001b05569a
Release version 4.1.0.RELEASE
2016-05-05 04:25:46 +00:00
f6a95333d1
Add Hello World Spring Boot sample
...
Issue gh-3850
2016-05-04 17:26:42 -04:00
24d0069668
Release version 4.1.0.RC2
2016-04-21 01:47:25 +00:00
933a7e8363
Remove duplicate words
...
Fixes gh-3826
2016-04-18 23:21:20 -05:00
945a21a3fb
Use xml / javaconfig folders for samples
...
Fixes gh-3752
2016-04-11 09:47:06 -05:00
044acf7e27
Release version 4.1.0.RC1
2016-03-23 07:15:15 -07:00
1c008cd56e
Disable DEBUG logs
...
Fixes gh-3757
2016-03-15 08:37:01 -05:00
df65662bf0
Upgrade to Sonarqube plugin
2016-03-14 13:56:49 -05:00
ec4e6c7453
Update pom.xml to 4.1.0.BUILD-SNAPSHOT
2016-03-14 00:51:35 -05:00
f221920a19
Clean up code to conform to basic checkstyle
...
Issue gh-3746
2016-03-14 00:15:12 -05:00
71d4ce96ad
Convert to assertj
...
Fixes gh-3175
2016-03-09 14:30:17 -06:00
bb600a473e
Start AssertJ Migration
...
Issue gh-3175
2016-03-09 14:26:30 -06:00
6cbb439701
Use XML namespace for PreAuth Sample
...
Fixes gh-3399
2016-03-09 11:08:06 -06:00
21c0542487
SEC-3117: Update users.ldif
...
Fixed incorrect dn.
2015-10-01 16:22:05 -05:00
29f2cc0ab1
snasphot -> snapshot
2015-09-25 15:28:39 -05:00
b0701ea770
SEC-3068: Update Tutorial to use POST /logout
2015-08-10 09:53:07 -05:00
969f3a7d1b
Update pom.xml to latest snapshots
2015-08-03 09:46:01 -05:00
ad1d858e2b
SEC-3056 - Fix JavaDoc errors.
...
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
7317c090cc
SEC-2963: Disable appengineRun if contains functional tests
2015-07-29 09:57:57 -05:00
485fbdc1ee
SEC-2963: Select Available Port for appengine
2015-07-28 22:47:21 -05:00
ea873fb1b8
SEC-2963: Disable appengineFunctionalTest
2015-07-22 21:27:28 -05:00
113b61e3a0
SEC-2957: Polish
2015-07-22 13:57:28 -05:00
be27ede0e9
SEC-2957: Add missing provided dependencies to samples
2015-07-22 13:33:52 -05:00
e8c9f75f9c
Update pom.xml to latest versions
2015-07-22 12:51:04 -05:00
54dabb6433
SEC-2993: OpenID Sample now uses me.yahoo.com
2015-07-21 10:44:54 -05:00
cd4a7e95cc
SEC-2991: Add CSRF Token to OpenID XML Sample
2015-07-21 10:42:24 -05:00
9b92d5a1e7
SEC-2963: Fix tests
2015-07-20 12:53:21 -05:00
e25b84c902
SEC-2963: Update to latest Google AppEngine
2015-07-20 12:36:29 -05:00
197ddb3cd1
SEC-3029: Fix Compatibility with Spring 4.2.x
2015-07-07 22:46:31 -05:00
7b158d0525
SEC-2966: Fix preauth-xml sample config attributes
2015-05-07 10:10:20 -05:00
d5dfeeca49
SEC-2927: Update chat-jc pom so Maven Builds
...
Previously there were some incorrect dependency versions. This commit fixes
that.
