b5dc523041
[maven-release-plugin] prepare for next development iteration
2008-04-14 07:06:44 +00:00
0c42670431
[maven-release-plugin] prepare release spring-security-parent-2.0.0
2008-04-14 07:05:46 +00:00
4d714b33e0
SEC-770: Mark old org.springframework.security.acl module as @deprecated.
2008-04-14 06:50:01 +00:00
57b5f38df1
OPEN - issue SEC-769: Remember-Me functionality not available in namespace configuration
...
http://jira.springframework.org/browse/SEC-769 . I've added a check in FormLoginBeanDefintionParser to see if RememberMeServices is registered. If so, it will inject the bean into the filter. Also added a check in HttpSecurityBeanDefinitionParserTests that the field has been set.
2008-04-13 22:11:09 +00:00
4ae40150c9
SEC-752: ClassLoading in GlobalMethodSecurityBeanDefinitionParser doesn't work in tooling
...
http://jira.springframework.org/browse/SEC-752 . Removed check for JSR-250 class.
2008-04-13 20:59:39 +00:00
552dc6486a
SEC-703: Expose customization of SQL used by <jdbc-user-service>
...
http://jira.springframework.org/browse/SEC-703 . Added suggested attributes for sql queries.
2008-04-13 20:51:40 +00:00
d6e5dbbcfd
SEC-767: Added override for flushBuffer in response wrapper.
2008-04-13 20:22:31 +00:00
9d54c2d22b
OPEN - issue SEC-637: Dependency on RequestUtils
...
http://jira.springframework.org/browse/SEC-637 . Removed use of ServletRequestUtils in AbstractRememberMeServices
2008-04-13 12:53:01 +00:00
0422cb1f8f
Fixed artifact groups for aspectjrt and added cas sample to project build
2008-04-13 00:08:18 +00:00
83c152e379
SEC-768: Changed exception to error reported through parser context. Added entry-point-ref to cas config
2008-04-13 00:02:46 +00:00
a2f4ee1c58
SEC-767: Added check for committed response before attempting to create a new session
2008-04-12 23:18:03 +00:00
2d3bc27d06
SEC-755: Updated bundle names in line with Christian's recommendations.
2008-04-12 18:38:06 +00:00
d0ae8e072d
Refactored out safeGetHttpSession method to remove multiple try/catch IllegalArgumentException blocks round request.getSession() calls.
2008-04-12 15:01:52 +00:00
6b86b05a0a
Removed autoboxing
2008-04-11 23:22:36 +00:00
d288f722a8
OPEN - issue SEC-759: GrantedAuthoritiesContainer should extend Serializable
...
http://jira.springframework.org/browse/SEC-759 . Added Serializable to interface.
2008-04-11 17:25:41 +00:00
3b3d339393
SEC-764: Added support for "position" attribute. Also added "LAST" as an option for filter position.
2008-04-11 17:01:08 +00:00
7145198e5a
OPEN - issue SEC-763: Allow setting of alwaysUseDirectTargetUrl via form-login namespace URL
...
http://jira.springframework.org/browse/SEC-763 . Added always-use-default target attribute to namespace.
2008-04-11 12:03:55 +00:00
a3de51ea51
Fixed typo in constant name.
2008-04-09 23:41:27 +00:00
029f8a2409
Made test method getFilters on FilterChainProxy default access.
2008-04-07 22:41:50 +00:00
a2d2c6b67a
Corrected element name.
2008-04-07 22:28:47 +00:00
243b5f4a2a
SEC-746: impossible to specify errorPage for the AccessDeniedHandlerImp when using namespace based configuration
...
http://jira.springframework.org/browse/SEC-746 . Added access-denied-page to http element.
2008-04-07 22:17:09 +00:00
f57ba43780
SEC-673: Reinstated a bean registration that had accidentally bean removed by the last patch, breaking core-tiger tests.
2008-04-07 21:05:13 +00:00
80dbc4fd75
SEC-673: Applied patch from Christian.
2008-04-07 20:20:58 +00:00
594b69b7ef
SEC-754: Changed tests to use unicode escapes rather than explicit UTF-8.
2008-04-07 18:05:45 +00:00
236e310ea7
SEC-747: impossible to specify "observeOncePerRequest" property in the namespace based configuration.
...
http://jira.springframework.org/browse/SEC-747 . Added once-per-request attribute to http element.
2008-04-07 15:30:27 +00:00
6612d0f729
SEC-754: Fixed wrong array length and added tests for encoding non-ascii password.
