4b8455c831
Tidying comments.
2007-12-06 16:40:16 +00:00
4c6e41af7d
Tidying comments.
2007-12-06 16:33:59 +00:00
c66a3ba323
@deprecate FilterToBeanProxy in favour of the simpler and Spring Core provided DelegatingFilterProxy.
2007-12-06 09:43:43 +00:00
ab23fe56ad
Added log msg for loading of ldif files.
2007-12-06 00:14:25 +00:00
a1abcc39d2
SEC-513: Minor work on LDAP UserDetailsManager implementation.
2007-12-06 00:13:42 +00:00
e3432c2407
Some changes suggested by Spring LDAP guys to improve template usage.
2007-12-06 00:13:00 +00:00
4d133be0d0
Tidying.
2007-12-06 00:12:24 +00:00
3ddcc203bf
LdapUserDetailsMapper now throws UnsupportedOperationException for mapUserToContext method as only subclasses of this which implement actual LDAP object classes should be used for writing to a directory.
2007-12-06 00:12:06 +00:00
22052115b6
SEC-617: Make LDAPAuthenticationProvider a standalone class.
2007-12-05 14:39:46 +00:00
88ab9671c6
Correct attribute name.
2007-12-04 14:24:53 +00:00
9b6c798a52
SEC-496: <annotation-driven> element.
2007-12-04 14:14:17 +00:00
949205b369
Correction of equals(Object) and hashCode() methods.
2007-12-04 12:44:40 +00:00
85085abf9e
Add namespace support for Servlet API integration.
2007-12-04 12:23:41 +00:00
8c3cc5c67b
Add hash code support.
2007-12-04 11:21:39 +00:00
8e7c540b16
General refactorings and improvements to namespace support, including
...
autoDetect="true" attribute for <http> element.
2007-12-04 10:35:08 +00:00
2441ab6d9a
Move "realm" attribute to be on <http> element rather than <http-basic>.
...
This faciltiates reuse with other mechanisms (like Digest) whilst also
moving towards the <http-auto-configure> element (which benefits from
having shared configuration in <http> as opposed to mechanism-specific
elements).
2007-12-04 08:02:40 +00:00
d9ec944579
Refactor strings to static fields. To facilitate unit testing, package
...
protected visibility was adopted for all element names, attribute names,
and attribute default values. A public access modifier was used for all
bean IDs assigned to bean definitions created by the
BeanDefinitionParsers.
2007-12-04 07:12:08 +00:00
4e55bd0117
Make extend Spring Security's exception, for consistency with all other Spring Security exceptions.
2007-12-04 06:58:43 +00:00
9b4bb0ffd8
<repository> element and JdbcUserDetailsManager support.
2007-12-04 05:58:54 +00:00
5f98ee6817
<repository> element and JdbcUserDetailsManager support.
2007-12-04 05:54:58 +00:00
0b0b174eda
Support <repository> and JbcUserDetailsManager.
2007-12-04 05:27:17 +00:00
8cf46ad0f8
Remove, as not used.
2007-12-04 05:12:39 +00:00
8c9138b443
Typos.
2007-12-04 02:11:16 +00:00
021f03487e
Enhancements to correctly handle authentication failures.
2007-12-04 01:50:45 +00:00
2a83843e7d
Correct username key.
2007-12-04 01:46:26 +00:00
75391e89de
Tidied up Id tag.
2007-12-04 00:01:09 +00:00
794795712d
Parameter renamed.
2007-12-04 00:00:50 +00:00
97030e8942
Changed LDAP namespace parsing to make sure LDAP provider is registered with ProviderManager.
2007-12-03 23:58:38 +00:00
248d97c9d6
SEC-513: Added support for cache flushing after updating or deleting data in JdbcUserDetailsManager.
2007-12-03 22:12:02 +00:00
d086815d75
Add namespace support for anonymous requests. Also minor improvements to .rnc file as Trang didn't appear to be properly translating multi-line comments to the XSD (all multi-line comments were made single lines).
2007-12-03 07:46:52 +00:00
5c9009a391
Use new SpringSecurityFilter so compatible with enhanced FilterChainProxy class.
2007-12-03 07:44:32 +00:00
239fd05d37
Mark the unused Servlet Container callback methods as final to ensure subclasses do not rely upon them.
