6d2003722e
Polish JSON class scope
...
Use package scope when possible
Issue gh-3736
2016-09-02 11:36:06 -05:00
03d8904a03
Polish constructor assertions
...
Previously the JSON modules didn't use Spring's Assert.
This commit changes the assertions to use Spring's Assert and does
some minor restructuring.
Issue gh-3736
2016-09-02 11:34:57 -05:00
d77ca17e95
Add JSON Serialization
...
Fixes gh-3812
2016-09-02 11:29:53 -05:00
a2ead4cf7a
Polish
...
Fixes gh-3892
2016-06-20 12:35:43 -05:00
933a7e8363
Remove duplicate words
...
Fixes gh-3826
2016-04-18 23:21:20 -05:00
f221920a19
Clean up code to conform to basic checkstyle
...
Issue gh-3746
2016-03-14 00:15:12 -05:00
71d4ce96ad
Convert to assertj
...
Fixes gh-3175
2016-03-09 14:30:17 -06:00
bb600a473e
Start AssertJ Migration
...
Issue gh-3175
2016-03-09 14:26:30 -06:00
4fdfb8caba
SEC-2915: More Tabs -> Spaces
2015-04-17 11:34:34 -05:00
ae6af5d73c
SEC-2915: Updated Java Code Formatting
2015-03-25 13:09:18 -05:00
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
6e204fff72
SEC-2781: Remove deprecations
2014-12-04 15:28:40 -06:00
02c3565e22
Fix compiling in Eclipse
2014-09-16 10:18:46 -05:00
934937d9c1
SEC-2688: CAS Proxy Ticket Authentication uses Service for host & port
2014-08-15 16:41:33 -05:00
086056f191
SEC-2289: Make compatible with Spring 4 as well
...
There are a few subtle changes in Spring 4 that this commit addresses
2013-08-27 16:43:10 -05:00
f5a30e55a3
SEC-2042: AbstractAuthenticationProcessingFilter supports RequestMatcher
2013-07-23 13:06:51 -05:00
6b81f97081
SEC-2114: Polishing Spring Based Cache
2013-01-04 11:33:46 -06:00
01ea39ce35
SEC-2114: Provide Spring Cache Abstraction based cache implementations
...
As of Spring 3.1 spring has its own cache abstraction. This commit adds cache
imlpementations based on that abstraction.
2013-01-04 11:33:27 -06:00
8178371927
SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes
2011-04-21 19:55:32 +01:00
a76a947b12
SEC-965: Added support for CAS proxy ticket authentication on any URL
2011-04-17 18:00:35 -05:00
3f7f87e19f
SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests.
...
The fix moves CommonUtils.readAndRespondToProxyReceptorRequest into CasAuthenticationFilter.attemptAuthentication. This makes sense since
The CAS server is authenticating that the proxy url is valid (i.e. it exists and the SSL handshake succeeds). It also allows the FilterChain
to not be processed by returning a null Authentication.
2011-01-27 09:25:01 -06:00
4a40d80da1
SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
...
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
4ad0652787
Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.
2010-12-01 20:52:37 +00:00
d64efe9747
SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object.
2010-11-25 15:19:37 +00:00
d1e8b8e29d
More tests. Minor refactoring.
2010-08-24 20:57:45 +01:00
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
0e57ce2dc3
SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection.
2010-05-21 15:59:50 +01:00
74896f217b
SEC-1459: Generifying AuthenticationUserDetailsService. Now parameterized with <? extends Authentication>.
2010-04-20 23:47:47 +01:00
977bc2b164
SEC-1433: Reduce the number of direct dependencies on DataAccessException from spring-tx.
...
It is still required as a compile-time dependency by classes which use Spring's JDBC support, but it doesn't really have to be used in many interfaces and classes which are not necessarily backed by JDBC implementations.
2010-03-26 18:05:28 +00:00
36612377e2
Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents.
