Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-30 22:28:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,668 Commits 48 Branches 362 Tags
Commit Graph

2946 Commits

Author SHA1 Message Date
Luke Taylor
40e51dd5fe OPEN - issue SEC-649: Add user-service-ref attribute to remember-me namespace element 
http://jira.springframework.org/browse/SEC-649. Added attribute to namespace and parsing support.
 2008-03-31 17:27:58 +00:00
Luke Taylor
cc752cfc28 OPEN - issue SEC-732: Encapsulate query objects in JdbcDaoImpl and JdbcUserDetailsManager 
http://jira.springframework.org/browse/SEC-732. Updated these classes to hide the internal query and update objects to allow future refactoring.
 2008-03-31 16:52:31 +00:00
Luke Taylor
53b084e2f9 Simple tests to detect invalid configurations, particularly when the namespace has been updated without applying the spring-security.xsl transformation, which prevents certain elements from appearing at top level. 2008-03-31 16:30:28 +00:00
Luke Taylor
b1ae4922d2 SEC-726: Added entry-point-ref to <http> namespace element to allow customization of authentication process. 2008-03-31 16:22:40 +00:00
Luke Taylor
9db55f336c SEC-739: Removed siteminder provider code. 2008-03-31 12:23:32 +00:00
Luke Taylor
512c64fb98 SEC-738: Add session-registry-alias attribute to concurrent-session-control 
http://jira.springframework.org/browse/SEC-738. Added this attribute. Also various bugfixes in handling of attribute names for concurrent session control.
 2008-03-31 12:01:37 +00:00
Luke Taylor
07f820f1a6 Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans. 2008-03-31 10:10:13 +00:00
Luke Taylor
c9b6fe9555 OPEN - issue SEC-657: Create pre-authenticated processing filter which obtains username from request header 
http://jira.springframework.org/browse/SEC-657. Added filter and test class.
 2008-03-30 13:37:13 +00:00
Luke Taylor
b98c72056a SEC-728: Change use of String.getBytes() in password encoders to use UTF-8 2008-03-29 15:21:31 +00:00
Luke Taylor
1463b9769d SEC-629: authentication-provider doesn't support caching. 
http://jira.springframework.org/browse/SEC-629. Added support for cache-ref elements on jdbc-user-service and ldap-user-service
 2008-03-28 17:55:12 +00:00
Luke Taylor
db6fafaf56 SEC-629: authentication-provider doesn't support caching. Refactored MockUserCache class to top level 2008-03-28 14:17:05 +00:00
Luke Taylor
1fece47b49 SEC-691: Applied patch to allow setting of returned user attributes from LDAP search. 2008-03-27 14:41:11 +00:00
Luke Taylor
350a626587 SEC-477: Added preauthenticated websphere contribution. 2008-03-27 14:25:17 +00:00
Luke Taylor
584853bbcb Tidied imports. 2008-03-26 21:49:26 +00:00
Luke Taylor
ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor
9ea2408ac6 Fixed error in choosing main entry point (it's an alias not a bean name, so doesn't appear in the entry map - you have to get it direct from the bean factory). 2008-03-26 17:34:42 +00:00
Luke Taylor
1b8a3c5673 SEC-689: Updated session fixation protection namespace support to set session registry on SessionFixationProtectionFilter. 2008-03-26 14:51:16 +00:00
Luke Taylor
eeb14b3965 Changed filter order numbers to start at zero (makes them more readable in log compared with large negative numbers) 2008-03-26 12:22:26 +00:00
Luke Taylor
4681ff3d50 SEC-689: Fix 1.4 compatibility issue (overlooked autoboxing of boolean) 2008-03-26 12:09:57 +00:00
Luke Taylor
43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor
2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor
a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor
8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor
83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex
0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex
f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor
f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor
18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00
Luke Taylor
028af06d61 SEC-428: Security interceptor does not work with schema based aop:config 
http://jira.springframework.org/browse/SEC-428. Fixed broken test method.
 2008-03-24 22:43:08 +00:00
Luke Taylor
a375d8e59e SEC-428: Added test 2008-03-24 20:50:58 +00:00
Luke Taylor
1dd5f42142 Adding svn keywords, correcting typos etc. 2008-03-24 20:48:45 +00:00
Ben Alex
9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Ben Alex
6ab301981c Update dependency versions and POM structure. 2008-03-24 09:05:44 +00:00
Luke Taylor
fe0e05a6c8 SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 
http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
 2008-03-23 22:38:13 +00:00
Luke Taylor
b54e3978dc SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc 2008-03-23 00:31:32 +00:00
Luke Taylor
30a6abbe50 Tidied formatting of toString output for FilterBasedLdapUserSearch 2008-03-22 21:40:54 +00:00
Luke Taylor
162933155e Added implementation of GrantedAuthoritiesContainer to allow refactoring of duplication in various preauth details classes 2008-03-22 19:29:13 +00:00
Luke Taylor
2ea94e2cc9 Tidying imports etc 2008-03-22 11:44:28 +00:00
Luke Taylor
563dabda2f SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
 2008-03-21 23:47:09 +00:00
Luke Taylor
b89dbc6060 Import cleaning 2008-03-21 21:51:48 +00:00
Luke Taylor
9871685ea3 SEC-722: Fixed problem with empty loginpage string (rather than null) preventing default login page filter from being added to the stack. 2008-03-21 21:50:26 +00:00
Luke Taylor
b73736ffaf Updated example configuration in javadoc for LdapAuthenticationProvider. 2008-03-21 17:12:22 +00:00
Ben Alex
16ea8faa0d SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4. 2008-03-21 02:15:47 +00:00
Luke Taylor
acc22b2745 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added check for MAIN_ENTRY_POINT bean when resolving entry points. If this has been set during parsing it will be used.
 2008-03-20 20:11:34 +00:00
Luke Taylor
815f04b6c3 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added element to namespace and modified form login parser to handle open id element. Also added openID support to login page generator.
 2008-03-20 20:05:11 +00:00
Luke Taylor
bbc5fea598 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added extra constants for OpenID support.
 2008-03-20 19:51:59 +00:00
Luke Taylor
d333655b0b Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom 2008-03-20 19:43:55 +00:00
Luke Taylor
56b967f935 Removed filer name duplication in rnc file. 2008-03-20 15:10:21 +00:00
Luke Taylor
a65b5a9ed8 Corrected separators between http method strings in rnc file. 2008-03-20 14:56:02 +00:00
Luke Taylor
8f379768a8 SEC-720: Design for extension: PreAuthenticatedGrantedAuthoritiesUserDetailsService 
http://jira.springframework.org/browse/SEC-720. Added createUserDetails method to allow custom UserDetails object t be created.
 2008-03-19 18:29:38 +00:00