2007-12-03 07:33:18 +00:00
a53357778f
Remove superfluous method.
2007-12-03 07:32:23 +00:00
cb765bc34b
SEC-615: Automatically focus on login name HTML element on page load.
2007-12-03 06:34:43 +00:00
86fb6f2dea
Remove OrderedUtils (was used for old namespace testing).
2007-12-03 05:06:11 +00:00
f04f9097b1
Make name consistent with other MVN modules.
2007-12-03 04:10:19 +00:00
47229be5cb
Make samples and tests use username "rod".
2007-12-03 02:56:52 +00:00
3123d24337
SEC-613: Rename tag libraries.
2007-12-03 01:46:11 +00:00
c24958d7b8
Spelling correction.
2007-12-03 01:33:19 +00:00
08db4a1358
SEC-610: Reauthenticate even if AnonymousAuthenticationToken is present.
2007-12-02 02:15:43 +00:00
843a20e691
Changed default namespace in config files to "security" for clarity.
2007-11-29 13:14:15 +00:00
09c588a138
Removed unecessary check in additionalAuthenticationChecks() for null credentials in authentication object. Previous line already throws an exception if null is found.
2007-11-28 19:20:33 +00:00
88e01624eb
SEC-560: Removed local password comparison form PasswordComparisonAuthenticator.
2007-11-28 18:29:04 +00:00
0e1ae11fca
Tidying.
2007-11-28 18:00:43 +00:00
292320bd33
SEC-607: Changed NtlmUsernamePasswordAuthenticationToken to make authenticated=true the default state when an instance is created. NtlmAwareLdapAuthenticator now rejects tokens with authenticated=false (e.g. if the token has been passed remotely).
2007-11-24 20:13:29 +00:00
4f3a1739aa
Changed Ntlm filter to use SpringSecurityFilter base class.
2007-11-24 20:08:17 +00:00
9e2f372bad
SEC-607: Deprecated InitialDirContextFactory and replaced it with SpringSecurityContextSource.
...
Also some refactoring of LdapUserDetailsManager to use a strategy for creating DNs from usernames.
2007-11-20 20:54:48 +00:00
6d5773d177
Replaced creation of new list with Collections.EMPTY_LIST reference.
2007-11-17 23:06:32 +00:00
1196381220
Remove "controls" property as it doesn't really make sense and has never been used.
2007-11-17 20:55:39 +00:00
91e0a329f9
Upgrade to Spring LDAP 1.2 final.
2007-11-17 20:53:26 +00:00
b1b3f585e4
Moved setter methods out of inner classes area.
2007-11-13 22:55:01 +00:00
c485664ee7
Removed accidental use of autoboxing.
2007-11-13 22:16:52 +00:00
3e3dac4050
SEC-600: Added extra test assertions on authentication details object after password change.
2007-11-13 17:17:25 +00:00
cb237055ac
SEC-600: Added Jdbc implementation of UserDetailsManager
2007-11-13 17:11:29 +00:00
81067840ef
SEC-485: Added calculateLoginLifetime method.
2007-11-13 01:16:27 +00:00
b681952933
SEC-545: Added utility methods for checking if user has a particular role to existing AuthorityUtils class. Class may be renamed at some point as more functionality is added.
2007-11-11 23:37:32 +00:00
315d4a247f
Added method to clear datasource field after use.
2007-11-11 23:10:21 +00:00
910e63f83c
SEC-586: Implemented secure channel support in namespace configuration.
2007-11-11 22:07:46 +00:00
c214f4a9bc
Simplified initialization of datasource.
2007-11-11 22:06:22 +00:00
4f3bbb52f6
Pulled methods and fields up into AbstractFilterInvocationDefinitionSource to make it easier to query the map size etc, regardless of the specific type.
2007-11-11 19:29:11 +00:00
28a138f8ec
Converted to use guard clause to reduce nesting.
2007-11-11 19:22:51 +00:00
756be6fed3
Removed unnecessary constructor.
2007-11-11 19:10:47 +00:00
964e6911a7
Added RememberMeServices to list of logout handlers.
2007-11-11 18:11:18 +00:00
2856a6ba43
Allow configuration of embedded ldap server port through ldap namespace configuration. Changed default port from 3389 to avoid conflict with windows remote desktop (as reported by Ray Krueger in dev list).
