Commit Graph

193 Commits

Author SHA1 Message Date
Spring Buildmaster 044acf7e27 Release version 4.1.0.RC1 2016-03-23 07:15:15 -07:00
Rob Winch ec4e6c7453 Update pom.xml to 4.1.0.BUILD-SNAPSHOT 2016-03-14 00:51:35 -05:00
Rob Winch f221920a19 Clean up code to conform to basic checkstyle
Issue gh-3746
2016-03-14 00:15:12 -05:00
Billy Korando 71d4ce96ad Convert to assertj
Fixes gh-3175
2016-03-09 14:30:17 -06:00
Rob Winch bb600a473e Start AssertJ Migration
Issue gh-3175
2016-03-09 14:26:30 -06:00
Rob Winch 5f84902e72 Merge pull request #200 from ckarawani/master
SEC-2757: Removed assertion of 'sn' when creating LdapUserDetails
2015-10-01 16:18:26 -05:00
zhanhb 29f2cc0ab1 snasphot -> snapshot 2015-09-25 15:28:39 -05:00
Rob Winch 969f3a7d1b Update pom.xml to latest snapshots 2015-08-03 09:46:01 -05:00
Thomas Darimont ad1d858e2b SEC-3056 - Fix JavaDoc errors.
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
Rob Winch e8c9f75f9c Update pom.xml to latest versions 2015-07-22 12:51:04 -05:00
Rob Winch 75f57b96cb SEC-2493: Fix javadoc for DefaultLdapAuthoritiesPopulator 2015-07-14 13:20:05 -05:00
Carl Karawani d1cfb1ca74 SEC-2757: Removed assertion of 'sn' needing to be defined on Person when creating LdapUserDetails 2015-06-15 16:54:54 -04:00
kris 1a716d0593 SEC-2954: Update ActiveDirectoryLdapAuthenticationProvider javadoc
Cleaning up docs to match
cd352f665b (diff-c7d6415af2848047b4b7bde824f66fcb)
2015-04-30 11:54:18 -05:00
Rob Winch d5dfeeca49 SEC-2927: Update chat-jc pom so Maven Builds
Previously there were some incorrect dependency versions. This commit fixes
that.

We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
Rob Winch db531d9100 SEC-2917: Update to Spring 4.1.6 2015-03-25 15:18:59 -05:00
Rob Winch ae6af5d73c SEC-2915: Updated Java Code Formatting 2015-03-25 13:09:18 -05:00
Rob Winch 0a2e496a84 SEC-2915: groovy/gradle spaces->tabs 2015-03-25 13:08:59 -05:00
Rob Winch cf9f58a4ac SEC-2915: XML spaces->tabs 2015-03-25 13:08:52 -05:00
Rob Winch 3adbf53502 SEC-2897: ActiveDirectoryLdapAuthenticationProvider uses bindPrincipal 2015-03-10 16:33:48 -05:00
Chris Bonham d579d00892 SEC-2559: Added missing givenName attribute to Person 2015-02-24 23:50:09 -06:00
Rob Winch c0fbd30e65 SEC-2071: Move optional constructor arg last 2015-02-24 23:35:45 -06:00
Henri Tremblay fbb902c9b5 SEC-2071: ActiveDirectoryLdapAuthenticationProvider custom rootDn
Allow to provide a root DN different from the domain
2015-02-24 23:33:42 -06:00
Rob Winch cd352f665b SEC-1915: Polish
* Restore default search filter to remain passive
* Check the search filter in setSearchFilter
* Add additional tests
2015-02-24 21:37:49 -06:00
Mateusz Rasiński c54346b690 SEC-1915: Custom ActiveDirectory search filter
Currently the search filter used when retrieving user details is hard coded.

New property in ActiveDirectoryLdapAuthenticationProvider:
- searchFilter - the LDAP search filter to use when searching for authorities,
default to search using 'userPrincipalName' (current) OR 'sAMAccountName'
2015-02-24 21:14:58 -06:00
Rob Winch 706e7fd7a2 SEC-2863: Update to Spring 4.1.5 2015-02-20 11:43:04 -06:00
Rob Winch 8f0001f59a Next Development Version 2014-12-11 20:39:26 -06:00
Spring Buildmaster 49b69196de Release version 4.0.0.RC1 2014-12-11 20:36:55 -06:00
Rob Winch 11116c2b80 SEC-2787: Update Versions 2014-12-10 16:37:19 -06:00
Rob Winch b56e5edbbd SEC-2784: Fix build plugins 2014-12-08 14:24:34 -06:00
Rob Winch 6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Rob Winch dfa17bdb98 SEC-2747: Remove spring-core dependency from spring-security-crypto 2014-11-20 16:16:22 -06:00
Andy Wilkinson a28650c715 Provide a ClassLoader to be used to load LDIF files
Prior to this change, ApacheDSContainer created a LdifFileLoader
without a ClassLoader. This limited its ability to load LDIF files
and causes a problem with an executable war in Spring Boot. See [1]
for details.

