEC-1779: Make new getters protected rather than public. 2011-11-01 00:20:34 +00:00
Luke Taylor 178765cf83 SEC-1836: Forgot taglib comment update. 2011-11-01 00:19:37 +00:00
Luke Taylor f456db267f SEC-1779: Added getters for success and failure handlers to AbstractAuthenticationProcessingFilter. 2011-11-01 00:06:23 +00:00
Luke Taylor 30088f19ae SEC-1806: Log that bean definition is being created rather than bean in LdapServerBDP. 2011-10-31 23:50:06 +00:00
Luke Taylor 09ac4bd8f9 SEC-1833: Remove unused securityContextClass from HttpSessionSecurityContextRepository. 2011-10-31 23:44:43 +00:00
Luke Taylor fc399af136 SEC-1836: use GET as the default method with authorize tag. 2011-10-31 23:23:37 +00:00
Luke Taylor 2f67bb3032 SEC-1847: Add authentication-manager-ref attribute to http and global-method-security namespace elements. 2011-10-30 21:51:02 +00:00
Luke Taylor bce4d81142 Mark overriding "extraInformation" methods in account status exceptions as deprecated. 2011-10-30 21:47:04 +00:00
Luke Taylor c0c283029a Upgrade Jetty version. 2011-10-30 21:45:58 +00:00
Luke Taylor 44e2543015 Minor changes to make filter chain validation more robust with custom request matchers. 2011-10-24 21:21:10 +01:00
Luke Taylor f2786805e6 SEC-1841: Added request-matcher-ref attribute to namespace for defining a filter chain. 2011-10-21 20:04:35 +01:00
Luke Taylor 58f7d3acc6 SEC-1835: Changed xsd:ID to xsd:token. 2011-10-21 18:35:06 +01:00
Luke Taylor f1e63f3008 SEC-1802: Add digits to valid URL scheme regex. 2011-10-21 17:25:50 +01:00
Rob Winch 2fd0a65049 SEC-1839: Updated preauth example to use </security:authentication-manager> instead of </security-authentication-manager> 2011-10-18 19:18:56 -05:00
Luke Taylor ac6ed671a1 SEC-1830: Use constructor injection in namespace parsing code for creation of ProviderManager 2011-09-26 18:24:36 +01:00
Luke Taylor 9d66e1fac3 Exclude static resources from filter chain in tutorial sample. 2011-09-25 22:30:14 +01:00
Luke Taylor 2953f56b2b Remove ancient code formatter artifacts. 2011-09-25 21:17:21 +01:00
Luke Taylor 869c6a7c18 SEC-1800: Set input size to 30 for OpenID login. 2011-09-25 21:13:37 +01:00
Luke Taylor 44364d0101 SEC-1826: Empty attribute list should be treated the same as null in DelegatingMethodSecurityMetadataSource. 2011-09-24 14:36:54 +01:00
Luke Taylor be8ee61f82 PreInvocationAuthorizationAdviceVoter was checking the wrong type in its "supports" method. 
This isn't actually used, but is still incorrect.
 2011-09-24 13:13:38 +01:00
Luke Taylor a573e7b395 SEC-1820: Added null check for attributesToFetch in OpenID4JavaConsumer. 2011-09-20 21:46:21 +01:00
Rob Winch 4a000d040c SEC-1815: Downgrade openid to use HttpClient 4.1.1 to avoid bug in openid4java's usage of HttpClient 2011-09-18 18:52:27 -05:00
Luke Taylor 359bd7c468 SEC-1804: Updated Javadoc wrt immutability of User class. 2011-08-25 10:50:50 +01:00