Previously Spring Security did not save the Security Context immediately prior
to the following methods being invoked:
- HttpServletResonse.flushBuffer()
- HttpServletResonse.getWriter().close()
- HttpServletResonse.getWriter().flush()
- HttpServletRespose.getOutputStream().close()
- HttpServletRespose.getOutputStream().flush()
This meant that the client could get a response prior to the SecurityContext
being stored. After the client got the response, it would make another request
and this would not yet be authenticated. The reason this can occur is because
all of the above methods commit the response, which means that the server can
signal to the client the response is completed. A similar issue happened in
SEC-398.
Now the previously listed methods are wrapped in order to ensure the SecurityContext
is persisted prior to the response being committed.
When SEC-1950 was introduced it caused problems when a <filter-mapping> was mapped
to multiple dispatchers (i.e. REQUEST and FORWARD) since when the second dispatcher
completed execution it cleared the SecurityContext and the original FilterChain
would then save the cleared out SecurityContext.
We now use a pattern similar to the OncePerRequestFilter to only invoke
SecurityContextHolder.clearContext() on the first invocation of the Filter. We do not simply extend
OncePerRequestFilter because we want to invoke the delegate filters for every request.
Previously communication errors with LDAP were only logged at debug level.
Communication errors (along with other non-authenticated related NamingExceptions)
are now logged as error messages. We created an InternalAuthetnicationServiceException
to represent errors that should be logged as errors to distinguish between internal
and external authentication failures. For example, we do not want an OpenID Provider
being able to report errors that cause our logs to fill up. However, an LDAP system is
internal and should be trusted so logging at an error level makes sense.
Previously subclasses of AbstractSecurityInterceptor did not restore the original
Authentication when RunAsManager was used and an Exception was thrown in the
original method.
AbstractSecurityInterceptor has added a new method finallyInvocation which
should be invoked in a finally block immediately after the original invocation
which will restore the original Authentication. All existing sub classes have
been updated to use this new method.
Previously the documentation was referring to what ConcurrentSessionControlStrategy
performed.
Now the documentation has been moved to the ConcurrentSessionControlStrategy#onAuthentication
method.
Previously SessionFixationProtectionStrategy javadoc mentioned injecting
the SessionRegistry. However, this property is only available on
ConcurrentSessionControlStrategy (a subclass).
Now the mention has been removed. It is apparent the property is required
in ConcurrentSessionControlStrategy since it uses constructor injection.
Previously JdbcTokenRepositoryImpl would log an error with a misleading
message when the token series was missing.
Now JdbcTokenRepositoryImpl logs missing token series at info level with
a more informative message.
There were two issues that needed resolved
- Since DefaultWebSecurityExpressionHandler no longer implemented WebSecurityExpressionHandler a bean lookup by
type would not work. This caused failures in the JSF support.
- The method createEvaluationContext needed to be explicitly defined on WebSecurityExpressionHandler since the
parameterized type from the super interface is not preserved at compile time. Without explicitly defining the
method any class compiled against a previous version would cause a NoSuchMethodException.
This fixes two issues introduced by SEC-1229
* SessionRegistry.registerNewSession is invoked twice
* SessionRegistry.removeSession is invoked twice (once by the
ConcurrentSessionControlStrategy#onSessionChange and once by
SessionRegistryImpl#onApplicationEvent). This is not nearly
as problematic since the interface states that implementations
should be handle removing the session twice. However, as removing
twice requires an unnecessary database hit we should only remove
sessions once.
This should cater for implementations which want to use
the full filtering capabilities while creating a custom
expression root object.
Also cleaning whitespace.
NOTE: The Groovy code that automated most of this is attached to SEC-1545
A mapping of Missing Key to the file that the key is found are as follows:
----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties----------
JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java]
JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java]
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_de.properties----------
JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java]
JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java]
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_it.properties----------
JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java]
JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java]
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties----------
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_pl.properties----------
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties----------
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties----------
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties----------
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties----------
PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java]
How unknown keys were gussed by existing keys
----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_de.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_es_ES.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_fr.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_it.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_pl.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties----------
AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired
AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled
AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired
AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked
AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission
BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword
ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed
DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm
DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse
DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth
DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory
DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised
DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding
DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired
DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric
DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens
DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound
LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials
LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports
SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching
SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser
SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication
VirtualFilterChain now accepts the FirewalledRequest in the constructor. The reset method is called directly on the instance passed in instead of looping through the ServletRequestWrappers.
Rob Winch
mpigg
Rob Winch
Tristan Burch
Luke Taylor
Andrei Stefan
Rob Winch