ApacheDSContainer now initialises LdifFileLoader with a ClassLoader.
This allows it to locate LDIF files packaged in WEB-INF/classes in
the case of an executable war file. The executable jar case was not
affected by this problem as, in that case, the LDIF file is pacakaged
in the root of the jar and is accessible via getSystemResourceAsStream

[1] https://github.com/spring-projects/spring-boot/issues/1550
2014-09-24 13:49:15 -05:00
Rob Winch 02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch 3187ee8bf3 SEC-2700: Register WithSecurityContextTestExecutionListener by default 2014-08-15 16:41:33 -05:00
Rob Winch 94a0816153 Exclude spring-data-commons from spring-ldap-core 2014-08-01 14:04:47 -05:00
Rob Winch 4a633a938a SEC-2690: Add guard around debug statement 2014-07-28 16:25:27 -05:00
Rob Winch 0f6235bbe0 SEC-2690: Polish LdapAuthority
- Make dn required (as javadoc inidicates)
- Simplify .equals since role cannot be null
- Formatting polish
2014-07-28 16:25:27 -05:00
Rob Winch aac4ede3a4 SEC-2690: Polish method modifiers
- Make methods final where possible
- Make methods private where possible
2014-07-28 16:25:27 -05:00
Rob Winch 1761b29e58 SEC-2690: String[]->List<String>
Use Collections rather than Arrays since Collections can be immutable.
2014-07-28 16:25:27 -05:00
Rob Winch 15c837d5de SEC-2690: Revert explicit TcpTransport since causes tests to fail 2014-07-28 16:25:26 -05:00
Rob Winch 6b43b261bc SEC-2690: Formatting cleanup 2014-07-28 12:41:56 -05:00
Filip Hanik 93b863d2e5 SEC-2690: Support static nested groups in LDAP
This refers to groups that have member: <another group DN> as an attribute
- Add in a utility method in the SpringSecurityLdapTemplate to retrieve multiple attributes and their values from an LDAP record
- Make the DefaultLdapAuthoritiesPopulator more extensible
- Add an LdapAuthority object that holds the DN in addition to other group attributes
- Add a NestedLdapAuthoritiesPopulator to search statically nested groups
2014-07-28 12:40:19 -05:00
Rob Winch b72c1ad314 SEC-2686: Create SecurityMockMvcConfigurer 2014-07-22 15:11:37 -05:00
Rob Winch 6dc0733d9e SEC-2659: ApacheDSContainer fails on import multiple ldif 2014-06-17 17:19:51 -05:00
Rob Winch 3ba1f66f9d SEC-2606: ApacheDSServerIntegrationTests scan for available port 2014-05-21 06:51:11 -05:00
Rob Winch cbd06a4994 SEC-2472: Support LDAP crypto PasswordEncoder 2014-05-20 23:15:36 -05:00
Rob Winch fa6218cf73 SEC-2558: Fix failing ApacheDSContainerTests when port is taken 2014-04-15 11:52:09 -05:00
Rob Winch 3118e39de8 SEC-2542: Use exclusions to remove duplicate dependencies
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.

In addition to the new exclusions, notable other changes are:

 - Spring Data JPA has been updated to 1.4.1. This brings its
   transitive dependency upon spring-data-commons into line with
   Spring LDAP's and prevents both spring-data-commons-core and
   spring-data-commons from being on the classpath
 - All Servlet API dependencies have been updated to use the official
   artifact with all transitive dependencies on unofficial servlet API
   artifacts being excluded.
 - In places, groovy has been replaced with groovy-all. This removes
   some duplicates caused by groovy's transitive dependencies.
 - JUnit has been updated to 4.11 which brings its transitive Hamcrest
   dependency into line with other components.

There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level

Conflicts:
	samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
Rob Winch a7005bd742 SEC-2500: Prevent anonymous bind for ActiveDirectoryLdapAuthenticator 2014-03-10 14:33:39 -05:00
Rob Winch 9988fa141c Update Spring Security version in pom.xml 2014-03-06 08:13:52 -06:00