We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
4fdfb8caba
SEC-2915: More Tabs -> Spaces
2015-04-17 11:34:34 -05:00
db531d9100
SEC-2917: Update to Spring 4.1.6
2015-03-25 15:18:59 -05:00
ae6af5d73c
SEC-2915: Updated Java Code Formatting
2015-03-25 13:09:18 -05:00
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
2015-03-25 13:08:59 -05:00
cf9f58a4ac
SEC-2915: XML spaces->tabs
2015-03-25 13:08:52 -05:00
c0438efa6b
Update samples pom files
2015-03-11 11:27:50 -05:00
5f57e5b0c3
SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config
2015-02-24 20:49:56 -06:00
37740cd020
SEC-2861: Add WebSocket Documentation & Sample
2015-02-24 10:29:47 -06:00
706e7fd7a2
SEC-2863: Update to Spring 4.1.5
2015-02-20 11:43:04 -06:00
5b0f8918ce
Fix Eclipse import
2015-01-23 17:29:54 -06:00
8f0001f59a
Next Development Version
2014-12-11 20:39:26 -06:00
49b69196de
Release version 4.0.0.RC1
2014-12-11 20:36:55 -06:00
a36c4bcb04
Consistent configureGlobal in samples
2014-12-10 21:10:27 -06:00
8b1f5f7cd7
SEC-2789: Polish
...
Remove unnecessary "extends WebSecurityConfigurerAdapter"
2014-12-10 21:10:27 -06:00
1677836d53
SEC-2790: Deprecate @EnableWebMvcConfig
2014-12-10 21:10:27 -06:00
62e127e978
SEC-2789: Add Default WebSecurityConfigurerAdapter
2014-12-10 21:10:26 -06:00
3171cc4364
SEC-2788: Add @Configuration as meta annotation to @Enable* annotations
2014-12-10 21:10:15 -06:00
11116c2b80
SEC-2787: Update Versions
2014-12-10 16:37:19 -06:00
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
b56e5edbbd
SEC-2784: Fix build plugins
2014-12-08 14:24:34 -06:00
6e204fff72
SEC-2781: Remove deprecations
2014-12-04 15:28:40 -06:00
09f6210c73
SEC-2347: Polish
2014-11-21 22:31:03 -06:00
3b8f7fdd67
SEC-2732: ehcache-core -> ehcache
2014-11-18 17:14:30 -06:00
02c3565e22
Fix compiling in Eclipse
2014-09-16 10:18:46 -05:00
6321665353
SEC-2676: Update to Spring Data Evans RC1
2014-08-15 20:46:59 -05:00
3f30529039
SEC-2179: Add Spring Security Messaging Support
2014-08-15 20:46:58 -05:00
939df5f0f9
SEC-2547: Update to cas-client-core-3.3.3
2014-08-15 16:41:33 -05:00
3187ee8bf3
SEC-2700: Register WithSecurityContextTestExecutionListener by default
2014-08-15 16:41:33 -05:00
1eaa621619
SEC-2676: Fix data and sample data poms
2014-08-15 16:40:51 -05:00
4f936c4c51
Remove @Version from created since it should not be updated
...
This also works around DATAJPA-582
2014-08-01 14:03:27 -05:00
3e8c879cea
SEC-2676: Fix data-jc sample's classpath
2014-08-01 10:33:33 -05:00
1f861f512a
SEC-2676: Add SpEL Spring Security Integration
2014-07-29 20:04:37 -05:00
8a2a1b7a5b
SEC-2595: Polish
2014-07-25 16:27:19 -05:00
b2d66e2a78
SEC-2595: @EnableGlobalMethodSecurity AspectJ fixes
2014-07-25 16:03:18 -05:00
b72c1ad314
SEC-2686: Create SecurityMockMvcConfigurer
2014-07-22 15:11:37 -05:00
906a0cb0e2
SEC-2684: Correct spelling of WithSecurityContextTestExecutionListener
2014-07-18 13:53:41 -05:00
66c926f2c7
SEC-2653: Remove explicit port for ldap-xml so can be dynamic for ci
2014-06-18 08:27:39 -05:00
6b121c7543
SEC-2637: Add Geb integration tests for ldap-xml
2014-06-13 13:53:33 -05:00
19ce54e4ff
SEC-2653: ldap-xml logout is post with CSRF token
2014-06-13 13:53:19 -05:00
f7d09c6b62
SEC-2633: Remove springSecurityFilterChain from insecuremvc tests
2014-06-13 13:09:59 -05:00
025c0857f4
SEC-2635: Add Geb integration tests for jdbc-jc
2014-06-13 12:24:03 -05:00
0e9999e429
Fix jdbc-jc to work with tomcat gradle plugin
...