2010-02-14 23:23:23 +00:00
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
7e817b9640
NOJIRA formatting fix
2009-12-24 14:40:24 +00:00
4afe6c2c6a
SEC-1341
...
made it more extensible
2009-12-24 14:39:40 +00:00
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
2009-12-18 18:44:42 +00:00
a5ed2e579e
Refactored CAS test to remove dependency on core tests jar.
2009-12-07 21:40:53 +00:00
46ef4239ca
SEC-1228
...
added NO_PASSWORD instead of passing in NULL since the User object does not allowe NULL for the password.
2009-11-18 15:19:55 +00:00
f35cb48407
NOJIRA
...
changed constructor back to collection. Accidentally set to List due to old code residing on notebook.
2009-11-18 15:09:56 +00:00
e812c58e04
NOJIRA
...
fixed changed constructor
2009-11-17 23:52:26 +00:00
f0a5572188
SEC-1228
...
fixed mistyped class name
2009-11-17 16:26:53 +00:00
1286741c7c
SEC-1259: Improve consistency of authentication filter names.
2009-10-07 14:43:55 +00:00
caff3ee9ba
SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).
2009-10-05 19:28:53 +00:00
df9e2eac9e
NOJIRA
...
updated license header and removed unneeded interface
2009-10-01 16:50:00 +00:00
5bdfd8cd77
Tidying imports etc to remove compiler warnings.
2009-09-05 14:14:58 +00:00
53baac2fd9
SEC-1228
...
started adding support for supporting creating UserDetails via Assertions.
2009-09-01 19:53:19 +00:00
f536c80020
SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web
2009-08-10 14:18:18 +00:00
83da7be2ea
Remove (ticket) cache package from CAS module. Unnecesary and has a circular reference.
2009-07-17 23:33:55 +00:00
af0c5f9e7f
SEC-1186: Removed 'order' from ntlm and cas filters
2009-06-26 12:47:36 +00:00
a8215fa2cb
SEC-1160: Renaming of authentication filters and entry points and associated doc changes
2009-05-12 05:37:11 +00:00
93bdcccaee
SEC-1132: Moved userdetails into core and added core/authority sub-package
2009-04-15 07:39:21 +00:00
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
2009-04-13 13:43:23 +00:00
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
2009-04-12 12:23:23 +00:00
f746a20ab4
SEC-1132: package refactoring of non-core modules
2009-03-27 05:01:03 +00:00
bec84f874a
SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.
2009-03-26 07:18:36 +00:00
4a41416c9b
Tidying up and removing compiler warnings.
2008-12-21 16:36:16 +00:00
cc5966bc7e
Tidying up, removing compiler warnings etc.
2008-12-20 00:16:49 +00:00
224c86a0b3
Tidying.
2008-12-15 23:51:46 +00:00
40ccd3be11
SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument.
2008-12-15 01:25:12 +00:00
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
2008-12-14 22:20:21 +00:00
3f40604b82
SEC-1055: Converted interfaces and methods using ServletRequest/Response to HttpServletRequest/Response where appropriate.
2008-12-10 13:48:25 +00:00
6601b3da5f
Refactored inline authority list into member variable.
2008-12-01 13:13:44 +00:00
e5b1073501
SEC-1012: Added more generics and warning suppression
2008-11-11 09:06:50 +00:00
ec44f2bdfe
SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections
2008-10-31 03:53:00 +00:00
7594e1ae2f
SEC-984
...
added template method to allow to override the default of retrieving user by username.
2008-10-01 18:49:52 +00:00
5b089aea16
SEC-852
...
provided mechanism to do get a proxy ticket
2008-06-18 17:34:14 +00:00
0cfcc0e9f1
Tidying Javadoc
2008-05-30 17:51:23 +00:00
373f7b648b
Corrected outdated filter name in Javadoc
2008-05-30 17:49:03 +00:00
ed645958fa
per email with Ben and Luke removed cas-adapter and reworked cas module to just be the CAS client code.
2008-03-24 20:24:33 +00:00
Rob Winch
Jitendra Singh Bisht
Eddú Meléndez
Johnny Lim
Billy Korando
Rob Winch
Marten Deinum
Luke Taylor
Rob Winch
Scott Battaglia