Commit Graph

2758 Commits

Author SHA1 Message Date
Ben Alex 4bcc1222e1 Modifications to support EH-CACHE upgrade (EH-CACHE appears to have changed the way the default cache configuration file gets handled). 2004-12-21 13:04:11 +00:00
Ben Alex 823a2e990b Add hook methods to AbstractProcessingFilter. 2004-12-20 11:14:34 +00:00
Ben Alex c5ea35d093 Extend After ACL provider to also filter arrays. Thanks to Joni Suominen. 2004-12-17 21:56:05 +00:00
Ray Krueger cb61c88478 Increased test coverate to 100% 2004-12-09 23:53:11 +00:00
Ray Krueger 8853ba28e2 Replaced $author$ stuff in javadocs with Ray Krueger 2004-12-09 22:35:53 +00:00
Ray Krueger 41310f26a6 Missed a DOCUMENT ME! spot... 2004-12-09 22:29:12 +00:00
Ray Krueger 3eb6149877 New LoginExceptionResolver interface and base implementation to handle LoginExceptions thrown in the Jaas API. I am commiting this now so that it isn't lost, while a PropertyEditor based solution is investigated. 2004-12-09 22:09:35 +00:00
Ben Alex c5900cab9c Added a ContextHolderAwareRequestWrapper to integrate with getRemoteUser() and isUserInRole(String). Thanks to Orlando Garcia Carmona ("paramosyermos" on Spring forums). 2004-12-05 06:11:18 +00:00
Ben Alex e3b9920d9c Fix default query string to remove ambiguous columns. Thanks to Aaron Tang. 2004-12-05 05:30:06 +00:00
Ben Alex 89ba20f057 Fix Tomcat compatibility issue where HttpSession unavailable during "logoff". Thanks to Aaron Tang. 2004-12-05 05:29:25 +00:00
Ben Alex 82ed7253d4 Refactor AbstractFilterInvocationDefinitionSource to use a standard URL String in its lookup method, rather than a full FilterInvocation. This will make it easier for views (taglibs etc) to access URI security details without needing to construct a MockFilterInvocation. 2004-12-05 05:04:52 +00:00
Ben Alex 76c82db196 Refactor EH-CACHE integration classes to work with Spring IoC provided Cache rather than manage our own cache internally. 2004-12-05 04:37:05 +00:00
Ben Alex 41b41ba316 Expand test coverage. Clover via Maven (without excluding appropriate patterns like *Exception and debug messages) has modified coverage from 77.2% to 95%. 2004-12-03 06:46:41 +00:00
Ben Alex 07e2037251 Find target domain object argument in a manner that works if nulls are presented for the domain object argument. 2004-12-03 06:43:17 +00:00
Ben Alex e75fc613b1 Gracefully handle null ContextHolder / Authentication etc. 2004-12-03 06:42:26 +00:00
Ben Alex 7a4a46cc7b General refactoring of taglibs. 2004-12-03 06:41:48 +00:00
Ben Alex 1b660d4d5b Handle usernames that are empty Strings. 2004-12-03 06:41:02 +00:00
Ben Alex ab6df6cfce Make InternalMethodInvocation package protected for better unit test support. 2004-12-03 06:40:11 +00:00
Ben Alex f73fc735c2 Improve startup error detection and eliminate unnecessary checks for null application context. 2004-12-03 06:39:07 +00:00
Ben Alex 4c1c7dcff5 Fix bugs. 2004-12-03 06:38:10 +00:00
Ben Alex 22f8cd0c44 Improve null handling. 2004-12-01 02:55:01 +00:00
Ben Alex 3a0e43337c Improve test coverage and error detection at startup time. 2004-12-01 02:22:24 +00:00
Ben Alex 699f97929a Fix bug where class should delegate to setDetails method - not set the details directly. 2004-12-01 02:09:15 +00:00
Ben Alex 89eed486e2 Add alwaysUseDefaultTargetUrl feature to AbstractProcessingFilter. 2004-11-22 21:38:14 +00:00
Carlos Sanchez b0f6c5179a Documentation improvement 2004-11-20 10:28:01 +00:00
Ben Alex a159d89ffd Initial commit. 2004-11-20 05:24:16 +00:00
Ben Alex 4ca1e2fd99 Add logging. 2004-11-20 04:10:05 +00:00