It is necessary to ensure that src/main/webapp exists to ensure the
application starts with the Tomcat Gradle Plugin.
This commit adds a Manifest file to src/main/webapp/META-INF to ensure
that git contains the otherwise empty directory.
2014-06-13 12:23:26 -05:00
6964c2e3de
SEC-2633: Add MockMvc tests for insecuremvc
2014-06-13 11:26:28 -05:00
8f84921713
SEC-2632: Add Geb Integration Tests for insecure sample
2014-06-13 11:20:57 -05:00
11d83cdce1
SEC-2651: Fix hellojs-jc after Thymeleaf Spring 4 changes
2014-06-13 09:43:32 -05:00
80c0f5fa17
SEC-2626: Add Geb integration tests for form-jc
2014-06-12 17:06:05 -05:00
2aea199001
SEC-2636: Added Geb integration tests for ldap-jc
2014-06-12 16:49:12 -05:00
10c4d8f1af
SEC-2651: Update Thymeleaf to Spring 4 variants in samples
2014-06-12 16:48:04 -05:00
cb94fb2c99
SEC-2631: Add spring-security-test to inmemory-jc pom
2014-06-12 15:08:53 -05:00
ac712f9f17
SEC-2617: Add JSTL to sample poms
2014-06-12 15:07:25 -05:00
5953a35c95
SEC-2624: Add Geb integration tests to contacts-xml
2014-06-12 15:05:54 -05:00
91b2b7f875
SEC-2634: Add Geb integration tests for jaas-xml
2014-06-12 12:18:56 -05:00
1bff58577c
SEC-2631: Add inmemory-jc MockMvc integration tests
2014-06-12 12:18:04 -05:00
15ab3316b3
SEC-2630: Add helloworld-jc Gebintegration tests
2014-06-12 12:18:04 -05:00
fb25273672
SEC-2617: Fix JSTL Samples
2014-06-12 12:01:04 -05:00
dd0253048e
SEC-2650: Fix Jetty Warn NoInitialContextException on shutdown
2014-06-12 11:53:22 -05:00
e9d9a83df4
SEC-2607: CAS Server logouts out synchronously
2014-05-21 15:43:56 -05:00
76bf378077
SEC-2580: Include ApacheDS in samples/ldap-xml
2014-05-01 11:28:27 -05:00
00e1094178
Add springio-platform plugin
2014-04-23 14:35:22 -05:00
8baf82532c
SEC-2015: Add spring-security-test
2014-04-22 16:47:48 -05:00
1c75d33adb
SEC-2560: Remove samples from .gitignore and add missing sample files
2014-04-16 21:17:02 -05:00
5b216bd0b2
Revert "SEC-2547: Consistent CAS client version"
...
This reverts commit f6cc9d87d5
2014-04-15 10:36:37 -05:00
f6cc9d87d5
SEC-2547: Consistent CAS client version
2014-04-14 22:48:55 -05:00
ccf96a4d69
SEC-2542: Polish dependency exclusions
...
This cleans up exclusions so the pom.xml are not as cluttered.
2014-04-02 09:47:29 -05:00
3118e39de8
SEC-2542: Use exclusions to remove duplicate dependencies
...
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.
In addition to the new exclusions, notable other changes are:
- Spring Data JPA has been updated to 1.4.1. This brings its
transitive dependency upon spring-data-commons into line with
Spring LDAP's and prevents both spring-data-commons-core and
spring-data-commons from being on the classpath
- All Servlet API dependencies have been updated to use the official
artifact with all transitive dependencies on unofficial servlet API
artifacts being excluded.
- In places, groovy has been replaced with groovy-all. This removes
some duplicates caused by groovy's transitive dependencies.
- JUnit has been updated to 4.11 which brings its transitive Hamcrest
dependency into line with other components.
