a443e55832
SEC-1057: Refactored TargetUrlResolver to remove SavedRequest from determineTargetUrl method.
2008-12-11 17:00:13 +00:00
093365b2f4
Removed unnecessary cast.
2008-12-11 16:42:25 +00:00
30f9b3e72c
SEC-995: AbstractSecurityInterceptor exception message improvement. Added the secured object to the exception message to make it easier to track down the originating method which causes a problem with public invocations.
2008-12-10 16:57:40 +00:00
3f40604b82
SEC-1055: Converted interfaces and methods using ServletRequest/Response to HttpServletRequest/Response where appropriate.
2008-12-10 13:48:25 +00:00
acfcac4594
SEC-996: AccessDeniedhandlerimpl doesn't write response code if used with errorPage
...
Applied supplied patch which checks the committed flag before forwarding to the error page.
2008-12-10 12:36:59 +00:00
7fe6a0fc0d
SEC-1033: Added support for web IP ranges based on an address and netmask.
2008-12-09 23:14:44 +00:00
7767a9ed60
SEC-1033: Add basic equality support for hasIpAddress() expression.
2008-12-09 18:04:08 +00:00
3da68a7a82
Java5 stuff
2008-12-09 18:02:58 +00:00
046456c142
Removed unused constants.
2008-12-09 14:33:31 +00:00
3e8de229be
Java5 updates.
2008-12-09 14:30:37 +00:00
98422b69a8
Java5 updates.
2008-12-09 14:27:31 +00:00
6ccdcec629
SEC-1033: Added web expressions to tutorial sample configuration.
2008-12-08 21:56:44 +00:00
c2ac125719
Tidying up.
2008-12-08 21:55:33 +00:00
a2ef10e65f
SEC-1033: Fixed missing AuthenticationTrustResolver in web SecurityExpressionRoot. Converted some logging to trace level.
2008-12-08 21:54:47 +00:00
6b4045667a
SEC-1033: Completed working version of web expression support.
...
SEC-999: Added getExpressionParser() method to the security handler interface to allow both web and method expression security to obtain a suitable parser from the configuration for parsing their expression attributes.
2008-12-08 01:01:14 +00:00
fd3990c1f8
SEC-1033: Refactored DefaultFilterInvocationDefinitionSource to remove legacy methods and make it immutable.
2008-12-07 22:46:36 +00:00
bed00e10f5
Reduced visibility of attribute names in HttpSecurityBDP.
2008-12-07 13:46:09 +00:00
305fb7b4aa
Added version information.
2008-12-06 18:26:44 +00:00
9bb64d1974
Removed out of date javadoc reference to SecurityEnforcementFilter.
2008-12-06 17:56:24 +00:00
7265a70f0a
SEC-1012: Java5 - use of vararg methods.
2008-12-06 17:33:19 +00:00
c3d216e7bb
SEC-1012: Minor improvements to SecurityContextHolderAwareRequestFilter and conversion to use jmock for test.
2008-12-06 17:31:53 +00:00
953a4ab9ea
SEC-1036: Removed deprecated class and unnecessary mock.
2008-12-05 22:30:26 +00:00
6293541b73
SEC-1036: Updated DefaultSpringSecurityContextSource to enable pooling for "manager" users by default but not when binding directly as a user.
2008-12-05 22:04:51 +00:00
bc6878c1c5
SEC-1044: Removed remember-me functionality from http auto-config namespace configuration. Added explicit <remember-me> elements to contacts and tutorial sample configurations.
2008-12-05 16:36:43 +00:00
58c237fa74
SEC-1015: Removed final packages/directories for old acl code.
2008-12-05 16:07:40 +00:00
3cbad3ebd7
Corrected comment.
2008-12-05 16:04:22 +00:00
38f466dcfc
SEC-1039: Refactored post-request session-creation logic into separate method. Some comment improvements.
2008-12-05 15:51:29 +00:00
48874d69a7
SEC-1039: Made sure "old" security context session key points to new one so they always match.
2008-12-05 14:54:01 +00:00
fd7fc0c8a5
SEC-1039: Corrected reference to security context key to match new value.
2008-12-05 14:52:52 +00:00
a650b73550
SEC-1025: Added spring external repository back to build so that j3tset dependency is resolved
2008-12-05 11:54:04 +00:00
f91f97b195
SEC-1048: Added section on custom-after-invocation-provider to naemspace appendix
2008-12-04 14:27:43 +00:00
c5e1fd77ec
SEC-1045: Added testsfor use of external context storage strategy through the namespace
2008-12-04 14:25:55 +00:00
7dfbcf2ddf
SEC-990: Clarify the semantics of the ConsensusBased ADM. Added the suggested patch to the Javadoc for this class.
2008-12-04 13:32:35 +00:00
ffc8637def
Tidying up.
2008-12-03 11:02:56 +00:00
8587d4c635
Switch to non-deprecated methods.
2008-12-03 10:21:27 +00:00
3e2930d785
SEC-1045: Added security-context-repository-ref attribute to <http>
2008-12-02 16:14:03 +00:00
6197668fa6
renamed test file
2008-12-02 15:36:35 +00:00
f2969392a6
SEC-1043: Improved Javadoc for LdapAuthenticationProvider user details mapping methods.
2008-12-02 14:32:44 +00:00
9ab69ddcaf
Converted to use jmock.
2008-12-02 13:58:20 +00:00
72eee6f1ca
Removing unused mock classes.
2008-12-02 13:07:06 +00:00
fba57bdf5b
Removed unused MockAccessDecisionManager class
2008-12-02 12:56:04 +00:00
283b932fe0
Minor tidying up.
2008-12-02 12:53:48 +00:00
f3387cd879
2008-12-02 12:49:13 +00:00
7505b734d6
Converted to use jmock.
2008-12-02 12:17:13 +00:00
7bf47f2d97
Converted to use jmock.
2008-12-02 12:06:09 +00:00
a09b15ce5f
Added tests for AuthenticationDetailsSourceImpl (and AuthenticationDetails).
2008-12-01 15:50:31 +00:00
8283074097
Tidying.
2008-12-01 15:49:35 +00:00
e3dd12021b
Added extra calls to exercise CachingUserDetailsService
2008-12-01 15:49:13 +00:00
a2f7b7e4f1
Added optional args argument to constructor.
2008-12-01 14:29:58 +00:00
3fe112f769
Added tests for AbstractAclVoter.
2008-12-01 14:28:24 +00:00
Luke Taylor