Ben Alex f251436a99 Improve logging and enable ACL determination to use an Object obtained from an internal method of the located processDomainObjectClass. 2004-11-20 04:09:14 +00:00
Ben Alex 61580d1973 Move RMI context propagation support classes to core, and rename and document to more clearly reflect function. 2004-11-20 04:07:47 +00:00
Ben Alex ba16c01b90 Add toString() method so more informative when context propagation takes place, such as via ContextPropagatingRemoteInvocation. 2004-11-20 04:06:47 +00:00
Carlos Sanchez 58306157df *** empty log message *** 2004-11-19 22:20:49 +00:00
Ben Alex 177c00556d Support just creating the acl_object_identity, without necessarily an acl_permission as well. 2004-11-16 12:22:43 +00:00
Ben Alex af5917b685 Added BasicAclExtendedDao interface and JdbcExtendedDaoImpl for ACL CRUD. 2004-11-15 13:04:12 +00:00
Ben Alex bc9a599bf7 Remove noisy logging. 2004-11-15 02:43:21 +00:00
Ben Alex d6beb9804f Place authz taglib in correct JAR location (META-INF). 2004-11-15 01:46:23 +00:00
Ben Alex 612971e134 Initial commit of a concrete AfterInvocationManager. 2004-11-15 01:45:03 +00:00
Ben Alex 694bdb603d Initial commit. 2004-11-15 01:44:20 +00:00
Ben Alex 5f6aa9c49e Refactoring to support "after invocation" processing. 2004-11-15 01:43:48 +00:00
Ben Alex 03a530b36b Improve JavaDocs. 2004-11-15 01:42:47 +00:00
Ben Alex d639e5c02f Expand logging. 2004-11-15 01:41:45 +00:00
Ben Alex 9972c69408 Support Authentication.getPrincipal() of UserDetails and improve logging. 2004-11-15 01:40:18 +00:00
Ben Alex e462c5a201 Minor polishing. 2004-11-15 01:36:41 +00:00
Ben Alex 68dc38841f Add an Authentication and Acl taglib. 2004-11-15 00:46:18 +00:00
Ben Alex 70a9c76f69 Remove unnecessary console output from tests. 2004-11-15 00:37:00 +00:00
Ben Alex ef2e45df77 Update tests to support incompatible collaborator detection now in AbstractSecurityInterceptor. 2004-11-15 00:36:12 +00:00
Ben Alex e83c66bb37 Expand test coverage so GrantedAuthorityEffectiveAclsResolver properly handles Authentication with a principal of type UserDetails. 2004-11-15 00:34:32 +00:00
Ben Alex 695948c31d Remove unused import. 2004-11-12 01:07:59 +00:00
Ben Alex f1d993f47b Made BasicAclProvider to only respond to specified ACL object requests. 2004-11-09 21:09:14 +00:00
Carlos Sanchez cd56f2ed4a Moved from test to main 2004-11-03 22:35:12 +00:00
Carlos Sanchez 8cf6867cba Moved name to subprojects 2004-11-01 20:05:42 +00:00
Ben Alex fde59c2f29 Ad mock method implementation now we're using HttpSession.removeAttribute(). 2004-10-30 23:32:53 +00:00
Ben Alex 565c2e580b Remove debug messages. 2004-10-30 23:32:28 +00:00
Carlos Sanchez d27fb49803 *** empty log message *** 2004-10-30 22:49:58 +00:00
Carlos Sanchez 55624cf5dd Moved resources from java dir to resources dir 2004-10-30 22:49:12 +00:00
Carlos Sanchez 928498b53d Removed AutoIntegrationFilter 2004-10-30 22:45:35 +00:00
Carlos Sanchez b25a6e002b *** empty log message *** 2004-10-30 17:15:54 +00:00
Ben Alex 89f6fcf5c9 Refactor to use an application context, thus enabling event publishing and use of DefaultAdvisorAutoProxyCreator. 2004-10-30 06:09:09 +00:00
Ben Alex 537a58d754 Added net.sf.acegisecurity.intercept.event package. 2004-10-30 06:07:17 +00:00
Ben Alex 26f5f1a9b3 Add the AccessDeniedException to the HttpSession as per http://forum.springframework.org/viewtopic.php?t=1515. 2004-10-30 03:06:05 +00:00
Ben Alex 21f29bbbb3 Fix JRun rejection of null in httpSession.setAttribute() as per http://livedocs.macromedia.com/jrun/4/javadocs/jrun/servlet/session/JRunSession.html.
