Commit Graph

113 Commits

Author SHA1 Message Date
Tom Boettcher 54c1c20c69 SEC-2187: Encode query parameter names and values in return_to URL 2013-07-05 09:47:18 -05:00
Luke Taylor a573e7b395 SEC-1820: Added null check for attributesToFetch in OpenID4JavaConsumer. 2011-09-20 21:46:21 +01:00
Luke Taylor 0120643721 SEC-1794: Convert OpenIDAuthenticationStatus to an enum. 2011-08-10 17:09:33 +01:00
Luke Taylor 89fa771093 SEC-1753: Cater for missing DiscoveryInformation object in OpenID4JavaConsumer.endConsumption. 2011-07-13 22:29:47 +01:00
Rob Winch ae5b402651 SEC-1729: Revert "SEC-1710: Added shutdown method to OpenID4JavaConsumer that invokes MultiThreadedHttpConnectionManager.shutdownAll()" since it is superseded by SEC-1729
This reverts commit 62ba0fca5c.
2011-04-26 19:53:32 -05:00
Rob Winch a6b0c265db SEC-1729: Revert "SEC-1711: Support verifying that attribute exchange parameters were signed" since it is superseded by SEC-1729
This reverts commit 68ba11ba7b.
2011-04-26 19:52:44 -05:00
Luke Taylor 8178371927 SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes 2011-04-21 19:55:32 +01:00
Luke Taylor 4dc5d7d16e Typo. 2011-04-14 18:04:38 +01:00
Rob Winch 5c05575c0d Cleaned up warnings in openid module 2011-04-07 23:28:34 -05:00
Rob Winch 68ba11ba7b SEC-1711: Support verifying that attribute exchange parameters were signed 2011-04-07 23:28:34 -05:00
Rob Winch 62ba0fca5c SEC-1710: Added shutdown method to OpenID4JavaConsumer that invokes MultiThreadedHttpConnectionManager.shutdownAll() 2011-04-07 23:28:05 -05:00
Luke Taylor 4a1908188a SEC-1701: Trim claimed identity parameter value before submitting to OpenID4Java. 2011-03-25 19:13:06 +00:00
Luke Taylor 84ba7a0ea9 Additional tests for OpenID classes and minor refactoring of OpenID4JavaConsumer for easier testing. 2011-02-10 19:56:28 +00:00
Luke Taylor 43be9ea2a4 SEC-1430: Removed caching of username in session upon failed authentication. Improved Javadoc. 2010-11-26 13:58:49 +00:00
Luke Taylor d64efe9747 SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object. 2010-11-25 15:19:37 +00:00
Luke Taylor 265cdaf2a6 SEC-1595: Added extra constructor to OpenID4JavaConsumer which takes a ConsumerManager to allow a version compatible with GAE to be injected. 2010-11-02 20:19:16 +00:00
Luke Taylor 85c4c91e0e IDEA inspection refactorings. 2010-08-05 23:28:07 +01:00
Luke Taylor 0e57ce2dc3 SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection. 2010-05-21 15:59:50 +01:00
Luke Taylor 2f025fba6c SEC-1460: Added AxFetchListFactory which matches OpenID identifiers to lists of attributes to use in a fetch-request.
This allows different configurations to be used based on the identity-provider (google, yahoo etc). The default implementation iterates through a map of regex patterns to attribute lists. The namespace has also been extended to support this facility, with the "identifier-match" attribute being added to the attribute-exchange element. Multiple attribute-exchange elements can now be defined, each matching a different identifier.
2010-04-20 23:47:48 +01:00
Luke Taylor f5468087c2 Remove cached DiscoveryInformation from session in OpenID4JavaConsumer's endConsumption method. 2010-04-20 23:47:47 +01:00
Luke Taylor d3d9c5db59 Refactoring of UserDetailsService injection (for X509, OpenID and RememberMeServices) to use a factory bean rather than a post-processor. 2010-04-20 23:47:47 +01:00
Luke Taylor c12c43da9e Javadoc fixes. 2010-02-14 23:27:09 +00:00
Luke Taylor 36612377e2 Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents. 2010-02-14 23:23:23 +00:00
Luke Taylor 8720966d20 SEC-1390: Added null check on claimedIdentifier returned by DiscoveryInformation to prevent NPE. 2010-02-06 14:38:44 +00:00
Luke Taylor e211f9b35f SEC-1349: Allow configuration of OpenID with parameters which should be transferred to the return_to URL.
The OpenIDAuthenticationFilter now has a returnToUrlParameters property (a Set). If this is set, the named parameters will be copied from the incoming submitted request to the return_to URL. If not set, it defaults to the "parameter" property of the AbstractRememberMeServices of the parent class. If remember-me is not in use, it defaults to the empty set.

