Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,847 Commits 34 Branches 337 Tags
Commit Graph

1585 Commits

Author SHA1 Message Date
Luke Taylor
1fece47b49 SEC-691: Applied patch to allow setting of returned user attributes from LDAP search. 2008-03-27 14:41:11 +00:00
Luke Taylor
350a626587 SEC-477: Added preauthenticated websphere contribution. 2008-03-27 14:25:17 +00:00
Luke Taylor
584853bbcb Tidied imports. 2008-03-26 21:49:26 +00:00
Luke Taylor
ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor
9ea2408ac6 Fixed error in choosing main entry point (it's an alias not a bean name, so doesn't appear in the entry map - you have to get it direct from the bean factory). 2008-03-26 17:34:42 +00:00
Luke Taylor
1b8a3c5673 SEC-689: Updated session fixation protection namespace support to set session registry on SessionFixationProtectionFilter. 2008-03-26 14:51:16 +00:00
Luke Taylor
eeb14b3965 Changed filter order numbers to start at zero (makes them more readable in log compared with large negative numbers) 2008-03-26 12:22:26 +00:00
Luke Taylor
4681ff3d50 SEC-689: Fix 1.4 compatibility issue (overlooked autoboxing of boolean) 2008-03-26 12:09:57 +00:00
Luke Taylor
43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor
2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor
a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor
8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor
83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex
0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex
f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor
f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor
18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00
Luke Taylor
028af06d61 SEC-428: Security interceptor does not work with schema based aop:config 
http://jira.springframework.org/browse/SEC-428. Fixed broken test method.
 2008-03-24 22:43:08 +00:00
Luke Taylor
a375d8e59e SEC-428: Added test 2008-03-24 20:50:58 +00:00
Luke Taylor
1dd5f42142 Adding svn keywords, correcting typos etc. 2008-03-24 20:48:45 +00:00
Ben Alex
9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Ben Alex
6ab301981c Update dependency versions and POM structure. 2008-03-24 09:05:44 +00:00
Luke Taylor
fe0e05a6c8 SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 
http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
 2008-03-23 22:38:13 +00:00
Luke Taylor
b54e3978dc SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc 2008-03-23 00:31:32 +00:00
Luke Taylor
30a6abbe50 Tidied formatting of toString output for FilterBasedLdapUserSearch 2008-03-22 21:40:54 +00:00
Luke Taylor
162933155e Added implementation of GrantedAuthoritiesContainer to allow refactoring of duplication in various preauth details classes 2008-03-22 19:29:13 +00:00
Luke Taylor
2ea94e2cc9 Tidying imports etc 2008-03-22 11:44:28 +00:00
Luke Taylor
563dabda2f SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
 2008-03-21 23:47:09 +00:00
Luke Taylor
b89dbc6060 Import cleaning 2008-03-21 21:51:48 +00:00
Luke Taylor
9871685ea3 SEC-722: Fixed problem with empty loginpage string (rather than null) preventing default login page filter from being added to the stack. 2008-03-21 21:50:26 +00:00
Luke Taylor
b73736ffaf Updated example configuration in javadoc for LdapAuthenticationProvider. 2008-03-21 17:12:22 +00:00
Ben Alex
16ea8faa0d SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4. 2008-03-21 02:15:47 +00:00
Luke Taylor
acc22b2745 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added check for MAIN_ENTRY_POINT bean when resolving entry points. If this has been set during parsing it will be used.
 2008-03-20 20:11:34 +00:00
Luke Taylor
815f04b6c3 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added element to namespace and modified form login parser to handle open id element. Also added openID support to login page generator.
 2008-03-20 20:05:11 +00:00
Luke Taylor
bbc5fea598 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added extra constants for OpenID support.
 2008-03-20 19:51:59 +00:00
Luke Taylor
d333655b0b Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom 2008-03-20 19:43:55 +00:00
Luke Taylor
56b967f935 Removed filer name duplication in rnc file. 2008-03-20 15:10:21 +00:00
Luke Taylor
a65b5a9ed8 Corrected separators between http method strings in rnc file. 2008-03-20 14:56:02 +00:00
Luke Taylor
8f379768a8 SEC-720: Design for extension: PreAuthenticatedGrantedAuthoritiesUserDetailsService 
http://jira.springframework.org/browse/SEC-720. Added createUserDetails method to allow custom UserDetails object t be created.
 2008-03-19 18:29:38 +00:00
Luke Taylor
030550a88e Applied XSL transform to XSD file 2008-03-19 17:04:39 +00:00
Luke Taylor
f8d855f1a2 SEC-716: Default (non-web) AuthenticationDetailsSource implementation. 2008-03-18 18:45:38 +00:00
Luke Taylor
c9ff912b2f SEC-723: Change PreAuthenticatedAuthenticationProvider to reject authentication tokens with null credentials. Also introduced a property "throwExceptionWhenTokenIsRejected" which raises a BadCredentialsException when the toke is invalid. 2008-03-18 18:29:48 +00:00
Luke Taylor
163fb1052f SEC-721: Call Principal.getName() in AbstractAuthenticationToken.getName() if principal instaceof Principal 2008-03-18 18:06:56 +00:00
Luke Taylor
2df2eaa169 SEC-719: Introduced base class for J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource to extract non-http specific functionality (for use in portlet version). 2008-03-18 17:22:02 +00:00
Luke Taylor
52b92b209c Removed out of date email address for Ben. 2008-03-17 22:44:13 +00:00
Luke Taylor
8f7b216de3 Import cleaning, removal of unnecessary constructors etc based on eclipse warnings 2008-03-17 14:10:22 +00:00
Luke Taylor
abd5e384fe removed unused eh-cache config file 2008-03-17 14:07:19 +00:00
Luke Taylor
60de6314d4 Replaced casting to check validity of provider list with call to Assert.isInstanceof. 2008-03-17 13:50:37 +00:00
Ben Alex
e4c6022b36 SEC-718: Support additional HTTP methods. 2008-03-16 04:14:21 +00:00
Ben Alex
6bc0585e4a SEC-717: Resolve UserDetails.getAuthorities() sort logic issue. 2008-03-16 04:02:55 +00:00