Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,031 Commits 34 Branches 337 Tags
Commit Graph

1668 Commits

Author SHA1 Message Date
Luke Taylor
d288f722a8 OPEN - issue SEC-759: GrantedAuthoritiesContainer should extend Serializable 
http://jira.springframework.org/browse/SEC-759. Added Serializable to interface.
 2008-04-11 17:25:41 +00:00
Luke Taylor
3b3d339393 SEC-764: Added support for "position" attribute. Also added "LAST" as an option for filter position. 2008-04-11 17:01:08 +00:00
Luke Taylor
7145198e5a OPEN - issue SEC-763: Allow setting of alwaysUseDirectTargetUrl via form-login namespace URL 
http://jira.springframework.org/browse/SEC-763. Added always-use-default target attribute to namespace.
 2008-04-11 12:03:55 +00:00
Luke Taylor
a3de51ea51 Fixed typo in constant name. 2008-04-09 23:41:27 +00:00
Luke Taylor
029f8a2409 Made test method getFilters on FilterChainProxy default access. 2008-04-07 22:41:50 +00:00
Luke Taylor
a2d2c6b67a Corrected element name. 2008-04-07 22:28:47 +00:00
Luke Taylor
243b5f4a2a SEC-746: impossible to specify errorPage for the AccessDeniedHandlerImp when using namespace based configuration 
http://jira.springframework.org/browse/SEC-746. Added access-denied-page to http element.
 2008-04-07 22:17:09 +00:00
Luke Taylor
f57ba43780 SEC-673: Reinstated a bean registration that had accidentally bean removed by the last patch, breaking core-tiger tests. 2008-04-07 21:05:13 +00:00
Luke Taylor
80dbc4fd75 SEC-673: Applied patch from Christian. 2008-04-07 20:20:58 +00:00
Luke Taylor
594b69b7ef SEC-754: Changed tests to use unicode escapes rather than explicit UTF-8. 2008-04-07 18:05:45 +00:00
Luke Taylor
236e310ea7 SEC-747: impossible to specify "observeOncePerRequest" property in the namespace based configuration. 
http://jira.springframework.org/browse/SEC-747. Added once-per-request attribute to http element.
 2008-04-07 15:30:27 +00:00
Luke Taylor
6612d0f729 SEC-754: Fixed wrong array length and added tests for encoding non-ascii password. 2008-04-07 14:13:40 +00:00
Luke Taylor
6d1932da33 SEC-753: Changed Spring version range in felix plugin to [2.0,2.6) to allow use with minor 2.5 versions. 2008-04-07 12:39:00 +00:00
Luke Taylor
92ad1ecf81 Typo in Javadoc. 2008-04-06 00:08:41 +00:00
Luke Taylor
67d5a5b814 SEC-750: Support for JPA PersistenceContext annotation broken 
http://jira.springframework.org/browse/SEC-750. Updates to prevent the HttpSecurityPostProcessor from causing beans to be instantiated. Added a simplified test case to HttpSecurityBeanDefinitionParserTests.
 2008-04-06 00:04:50 +00:00
Luke Taylor
a43d054bd7 Removed comment about status checking as it is not entirely correct and misleads people. 2008-04-04 19:40:28 +00:00
Luke Taylor
21e83e8364 [maven-release-plugin] prepare for next development iteration 2008-04-01 15:03:29 +00:00
Luke Taylor
91ed7dceb6 [maven-release-plugin] prepare release release_2_0_0_RC1 2008-04-01 15:01:30 +00:00
Luke Taylor
3cb504fa95 Fixed jdk 1.4 compatibility issues 2008-04-01 14:32:31 +00:00
Luke Taylor
e05d1da102 Refactored AuthenticationUserDetailsService to userdetails package as it isn't preauth specific 2008-03-31 23:08:30 +00:00
Luke Taylor
f898bec370 OPEN - issue SEC-742: IllegalArgumentException if namespace configuration defines RememberMeServices without BasicProcessingFilter 
http://jira.springframework.org/browse/SEC-742. Fix. Post processor was assuming there was a BasicProcessinFilter in the app context when a remember-me services was present.