2007-11-11 16:10:30 +00:00
0e7dac6ca5
SEC-565: Refactoring of TokenBasedRememberMeServices. Changed arguments to makeValidSignature so that it could be used from both places where a signature is required and refactored the class to extend AbstractRememberMeServices. The method processAutoLoginCookie now returns a UserDetails, rather than username, as the UserDetails is needed in TokenBasedRememberMeServices.
2007-11-10 19:20:36 +00:00
1a5ef2dece
SEC-588: Completed JdbcTokenRepositoryImpl and added extra update method to PersistentTokenRepository interface (additional files from failed commit).
2007-11-10 15:56:07 +00:00
7caa1587b3
SEC-588: Completed JdbcTokenRepositoryImpl and added extra update method to PersistentTokenRepository interface.
2007-11-10 15:42:21 +00:00
87a864619d
SEC-592
...
fixed failing test due to thinking a null value should be provided.
2007-11-07 21:44:15 +00:00
981f185575
SEC-592
...
implemented NullStatelessTicketCache and test cases and made it the default for CasAuthenticationProvider.
2007-11-07 18:46:35 +00:00
0a50cd67ce
Tidied up logic for setting token repository in RememberMeBeanDefinitionParser. Plus some tinkering with attributes in rnc file.
2007-11-07 13:29:15 +00:00
9fa32bac7c
SEC-578: Set FilterInvocationDefinitionSource field in FilterChainProxy to null after it has been converted to a map of paths->filters.
2007-11-06 23:58:56 +00:00
9f2bc9a842
SEC-582: Namespace configuration implementation for remember-me support.
2007-11-06 23:20:25 +00:00
b868143fb1
Make sure "start" is called even if working directory is already set.
2007-11-06 22:18:13 +00:00
7ad8e2acf0
SEC-591: Removed default NullRememberMeServices in RememberMeProcessingFilter
2007-11-06 21:43:37 +00:00
4c44bd782f
SEC-588: Added extra tests to check cookie values.
2007-11-04 12:07:49 +00:00
55b1f9348d
SEC-588: PersistentTokenBasedRememberMeServices implementation.
2007-11-03 22:11:26 +00:00
8b199d38ed
Refactored autoLogin method to reduce nesting of conditionals and loops.
2007-10-30 21:09:47 +00:00
d7b6ca281a
Removed unused "autodetect" method.
2007-10-27 11:50:38 +00:00
43fc8e2660
Added Id keyword for all java files
2007-10-27 00:45:30 +00:00
d3b165749f
SEC-583: Implementation of namespace config for concurrent session support.
...
Also some minor adjustments to ordering of different http features in schema.
2007-10-27 00:28:24 +00:00
334d55b12e
Tidying.
2007-10-27 00:26:25 +00:00
685d74d81b
FilterSecurityInterceptor is now configured through ConfigUtils, rather than by autowiring.
2007-10-27 00:25:59 +00:00
0185dc5a90
Moved registration of ProviderManager bean to ConfigUtils.
2007-10-27 00:24:16 +00:00
06ce4b79e9
SEC-584: Remove use of default SessionRegistryImpl.
2007-10-27 00:23:21 +00:00
0cdac4912a
Changed to use a BeanReference when creating default login page to prevent duplication of filter bean.
2007-10-27 00:20:55 +00:00
3d9ea49d19
SEC-585: Made expiredUrl optional.
...
Also implemented Ordered interface for use in namespace configuration.
2007-10-26 23:32:40 +00:00
55ef50a4df
Added checking of path ordering to FilterChainProxy to detect misplaced universal match ("/**").
2007-10-26 13:51:32 +00:00
1bcb62af2e
Remove use of autoconfig, as it was really just a conveniece for creating default access and authentication managers.
2007-10-26 13:05:31 +00:00
700de0d388
Tidying.
2007-10-25 15:07:15 +00:00
03e285c31d
Moved responsability for creating AuthenticationManager into AuthenticationProviderBeanDefinitionParser. Tidied up SecrityNamespaceHandler.
2007-10-25 14:21:45 +00:00
3927ba9ed0
SEC-578: Removed additional FilterChainMap reference.