Discussed at http://forum.springframework.org/viewtopic.php?t=1417.
2004-10-30 02:56:01 +00:00
Ben Alex 73349bf8f8 Add convenience method so subclasses can specify Authentication.setDetails(). 2004-10-30 01:19:22 +00:00
Ben Alex 7b0145fba7 Initial AspectJ support. 2004-10-18 06:41:20 +00:00
Ben Alex 992cf44b36 Refactor MethodDefinitionMap to use Method, not MethodInvocation. Refactor AbstractSecurityInterceptor to not force use of Throwable. Move AOP Alliance based MethodSecurityInterceptor to separate package. 2004-10-18 06:38:44 +00:00
Ben Alex ba163d51ae Documentation correction. 2004-10-17 07:56:19 +00:00
Ben Alex f123e9c333 Make MethodDefinitionMap query interfaces defined by secure objects, to properly support MethodDefinitionSourceAdvisor. 2004-10-15 03:47:53 +00:00
Ben Alex 8ec0d89fe4 Improve documentation for abstract contract. 2004-10-15 03:17:57 +00:00
Ben Alex 8d973af603 Added MethodDefinitionSourceAdvisor for performance and autoproxying. 2004-10-15 00:29:24 +00:00
Ben Alex 333fe84ee8 Clarify interface contract for ObjectDefinitionSource when no ConfigAttributes exist for a given secure object invocation, plus unit tests and fixes for concrete implementations. Thanks to Sean Radford for spotting the inconsistency. 2004-09-11 06:14:58 +00:00
Ben Alex 8a32fde12a Additional convenience methods as suggested by Sean Radford. 2004-09-11 06:13:54 +00:00
Luke Taylor defc79c283 Minor Javadoc correction. 2004-09-06 20:06:42 +00:00
Ben Alex ec166e086b Refactored UsernamePasswordAuthenticationToken.getDetails() to Object. 2004-09-01 21:19:05 +00:00
Ben Alex fa2920baa7 Ensure delegate is not null before calling destroy method. 2004-09-01 21:03:34 +00:00
Ben Alex d7c98f95ca Made FilterToBeanProxy compatible with ContextLoaderServlet (lazy initialisation on first HTTP request). 2004-09-01 02:37:55 +00:00
Ben Alex 1a92434914 Add support for password-validating DAOs, such as LDAP. Contributed by Karel Miarka. 2004-08-30 01:24:12 +00:00
Ben Alex aaebd3ef5a Added DaoAuthenticationProvider.hideUserNotFoundExceptions property. Defaults to true, so BadCredentialsException is thrown instead of UsernameNotFoundException if a user cannot be found. 2004-08-26 23:19:00 +00:00
Ben Alex 5cd65887d5 Improved ConfigAttributeEditor so it trims preceding and trailing spaces. 2004-08-25 21:43:00 +00:00
Ben Alex 3f87849f31 Fixed GrantedAuthorityEffectiveAclsResolver if null ACLs provided to method. 2004-08-23 02:03:46 +00:00
Ben Alex eb9c7d0852 Extracted removeUserFromCache(String) to UserCache interface. 2004-08-20 05:52:05 +00:00
Ben Alex bf53abf46e Improve JavaDocs. 2004-08-18 22:59:00 +00:00
Ben Alex 04f4c9881d Added original Authentication.getDetails() to DaoAuthenticationProvider response. 2004-08-13 01:07:32 +00:00
Ben Alex 08ee5deaa9 Fix unit test compatibility if no username provided. 2004-08-12 01:25:53 +00:00
Ben Alex da5469fed0 Additional event when user not found. Contributed by Karel Miarka. 2004-08-12 00:07:08 +00:00
Ben Alex 6867efd6ac Fix NPE problems with patch provided by Karel Miarka. 2004-08-10 00:22:53 +00:00
Ben Alex e006f521f4 Fix formatting. 2004-08-04 06:40:06 +00:00
Ben Alex 0c43fe1f4a Make SecurityEnforcementFilter more subclass friendly. 2004-08-02 23:08:52 +00:00