There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level
Conflicts:
samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
9988fa141c
Update Spring Security version in pom.xml
2014-03-06 08:13:52 -06:00
8afa8d8588
Fix integration tests
2014-03-06 07:56:40 -06:00
6dfdb10e31
Fix move to 4.0
2014-03-05 16:52:19 -06:00
7f99a2dfbb
SEC-2487: Update to Spring 3.2.8.RELEASE
2014-02-19 09:30:40 -06:00
ec8b48150d
SEC-2474: Update poms
2014-02-07 17:01:11 -06:00
8c580dc170
SEC-2444: Polish Thymeleaf for samples
2013-12-16 09:51:00 -06:00
b7041ed00e
SEC-2436: Add @EnableWebMvcSecurity
2013-12-14 14:40:01 -06:00
2df5541905
SEC-2448: Update to HSQL 2.3.1
2013-12-14 10:19:06 -06:00
4708287ad3
SEC-2444: Convert Java Config samples to thymeleaf and tiles
2013-12-13 15:47:28 -06:00
a34178bc40
SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA
2013-12-12 08:16:59 -06:00
4460e84b29
Updates to pom.xml author and repo
2013-12-09 08:57:30 -06:00
feeb380b51
Polish Guides
2013-12-06 11:12:07 -06:00
ec524da6cb
SEC-2416: Fix Hello MVC guide
2013-12-05 15:47:38 -06:00
fc6fc19eed
Fix guides
2013-12-05 13:16:59 -06:00
2c8946c406
Next development version
2013-11-01 14:20:55 -05:00
9c703a3051
Release version 3.2.0.RC2
2013-11-01 14:20:49 -05:00
348e3a22b6
SEC-2365: registerAuthentication->configure
2013-10-16 13:59:56 -05:00
0978c12c47
SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder
2013-10-15 12:35:32 -05:00
0b0e7dbea9
SEC-2359: Merge DefaultLoginPageViewFilter w/ DefaultLoginPageGeneratingFilter
2013-10-14 15:00:24 -05:00
4ef0460ef6
SEC-2321: Improve Java Config defaults for JavaScript clients
2013-10-11 14:53:11 -05:00
76a8bbe98d
SEC-2354: Add failOnMissingWebXml=false to sample pom.xml
2013-10-07 08:12:35 -05:00
88f41cdf62
SEC-2341: Update to Gradle 1.8
...
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
3d2f23602f
SEC-2294: Update Spring Version to 3.2.4.RELEASE
2013-08-31 11:26:43 -05:00
658a93178c
SEC-2252: Add custom form guide
2013-08-19 15:22:04 -05:00
51b9c4a19a
Hide logout in main.jsp if not logged in
2013-08-17 14:38:39 -05:00
d62c2e0835
SEC-2244: Defaults based on loginPage are now updated when loginPage changes
2013-08-16 14:48:45 -05:00
e9bb9e766e
SEC-1574: Add CSRF Support
2013-08-15 14:49:21 -05:00
54c2166567
SEC-2194: Remove unnecessary MessageSecurityWebApplicationInitializer from helloworld
2013-08-15 12:50:41 -05:00
fea4d01aad
SEC-2194: hello samples displays username and logout properly
2013-08-15 12:50:41 -05:00
b5ecaf61ed
SEC-2194: Remove samples errors/tabs folders
2013-08-15 12:50:41 -05:00
f036970f8b
SEC-2194: Add margin to links in header of samples
2013-08-15 12:50:41 -05:00
2feded5fc5
SEC-2194: Update samples to have jsp-api
2013-08-15 12:50:40 -05:00
22e4d1646a
SEC-2194: Remove login page from hellomvc and insecuremvc
2013-08-15 12:50:40 -05:00
e8278f3b9b
SEC-2249: AbstractSecurityWebApplicationInitializer allows register config
2013-08-08 14:33:54 -05:00
976d9a9016
SEC-2194: Polish java config sample apps
2013-08-08 14:33:54 -05:00
1f86d5dad9
SEC-2097: Add Tomcat Gradle plugin
2013-08-05 16:49:34 -05:00
388a4dd9db
SEC-2194: Add Java Config samples
2013-08-05 16:49:33 -05:00
36418b964d
Remove samples/runall.sh
2013-08-01 13:19:21 -05:00
e242aeff3e
SEC-2230: Polish and clickjacking demo
2013-08-01 10:19:36 -05:00
8c3ac719bb
SEC-2230: Added testing certificates
2013-08-01 09:48:09 -05:00
0bc08f8a23
SEC-2230: Update contacts sample to use <headers> with no child elements
2013-08-01 09:47:57 -05:00
0adf5aea91
SEC-2098, SEC-2099: Created HeadersFilter
...
