Luke Taylor
e1f575c545
SEC-1480: Add simple equals and hashcode methods based on DN value to LdapUserDetailsImpl to allow its use as a map key (in SessionRegistry, for example).
2010-05-15 02:29:11 +01:00
Luke Taylor
2b9beffd08
SEC-1444: Fix JNDI escaping problems in LDAP authentication.
...
CompositeName adds quotes to names which contain a forward slash ("/") character. These are automatically removed by Spring LDAP's DistinguishedName, but only if they are at the ends of the String. Since we were preprending the base to the (quoted) DN, resulting in something like ["cn=joe/b",ou=people], this was causing problems with the DN value returned from the search. Additionally, the bind succeeds when a DN is used with a slash, but the subsequent call to getAttributes() fails. This call now passes in a DistinguishedName for the user DN instance instead of a String.
2010-03-27 15:30:15 +00:00
Luke Taylor
977bc2b164
SEC-1433: Reduce the number of direct dependencies on DataAccessException from spring-tx.
...
It is still required as a compile-time dependency by classes which use Spring's JDBC support, but it doesn't really have to be used in many interfaces and classes which are not necessarily backed by JDBC implementations.
2010-03-26 18:05:28 +00:00
Luke Taylor
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
2010-03-07 21:58:25 +00:00
Luke Taylor
2f1479785e
Refactoring to remove remaining circular dependencies indicated by structure101.
2010-02-22 01:48:22 +00:00
Luke Taylor
f3f84da625
Increase upper bounds of Spring and Spring Security versions in bundlor templates to 3.2.0.
2010-02-21 23:25:36 +00:00
Luke Taylor
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
2010-02-19 17:35:19 +00:00
Luke Taylor
44f45d21f0
3.0.2 release. Update version in build files.
2010-02-19 01:22:21 +00:00
Luke Taylor
c12c43da9e
Javadoc fixes.
2010-02-14 23:27:09 +00:00
Luke Taylor
36612377e2
Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents.
2010-02-14 23:23:23 +00:00
Luke Taylor
23511c930f
Standardising slf4j versions.
2010-02-11 01:33:31 +00:00
Luke Taylor
10cd080090
SEC-1356: Update createUser method in LdapUserDetailsManager to create the LDAP entry before adding authorities. Prevents removal of authorities for an existing user.
2010-01-20 18:51:29 +00:00
Luke Taylor
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
2010-01-15 18:15:19 +00:00
Luke Taylor
05634f97dc
Updated version numbers for 3.0.1 release.
2010-01-15 18:04:28 +00:00
Luke Taylor
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
2010-01-10 23:31:23 +00:00
Luke Taylor
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
Luke Taylor
115d5b84ff
[maven-release-plugin] prepare for next development iteration
2009-12-22 22:20:01 +00:00
Luke Taylor
6c6ef08353
[maven-release-plugin] prepare release spring-security-3.0.0.RELEASE
2009-12-22 22:19:38 +00:00
Luke Taylor
e64866ae6a
Updated bundlor templates and introduced spring.version variable
2009-12-22 01:10:04 +00:00
Luke Taylor
fcce29f8df
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
2009-12-21 17:32:38 +00:00
Luke Taylor
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
2009-12-18 18:44:42 +00:00
Luke Taylor
cad32ffe39
SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface.
2009-12-13 17:37:24 +00:00
Luke Taylor
520e733cb2
[maven-release-plugin] prepare for next development iteration
2009-12-08 21:19:41 +00:00
Luke Taylor
f2cf17bd49
[maven-release-plugin] prepare release spring-security-3.0.0.RC2
2009-12-08 21:19:20 +00:00
Luke Taylor
dab76249db
Added gradle build files (experimental)
2009-12-04 21:33:17 +00:00
Luke Taylor
9d85168a10
Fix apache-ds shard-ldap version in template.mf (should be 0.9.15)
2009-11-04 18:18:46 +00:00
Luke Taylor
3f963ef8ca
Restore versions and svn URLs in trunk (release plugin fail)
2009-10-11 21:59:38 +00:00
Luke Taylor
af563e826c
[maven-release-plugin] prepare release spring-security-3.0.0.RC1
2009-10-11 21:43:42 +00:00
Luke Taylor
021f650f3d
Tidying up ldap pom
2009-10-11 15:28:00 +00:00
Luke Taylor
908e88b802
Import cleaning.
2009-10-08 12:27:41 +00:00
Luke Taylor
0e9452c17c
SEC-1074: Customized interceptor list for DefaultDirectoryService, including removal of SchemaInterceptor.
2009-10-07 22:04:18 +00:00
Luke Taylor
caff3ee9ba
SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).
2009-10-05 19:28:53 +00:00
Luke Taylor
245fc96137
SEC-1075: Update the embedded LDAP server to use Apache DS 1.5. Updated to use the new 1.5.5 release for the embedded server.
2009-09-01 23:21:44 +00:00
Luke Taylor
f6f5855b52
SEC-1222: Provide a constructor for LdapUserDetailsService that does not require an LdapAuthoritiesPopulator. Done.