Ben Alex c1e109da74 Initial commit of remote client authentication interface. 2004-08-01 07:49:16 +00:00
Ben Alex 29f8097c64 Increase test coverage. 2004-08-01 07:48:14 +00:00
Ben Alex b4a0e45e76 Increase test coverage. 2004-08-01 02:19:25 +00:00
Ben Alex f7b491b699 Refactor ACL database tables. 2004-07-31 06:38:40 +00:00
Ben Alex 13d5a2dbca Refactor ACL database tables. 2004-07-31 03:42:18 +00:00
Ray Krueger e366c65d17 Almost forgot this piece of the jaas tests 2004-07-29 16:56:26 +00:00
Ray Krueger 3b284231da Increased test coverage of the .jaas package to 93.7% 2004-07-29 16:54:02 +00:00
Ben Alex 56829872b6 Initial commit of ACL capabilities. 2004-07-29 07:51:22 +00:00
Ben Alex 1cc46544ed Javadoc removal of warning. 2004-07-29 05:04:49 +00:00
Ben Alex 2426bb9e8e Make JdbcDaoTests use in-memory database. 2004-07-29 03:32:23 +00:00
Ben Alex 8c74d459c5 Delete files with old, non-Camel Case name. 2004-07-28 23:06:04 +00:00
Ray Krueger f29e6763d4 Renamed all JAAS* classes to Jaas* 2004-07-28 15:03:03 +00:00
Ben Alex 3648073461 Fix EH-CACHE after web context refresh (patch thanks to Travis Gregg). 2004-07-26 22:56:00 +00:00
Ben Alex d1fa12a312 Fix Javadocs warning. 2004-07-26 06:52:55 +00:00
Ben Alex 3f7f8e26fa Reduce setAuthentication scope now that it should only be called by AbstractAuthenticationManager. 2004-07-24 07:21:18 +00:00
Ben Alex 951c1a02df Store failed Authentication request in AuthenticationException, using template pattern (patch thanks to Wesley Hall). 2004-07-24 07:18:04 +00:00
Ben Alex 7ac3706eb9 Allow subclasses to add their own custom GrantedAuthority[]s. 2004-07-24 07:15:06 +00:00
Francois Beausoleil 3d23119b56 Following a suggestion from Scott Evans, added support for EL in the authz tag
library:
http://www.mail-archive.com/acegisecurity-developer%40lists.sourceforge.net/msg00189.html

* lib/spring/spring-mock.jar:
  Added Spring's 1.0.2 mock JAR.

* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagExpressionLanguageTests.java:
  New tests to assert that the taglib recognizes and parses EL expressions.

* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
  Implemented AuthorizeTagExpressionLanguageTests by using Spring's
  ExpressionEvaluationUtils.
2004-07-23 01:24:55 +00:00
Ben Alex f798e56d75 Contribution by Wesley Hall to improve exception handling. 2004-07-22 04:56:17 +00:00
Ben Alex 2996d67b06 Fix bug related to detecting incorrect use of SecureContext property. 2004-07-21 02:04:42 +00:00
Ray Krueger 3e37b74e3f Added Javadoc to all classes 2004-07-19 19:42:14 +00:00
Ray Krueger da7895087b Added correct @author and @version tags, more Javadocs to follow 2004-07-19 17:27:28 +00:00
Ray Krueger 3360e2d51a Added in javadoc 2004-07-19 17:24:38 +00:00
Ray Krueger 0c7a07e4db Adding in JAASAuthenticationProvider tests 2004-07-19 00:44:01 +00:00
Ray Krueger 1947819d73 Adding in JAASAuthenticationProvider support 2004-07-19 00:43:28 +00:00
Ben Alex 2f2b054b7a Resolve a Weblogic compatibility issue (patch thanks to Patrick Burleson). 2004-07-15 23:27:59 +00:00
Ben Alex e3be8f20bb Refactor CasAuthoritiesPopulator to use UserDetails rather than GrantedAuthority[]. 2004-07-14 09:54:09 +00:00
