9e049dfef4
SEC-1438: Removed JoinPoint support from AbstractMethodSecurityMetadataSource
2010-03-11 21:51:19 +00:00
1be44ecd18
SEC-1262: Added extra test for PostFilter with AspectJ interceptor.
2010-03-11 20:55:06 +00:00
c09cd3a9cb
Remove unused inner class in MethodSecurityMetadataSourceAdvisor
2010-03-11 01:52:07 +00:00
55de2cfcb1
SEC-1262: Added new (replacement) AspectJ interceptor which wraps the JoinPoint in a MethodInvocation adapter to provide compatibility with classes which only support MethodInvocation instances.
...
Also deprecated the existing AspectJ interceptors. This will also allow future simplification of the AbstractMethodSecurityMetadataSource, as it no longer needs to support JoinPoints.
2010-03-11 01:51:59 +00:00
2b8b8819e4
Added gradle support for aspects project.
2010-03-09 19:22:50 +00:00
6fcaba2c46
Moved setting of 'provided' scope mapping on pom out of whenConfigured() so that the mapping is in place when the pom dependencies are assembled. Added 'skipTests' option.
2010-03-07 23:53:33 +00:00
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
2010-03-07 21:58:25 +00:00
b64a3fa725
Hans Dockter's refactoring of gradle build, plus simplification of docbook plugin.
2010-03-05 23:23:43 +00:00
d66ff32a1d
Added taglib dependency to itest-web project. Needed by additional test for SEC-1420.
2010-03-05 23:23:01 +00:00
b7aaa3447c
Updated aws-maven to 3.0.0.RELEASE
2010-03-05 23:23:01 +00:00
b38b8e55ac
SEC-1432: Convert map keys to lower-case in UserMap.setUsers().
...
Otherwise the lookup on mixed-case fails, since the lookup is performed with a lower-case key.
2010-03-05 17:55:29 +00:00
43f0e11106
SEC-1429: Removed cached authentication from session after successful authentication.
2010-03-05 00:07:35 +00:00
89d8c8cc83
Additional test classes for authentication and logout success/failure handling.
2010-03-04 23:18:46 +00:00
a3263753d9
Fix to Javadoc for AbstractAuthenticationProcessingFilter.
2010-03-04 22:06:04 +00:00
530ab3ae30
SEC-1429: Move logic for saving of AuthenticationException into the SimpleUrlAuthenticationFailurehandler from AbstractAuthenticationProcessingFilter. It will also now use request scope if configured to do a forward instead of a redirect.
2010-03-04 21:21:07 +00:00
4d70f88285
SEC-1420: JSP for itest of authentication tags with and without escaping.
2010-03-04 01:44:27 +00:00
0551dd89ac
SEC-1420: Add htmlEscape attribute to authentication JSP tag.
...
This allows HTML escaping to be disabled if required.
2010-03-04 00:47:22 +00:00
43f3568b16
SEC-1407: Removed original URL matching classes and updated Javadoc of new RequestMatcher versions.
2010-03-03 23:11:49 +00:00
90caf1bb37
Manual formatting.
2010-03-03 23:08:05 +00:00
ae8027fa47
SEC-1425: Replace use of Java 1.6 String.isEmpty().
2010-03-01 13:49:42 +00:00
e5a875d752
SEC-1407: Correct logger category in MatcherType.
2010-03-01 02:03:32 +00:00
90a7f1f00e
SEC-1383: Namespace support for MethodSecurityMetadataSource. Initial commit.
2010-03-01 01:45:43 +00:00
93438defff
SEC-1407: Use RequestMatcher instances as the FilterInvocationSecurityMetadataSource keys and in the FilterChainMap use by FilterChainProxy.
...
This greatly simplifies the code and opens up possibilities for other matching strategies (e.g. EL). This also means that matching is now completely strict - the order of the matchers is all that matters (not whether an HTTP method is included or not). The first matcher that returns true will be used.
2010-03-01 01:21:06 +00:00
962a2d5272
Tone down Apache DS log level in itest-web
2010-03-01 01:20:11 +00:00
d39e93ec23
Add maven pom customization options to build.gradle
2010-03-01 01:17:57 +00:00
b147652193
Make hsqldb a testRuntime/runtime dependency.