2009-09-01 16:42:11 +00:00
Luke Taylor
5a8772df5b
Reset pom versions post release
2009-08-21 12:02:49 +00:00
Luke Taylor
0e5aa7008d
[maven-release-plugin] prepare release spring-security-3.0.0.M2
2009-08-20 15:51:26 +00:00
Luke Taylor
d47abbc35f
SEC-1223: Added break to bindWithDnLoop when non-null use is returned.
2009-08-19 21:34:05 +00:00
Luke Taylor
2f9a98c7ce
SEC-214: Update keywords.
2009-08-18 23:39:33 +00:00
Luke Taylor
8ed9f8a057
Remove wrongly named file
2009-08-18 23:32:40 +00:00
Luke Taylor
4df370b100
SEC-214: Add functionality to be able to use LDAP password policy request/response controls. Added PasswordPolicyAwareContextSource, ppolicy control implementations (from Sandbox) and modified BindAuthenticator to check for the presence of the response control, adding the control to the retured DirContextAdapter if appropriate. LdapUserDetailsImpl also contains the data for grace logins remaining and time till password expiry. Added OpenLDAP startup script with test data and integration test which operates against the data (must be run manually).
2009-08-18 23:09:16 +00:00
Luke Taylor
719a5e09d8
SEC-1205: Added comment to Javadoc for PasswordComparisonAuthenticator to indicate that it won't work with SSHA passwords
2009-07-22 16:11:24 +00:00
Luke Taylor
01b8def455
SEC-1145: Added test to confirm that there is no pooling issue in the trunk. There are already checks for the presence of the pooling flag.
2009-06-03 17:13:33 +00:00
Luke Taylor
131ba5c62e
Reset poms to 3.0.0.CI-SNAPSHOT after tagging M1 release
2009-05-27 00:12:30 +00:00
Luke Taylor
e2c218e8c9
[maven-release-plugin] prepare release spring-security-3.0.0.M1
2009-05-26 23:44:11 +00:00
Luke Taylor
6d655aa514
SEC-1132: More refactoring to remove cycles ad reduce complexity metrics
2009-05-04 14:24:54 +00:00
Luke Taylor
929b6bb1a0
Refactoring to remove warnings in LDAP module.
2009-04-27 11:05:58 +00:00
Luke Taylor
22e7142f45
SEC-998: Bundlor enabled in web, ldap, config and core modules
2009-04-24 09:12:53 +00:00
Luke Taylor
21e36e0a57
Updated version number from 2.5.0-SNPSHOT to 3.0.0.CI-SNAPSHOT
2009-04-22 12:55:52 +00:00
Luke Taylor
1fa46f4ad2
SEC-1104: Added check of "running" flag in stop() method to prevent stopping twice.
2009-04-22 06:25:36 +00:00
Luke Taylor
b2b2c95e55
SEC-1098: Added ignorePartialResultException property which is set on the LDAP template.
2009-04-21 03:37:16 +00:00
Luke Taylor
c7baeab172
SEC-1117: Moved check for empty password from LdapAuthenticationProvider to BindAuthenticator to allow use with Ntlm.
2009-04-20 06:08:00 +00:00
Luke Taylor
350f75f7f3
SEC-1084: Retain Authentication.details when authenticating in LdapAuthenticationProvider.
2009-04-20 05:02:42 +00:00
Luke Taylor
93bdcccaee
SEC-1132: Moved userdetails into core and added core/authority sub-package
2009-04-15 07:39:21 +00:00
Luke Taylor
10673780db
OPEN - issue SEC-1136: Removed SpringSecurityException. Introduced new AclException as base class for Acl module. Refactored JAAS authentication to map to AuthenticationExcpetions rather than SpringSecurityException. Modified ExceptionTranslationFilter to look explicitly for AuthenticationException or AccessDeniedException (which it should do since these are the only two it handles).
2009-04-13 14:56:49 +00:00
Luke Taylor
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
2009-04-13 13:43:23 +00:00
Luke Taylor
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
2009-04-12 12:23:23 +00:00
Luke Taylor
f746a20ab4
SEC-1132: package refactoring of non-core modules
2009-03-27 05:01:03 +00:00
Luke Taylor
bec84f874a
SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.
2009-03-26 07:18:36 +00:00
Luke Taylor
2a9a8a41db
SEC-1125: Created separate web module spring-security-web
2009-03-25 06:28:18 +00:00
Luke Taylor
2c985a1c36
SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources
2009-03-23 04:23:48 +00:00
Luke Taylor
9b52e7bf69
SEC-1124: Added extra refactored class.
2009-03-19 06:34:20 +00:00
Luke Taylor
4aae5ec42e
SEC-1124: Refactored LDAP code into separate module
2009-03-19 06:30:32 +00:00
Luke Taylor
69b86fd045
SEC-1124: Create LDAP module. Added maven subproject
2009-03-19 03:31:02 +00:00