Commit Graph

5444 Commits

Author SHA1 Message Date
Rob Winch 969f3a7d1b Update pom.xml to latest snapshots 2015-08-03 09:46:01 -05:00
Rob Winch 4c19768e54 Update to jacoco 0.7.5.201505241946 2015-08-03 09:45:42 -05:00
Thomas Darimont ad1d858e2b SEC-3056 - Fix JavaDoc errors.
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
Rob Winch 7317c090cc SEC-2963: Disable appengineRun if contains functional tests 2015-07-29 09:57:57 -05:00
Rob Winch 485fbdc1ee SEC-2963: Select Available Port for appengine 2015-07-28 22:47:21 -05:00
Spring Buildmaster 22aa91c8e1 Next development version 2015-07-22 22:08:15 -07:00
Rob Winch ea873fb1b8 SEC-2963: Disable appengineFunctionalTest 2015-07-22 21:27:28 -05:00
Rob Winch 117f892c91 SEC-3031: DelegatingSecurityContext(Runnable|Callable) only modify SecurityContext on new Thread
Modifying the SecurityContext on the same Thread can cause issues. For example, with a
RejectedExecutionHandler the SecurityContext may be cleared out on the original Thread.

This change modifies both the DelegatingSecurityContextRunnable and DelegatingSecurityContextCallable to,
by default, only modify the SecurityContext if they are invoked on a new Thread. The behavior can be changed
by setting the property enableOnOrigionalThread to true.
2015-07-22 16:07:21 -05:00
Rob Winch 113b61e3a0 SEC-2957: Polish 2015-07-22 13:57:28 -05:00
Rob Winch dab4cf18b8 SEC-3032: Correct documented logout-success-url default 2015-07-22 13:48:07 -05:00
Rob Winch be27ede0e9 SEC-2957: Add missing provided dependencies to samples 2015-07-22 13:33:52 -05:00
Rob Winch e8c9f75f9c Update pom.xml to latest versions 2015-07-22 12:51:04 -05:00
Rob Winch bc53945d89 Remove unused import in WithSecurityContextTestExecutionListenerTests 2015-07-22 12:44:34 -05:00
Rob Winch 432123daa2 SEC-2964: Fix CsrfTokenArgumentResolver Javadoc 2015-07-22 11:32:36 -05:00
Rob Winch 92ae45a04d SEC-3051: Add AbstractPreAuthenticatedProcessingFilter#principalChanged 2015-07-22 08:41:33 -05:00
Rob Winch a50d297f3a SEC-2953: Add index-docinfo.xml
This removes the "please define title in your docbook file"
2015-07-21 11:48:44 -05:00
Rob Winch 54dabb6433 SEC-2993: OpenID Sample now uses me.yahoo.com 2015-07-21 10:44:54 -05:00
Rob Winch cd4a7e95cc SEC-2991: Add CSRF Token to OpenID XML Sample 2015-07-21 10:42:24 -05:00
Rob Winch 07fb2af74b SEC-3011: AbstractUrlAuthorizationConfigurer postProcess default AccessDecisionManager 2015-07-21 08:52:36 -05:00
Rob Winch ab1b7a1eb6 Remove unnecessary @SuppressWarnings 2015-07-21 08:51:32 -05:00
Rob Winch 7c725a60e2 SEC-3047: SecurityContextHolderAwareRequestFactory update RequestFactory 2015-07-20 14:06:44 -05:00
Rob Winch 9b92d5a1e7 SEC-2963: Fix tests 2015-07-20 12:53:21 -05:00
Rob Winch e25b84c902 SEC-2963: Update to latest Google AppEngine 2015-07-20 12:36:29 -05:00
Rob Winch 9654df2cc3 SEC-3045: Conditionally add MethodSecurityMetadataSourceAdvisor 2015-07-17 15:16:09 -05:00
Rob Winch a3df41b380 Clean Import Statements 2015-07-17 14:52:23 -05:00
Rob Winch abc445d5a7 SEC-2965: Polish 2015-07-16 15:52:00 -05:00
Rob Winch 518a1c3c08 SEC-2965: Fix invalid formatted links in reference documentation 2015-07-16 15:27:04 -05:00
Rob Winch 1ca5946d74 SEC-3003: Document invalid intercept-url attributes for filter-security-metadata-source 2015-07-16 15:03:51 -05:00
Rob Winch 76a2fb9488 SEC-3020: SecurityContextHolderAwareRequestWrapper conditional rolePrefix
Previously SecurityContextHolderAwareRequestWrapper always prefixed with
rolePrefix. This meant the defaults would never return true for a role
that started with the prefix (i.e. ROLE_).

