Commit Graph

174 Commits

Author SHA1 Message Date
Rob Winch b56e5edbbd SEC-2784: Fix build plugins 2014-12-08 14:24:34 -06:00
Rob Winch 6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Rob Winch 09f6210c73 SEC-2347: Polish 2014-11-21 22:31:03 -06:00
Rob Winch 3187ee8bf3 SEC-2700: Register WithSecurityContextTestExecutionListener by default 2014-08-15 16:41:33 -05:00
Rob Winch b72c1ad314 SEC-2686: Create SecurityMockMvcConfigurer 2014-07-22 15:11:37 -05:00
Rob Winch 3118e39de8 SEC-2542: Use exclusions to remove duplicate dependencies
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.

In addition to the new exclusions, notable other changes are:

 - Spring Data JPA has been updated to 1.4.1. This brings its
   transitive dependency upon spring-data-commons into line with
   Spring LDAP's and prevents both spring-data-commons-core and
   spring-data-commons from being on the classpath
 - All Servlet API dependencies have been updated to use the official
   artifact with all transitive dependencies on unofficial servlet API
   artifacts being excluded.
 - In places, groovy has been replaced with groovy-all. This removes
   some duplicates caused by groovy's transitive dependencies.
 - JUnit has been updated to 4.11 which brings its transitive Hamcrest
   dependency into line with other components.