Ben Alex 48b1cb7c85 Move UserDetails interface to net.sf.acegisecurity package. 2004-07-13 22:38:20 +00:00
Ben Alex 064cd3c7bf Add a getter for the context. 2004-07-13 22:10:52 +00:00
Ben Alex 8b9f02e2e7 Expand test coverage. 2004-07-13 02:01:58 +00:00
Ben Alex 491fb00ffd Make Authentication serializable (Weblogic support). 2004-07-12 22:40:33 +00:00
Ben Alex 957e28252e Log stack trace to assist debugging. 2004-07-08 21:50:42 +00:00
Ben Alex 2cb3703253 Relax restriction on empty Strings for proxy callback URL, as this should be an empty String if no proxy callback was requested during service ticket validation. 2004-07-03 00:47:46 +00:00
Luke Taylor b957b5e25b Convert database URL to use absolute path. Fixes test with Maven. 2004-07-02 14:07:26 +00:00
Ben Alex ce712eaccf Improve organisation of DaoAuthenticationProvider to facilitate subclassing. 2004-06-30 23:18:47 +00:00
Ben Alex fe91639b15 Allow custom SecureContext implementations to be selected by user. 2004-06-29 23:28:59 +00:00
Ben Alex 6314aa4efa Refactor User to an interface. 2004-06-24 23:24:14 +00:00
Ben Alex 04dea9e403 Patch by Mark St.Godard to resolve issues with WebSphere 5. 2004-06-23 05:52:49 +00:00
Ben Alex 46f17bed79 Make isPasswordCorrect protected to facilitate subclass use. 2004-06-21 06:17:20 +00:00
Ben Alex 1a0bec5bf1 Make User available from Authentication via DaoAuthenticationProvider. 2004-06-21 06:10:14 +00:00
Ben Alex 27d89f3e91 Patch by Mike Youngstrom to fix Jameleon stripping of slash. 2004-06-17 01:23:13 +00:00
Ben Alex b3e2d78c5d Fix issue when encoded passwords are used. Modify Contacts sample to test encoded passwords. 2004-06-08 12:54:42 +00:00
Ben Alex b5cbcdc591 Refactor DaoAuthenticationProvider cache model. 2004-06-06 06:31:28 +00:00
Ben Alex 1b24ff5ea8 Refactor DaoAuthenticationProvider cache model. 2004-05-31 04:41:22 +00:00
Ben Alex d9f77a7ed1 Initial commit. 2004-05-31 02:37:29 +00:00
Ben Alex b6cb84e937 Improve robustness so if ApplicationContext not shutdown correctly (thus destroy() not called) the cache will not fail on subsequent startups. 2004-05-31 02:08:34 +00:00
Ben Alex e300a90890 Improve test coverage. 2004-05-31 01:19:18 +00:00
Ben Alex 0cbea9b452 Improve HTTP redirect URL encoding. 2004-05-26 22:17:14 +00:00
Ben Alex d5c14142d1 Add event capabilities. 2004-05-24 00:09:27 +00:00
Ben Alex 42ccbfbad7 Store additional information about the authentication request. 2004-05-24 00:06:54 +00:00
Ben Alex b6e0c3076f Fixed issue with hot redeploy as cache not being closed. 2004-05-24 00:04:49 +00:00
Ben Alex 369ea24215 Extra mock functionality for new unit tests. 2004-05-24 00:02:09 +00:00
Ben Alex 3f6961d855 Improved exception handling if response already committed. 2004-05-23 23:57:29 +00:00
Francois Beausoleil d5a6ea044d Implemented a fix for a NullPointerException as reported by Pierre-Antoine Gr�goire (pa.gregoire@free.fr)
"The error comes from line 115 in AuthorizeTag....It seems there's no control
for a null value here..."

* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java:
  Added a new test to confirm the existence of the bug.

* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
  And fixed the failing test.
