Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-03-18 04:21:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,345 Commits 50 Branches 376 Tags
Commit Graph

107 Commits

Author SHA1 Message Date
Luke Taylor
93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor
ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor
9efb5a7007 SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 12:23:23 +00:00
Luke Taylor
2c985a1c36 SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources 2009-03-23 04:23:48 +00:00
Luke Taylor
4aff4b2350 SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring 2009-03-20 04:32:06 +00:00
Luke Taylor
4aae5ec42e SEC-1124: Refactored LDAP code into separate module 2009-03-19 06:30:32 +00:00
Luke Taylor
cc5966bc7e Tidying up, removing compiler warnings etc. 2008-12-20 00:16:49 +00:00
Luke Taylor
2927b8464f SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException. 2008-12-14 22:20:21 +00:00
Luke Taylor
10e4d1fe1a SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver. 2008-12-12 22:30:57 +00:00
Luke Taylor
a443e55832 SEC-1057: Refactored TargetUrlResolver to remove SavedRequest from determineTargetUrl method. 2008-12-11 17:00:13 +00:00
Luke Taylor
a318aacc4f Converted MethodSecurityInterceptorTests to use mocks and deleted app context file. 2008-11-30 23:20:16 +00:00
Luke Taylor
66897e1849 SEC-1036: Upgraded Spring LDAP to 1.3 and made corresponding code changes. Also some general tidying up of LDAP code. Removed deprecated context factory classes. 2008-11-28 22:22:51 +00:00
Luke Taylor
fa630a430d Removed unused test files 2008-11-14 06:23:34 +00:00
Luke Taylor
648ba1c43a SEC-1034: Fix broken tests. 2008-11-13 08:57:43 +00:00
Luke Taylor
c7abdadc06 SEC-999: Moved caching from AbstractFallbackMethodDefinitionSource to DelegatingMethodDefinitionSource, to allow ExpressionBasedMethodDefinitionSource to take advantage of it. The latter no-longer uses the fallback approach as it requires its own strategy to combine annotations which may be defined at method-on-class, class, method-on-interface or interface level. 2008-10-28 06:37:04 +00:00
Luke Taylor
39a656eb78 OPEN - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching 
http://jira.springframework.org/browse/SEC-953. Added stripQueryStringFromUrls parameter to FilterChainProxy which works the same as the one on DefaultFilterInvocationDefinitionSource. This defaults to true when used with ant path matching.
 2008-08-11 19:15:33 +00:00
Ben Alex
358f284f42 SEC-760: Correct bug where more than one concurrent JaasAuthenticationProvider used. 2008-06-06 06:13:14 +00:00
Luke Taylor
980a72f9a0 Removed TODO (done). 2008-05-29 15:54:50 +00:00
Luke Taylor
3fb1f59fde SEC-837: Add special character filtering to LDAP search filterscore/src/test/java/org/springframework/security/ldap 2008-05-20 19:22:49 +00:00
Luke Taylor
1a4130528a SEC-782: Incorrect UrlMatcher initialization in FilterChainProxy results in wrong lowercase/uppercase matching 
http://jira.springframework.org/browse/SEC-782. I've updated FilterChainProxy to make sure the same UrlMatcher is used throughout when converting a legacy configuration.