There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level

Conflicts:
	samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
Rob Winch 9988fa141c Update Spring Security version in pom.xml 2014-03-06 08:13:52 -06:00
Rob Winch 7f99a2dfbb SEC-2487: Update to Spring 3.2.8.RELEASE 2014-02-19 09:30:40 -06:00
Rob Winch ec8b48150d SEC-2474: Update poms 2014-02-07 17:01:11 -06:00
james a99c6db327 SEC-2467: Fix Small errors in itest-web's jsps 2014-01-28 16:03:59 -06:00
Rob Winch a34178bc40 SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA 2013-12-12 08:16:59 -06:00
Rob Winch 4460e84b29 Updates to pom.xml author and repo 2013-12-09 08:57:30 -06:00
Rob Winch 2c8946c406 Next development version 2013-11-01 14:20:55 -05:00
Spring Buildmaster 9c703a3051 Release version 3.2.0.RC2 2013-11-01 14:20:49 -05:00
Rob Winch 88f41cdf62 SEC-2341: Update to Gradle 1.8
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
Rob Winch 3d2f23602f SEC-2294: Update Spring Version to 3.2.4.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch 13da42ca1b SEC-2137: Allow disabling session fixation and enable concurrency control 2013-08-15 12:50:40 -05:00
Rob Winch 976d9a9016 SEC-2194: Polish java config sample apps 2013-08-08 14:33:54 -05:00
Rob Winch 5e6ca12b01 SEC-2097: Update integrationTestCompile to use optional and provided
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
Rob Winch 02551e1b7a SEC-2214: Update Spring Version 2013-07-16 15:15:47 -05:00
Rob Winch faa8b354b7 SEC-2209: add pom.xml 2013-07-16 15:15:47 -05:00
Rob Winch e5fc063680 SEC-2206: Gradle Propdeps 2013-07-16 15:15:42 -05:00
Rob Winch e8661913d1 SEC-2119: Update to 3.2 schema and use default schema version when available 2013-03-01 16:29:27 -06:00
Rob Winch 1ed643ca1f SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
Luke Taylor f883c6e579 SEC-1723: Fix use of bean names in integration test app context. 2011-04-25 22:30:51 +01:00
Luke Taylor 94b7868039 SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema. 2011-02-14 21:17:16 +00:00
Luke Taylor 44fb3aa4ab SEC-1677: Create integrationTest task for Java projects and make all tests in itest module run as integration tests only. 2011-02-14 15:03:15 +00:00
Luke Taylor c1f2fa1983 SEC-1558: Changed signatures of PrePostInvocationAttributeFactory to take strings rather than annotation types to allow the metadata to be obtained from other sources (not just annotations). 2011-01-05 16:56:28 +00:00
Luke Taylor 85d685f7d3 SEC-1611: Make access attribute in authorize tag a runtime expression 2010-12-14 16:55:34 +00:00
Luke Taylor 4a40d80da1 SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
Luke Taylor 8d867e8b67 Updated integration tests to detect case reported as SPR-7563. 2010-11-02 20:35:24 +00:00
Luke Taylor 0fd2c48dfb SEC-1584: Additional integration tests. 2010-10-27 13:25:39 +01:00
Rossen Stoyanchev bd84a2bfa1 SWC-1552 Update .tld in integration test to match change in taglib. 2010-10-26 14:00:45 +01:00
Luke Taylor f4d57ab5e8 SEC-1456: Remove maven poms as we are now using gradle for the build. 2010-08-30 19:02:19 +01:00
Luke Taylor bdb906e588 Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output. 2010-08-24 18:25:39 +01:00
Luke Taylor 1680807470 Added eclipse plugin to build. Some minor fixes to remove eclipse warnings. 2010-08-18 14:11:16 +01:00
Luke Taylor 6abfa2e887 Update minimum required schema to 3.1. 2010-08-17 02:19:55 +01:00
Luke Taylor dca0fd871c SEC-1532: Add cache of previously matched beans to ProtectPointcutPostProcessor to ensure that it doesn't perform pointcut matching every time a new prototype bean is created. 2010-08-09 17:16:43 +01:00
Luke Taylor 85c4c91e0e IDEA inspection refactorings. 2010-08-05 23:28:07 +01:00
Luke Taylor 413b2a06e3 Improvements in up-to-date checking and use of parallel tests where possible. 2010-08-05 02:11:00 +01:00
Luke Taylor 64375484a1 More build and logging tuning. 2010-08-04 22:55:17 +01:00
Luke Taylor c4ee46824c Removing log4j.properties files and adding logback config ones. 2010-08-04 21:16:05 +01:00
Luke Taylor c1c8fd1874 SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request). 2010-07-20 19:46:47 +01:00
Luke Taylor ea5f2088b5 Comment out OpenLDAP tests to allow running in IDEA, and reduce default load configuration of performance test class. 2010-07-12 12:40:19 +01:00
Luke Taylor 69a10c48ae Switch to using slf4j/logback for logging.
We still compile modules against commons-logging but all runtime logging and samples will use logback
2010-07-12 12:39:52 +01:00
Luke Taylor 6093dbce7e Converted test to use namespace to set method securityMetadataSource property. 2010-07-02 20:00:01 +01:00
Luke Taylor 34401416b0 SEC-1171: Implement parsing of empty filter chain patters via http 'secured' attribute and remove filters='none' support. 2010-05-27 15:54:15 +01:00
Luke Taylor dada047e04 SEC-1456: Set rtexprvalue=true for "url" attribute in access tag to allow dynamic values (such as URL of current page). 2010-04-21 17:31:44 +01:00
Luke Taylor 0521d10069 SEC-1294: Enable access to beans from ApplicationContext in EL expressions.
ExpressionHandlers are now ApplicationContextAware and set the app context on the SecurityExpressionRoot. A custom PropertyAccessor resolves the properties against the root by looking them up in the app context.
2010-04-01 01:24:23 +01:00
Luke Taylor a5a95a8ebc Upgrade jython and disable cachedir. 2010-03-31 19:11:00 +01:00
Luke Taylor bf91f2ca67 SEC-524: Added "var" attribute to authorize and accesscontrollist JSP tags.
Allows the result of the boolean condition granting/denying access to be stored in the page context for later use, without having to duplicate the tag.
