Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 23:31:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,369 Commits 33 Branches 337 Tags
Commit Graph

66 Commits

Author SHA1 Message Date
Luke Taylor
a5792b094a More generification to remove last warnings in Acl package. 2009-04-26 10:05:55 +00:00
Luke Taylor
8570d864dc Generifying DefaultPermissionFactory 2009-04-26 09:57:41 +00:00
Luke Taylor
30fe9a0935 Remove dependency on commons collections (ArrayIterator). 2009-04-23 05:39:50 +00:00
Luke Taylor
5509da7a2e SEC-1141: ObjectIdentityImpl has incorrect hashCode implementation. Modified equals method to compare longValue of Number identifier types and use standard equals for other serializable identifiers. 2009-04-22 02:08:00 +00:00
Luke Taylor
21c608389c SEC-1128: Changed to use ClassUtils.forName to load "javaType" class. 2009-04-21 07:54:49 +00:00
Luke Taylor
fd1af34add Minor javadoc stuff. 2009-04-21 06:06:13 +00:00
Luke Taylor
75d5e8f5f2 Spelling correction. 2009-04-21 03:38:43 +00:00
Luke Taylor
3adbbdf50d SEC-1081: Minor Acl refactoring to remove generic warnings. Minor efficiency improvements. 2009-04-21 02:54:17 +00:00
Luke Taylor
d5f5b0860e SEC-1132: Refactoring to remove package cycles in ACL module. 2009-04-15 10:04:45 +00:00
Luke Taylor
93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor
10673780db OPEN - issue SEC-1136: Removed SpringSecurityException. Introduced new AclException as base class for Acl module. Refactored JAAS authentication to map to AuthenticationExcpetions rather than SpringSecurityException. Modified ExceptionTranslationFilter to look explicitly for AuthenticationException or AccessDeniedException (which it should do since these are the only two it handles). 2009-04-13 14:56:49 +00:00
Luke Taylor
ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor
9efb5a7007 SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 12:23:23 +00:00
Luke Taylor
2a9a8a41db SEC-1125: Created separate web module spring-security-web 2009-03-25 06:28:18 +00:00
Luke Taylor
766aca885b SEC-1054: Add method "clear" to interface AclCache. As requested. 2009-03-16 09:31:52 +00:00
Luke Taylor
4a41416c9b Tidying up and removing compiler warnings. 2008-12-21 16:36:16 +00:00
Luke Taylor
6003291a68 Updated to use new Sprig test classes and to remove data dependencies between tests. 2008-12-21 16:34:26 +00:00
Luke Taylor
14c50a9c96 SEC-1012: Java-5-ifying the ACL package. 2008-12-21 01:41:30 +00:00
Luke Taylor
cc5966bc7e Tidying up, removing compiler warnings etc. 2008-12-20 00:16:49 +00:00
Luke Taylor
3fcc7b5403 SEC-1051: Moved voter and afterinvocation packages into acl package. Also moved filterer classes fom core, as they are used in the acl after-invocation classes 2008-12-12 12:47:42 +00:00
Luke Taylor
6197668fa6 renamed test file 2008-12-02 15:36:35 +00:00
Luke Taylor
7505b734d6 Converted to use jmock. 2008-12-02 12:17:13 +00:00
Luke Taylor
7bf47f2d97 Converted to use jmock. 2008-12-02 12:06:09 +00:00
Luke Taylor
51549a9f6f Added missing '$' to Id. 2008-11-30 23:20:49 +00:00
Luke Taylor
67c06d3d52 SEC-1012: Adding generics and general tidying up of tests etc 2008-11-15 13:00:38 +00:00
Luke Taylor
a9d69ac4e8 Tidied up test class. 2008-11-15 10:54:34 +00:00
Luke Taylor
31375b7212 SEC-1012: Futher generification. Also changed method signature of ObjectDefinitionSource.getAllConfigAtributes to return a single collection 2008-11-15 09:35:11 +00:00
Luke Taylor
e5b1073501 SEC-1012: Added more generics and warning suppression 2008-11-11 09:06:50 +00:00
Luke Taylor
e11114ce77 SEC-1023: Add hasPermission() support to SecurityExpressionRoot 
http://jira.springframework.org/browse/SEC-1023.