2008-04-07 14:13:40 +00:00
6d1932da33
SEC-753: Changed Spring version range in felix plugin to [2.0,2.6) to allow use with minor 2.5 versions.
2008-04-07 12:39:00 +00:00
92ad1ecf81
Typo in Javadoc.
2008-04-06 00:08:41 +00:00
67d5a5b814
SEC-750: Support for JPA PersistenceContext annotation broken
...
http://jira.springframework.org/browse/SEC-750 . Updates to prevent the HttpSecurityPostProcessor from causing beans to be instantiated. Added a simplified test case to HttpSecurityBeanDefinitionParserTests.
2008-04-06 00:04:50 +00:00
a43d054bd7
Removed comment about status checking as it is not entirely correct and misleads people.
2008-04-04 19:40:28 +00:00
21e83e8364
[maven-release-plugin] prepare for next development iteration
2008-04-01 15:03:29 +00:00
91ed7dceb6
[maven-release-plugin] prepare release release_2_0_0_RC1
2008-04-01 15:01:30 +00:00
3cb504fa95
Fixed jdk 1.4 compatibility issues
2008-04-01 14:32:31 +00:00
e05d1da102
Refactored AuthenticationUserDetailsService to userdetails package as it isn't preauth specific
2008-03-31 23:08:30 +00:00
f898bec370
OPEN - issue SEC-742: IllegalArgumentException if namespace configuration defines RememberMeServices without BasicProcessingFilter
...
http://jira.springframework.org/browse/SEC-742 . Fix. Post processor was assuming there was a BasicProcessinFilter in the app context when a remember-me services was present.
2008-03-31 22:44:11 +00:00
c347834401
OPEN - issue SEC-605: JdbcDaoImpl of UserDetailsService should provide a method for customizing creation of the final UserDetails object
...
http://jira.springframework.org/browse/SEC-605 . Added a createUserDetails method and also some other methods which are responsible for executing the individual queries for loading the userinformation and authorities.
2008-03-31 18:01:07 +00:00
40e51dd5fe
OPEN - issue SEC-649: Add user-service-ref attribute to remember-me namespace element
...
http://jira.springframework.org/browse/SEC-649 . Added attribute to namespace and parsing support.
2008-03-31 17:27:58 +00:00
cc752cfc28
OPEN - issue SEC-732: Encapsulate query objects in JdbcDaoImpl and JdbcUserDetailsManager
...
http://jira.springframework.org/browse/SEC-732 . Updated these classes to hide the internal query and update objects to allow future refactoring.
2008-03-31 16:52:31 +00:00
53b084e2f9
Simple tests to detect invalid configurations, particularly when the namespace has been updated without applying the spring-security.xsl transformation, which prevents certain elements from appearing at top level.
2008-03-31 16:30:28 +00:00
b1ae4922d2
SEC-726: Added entry-point-ref to <http> namespace element to allow customization of authentication process.
2008-03-31 16:22:40 +00:00
9db55f336c
SEC-739: Removed siteminder provider code.
2008-03-31 12:23:32 +00:00
512c64fb98
SEC-738: Add session-registry-alias attribute to concurrent-session-control
...
http://jira.springframework.org/browse/SEC-738 . Added this attribute. Also various bugfixes in handling of attribute names for concurrent session control.
2008-03-31 12:01:37 +00:00
07f820f1a6
Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans.
2008-03-31 10:10:13 +00:00
c9b6fe9555
OPEN - issue SEC-657: Create pre-authenticated processing filter which obtains username from request header
...
http://jira.springframework.org/browse/SEC-657 . Added filter and test class.
2008-03-30 13:37:13 +00:00
b98c72056a
SEC-728: Change use of String.getBytes() in password encoders to use UTF-8
2008-03-29 15:21:31 +00:00
1463b9769d
SEC-629: authentication-provider doesn't support caching.
...
http://jira.springframework.org/browse/SEC-629 . Added support for cache-ref elements on jdbc-user-service and ldap-user-service
2008-03-28 17:55:12 +00:00
db6fafaf56
SEC-629: authentication-provider doesn't support caching. Refactored MockUserCache class to top level
2008-03-28 14:17:05 +00:00
1fece47b49
SEC-691: Applied patch to allow setting of returned user attributes from LDAP search.
2008-03-27 14:41:11 +00:00
350a626587
SEC-477: Added preauthenticated websphere contribution.
2008-03-27 14:25:17 +00:00
584853bbcb
Tidied imports.
2008-03-26 21:49:26 +00:00
Ben Alex
Luke Taylor