2010-03-01 01:10:58 +00:00
cb0f3f677f
SEC-1425: Add check for empty cookie in AbstractRememberMeServices.
...
Prevents ArrayOutOfBoundsException later when processing the tokeniszed cookie.
2010-02-28 14:08:27 +00:00
f0466b6488
SEC-1424: Added support for "stateless" option for create-session attribute, designed for applications which do not use sessions at all.
2010-02-27 00:22:21 +00:00
6a34807a07
SEC-1423: Cache PointcutExpression instances in ProtectPointcutPostProcessor for more efficient startup.
2010-02-26 17:21:25 +00:00
e2f9be9015
SEC-1307: Modify context saving logic in HttpSessionSecurityContextRepository to check the SecurityContext and its contents (the Authentication) against the respective values when the request first arrived at the SecurityContextPersistenceFilter. As explained in the issue, this allows a definite decision to be made about whether the current thread has modified the context information during the request, indicating that it should be saved.
...
Also removed deprecated HttpSessionContextIntegrationFilter and tests.
2010-02-26 16:01:40 +00:00
5aae545949
SEC-1232: Re-enable aspects module and aspectj sample in maven build.
2010-02-25 20:09:01 +00:00
4dd10cd266
Refactor overly large doFilter() method in DigestAuthenticationFilter.
2010-02-22 01:48:53 +00:00
2f1479785e
Refactoring to remove remaining circular dependencies indicated by structure101.
2010-02-22 01:48:22 +00:00
f3f84da625
Increase upper bounds of Spring and Spring Security versions in bundlor templates to 3.2.0.
2010-02-21 23:25:36 +00:00
b0bea8356f
Minor gradle 0.9 syntax change.
2010-02-21 20:42:32 +00:00
025ab4ce1a
Tweaking of table size in namespace chapter and PDF page margins to try to reduce overlapping of text
2010-02-21 20:41:44 +00:00
26cf6f5528
SEC-1399: Remove MockAuthenticationManager in app context file for FilterChainProxy tests.
2010-02-20 21:59:44 +00:00
ea7ccc718d
SEC-1399: Removed AbstractAuthenticationManager.
...
MockAuthenticationManager was the only other subclass (apart from the main ProviderManager) and has been removed also.
2010-02-20 21:35:39 +00:00
dacb8dd25a
SEC-1382: Removed deprecated label-based voter and related classes.
2010-02-20 20:50:16 +00:00
68f6afd905
SEC-1383: Added namespace support for method-security-metadata-source
2010-02-20 19:05:25 +00:00
b7fc5bc455
Update schema version to 3.1
2010-02-20 18:58:00 +00:00
e2a8f81ae8
Update aspectj version in sample to 1.6.8
2010-02-20 18:50:36 +00:00
b37d2ed978
SEC-593: Added PermissionCacheOptimizer strategy interface and implementation in Acl module.
...
This is used by DefaultMethodSecurityExpressionHandler to allow permissions to be cached before repeatedly evaluating an expression for a collection of domain objects.
2010-02-20 18:02:12 +00:00
1474e73b11
SEC-1166: Added new interface PermissionGrantingStrategy to allow customization of ACL permission granting logic.
...
The DefaultPermissionGrantingStrategy contains the standard behaviour that was previously in AclImpl.
2010-02-20 18:02:11 +00:00
7c99361c26
Reduce length of long lines in the reference manual.
...
Some are too long for the PDF version.
2010-02-20 01:00:14 +00:00
40d3f726d6
Update manual version to 3.0.2.RELEASE
2010-02-19 19:00:06 +00:00
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
2010-02-19 17:35:19 +00:00
44f45d21f0
3.0.2 release. Update version in build files.
2010-02-19 01:22:21 +00:00
d2b2ca3bc6
SEC-1387: Use a transient object as the advice monitor, rather than a Serializable.
...
No need for an anonymous inner class.
2010-02-19 01:02:22 +00:00
97d04b73c1
Upgrade to Spring 3.0.1.
2010-02-19 00:53:38 +00:00
Luke Taylor
Hans Dockter