spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-07 03:02:23 +00:00

Author	SHA1	Message	Date
Luke Taylor	30d878b22e	Change essence class to use a new ArrayList for the authorities (list from Arrays.asList() doesn't support add method).	2006-05-16 23:35:15 +00:00
Luke Taylor	fc8ead3c54	Make sure populator roles are added rather than overwriting any roles loaded with the user entry.	2006-05-16 23:33:02 +00:00
Luke Taylor	f8db6a4c78	Switch LDAP tests back to embedded server and comment out apacheds-broken ones.	2006-05-15 21:20:50 +00:00
Luke Taylor	9219c6548e	SEC-264: Delete classes which are no longer used after LDAP changes.	2006-05-15 21:14:38 +00:00
Luke Taylor	65fe641900	SEC-264: changes to LDAP services.	2006-05-15 20:53:10 +00:00
Luke Taylor	db042046e9	Introduce LDAPUserDetails.	2006-05-15 19:34:57 +00:00
Scott Battaglia	ab05cb95ff	SEC-239: changed order url is created in to reflect new processing filter url order	2006-05-04 19:31:28 +00:00
Scott Battaglia	aee934812a	SEC-239: switched to encoding a url with response.encodeURL to get the jsession.	2006-05-04 19:27:57 +00:00
Luke Taylor	a7d7631f2f	Fixed potential problem with multiple userDn patterns.	2006-05-01 00:43:42 +00:00
Luke Taylor	f0b11109b4	Added tests for nameExists method	2006-05-01 00:41:07 +00:00
Luke Taylor	9f385eb1e0	Typo in Javadoc.	2006-05-01 00:40:18 +00:00
Luke Taylor	a468f03cae	Add functionality to LdapTemplate for checking that an entry exists, and for retrieving an entry as an object, mapped from its attributes.	2006-05-01 00:28:27 +00:00
Luke Taylor	3f0f45706c	Update Javadoc to include SSHA info.	2006-04-30 22:14:27 +00:00
Luke Taylor	def8a849a2	Added String-only 'compare' operation tests which now work with ApacheDS RC2 (unlike byte[] comparisons which are still broken).	2006-04-30 21:53:05 +00:00
Luke Taylor	98887f37da	Change to more appropriate inline inner class name.	2006-04-30 21:40:53 +00:00
Luke Taylor	0b2be28def	Added search method which will be used for finding roles.	2006-04-30 21:37:18 +00:00
Luke Taylor	91f5fc30be	SEC-258: Removed use of URI class	2006-04-30 19:45:37 +00:00
Luke Taylor	25c643970a	Change package names to match apacheds RC1.	2006-04-29 22:45:19 +00:00
Ben Alex	890864ed00	SEC-194: Allow remember-me services to be used with BASIC authentication.	2006-04-28 08:54:54 +00:00
Ben Alex	9b63051149	SEC-204: Improve startup time detection of errors by FilterInvocationDefinitionSourceEditor.	2006-04-28 08:41:55 +00:00
Ben Alex	cc07f620df	SEC-257: ExceptionTranslationFilter to use AccessDeniedHandler.	2006-04-28 06:52:50 +00:00
Ben Alex	21aaf2b9db	SEC-256: Contacts sample not displaying localized exceptions correctly.	2006-04-28 06:43:50 +00:00
Ben Alex	d125569bd6	SEC-29: Save POST parameters on AuthenticationEntryPoint redirect.	2006-04-28 05:05:35 +00:00
Ben Alex	22aa0e898f	SEC-243: SessionRegistry.getAllSessions() now accepts an "includeExpiredSessions" argument.	2006-04-27 23:26:19 +00:00
Ben Alex	0648c65b0b	SEC-243: SessionRegistry.getAllSessions() now accepts an "includeExpiredSessions" argument.	2006-04-27 23:25:00 +00:00
