Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.
Issue gh-4080
Previously itest/web used Servlet 2.5 which Spring 5 is not
compatabile with. This commit removes unnecessary tests (ones that
were already covered) and converts the remaining tests to MockMvc
using the provided servlet version.
Issue gh-4080
Spring 5 removes ref XML attribute in favor of bean XML attribute. This
commit updates all the samples and tests to use bean instead of ref.
Issue gh-4080
Previous to this commit, role prefix had to be set in every class
causing repetition. Now, bean `GrantedAuthorityDefaults` can be used to
define the role prefix in a single point.
Fixes gh-3701
* Use new test method name convention of
methodNameWhen<Condition>Then<Expectation>
* Check null Cookie
* Check Cookie.getName() for crlf since we do not want to rely on the
implementation. For example Cookie could be overriden by extending it.
* Use Crlf as convention instead of CLRF as style guide
* Create new FirewalledResponse before each test to ensure isolation
* Use Mock for HttpServletResponse delegate to keep test in isolation (i.e.
we do not want our tests to fail if MockHttpServletRequest changes an
Exception error message)
Issue gh-3910
Previously <headers defaults-disabled="true"/> would fail if there were
no children with an IllegalArgumentException. This allows using
defaults-disabled="true" and no children as an alias for disabled="true".
Fixes gh-3986
Introduced `RoleHierarchyUtils` which enables convenient
construction of `RoleHierarchy` from map based representation.
Where the map key is the role name and the map value is a list
of implied role names.
Here is a small example for that in action:
https://gist.github.com/thomasdarimont/ee9fffdef1adb9243b12ad247478aad4Fixes#3990.
Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
* Fix passivity and add tests
* Introduce SessionInformationExpiredEvent as a value object
* Rename ExpiredSessionStrategy to SessionInformationExpiredStrategy
to account for the need of SessionInformation
* Switch to Constructor Injection
* Move the changes to the xsd to 4.2 xsd instead of 4.1
Issue gh-3808
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.
Fixes gh-3794
Fixes gh-3795
We have an issue where token strings that contain a colon break
the existing decoding strategy, which tokenizes on colons. This
change urlencodes the individual tokens when creating the cookie
string; and urldecodes them decoding the cookie and extracting the
tokens. This also eliminates the need for existing code to deal with
openid tokens which contain urls, and thus colons.
Fixes gh-3355
Issue gh-3736
* ClassLoader argument - this is required because we do not want to assume
the ClassLoader that should be used
* Clean up logging - logging is now at debug level because we don't expect
all of the modules are loaded (they are quite possibly off the ClassPath)
* Remove ObjectUtils as it was being used on methods that expect a
Collection or Array with non collection based objects
* Polish Javadoc warnings
Previously the JSON modules didn't use Spring's Assert.
This commit changes the assertions to use Spring's Assert and does
some minor restructuring.
Issue gh-3736
Rob Winch
Jitendra Singh
Rob Winch
Spring Buildmaster
Milan Ševčík
Eddú Meléndez
Gabriel Lavoie
Julio Valcarcel
Joe Grandja
Thomas Darimont
Fred Cooke
Marten Deinum
Dennis Kieselhorst
Stefan Penndorf
Jeremy Waters
Kazuki Shimizu
Jitendra Singh Bisht