2004-05-19 12:34:52 +00:00
Ben Alex 4cac2f1a62 Made serializable as per request by Mike Youngstrom. 2004-05-15 23:37:03 +00:00
Ben Alex 614f12448e Create a NullRunAsManager, which is used by default by the AbstractSecurityInterceptor. 2004-05-06 23:13:32 +00:00
Ben Alex 8713d4d52c Authentication subclasses Principal, so it's directly usable by classes that want a Principal. No implementations need to change if they subclass AbstractAuthenticationToken, as it implements the one and only method required by Principal. 2004-05-04 07:35:41 +00:00
Ben Alex 4152df1225 Allow filter to update multiple HttpSession attributes (useful if servlets etc expect to find an Authentication object in a given HttpSession attribute, like Jakarta Slide). 2004-05-04 07:27:57 +00:00
Ben Alex eaa92cd80a Fixed issue with caching by making AbstractIntegrationFilter (and its subclasses) write the new Authentication object to the well-known location. 2004-04-30 05:16:08 +00:00
Ben Alex ecac5a2eed Make ChannelDecisionManagerImpl iterate through a list of channel security processors. 2004-04-29 02:17:07 +00:00
Ben Alex 2421268baa Improve IE 6 bug detection logic. 2004-04-29 02:14:20 +00:00
Ben Alex b61c05ff89 Change classes to use PortMapperImpl and PortResolverImpl by default. 2004-04-28 00:10:56 +00:00
Ben Alex 901c7d4752 Significantly enhance channel processing filter. 2004-04-27 06:21:00 +00:00
Ben Alex e555d77d4e Move port mapping functionality into separate classes to allow reuse. Permit implementations to override the source port (required given some browsers do not respond to HTTP redirects correctly). 2004-04-27 06:17:53 +00:00
Ben Alex c6a1b2b608 Clarify how URLs are constructed. 2004-04-27 06:14:57 +00:00
Ben Alex 8a4edca136 Support new key requirement on DAO authentication provider. 2004-04-27 06:00:39 +00:00
Ben Alex 2c97583f27 Filter to ensure web requests are received over a suitable secure channel. 2004-04-23 08:57:43 +00:00
Ben Alex d65b0e0bd2 Add correct supports() method and tests. 2004-04-23 06:28:23 +00:00
Ben Alex ed68b701b2 Add toString() method and test. 2004-04-23 06:27:50 +00:00
Ben Alex e0d57de330 Add DaoAuthenticationProvider caching support. 2004-04-23 05:01:57 +00:00
Ben Alex babb908fea Increase test coverage. 2004-04-23 04:51:56 +00:00
Ben Alex 83d871cd5d Enhance equals() method to detect key variances. 2004-04-23 03:45:16 +00:00
Colin Sampaleanu 6eb0a47632 fix FilterInvocation so it doesn't lose the tail end (past the servlet path) of the request url 2004-04-23 02:29:18 +00:00
Ben Alex 0537900357 Remove unnecessary code. 2004-04-23 02:08:58 +00:00
Colin Sampaleanu e2de3c9dbc Enhance AuthenticationProcessingFilterEntryPoint and related classes, to support a property forcing the login page to be access via https even if the original intercepted request came in as http. 2004-04-22 21:47:05 +00:00
Colin Sampaleanu 20025da7c7 work on unit test, still some functionality to cover later 2004-04-22 11:54:52 +00:00
Colin Sampaleanu 2a46a975a5 allow automatic switch from http to https for login form.
unit tests will be updated tomorow to cover new functionality.
2004-04-22 03:56:55 +00:00
Colin Sampaleanu ab9e783f79 after invocation, restore pre-RunAs Authentication regardless of exception that may be thrown by method being intercepted 2004-04-21 21:09:39 +00:00
Ben Alex fa9b872570 Initial CAS support. 2004-04-19 07:34:32 +00:00
Ben Alex b3f9f6f4e9 Updated tests to relocate common filter authentication functionality to an abstract parent. 2004-04-18 12:57:49 +00:00
Ben Alex 4500aba050 Expand unit test coverage. 2004-04-18 12:05:20 +00:00
Ben Alex 0a856b7f15 Expand coverage to test SaltProvider integration. 2004-04-18 12:04:43 +00:00
Ben Alex 872ace9164 Modify contract of AuthenticationProvider to allow AuthenticationProvider implementations to return null if they do not wish to process a given Authentication request, despite asserting they support it. 2004-04-18 12:03:07 +00:00
Ben Alex a6b5b8d828 Initial commit. 2004-04-18 12:01:18 +00:00
Ben Alex 1cf2b333bd Relocate common filter authentication functionality to an abstract parent, and update JavaDocs accordingly. 2004-04-18 12:00:02 +00:00
Ben Alex 96fa2a5a75 Update encoders so they process salts. 2004-04-18 11:56:50 +00:00
Ben Alex b06833e0d7 Unit tests must be named *Tests (note the plural). 2004-04-18 11:55:49 +00:00
Ben Alex 5dbef97a1d Expand unit test coverage. 2004-04-18 11:54:51 +00:00
Ben Alex 5b16c42e15 Enhance mock so it is told whether to grant or deny access. 2004-04-18 11:35:24 +00:00
Ben Alex f38ed01b29 Detect nulls within GrantedAuthority[] passed to constructor. This ensures end-user DAO implementations are creating the User correctly. 2004-04-18 11:23:01 +00:00
Ben Alex a0f809991d JavaDoc updates. 2004-04-18 05:56:07 +00:00
Colin Sampaleanu 3ceb492cb2 move password encoder tests to proper packages.