Ben Alex	d8a56d4e60	SEEC-255: Always create HttpSession before calling AuthenticationDetailsSource.	2006-04-27 23:11:56 +00:00
Marc-Antoine Garrigue	2af791a801	Error in javadoc concerning the default keyword REQUIRES_CAPTCHA_BELOW_AVERAGE_TIME_IN_MILLIS_REQUESTS	2006-04-27 08:56:42 +00:00
Ben Alex	81603832be	SEC-152: Strategy pattern for SecurityContextHoldder.	2006-04-27 08:31:32 +00:00
Ben Alex	b05709df6a	SEC-152: Strategy pattern for SecurityContextHoldder.	2006-04-27 08:30:29 +00:00
Scott McCrory	88ff43017d	Added unit test for the overridden requiresAuthentication method	2006-04-27 02:24:30 +00:00
Scott McCrory	481a9377e4	Added NPE check for defaultTargetUrl in requiresAuthentication	2006-04-27 02:23:46 +00:00
Ben Alex	8cc5dcde30	SEC-249: Support logout filter.	2006-04-26 23:36:03 +00:00
Luke Taylor	8400341399	Tidy up screwy formatting.	2006-04-26 21:19:20 +00:00
Ray Krueger	a7d0f88e01	Fixed no authority check so that it is after addCustomAuthorities http://opensource.atlassian.com/projects/spring/browse/SEC-253 Also removed the unused logger	2006-04-26 16:22:38 +00:00
Ben Alex	a47a342ce6	SEC-234: Allow pluggable AuthenticationDetailsSource strategy interface.	2006-04-26 05:24:49 +00:00
Ben Alex	b1becf9277	SEC-242: Make logger reflect subclass, not superclass.	2006-04-26 04:56:46 +00:00
Ben Alex	f4156a22bd	SEC-246: Enable late binding on DaoAuthenticationProvider.userDetailsService field.	2006-04-26 04:54:44 +00:00
Ben Alex	d541c8e257	SEC-238: Add AuthenticationException to onUnsuccessfulAuthentication method signature.	2006-04-26 04:42:16 +00:00
Ben Alex	540c7b2e6a	SEC-229: Allow external URLs from AbstractProcessingFilter.	2006-04-26 04:36:54 +00:00
Ben Alex	97ac9f7e98	SEC-191: Look in parent bean factories for AclManager.	2006-04-26 04:26:04 +00:00
Ben Alex	f6b7429947	SEC-187: Tidy up URL composition logic basedon default HTTP(S) ports.	2006-04-26 04:19:35 +00:00
Ben Alex	307ac99ec5	SEC-199: Use ServletException.getRootCause() to extract any Acegi Security exceptions.	2006-04-26 04:11:05 +00:00
Ben Alex	4e09777dec	SEC-247: Allow #NONE# to be used to specify paths that shouldn't have any filters fire.	2006-04-26 03:55:39 +00:00
Ben Alex	185d63f23c	SEC-221: AbstractProcessingFilter.onPreAuthentication() should have exceptions caught.	2006-04-26 03:40:24 +00:00
Ben Alex	6bae43d380	SEC-206: Include context root when generating cookies.	2006-04-26 03:35:33 +00:00
Ben Alex	5d9ed78b50	SEC-147: Add processDomainObjectClass property to AfterInvocationProviders.	2006-04-26 03:30:27 +00:00
Ben Alex	de4af379cc	SEC-252: Stop NPE if principal object is null.	2006-04-26 03:00:14 +00:00
Ben Alex	fba45cb19e	SEC-208: Fix threading issue.	2006-04-26 02:54:18 +00:00
Carlos Sanchez	88e8e60861	[SEC-240] Moved log4j.properties to test folder to avoid including it in jar	2006-04-26 02:39:56 +00:00
Ben Alex	5f79a25860	SEC-243: SessionRegistryImpl no longer incorrectly includes expired sessions.	2006-04-26 02:36:37 +00:00

... 8 9 10 11 12 ...

1138 Commits