2007-10-25 13:40:51 +00:00
7ef57c67ed
SEC-578: Removed FilterChainMap class
2007-10-25 11:51:51 +00:00
fb72fa82de
Changed comment to remove reference to FilterChainMap.
2007-10-22 23:56:01 +00:00
acf3966651
SEC-578: Refactored to remove FilterChainMap and use a LinkedHashMap instead to maintain the path ordering. Also made use of Springs ManagedList and ManagedMap to preform resolution of bean names to Filter objects at runtime, replacing the unnecessary bean which was performing this task for the filter lists.
2007-10-22 23:52:29 +00:00
b9cfae5903
Exception for flagging errors in namespace config.
2007-10-20 23:18:41 +00:00
2d3d5ceb8d
Tidying.
2007-10-20 23:17:56 +00:00
cffd3131f0
Added building of filter chain in post-processing, support for basic authentication and automatic generation of login page, if no loginUrl supplied.
2007-10-20 23:17:01 +00:00
f0d8db5ce6
Store the default order values of security filters.
2007-10-20 23:12:41 +00:00
7afa99a21a
Security filter base class.
2007-10-20 23:10:53 +00:00
a6a372a5ab
SEC-568: Added the decorated for filter-chain-map to the namespace handler registry.
2007-10-20 23:10:28 +00:00
2b14d2da98
Make Spring Security filters implement the Ordered interface, for use when post-processing the application context
2007-10-20 23:09:23 +00:00
9b8c06e9f6
SEC-568: Introduced FilterChainMap as a simpler option for configuring FilterChainProxy and introduced a namespace-based for configuring it. The Url pattern matching is factored out into a separate strategy with ant and regex versions.
2007-10-20 23:05:03 +00:00
d6fe97de43
Latest updates to namespace configuration.
2007-10-20 22:58:59 +00:00
28d04c1759
Removed unnecessary casts, corrected incomplete comment and reformatted code.
2007-10-19 11:53:26 +00:00
380b22f50d
Removed unused autodetect method and reformatted code.
2007-10-18 16:50:31 +00:00
c51bcd9c1f
Changed method protection config to make it compatible with MethodDefinitionMap for the time being.
2007-10-14 14:29:15 +00:00
a4b522351f
Added "unprotected" method for tests
2007-10-14 14:15:51 +00:00
0b54eece28
Added code to set the manager username and password if supplied.
2007-10-13 21:20:19 +00:00
3d0f3302dc
RNC file used for convenience to generate the namespace xsd schema file.
2007-10-13 16:27:14 +00:00
0f4cdf345d
Intermediate checkin of experimental namespace config work (additional parser files).
2007-10-13 16:26:08 +00:00
627b0b38ad
Intermediate checkin of experimental namespace config work.
2007-10-13 16:24:24 +00:00
98f6111d06
Corrected wrong error message in ProviderManager.
2007-10-13 12:15:13 +00:00
e561b87987
Switched testOperation method to use unicode escaped characters.
2007-10-13 11:40:16 +00:00
75bc838ae8
Switched testOperation method to use French locale to prevent use of default machine locales such as Chinese (see previous commit sg).
2007-10-11 16:18:28 +00:00
0a214e4930
Removed locale-specific message value assertions which will cause tests to fail if run with a different standard locale for which we have a message file (e.g. Chinese).
2007-10-11 15:23:01 +00:00
92bc57eefd
Switch test to use a specific locale for which we have a message file (french). The default ResourceBundle behaviour is to attempt to load the platform locale if the specified one isn't found before using the default. We don't have a messages_en.properties file, hence trying to use "en" locale on a Chinese computer will result in Chinese messages being used (and test failing).
2007-10-11 15:16:06 +00:00
650a5467e8
Renamed ApacheDSStartStopBean to ApacheDSContainer and implemented LifeCycle interface.
2007-10-03 18:09:53 +00:00
3f2b9cd6fb
SEC-562: More changes of Acegi name in comments, docs etc.
2007-10-03 14:02:39 +00:00
9dbeda1c85
Corrected out of date comments referring to SecurityEnforcementFilter etc.
2007-10-03 11:13:40 +00:00
87ddc63f73
Format to correct spacing.
2007-10-02 16:13:55 +00:00
6fbf73e74f
Added explicit dependency override on mina 1.0.5 to get round this problem:
...
http://issues.apache.org/jira/browse/DIRMINA-366
when using apache DS embedded. It causes failures on linux, but not on OS X.