 2008-04-21 16:51:06 +00:00
Ben Alex
9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Luke Taylor
abd5e384fe removed unused eh-cache config file 2008-03-17 14:07:19 +00:00
Luke Taylor
5743763599 SEC-625: Remove references to FilterToBeanProxy 2008-03-13 18:52:31 +00:00
Luke Taylor
5187f89fe8 SEC-679: Removed use of MockApplicationContext and improved use of ehcache (shutting down cache managers after tests are run). Upgraded ehcache version to 1.3 as used in Spring pom. 2008-02-22 13:34:20 +00:00
Luke Taylor
2dd9faabc0 SEC-674: Created new project modules for cas, captcha, acls and taglibs 2008-02-19 20:30:53 +00:00
Luke Taylor
28153f2c7f Added TestDataSource class to cut down verbosity of in-memory test databases and to implement DisposableBean, so the database is destroyed when the application context containing it is closed. 2008-02-07 13:33:15 +00:00
Luke Taylor
2c6fb3d1c9 Added extra tests for jdbc-user-details service to make sure it works within an <authentication-provider> element. 2008-01-31 20:30:37 +00:00
Luke Taylor
e82dfd3f1a Added some further tests for LDAP searching with a different user search base. 2008-01-31 17:44:52 +00:00
Luke Taylor
a9ff309b02 Deleted as test now uses inline context snippets. 2008-01-22 21:08:33 +00:00
Luke Taylor
06f3bcbf6a Converted all namespace attributes which refer to bean IDs to use "-ref" suffix (or "ref"). 2008-01-22 20:58:12 +00:00
Luke Taylor
11570d9584 SEC-576: Test web.xml files. 2008-01-22 20:42:09 +00:00
Luke Taylor
b29bcfebe8 Converted test class to use in memory XML snippets - makes it easier to work out which one is causing a failure. 2008-01-22 11:36:15 +00:00
Luke Taylor
ca8dff7abb Delete unused ldap namespace test context file 2008-01-21 20:09:07 +00:00
Luke Taylor
9836bda5b3 SEC-630: Support for "properties" attribute in user-service namespace element. 2008-01-21 17:15:53 +00:00
Luke Taylor
59a947bbe5 SEC-636: Support for use of "ref" attribute in salt-source element. 2008-01-21 15:06:43 +00:00
Luke Taylor
5e3a0ef379 SEC-632: Added user-filter element to namespace to allow a user to add their filters. Filters which aren't in the org.security.springframework package will now be skipped. Also renamed FilterChainOrderUtils and members for future use in ordering (e.g. using "after", "before" as attributes in user-filter). 2008-01-19 13:51:03 +00:00
Luke Taylor
04c89e0795 SEC-599: Refactoring of FilterInvocationDefinitionSource implementations to use UrlPathMatcher strategy. 2008-01-18 16:24:35 +00:00
Luke Taylor
9e21c48fce SEC-628: Added port-mappings element to allow use of a PortMapper. 2008-01-15 19:59:07 +00:00
Luke Taylor
debfbe47cf Improvements to LDAP namespace configuration - splitting "ldap" element into ldap-server and ldap-authentication-provider. Also some minor changes to authentication-provider. 2007-12-23 00:17:37 +00:00
Luke Taylor
cf80292de3 Changes to namespace reinstating authentication-provider element in preference to "repository" to wrap convey that a user-service will be used as to authenticate against. Also introduced separate password-encoder element for use within authentication-provider. 2007-12-21 15:50:56 +00:00
Luke Taylor
70286f1197 Fixed problem caused by maven-2.0.8 change in test classpath. ldif file wasn't being loaded for tests. Default path should be "classpath*:" not "classpath:". (See discussing in Spring's PathMatchingResourcePatternResolver). 2007-12-20 20:53:26 +00:00
Luke Taylor
6e74d925fb Boosted logging to try to resolve issues on bamboo server. 2007-12-20 19:45:43 +00:00
Ben Alex
fa510b3187 Modify attribute names to use "ref" instead of "id", plus use a hyphen 
as an attribute value separator rather than a colon. This was changed 
for compatibility with other components in the Spring Portfolio. tests 
pass.
 2007-12-13 20:19:56 +00:00
Ben Alex
4770c29094 Use hyphens in attribute names, and not Camel Case. This is to maintain 
consistency with the rest of Spring Portfolio. Camel Case was preserved 
for attribute values, consistent with Spring Portfolio usage such as 
autowiring modes (byName, byType etc).
 2007-12-09 03:42:20 +00:00
Ben Alex
8e7c540b16 General refactorings and improvements to namespace support, including 
autoDetect="true" attribute for <http> element.
 2007-12-04 10:35:08 +00:00
Ben Alex
2441ab6d9a Move "realm" attribute to be on <http> element rather than <http-basic>. 
This faciltiates reuse with other mechanisms (like Digest) whilst also 
moving towards the <http-auto-configure> element (which benefits from 
having shared configuration in <http> as opposed to mechanism-specific 
elements).
 2007-12-04 08:02:40 +00:00
Ben Alex
9b4bb0ffd8 <repository> element and JdbcUserDetailsManager support. 2007-12-04 05:58:54 +00:00
Ben Alex
0b0b174eda Support <repository> and JbcUserDetailsManager. 2007-12-04 05:27:17 +00:00
Ben Alex
47229be5cb Make samples and tests use username "rod". 2007-12-03 02:56:52 +00:00
Luke Taylor
843a20e691 Changed default namespace in config files to "security" for clarity. 2007-11-29 13:14:15 +00:00