 2008-03-31 22:44:11 +00:00
Luke Taylor
c347834401 OPEN - issue SEC-605: JdbcDaoImpl of UserDetailsService should provide a method for customizing creation of the final UserDetails object 
http://jira.springframework.org/browse/SEC-605. Added a createUserDetails method and also some other methods which are responsible for executing the individual queries for loading the userinformation and authorities.
 2008-03-31 18:01:07 +00:00
Luke Taylor
40e51dd5fe OPEN - issue SEC-649: Add user-service-ref attribute to remember-me namespace element 
http://jira.springframework.org/browse/SEC-649. Added attribute to namespace and parsing support.
 2008-03-31 17:27:58 +00:00
Luke Taylor
cc752cfc28 OPEN - issue SEC-732: Encapsulate query objects in JdbcDaoImpl and JdbcUserDetailsManager 
http://jira.springframework.org/browse/SEC-732. Updated these classes to hide the internal query and update objects to allow future refactoring.
 2008-03-31 16:52:31 +00:00
Luke Taylor
53b084e2f9 Simple tests to detect invalid configurations, particularly when the namespace has been updated without applying the spring-security.xsl transformation, which prevents certain elements from appearing at top level. 2008-03-31 16:30:28 +00:00
Luke Taylor
b1ae4922d2 SEC-726: Added entry-point-ref to <http> namespace element to allow customization of authentication process. 2008-03-31 16:22:40 +00:00
Luke Taylor
9db55f336c SEC-739: Removed siteminder provider code. 2008-03-31 12:23:32 +00:00
Luke Taylor
512c64fb98 SEC-738: Add session-registry-alias attribute to concurrent-session-control 
http://jira.springframework.org/browse/SEC-738. Added this attribute. Also various bugfixes in handling of attribute names for concurrent session control.
 2008-03-31 12:01:37 +00:00
Luke Taylor
07f820f1a6 Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans. 2008-03-31 10:10:13 +00:00
Luke Taylor
c9b6fe9555 OPEN - issue SEC-657: Create pre-authenticated processing filter which obtains username from request header 
http://jira.springframework.org/browse/SEC-657. Added filter and test class.
 2008-03-30 13:37:13 +00:00
Luke Taylor
b98c72056a SEC-728: Change use of String.getBytes() in password encoders to use UTF-8 2008-03-29 15:21:31 +00:00
Luke Taylor
1463b9769d SEC-629: authentication-provider doesn't support caching. 
http://jira.springframework.org/browse/SEC-629. Added support for cache-ref elements on jdbc-user-service and ldap-user-service
 2008-03-28 17:55:12 +00:00
Luke Taylor
db6fafaf56 SEC-629: authentication-provider doesn't support caching. Refactored MockUserCache class to top level 2008-03-28 14:17:05 +00:00
Luke Taylor
1fece47b49 SEC-691: Applied patch to allow setting of returned user attributes from LDAP search. 2008-03-27 14:41:11 +00:00
Luke Taylor
350a626587 SEC-477: Added preauthenticated websphere contribution. 2008-03-27 14:25:17 +00:00
Luke Taylor
584853bbcb Tidied imports. 2008-03-26 21:49:26 +00:00
Luke Taylor
ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor
9ea2408ac6 Fixed error in choosing main entry point (it's an alias not a bean name, so doesn't appear in the entry map - you have to get it direct from the bean factory). 2008-03-26 17:34:42 +00:00
Luke Taylor
1b8a3c5673 SEC-689: Updated session fixation protection namespace support to set session registry on SessionFixationProtectionFilter. 2008-03-26 14:51:16 +00:00
Luke Taylor
eeb14b3965 Changed filter order numbers to start at zero (makes them more readable in log compared with large negative numbers) 2008-03-26 12:22:26 +00:00
Luke Taylor
4681ff3d50 SEC-689: Fix 1.4 compatibility issue (overlooked autoboxing of boolean) 2008-03-26 12:09:57 +00:00
Luke Taylor
43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor
2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor
a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor
8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor
83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex
0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex
f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor
f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor
18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00