2007-10-02 16:13:06 +00:00
438dc44004
Minor changes to improve robustess of LDAP tests.
2007-10-02 14:50:08 +00:00
5a3f5fcd78
Minor changes to improve robustess of LDAP tests.
2007-10-02 14:49:08 +00:00
a4266f3fb8
Minor imrovements to configuration of embedded apache server.
2007-10-02 14:20:27 +00:00
acb02246e0
Refactored embedded LDAP server tests to make use of new namespace configuration. Use Junit 4 annotations in preference to AbstractDependencyInjectionSpringContextTests so that it is possible to clear up the context after each class is run rather than at JVM shutdown (causes problems with running embedded apache DS).
2007-10-02 10:52:06 +00:00
77b6503e2e
SEC-271: Added namespace handler class and experimental LDAP parser. The latter creates an embedded Apache DS server if no server URL is supplied, so changed dependencies on the latter to compile-time/optional.
2007-10-02 10:46:38 +00:00
5066fc5e39
SEC-562: Changed urls for login, logout, switch user etc.
2007-09-24 15:39:51 +00:00
eacbc71ba1
Switch ldap server port to 3999 (intermittent test failures occurring).
2007-09-23 20:57:01 +00:00
18c8ba4ac2
SEC-562: Changing constants and key names.
2007-09-23 11:16:01 +00:00
757b153430
SEC-562: Repackaging adapters module.
2007-09-22 11:54:13 +00:00
5a586c04a9
SEC-562: Repackaging core.
2007-09-21 18:18:21 +00:00
274658f9b0
SEC-272: Added group tables to test DB.
2007-09-21 15:51:36 +00:00
d19fe54c01
Renamed test class to match target (JdbcDaoImpl).
2007-09-21 15:50:23 +00:00
400a3b90f0
SEC-232: Additional updates to hierachical roles code from contributor.
2007-09-19 22:10:31 +00:00
eb0307bcd9
SEC-557: Reinstate use of default AccessDeniedHandlerImpl for the time being (2.0 branch).
2007-09-19 16:49:18 +00:00
477dc308f8
SEC-413: Consistent redirect behaviour between LogoutFilter and AbstractProcessingFilter. (previous commit of AbstractProcessingFilter has an erroneous message).
2007-09-19 16:27:23 +00:00
7139cbafbb
Removed assertions on response buffer size.
2007-09-19 16:25:31 +00:00
dde3803532
Removed assertions on response buffer size.
2007-09-19 16:24:20 +00:00
03beaf0777
SEC-448: MD4 password encode implementation.
2007-09-19 15:28:57 +00:00
2ef2bfc514
SEC-561: Removed setting of respose buffer size prior to redirect.
2007-09-19 15:17:29 +00:00
809c962d3b
Corrected method name in comment.
2007-09-19 15:04:30 +00:00
0288204432
SEC-369: Made spring-jdbc and spring-remoting optional dependencies in core. Removed explicit commons-lang dependency and updated commons logging to 1.1.
2007-09-19 00:23:33 +00:00
fdd3dfc51f
Remove explicit commons-lang dependency.
2007-09-19 00:17:04 +00:00
2f03000b68
SEC-232: Add role hierarchy contribution.
2007-09-17 22:37:39 +00:00
1a4b32e50e
Remove unused import.
2007-09-17 22:17:42 +00:00
e872823490
SEC-559: Throw an initialization exception if configured truststore file doesn't exist.
2007-09-17 21:29:40 +00:00
96eb11aadc
SEC-399: Add support for invalidating the existing session on successful authentication.
2007-09-17 15:54:07 +00:00
0efa5c3090
SEC-458: implementy hashCode() in PrincipalSid and GrantedAuthoritySid.
2007-09-17 13:10:17 +00:00
d79d55c8b6
SEC-8: Changes to LDAP authenticator API to take an authentication object rather than username/password.
2007-09-17 12:28:07 +00:00
c7354c125a
SEC-417: Fix. Remove hard-coded messages from JdbcDaoImpl to allow internationalized versions for "user not found" etc.
2007-09-16 22:20:08 +00:00
Luke Taylor
Ben Alex
Scott Battaglia