Created HeadersFilter for setting security headers added including a
bean definition parser for easy configuration of the headers. Enables
easy configuration for the X-Frame-Options, X-XSS-Protection and
X-Content-Type-Options headers. Also allows for additional headers to
be added.
2013-07-25 16:22:43 -05:00
5e6ca12b01
SEC-2097: Update integrationTestCompile to use optional and provided
...
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
02551e1b7a
SEC-2214: Update Spring Version
2013-07-16 15:15:47 -05:00
faa8b354b7
SEC-2209: add pom.xml
2013-07-16 15:15:47 -05:00
e5fc063680
SEC-2206: Gradle Propdeps
2013-07-16 15:15:42 -05:00
07c3fdf8a7
SEC-2195: Update Groovy, Geb, Spock, httpcomponents, and Jetty
2013-07-16 15:02:39 -05:00
896339087f
SEC-2122: Update samples to use bcrypt.
...
Data sources modified to store bcrypt hashes and configs now
use BCryptPassworEncoder.
2013-05-17 18:44:30 +01:00
e8661913d1
SEC-2119: Update to 3.2 schema and use default schema version when available
2013-03-01 16:29:27 -06:00
22e333b9c6
SEC-2092: Add servlet api example
2012-12-11 17:44:57 -06:00
1ed643ca1f
SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
...
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
78cbdd2c93
Reserve Server Ports in integrationTests
...
Previously the build would look up a server port dynamically, but since
it closed the port immediately it may not be reserved by the time jetty
started up.
We now reserve the port and do not close it till just before Jetty starts.
While there is still a race condition, it is much smaller window of time
than it was previously.
2012-11-01 11:14:50 -05:00
6af3e1958b
Update to Groovy 1.8
2012-09-04 09:48:29 -05:00
a2452ab514
SEC-1906: Update to Gradle 1.0
2012-07-05 12:41:56 -05:00
dec44811fc
Gave correct role name
2012-02-28 14:41:14 +01:00
0e413cedcb
Gave correct role name
2012-02-28 14:39:30 +01:00
044861eb20
Renamed **/*Spec.groovy to **/*Tests.groovy to better follow conventions
2011-12-29 12:59:24 -06:00
b60367e30c
Upgrade to validater 4.2
2011-11-01 00:20:45 +00:00
9d66e1fac3
Exclude static resources from filter chain in tutorial sample.
2011-09-25 22:30:14 +01:00
7e44580c75
Minor refactoring of aspects tests.
2011-07-20 17:42:05 +01:00
dc92baa257
Remove truststore settings from tutorial sample as they aren't required.
2011-06-13 15:03:51 +01:00
e4ecdd55f6
Enable https in tutorial sample.
2011-06-13 13:45:09 +01:00
80fd96df6d
SEC-1650: Updates and corrections to tutorial sample to fit better with new tutorial.
2011-06-07 16:46:38 +01:00
c9b328d8c7
SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts
2011-06-02 21:19:01 -05:00
e8a1a6e40b
Added spring-expression to config module testCompile to fix build.
2011-05-19 23:50:35 +01:00
3de0041874
Reverted cas Readme.txt from instructing to run from samples/cas/sample
2011-05-16 22:09:58 -05:00
076a75d8c3
Cleaned up cas task dependency declarations
2011-05-15 22:09:28 -05:00
11dc3363cc
Moved cas server and cas sample into common parent folder (samples/cas)
2011-05-15 22:09:08 -05:00
1c1ffe2f0f
Added CA's to server.jks from cacerts included with Sun JDK
...
- Allow handshake to succeed for the build to upload to amazon
- Allows the same trust store to work for openid and CAS sample applications
2011-05-13 18:05:16 -05:00
e1f4c3d325
Created a casserver module to better isolate it from the cas sample application now that an overlay is being done
2011-05-12 22:17:43 -05:00
4d786d74cf
Reworded CASSampleSpec test method to reflect single logout
2011-05-12 22:17:43 -05:00
4c43bde064
Set log levels to ERROR level when running CAS integration tests
2011-05-12 22:17:43 -05:00
9525403385
Added CAS Server overlay to make single logout be synchronous and enabled itests for the cas sample
2011-05-12 22:17:43 -05:00
d2175468ee
Disable CAS interation tests until CI problems are resolved.