rename saltSource param in PasswordEncoder interfce to salt. It was already called salt in subclasses, and is in fact supposed to be the salt, not the source for the salt, although depending on the implementation it may still be treated as the latter.
2004-04-17 02:18:46 +00:00
Ben Alex da5101cfb4 Make salt sources pluggable. 2004-04-17 01:29:52 +00:00
Ben Alex 03efc3e51f Improve JavaDocs. 2004-04-17 01:28:38 +00:00
Ben Alex ae16d96121 Moved to net.sf.acegisecurity.providers.encoding. 2004-04-17 01:28:05 +00:00
Ben Alex 6815e693a7 Make SecurityEnforcementFilter support pluggable authentication entry points. Enhance BASIC authentication so it's a viable alternative to form-based authentication for user agents like IE and Netscape. 2004-04-16 14:22:15 +00:00
Ben Alex 7e85bbc054 Relaxed requirement so targetClass OR targetBean can be used (targetBean no longer requires targetClass to be specified as well). 2004-04-16 12:37:58 +00:00
Ben Alex 38835da164 Provide a proxy so filters can be loaded directly from the application context. 2004-04-16 06:31:48 +00:00
Ben Alex 7b59d5f189 Expand test coverage now that prefix is configurable. 2004-04-16 06:28:21 +00:00
Colin Sampaleanu 3d089aaa67 move and rename password encoding classes.
change saltSource arument to salt argument, which impl may or may not use.
2004-04-16 03:44:04 +00:00
Colin Sampaleanu 5d9d734735 more final version of the various PasswordEncoder implementations.
add unit tests for PasswordEncoder implementations.
remove ignore password case and ignore username case flags and handling from DaoAuthenticationProvider.
remove requirement described in JavaDoc for AuthenticationDao that it ignore case when returning a user by username. Implementations may still do so if configured as such.
2004-04-15 16:32:09 +00:00
Colin Sampaleanu 41a837f8cd add back HSQL db in test dir, as it turns out _it is_ supposed to be in CVS
modify JdbcDaoTests to test for role prefix functionality
fix glitch in JdbcDaoImpl
modify Eclipse classpath so HSQL lib is loaded, so unit tests can run in Eclipse as well.
2004-04-15 03:34:18 +00:00
Colin Sampaleanu 18d5c59532 'ant format' strikes again. 2004-04-14 21:31:22 +00:00
Colin Sampaleanu aed9d2a1d8 initial cut at allowing pluggable digest strategy for use in password handling in DaoAuthenticationProvider 2004-04-14 21:30:59 +00:00
Colin Sampaleanu fad252b0fe allow special ROLE_ prefix to be overriden 2004-04-14 03:38:10 +00:00
Colin Sampaleanu a09f2a4c18 ant format seems to have reformated these differently than what is in CVS 2004-04-13 21:59:02 +00:00
Colin Sampaleanu 2786312b8e allow query strings to be specified
allow MappingSqlQuery to be specified
2004-04-13 21:58:03 +00:00
Ben Alex f1abf780b5 Add support for HTTP Basic Authentication. 2004-04-11 12:09:08 +00:00
Ben Alex 670d007630 JavaDoc updates. 2004-04-11 12:05:46 +00:00
Ben Alex bd35a47233 Support configuration via Apache Ant paths (not only regular expressions). 2004-04-09 09:51:23 +00:00
Ben Alex 5488bf4ca8 Renamed to RegExpBasedFilterDefinitionMapTests. 2004-04-09 09:49:07 +00:00
Ben Alex 7eefbd3bb2 Update to use contextConfigLocation. 2004-04-09 05:41:42 +00:00
Colin Sampaleanu 6c26e79a0f change AuthenticationProcessingFilter and SecurityEnforcementFilter to use Spring's WebApplicationContextUtils by defualt to find their config context. 2004-04-09 02:44:17 +00:00
Francois Beausoleil ea0e6b2577 * test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagAttributeTests.java,
src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
  Added three new tests to assert that whitespace is ignored in the
  attribute's content.