2010-03-24 18:35:17 +00:00
Luke Taylor 111d49d68a Added build file for itest-context. 2010-03-12 01:40:27 +00:00
Luke Taylor f3264ba9ab Addition of commons-logging exclusions and adjustments to pom generation. 2010-03-07 21:58:25 +00:00
Luke Taylor d66ff32a1d Added taglib dependency to itest-web project. Needed by additional test for SEC-1420. 2010-03-05 23:23:01 +00:00
Luke Taylor 4d70f88285 SEC-1420: JSP for itest of authentication tags with and without escaping. 2010-03-04 01:44:27 +00:00
Luke Taylor 0551dd89ac SEC-1420: Add htmlEscape attribute to authentication JSP tag.
This allows HTML escaping to be disabled if required.
2010-03-04 00:47:22 +00:00
Luke Taylor 962a2d5272 Tone down Apache DS log level in itest-web 2010-03-01 01:20:11 +00:00
Luke Taylor 2ee7696bf4 Update version number to 3.1.0.CI-SNAPSHOT. 2010-02-19 17:35:19 +00:00
Luke Taylor 44f45d21f0 3.0.2 release. Update version in build files. 2010-02-19 01:22:21 +00:00
Luke Taylor e678ba7283 Improvements to itest-web subproject.
Added to gradle build. Updated deps (testng and jwebunit). New test added for persistent remember-me.
2010-02-11 01:48:21 +00:00
Luke Taylor 70ef0d8b3e Added extra test to itest/context as POC of using extra interceptor with http ns. 2010-02-11 01:48:00 +00:00
Luke Taylor 23511c930f Standardising slf4j versions. 2010-02-11 01:33:31 +00:00
Luke Taylor 51dfc0fb39 Set versions to 3.0.2-CI-SNAPSHOT, post release. 2010-01-15 18:15:19 +00:00
Luke Taylor 05634f97dc Updated version numbers for 3.0.1 release. 2010-01-15 18:04:28 +00:00
Luke Taylor 052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Luke Taylor 9a323f15bc Bring versions in itext module up-to-date 2010-01-07 17:56:32 +00:00
Luke Taylor 4e4242d010 SEC-1354: Added integration tests for combinations of @PreAuthorize and @Secured annotations. 2010-01-06 22:23:01 +00:00
Luke Taylor fac07ba8ff Schema updates to Spring 3.0 2009-12-18 18:44:17 +00:00
Luke Taylor 282bfc3151 Added some integration tests for Basic authentication, both alone and in combination with form login. 2009-12-12 17:32:27 +00:00
Luke Taylor 0f25601f54 Upgraded jwebunit version 2009-12-08 01:49:03 +00:00
Luke Taylor 131edf7a07 SEC-1318: Added integration test for custom concurrency setup. 2009-12-08 01:46:56 +00:00
Luke Taylor 8cf032c7b1 Switch off jetty debugging. 2009-12-08 01:45:38 +00:00
Luke Taylor 62b429a3b1 Updated spring schema versions in itest web contexts. 2009-12-08 01:44:56 +00:00
Luke Taylor 7fd03409fc Updating dependency versions to match spring RC1 ones 2009-10-11 19:58:52 +00:00
Luke Taylor 735ecac215 SEC-1255: Forot dispathcer-servlet context 2009-10-11 15:27:09 +00:00
Luke Taylor bf7d691c45 Update and fix tests 2009-10-11 15:24:42 +00:00
Luke Taylor c9e2121504 SEC-1255: Replace file with controller to avoid windows filename problems 2009-10-11 15:24:17 +00:00
Luke Taylor 1286741c7c SEC-1259: Improve consistency of authentication filter names. 2009-10-07 14:43:55 +00:00
Luke Taylor 07d7c0ddae Renamed form and openID filters to shorten names 2009-10-05 17:33:34 +00:00
Luke Taylor 1042305cfe Renamed web.wrapper to web.servletapi. Added some package.html files. 2009-10-05 16:59:37 +00:00
Luke Taylor acf13c74ca SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session 2009-10-05 15:51:00 +00:00
Luke Taylor 073198886d SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before. 2009-10-02 17:29:43 +00:00
Luke Taylor 7247902911 SEC-1229: Updated sample and itest namespace concurrency configs. 2009-09-29 16:18:01 +00:00
Luke Taylor 5bdfd8cd77 Tidying imports etc to remove compiler warnings. 2009-09-05 14:14:58 +00:00
Luke Taylor e40b9fbc75 SEC-1196: Introduce AuthenticationManagerDelegator is MethodSecurityInterceptor which is configured by global-method-security. Prevents regression of SEC-933 caused by eager init of AuthenitcationManager and dependent beans 2009-08-03 01:44:49 +00:00
Luke Taylor 68364f06a2 Minor itest updates 2009-07-29 16:05:47 +00:00
Luke Taylor 66f7e8bcc8 SEC-1168: Added filter-security-metadat-source to namespace. 2009-06-08 12:59:13 +00:00
Luke Taylor 131ba5c62e Reset poms to 3.0.0.CI-SNAPSHOT after tagging M1 release 2009-05-27 00:12:30 +00:00
Luke Taylor e2c218e8c9 [maven-release-plugin] prepare release spring-security-3.0.0.M1 2009-05-26 23:44:11 +00:00
Luke Taylor 45c54c558c Updated build to use maven.springframework.org deps 2009-05-13 06:16:05 +00:00
Luke Taylor a8215fa2cb SEC-1160: Renaming of authentication filters and entry points and associated doc changes 2009-05-12 05:37:11 +00:00
Luke Taylor 4bad213b19 SEC-1132: Moved remaining preauth code from core to web 2009-05-12 00:11:06 +00:00
Luke Taylor c7a2e12c65 Moved python script to correct directory 2009-05-11 06:03:59 +00:00
Luke Taylor 76438b3347 SEC-1132: Refactoring of access/intercept package to extract packages and classes which are externally depended on or potentially may be used outside of the standard interceptor model (e.g. SecurityMetadataSource) 2009-05-11 05:44:31 +00:00
Luke Taylor 14c4739605 SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL. 2009-05-11 05:18:20 +00:00
Luke Taylor 6d655aa514 SEC-1132: More refactoring to remove cycles ad reduce complexity metrics 2009-05-04 14:24:54 +00:00
Luke Taylor e94baf38b3 Tidying up to remove warnings (generics, use of deprecated test classes etc). 2009-04-28 06:49:43 +00:00
Luke Taylor 21e36e0a57 Updated version number from 2.5.0-SNPSHOT to 3.0.0.CI-SNAPSHOT 2009-04-22 12:55:52 +00:00
Luke Taylor 681b5d9e05 Missed file for previous commit 2009-04-22 00:13:59 +00:00
Luke Taylor b769fe1504 Update pom.xml to remove Spring 2.5 dep 2009-04-21 08:17:08 +00:00