2011-04-28 19:17:29 +01:00
06faea8cfc
Typos.
2011-04-28 18:55:38 +01:00
97afb0c9ac
SEC-965: Added assert to LoginPage.at
2011-04-18 23:52:20 -05:00
01fb4bdb6d
SEC-1718: Update documentation and sample application to demonstrate how to use a PGT to authenticate to stateless services using a PT
2011-04-17 18:17:14 -05:00
abfa558c3c
Removed Dummy.java from cas sample
2011-04-17 18:14:16 -05:00
11331d34d9
SEC-1717: Document how to perform Single Logout with CAS and added integration test for sample application to test Single Logout
2011-04-17 18:14:16 -05:00
761d5af6ec
SEC-965: Added integration tests for CAS Sample Application
2011-04-17 18:14:14 -05:00
f1c064b3b9
SEC-965: Updated CAS Sample application for proxy authentication
...
* Configured for proxy authentication
* Cleaned up the jsps
* Changed the cas sample context root to cas-sample so the CAS Server's JSESSIONID cookie doesn't remove the cas samples
2011-04-17 18:00:37 -05:00
ddaf9eb64f
SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter.
2011-03-31 21:09:54 +01:00
a50c9afbab
Modified jaas sample's LoginModule to prevent empty string username/password
2011-03-07 22:25:19 -06:00
9e5d35235c
Made the principal for jaas sample serializable
2011-03-07 22:25:16 -06:00
72f031253f
Remove unnecessary dependency repos and update GAE version.
2011-02-28 15:43:25 +00:00
d58dd79a52
SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled.
2011-01-25 13:16:46 +00:00
19e56f4397
Stripping out unnecessary dependencies from sample jars.
2011-01-10 17:27:58 +00:00
7316bcff75
Updated outdated CAS sample readme with instructions for running CAS using gradle
2010-12-20 22:22:19 +00:00
bbcc611af5
CAS server version upgrade and minor tweaks to CAS sample build file.
2010-12-20 22:12:35 +00:00
4a40d80da1
SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
...
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
51a53ddbaa
Minor refactoring of GAE code to use specific GrantedAuthority type.
2010-11-17 14:15:11 +00:00
fc00d7ef1d
Move the unix scripts for the tutorial sample into a subdirectory
2010-11-12 15:19:46 +00:00
37810a19c4
SEC-1619: Added check in GAE sample for change of Google user while still logged into the app.
...
Also updated GAE version and build script. Uploading to GAE now works when run from the gradle build file using the command 'gradle gaeDeploy'.
2010-11-10 15:37:42 +00:00
ffccc5f446
SEC-1617: Added spring-security-taglibs as a runtime dependency to jaas.gradle
2010-11-08 19:27:44 -06:00
685e0417a7
SEC-1544: Update the tutorial sample to attempt to delete the JSESSIONID cookie on logout.
2010-09-19 18:30:52 +01:00
de819378fc
SEC-1536: added JAAS API Integration, updated doc, updated jaas sample
2010-09-13 13:12:45 -05:00
58d9903ebc
SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider
2010-09-10 20:17:22 -05:00
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
bdb906e588
Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.
2010-08-24 18:25:39 +01:00
b39b63bf3d
Add logback configuration for contacts sample.
2010-08-22 22:43:49 +01:00
b2fc1d8491
Fix namespace schema version in CAS sample.
2010-08-22 22:43:10 +01:00
07d8275ee6
Modify order of saxon and xerces deps in dependency list to prevent Aelfred parser from being used in build.
2010-08-22 22:31:01 +01:00
102bc2d6a0
Reduce unnecessary use of aspectj as a build dependency
2010-08-19 23:23:03 +01:00
c37ca1c2a9
Sample app build adjustments to remove unwanted deps such as jsp-api, tidy up use of JSTL, make sure all are using servlet 2.5 etc.