Enabled remember-me in the OpenID sample.
2010-01-09 01:04:13 +00:00
Luke Taylor 052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Luke Taylor 8571571eaa SEC-1306: OpenIDAttribute class is not marked as Serializable. Added Serializable interface. 2009-11-24 14:50:01 +00:00
Luke Taylor 4d8956a227 SEC-1288: Changed claimedIdentityFieldName in OpenIDAuthenticationFilter to "openid_identifier", as recommended by the 2.0 spec. 2009-11-17 22:05:38 +00:00
Luke Taylor e94c7739d2 Remove dependency on MockAuthenticationManager 2009-10-14 22:14:01 +00:00
Luke Taylor 1286741c7c SEC-1259: Improve consistency of authentication filter names. 2009-10-07 14:43:55 +00:00
Luke Taylor caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Luke Taylor 07d7c0ddae Renamed form and openID filters to shorten names 2009-10-05 17:33:34 +00:00
Luke Taylor ab0d66071a SEC-1226: Introduce RedirectStrategy to replace RedirectUtils. Implemented strategy and applied throughout relevant classes. 2009-08-27 10:42:11 +00:00
Luke Taylor 48988bde84 SEC-935: Support for OpenID attribute exchange and changes to namespace syntax to allow simple configuration of attributes to request. 2009-08-13 23:55:25 +00:00
Luke Taylor f536c80020 SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web 2009-08-10 14:18:18 +00:00
Luke Taylor 3e9983c744 SEC-1186: Removed 'order' from openid filter 2009-06-26 12:48:36 +00:00
Luke Taylor a8215fa2cb SEC-1160: Renaming of authentication filters and entry points and associated doc changes 2009-05-12 05:37:11 +00:00
Luke Taylor e94baf38b3 Tidying up to remove warnings (generics, use of deprecated test classes etc). 2009-04-28 06:49:43 +00:00
Luke Taylor d7f202a111 Addition of final to constructor set fields to improve immutability of authentication and user objects 2009-04-22 04:11:38 +00:00
Luke Taylor 93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor 9efb5a7007 SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 12:23:23 +00:00
Luke Taylor f746a20ab4 SEC-1132: package refactoring of non-core modules 2009-03-27 05:01:03 +00:00
Luke Taylor bec84f874a SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples. 2009-03-26 07:18:36 +00:00
Luke Taylor 2a9a8a41db SEC-1125: Created separate web module spring-security-web 2009-03-25 06:28:18 +00:00
Luke Taylor ddffdf1699 SEC-745: Renamed failureHandler and successHandler to have prefix 'authentication' 2008-12-28 17:32:25 +00:00
Luke Taylor 40ccd3be11 SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument. 2008-12-15 01:25:12 +00:00
Luke Taylor 2927b8464f SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException. 2008-12-14 22:20:21 +00:00
Luke Taylor 10e4d1fe1a SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver. 2008-12-12 22:30:57 +00:00
Luke Taylor e5b1073501 SEC-1012: Added more generics and warning suppression 2008-11-11 09:06:50 +00:00
Luke Taylor ec44f2bdfe SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections 2008-10-31 03:53:00 +00:00
Ray Krueger 3393ea7aaa SEC-923: Realm support for discovering relying parties.
A new "realmMapping" property can be configured on the OpenIDAuthenticationProcessingFilter to map the "return_to" url to a realm. If there is no mapping present the "return_to" url will be parsed and the protocol, hostname and port will be used with a trailing "/"
2008-07-31 19:23:12 +00:00
Luke Taylor 15b893f9ae SEC-809: OpenIDProcessingFilter updated to set authentication details (to make compatible with concurrent session control). 2008-05-12 20:05:24 +00:00
Luke Taylor b62ad5b097 SEC-722: Changed openID filter to use its owen ordering value as it may be used together with form login. 2008-03-20 19:55:32 +00:00
Luke Taylor 5ba7091a20 SEC-690: Use consistent naming in OpenID classes
http://jira.springframework.org/browse/SEC-690
2008-02-29 12:52:13 +00:00
Luke Taylor 5e204e23f3 SEC-536: Introduced UserDetailsChecker strategy to extract code for checking status of accounts and allowing variation in pre/post authentication checks made by AbstractUserDetailsAuthenticationProvider 2008-02-15 18:05:12 +00:00
Luke Taylor bd5a64825d SEC-552: Replaced authorites populators in CAS and OpenID with a plain UserDetailsService 2008-02-08 13:23:43 +00:00
Ray Krueger c0e2842f90 General cleanup and removal of unused stuff 2008-02-01 16:32:20 +00:00
Luke Taylor e42fdf29ae Don't add exception to session if allowSessionCreation is false. 2008-02-01 16:03:56 +00:00
Luke Taylor abe62f9146 Modified to store the login name in the session when login fails, so that it is available to the view (as in AuthenticationProcessingFilter). 2008-02-01 16:00:46 +00:00
Luke Taylor 677012a5de Added Robin as author. 2008-02-01 15:20:37 +00:00
Luke Taylor 0d9c1924fb Added check for null consumer, removed unused "errorPage" property. 2008-02-01 14:00:28 +00:00
Ray Krueger 718eddadd7 Promoting OpenID out of the Sandbox 2008-01-27 02:57:57 +00:00