We no longer apply the rolePrefix if the value passed in already starts
with rolePrefix.
2015-07-16 14:49:32 -05:00
Rob Winch 2d448658cd SEC-3042: Add SecurityTestExecutionListeners 2015-07-16 13:51:37 -05:00
Rob Winch 4cafd575c0 SEC-3041: Fix WithSecurityContextTestExecutionListener w/ no ApplicationContext 2015-07-16 13:13:46 -05:00
Rob Winch 0e36f85dab SEC-3019: Java Config for Http Basic supports Rememberme 2015-07-16 11:12:44 -05:00
Rob Winch b96cee7950 SEC-2984: WithMockUser authorities doc 2015-07-16 08:48:53 -05:00
Rob Winch e4517016ca SEC-2984: Add @WithMockUser authorities property 2015-07-16 08:41:40 -05:00
Rob Winch 08b1b56e2c SEC-2973: Add OnCommittedResponseWrapper
This ensures that Spring Session & Security's logic for performing
a save on the response being committed can easily be kept in synch.
Further this ensures that the SecurityContext is now persisted when
the response body meets the content length.
2015-07-14 14:48:41 -05:00
Rob Winch 316886affc SEC-2931: Fix CsrfFilter Javadoc 2015-07-14 13:40:59 -05:00
Rob Winch 75f57b96cb SEC-2493: Fix javadoc for DefaultLdapAuthoritiesPopulator 2015-07-14 13:20:05 -05:00
Rob Winch aad4e70374 SEC-3034: AclPermissionEvaluator specifies Locale.ENGLISH 2015-07-13 23:54:32 -05:00
Rob Winch 821333434d SEC-3013: Add messages_en.properties 2015-07-13 23:18:45 -05:00
Rob Winch 474d624e8e SEC-2988: Renamed OnBeanCondition.java to OnMissingBeanCondition.java 2015-07-13 22:51:45 -05:00
Rob Winch 64938ebcfc SEC-2996: Suport configuring SecurityExpressionHandler<Message<Object>> 2015-07-13 22:45:35 -05:00
Rob Winch 3db01bd9d6 SEC-3002: Add JUnit Assume to GCM encryption tests
Not all JDKs have GCM installed on them.
2015-07-13 16:22:18 -05:00
Andy Wilkinson 92c23fbbdc Upgrade to a version of Powermock that’s compatible with JUnit 4.12 2015-07-13 15:42:50 -05:00
Dave Syer a48cc18858 SEC-3002: Add new option for AES encryption with GCM
The Galois Counter Mode (GCM) is held to be superior than the current
default CBC. This change adds an extra parameter to the constructor
of AesBytesEncryptor and a new convenience method in Encryptors.
2015-07-09 23:27:33 -05:00
Stijn ca0ffb8b5d SEC-2948: Fix error message for wrong xsd schema
When using the wrong xsd schema < 4.0 a message was shown that the
schema needed to be version 3.2.

In reality this schema had to be version 4.0.
2015-07-09 23:17:16 -05:00
Rob Winch aed288da05 Fix Spring IO Tests 2015-07-08 11:48:43 -05:00
Rob Winch 1f74ac811e Fix Spring IO Tests 2015-07-08 11:09:29 -05:00
Andy Wilkinson 350b48e3fd Use the latest version of the Spring IO Plugin
Spring IO Platform 2.0 will remove the managed versions .properties
file as support for it has been removed in Spring Boot 1.3.

This commit moves the build onto a new version of the Spring IO Plugin
that uses the Maven bom rather than the properties file.
2015-07-08 08:42:07 -05:00
Rob Winch 197ddb3cd1 SEC-3029: Fix Compatibility with Spring 4.2.x 2015-07-07 22:46:31 -05:00
Rob Winch 848523e47a SEC-3029: Add springSnapshotTests
Test against Spring Framework's latest Snapshots
2015-07-07 22:43:06 -05:00