hasPermission() now delegates to a PermissionEvaluator interface, with a default implementation provided by the Acl module. The contacts sample now uses expressions on the ContactManager interface. The permission-evaluator element on global-method-security can be used to set the instance to an AclPermissionEvaluator. If not set, all hasPermission() expressions will evaluate to 'false'.
 2008-11-10 04:27:25 +00:00
Luke Taylor
d33b13e52e SEC-1023: Added support for hasPermission() based on Id and type 2008-11-05 22:44:46 +00:00
Luke Taylor
d601301de6 SEC-1023: Fix broken test. 2008-11-05 04:14:29 +00:00
Luke Taylor
1c3b576d91 SEC-1023: PermissionEvaluator based on the Acl module. 2008-11-05 03:45:50 +00:00
Luke Taylor
7ff5602dbc Convert AclImplTests to use JMock mocks. 2008-11-04 06:43:08 +00:00
Luke Taylor
04e2fc7daf Tidying. 2008-11-04 06:36:49 +00:00
Luke Taylor
514bca669f SEC-999: Introduced custom SecurityExpressionEvaluationContext which is responsible for lazy initialization of parameter values in the context. Also some further conversion of code using GrantedAuthority arrays. 2008-10-31 11:40:11 +00:00
Luke Taylor
ec44f2bdfe SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections 2008-10-31 03:53:00 +00:00
Luke Taylor
a7d046357b SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces 2008-10-30 04:10:54 +00:00
Ben Alex
c45b4e0989 SEC-951: Overcome serialization error caused by BasicLookupStrategy failing to modify AccessControlEntryImpl.acl field to the replacement AclImpl (previously old references to StubAclParent were retained). 2008-09-05 05:33:41 +00:00
Ben Alex
0f8ea229c2 SEC-908: Correct issue with BasePermission static initialization failure. 2008-09-05 04:33:52 +00:00
Luke Taylor
4165e15861 Fix issues with move of TestingAuthenticationToken 2008-08-04 20:14:20 +00:00
Ben Alex
b403216494 SEC-838: Make fields in AbstractAclProvider protected to facilitate subclass reuse. 2008-06-06 03:01:51 +00:00
Ben Alex
371769740a SEC-831: Improve support for Postges, which requires "AS" for table aliasing, together with stored procedures for sequence allocation. 2008-06-06 02:55:53 +00:00
Ben Alex
e38d5dfd87 SEC-813: Allow custom Permission classes to be used. 2008-06-06 02:37:19 +00:00
Ben Alex
ff5666ae83 SEC-819: Properly support integer (and other numeric) identifiers. 2008-06-06 01:05:46 +00:00
Ben Alex
e7e256a9d5 SEC-787: Consistently use lowercase in all ACL module SQL statements. 2008-05-01 07:48:10 +00:00
Luke Taylor
0c28845d4e SEC-787: Converted SQL in BasicLookupStrategy to lower case to make it consistent with other classes. 2008-04-26 13:08:31 +00:00
Ben Alex
54882fe1ea SEC-670: Provide mutator for JdbcMutableAclService.foreignKeysInDatabase property. 2008-04-05 22:57:02 +00:00
Ben Alex
8a7bfafce9 SEC-670: Deadlock avoidance. 2008-04-05 22:49:37 +00:00
Ben Alex
64442b6645 SEC-590: Correct misuse of "continue" keyword so ACLs retrieved even when last element is already cached. 2008-04-05 22:33:59 +00:00
Ben Alex
8919b203e6 SEC-422: Correct SQL to increase database compatibility. 2008-04-05 22:13:23 +00:00