2010-08-19 22:41:51 +01:00
6abfa2e887
Update minimum required schema to 3.1.
2010-08-17 02:19:55 +01:00
992566b6cb
SEC-1527: Internationalization of contacts sample (Adding message resource bundle and RequestContextFilter). Re-working of L12n section of manual to mention existing localized message files and use of RequestContextFilter.
2010-08-14 01:07:51 +01:00
281d77271e
SEC-1486, SEC-1538, SEC-1537: Generification of AuthenticationDetailsSource. Deprecation of non-web pre-authentication classes and other unnecessary classes. Removal of reflection in WebAuthenticationDetailsSource.
2010-08-13 15:51:05 +01:00
1a838c2049
SEC-1533: AclAuthorizationStrategyImpl can now take either one or three GrantedAuthority arguments. If only one is supplied, it will be used for all 3 of the permissions supported by the class.
2010-08-07 14:41:25 +01:00
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
413b2a06e3
Improvements in up-to-date checking and use of parallel tests where possible.
2010-08-05 02:11:00 +01:00
64375484a1
More build and logging tuning.
2010-08-04 22:55:17 +01:00
c4ee46824c
Removing log4j.properties files and adding logback config ones.
2010-08-04 21:16:05 +01:00
d1279aeda2
Logging adjustments for gae sample.
2010-08-02 19:51:24 +01:00
6ba8257cab
Renamed file to fix case-sensitivity issue.
2010-08-02 12:13:58 +01:00
52edf115ce
Workaround for repeated attempt to download CAS server poms (GRADLE-1072)
2010-07-28 20:04:15 +01:00
2d9a848265
Added missing gradle build files for remaining samples. Some related reordering, dependency fixing etc. CAS sample no longer requires two separate subprojects as both client and server app can be run from a single gradle build.
2010-07-27 02:20:36 +01:00
a74077f9b1
SEC-1490: Minor changes to GAE sample. Simplification of redirect to registration page (only needs to be done after authentication).
2010-07-25 20:46:00 +01:00
e659e15f90
Tidying.
2010-07-23 01:57:45 +01:00
2afccfc633
Remove commons-logging dependency properly and switch tutorial sample to logback/slf4j.
2010-07-23 01:57:31 +01:00
a681dee0e1
Minor sample build changes. JSTL dependency update.
2010-07-20 23:45:20 +01:00
e5a302b5c4
SEC-1490: Correct loggedout URL.
2010-07-20 23:43:43 +01:00
5d35919ca3
SEC-1490: Code for GAE Sample webapp
2010-07-20 23:41:31 +01:00
c1c8fd1874
SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request).
2010-07-20 19:46:47 +01:00
565ef7383d
SEC-1513
...
upgraded to latest version of cas client
2010-07-06 22:09:24 -04:00
026517f674
Removal of deprecated methods and classes.
2010-06-26 16:23:42 +01:00
5939f17708
Fix openid sample configuration.
2010-06-09 22:52:43 +01:00
6a37e4be86
Fix OpenID sample to use new syntax for excluding requests.
2010-06-05 16:53:01 +01:00
efb600166a
SEC-1488: Remove commons-logging dependencies from maven poms.
2010-05-28 13:10:59 +01:00
080430150a
SEC-187: Refactoring contact Dao to use JdbcTemplate, and removing unused query objects (which have been there since 2004!)
2010-05-25 16:47:57 +01:00
64d59e1d32
Some extra FAQs and added comment to samples runall.sh script to explain that it's for dev only.
2010-05-03 14:56:22 +01:00
a421370a3d
SEC-1465: Change DelegatingMethodSecurityMetadataSource to use constructor injection to get round the problem of it being invoked before it has been initialized properly. Also changed the contacts tests to use the same app context and loading order as the actual webapp, to give better reassurance that the app will run successfully.
2010-04-25 22:00:25 +01:00
def5f88c8c
SEC-1431: Added openid-selector to openid sample, plus AX configuration for myopenid.com.
2010-04-21 17:16:03 +01:00
2f025fba6c
SEC-1460: Added AxFetchListFactory which matches OpenID identifiers to lists of attributes to use in a fetch-request.
...
This allows different configurations to be used based on the identity-provider (google, yahoo etc). The default implementation iterates through a map of regex patterns to attribute lists. The namespace has also been extended to support this facility, with the "identifier-match" attribute being added to the attribute-exchange element. Multiple attribute-exchange elements can now be defined, each matching a different identifier.
2010-04-20 23:47:48 +01:00
ee1fd1bc50
SEC-1431: Modify OpenID sample to use a custom UserDetailsService which allows any user to authenticate, allocating them a standard role and "registers" their ID in a map, allowing it to be retrieved in subsequent logins.
2010-04-20 23:47:48 +01:00
12a6ae2ffa
SEC-1232: Add config dependency to maven build for aspectj sample.
2010-03-31 19:58:59 +01:00
a3ef8255d8
SEC-1232: GlobalMethodSecurityBeanDefinitionParser support for mode='aspectj'
...
Also added this syntax to the aspectj sample.
2010-03-31 18:31:28 +01:00
d334f6fa09
Latest gradle syntax updates.
2010-03-28 23:54:41 +01:00
55de2cfcb1
SEC-1262: Added new (replacement) AspectJ interceptor which wraps the JoinPoint in a MethodInvocation adapter to provide compatibility with classes which only support MethodInvocation instances.
...
Also deprecated the existing AspectJ interceptors. This will also allow future simplification of the AbstractMethodSecurityMetadataSource, as it no longer needs to support JoinPoints.
2010-03-11 01:51:59 +00:00
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
2010-03-07 21:58:25 +00:00
b147652193
Make hsqldb a testRuntime/runtime dependency.
2010-03-01 01:10:58 +00:00
5aae545949
SEC-1232: Re-enable aspects module and aspectj sample in maven build.
2010-02-25 20:09:01 +00:00
e2a8f81ae8
Update aspectj version in sample to 1.6.8
2010-02-20 18:50:36 +00:00
b37d2ed978
SEC-593: Added PermissionCacheOptimizer strategy interface and implementation in Acl module.
...
This is used by DefaultMethodSecurityExpressionHandler to allow permissions to be cached before repeatedly evaluating an expression for a collection of domain objects.
2010-02-20 18:02:12 +00:00
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
2010-02-19 17:35:19 +00:00
44f45d21f0
3.0.2 release. Update version in build files.
2010-02-19 01:22:21 +00:00
2f40088fe7
Change spring-aop dep to compile scope in contacts sample
2010-02-08 12:34:19 +00:00
15c309a2ed
Add spring-aop to acl and contacts compile dependencies following changes for SEC-1390.
...
AopInfrastructureBean interface is now required.
2010-02-06 21:22:12 +00:00
0974e21fb6
SEC-1379: Added creation of a session if session timeout is detected (requested session ID is invalid).
...
This prevents problems with repeated detection of the same invalid session when the redirected request comes in.
2010-01-23 02:12:30 +00:00
a5dde8b28f
Updated doc on invalid session detection.
...
Invalid session URL must typically be omitted from the filter chain to prevent an infinite loop.
2010-01-17 14:41:24 +00:00
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
2010-01-15 18:15:19 +00:00
05634f97dc
Updated version numbers for 3.0.1 release.
2010-01-15 18:04:28 +00:00
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
2010-01-10 23:31:23 +00:00
e211f9b35f
SEC-1349: Allow configuration of OpenID with parameters which should be transferred to the return_to URL.
...
The OpenIDAuthenticationFilter now has a returnToUrlParameters property (a Set). If this is set, the named parameters will be copied from the incoming submitted request to the return_to URL. If not set, it defaults to the "parameter" property of the AbstractRememberMeServices of the parent class. If remember-me is not in use, it defaults to the empty set.
Enabled remember-me in the OpenID sample.
2010-01-09 01:04:13 +00:00
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
Spring Buildmaster
Joe Grandja
Johnny Lim
Rob Winch
Eddú Meléndez
Billy Korando
Michael Osipov
Peter David Faria
zhanhb
Thomas Darimont
Hans-Joachim Kliemeck
Rob Winch
Marten Deinum
Luke Taylor
Abdull
Rob Winch
Luke Taylor
Scott Battaglia