2004-04-02 20:59:16 +00:00
Ben Alex 1b1d119836 Modifications consistent with changes to the objects being tested. 2004-04-02 12:20:41 +00:00
Ben Alex a278db8df9 Functionality moved to new tests or mocks. 2004-04-02 12:18:58 +00:00
Ben Alex eaffc00fc4 Initial commit. 2004-04-02 12:16:39 +00:00
Ben Alex 852cea437c Reflect new secure object API, which is no longer bound to MethodInvocations. 2004-04-02 12:13:56 +00:00
Ben Alex f026b3a08a Documentation improvements. 2004-04-02 12:11:13 +00:00
Ben Alex 15588123ba Additional import statement. 2004-04-02 12:10:31 +00:00
Ben Alex 33edeb5a2f Moved to net.sf.acegisecurity.ui 2004-04-02 12:07:24 +00:00
Ben Alex e54ad9b4e8 Reflect new secure object API, which is no longer bound to MethodInvocations. 2004-04-02 12:05:49 +00:00
Ben Alex 3ece12c386 Moved to net.sf.acegisecurity.intercept.method. 2004-04-02 12:03:18 +00:00
Ben Alex 738fd2161d Initial commit. 2004-04-02 12:02:01 +00:00
Ben Alex dd39d747d5 Improved documentation and added methods to facilitate unit testing. 2004-03-29 13:39:30 +00:00
Ben Alex c220ff583c Initial commit. 2004-03-29 13:36:45 +00:00
Ben Alex 0a17d65d37 Initial commit. 2004-03-29 02:49:51 +00:00
Ben Alex ea05e0b931 Simplified sub-class usage. Made compatible with changes to User constructor. 2004-03-29 02:48:10 +00:00
Ben Alex 1b726825fa Changed internals to use list instead of set, to preserve element ordering. 2004-03-28 12:19:13 +00:00
Ben Alex adb1971873 Enhancements to detect errors and faciltiate easier testing. 2004-03-28 12:17:46 +00:00
Ben Alex d59a5da321 Changed to not detect null returns, as the UserMap will now throw the UsernameNotFoundException. 2004-03-28 12:16:44 +00:00
Ben Alex f203979237 Update to be compatible to changes made to User's no-arg constructor. 2004-03-28 12:15:11 +00:00
Ben Alex 489c941101 Improved detection of invalid parameters in constructors. 2004-03-28 12:14:11 +00:00
Ben Alex 3179f5f1e7 Fixed support for lowercase usernames and passwords. 2004-03-28 12:10:23 +00:00
Ben Alex 1573491fbe Changed no-arg constructor to a form more suitable for unit testing. 2004-03-28 12:09:35 +00:00
Ben Alex cab961bfa6 Enhanced equals() method. 2004-03-28 12:08:20 +00:00
Ben Alex cff8894b99 Changed interface to extend Context. This provides interface-level compatibility with objects requiring a Context, rather than requiring implementations to also implement Context. 2004-03-28 12:07:34 +00:00
Ben Alex c5951ff1c0 Changed no-arg constructor to a form more suitable for unit testing. 2004-03-28 12:02:41 +00:00
Ben Alex 3fa1534c94 Added license information. 2004-03-28 11:58:37 +00:00
Ben Alex 4b1e738bb5 Minor formatting changes. 2004-03-28 11:57:55 +00:00
Ben Alex 8d24027443 Added debug statement at commencement of interception and additional comment re ContextHolder. 2004-03-28 11:56:32 +00:00
Ben Alex cf043ad35f Numerous formatting changes, and methods to facilitate unit testing. 2004-03-28 11:54:10 +00:00
Ben Alex dc6357d504 Improved JavaDocs. 2004-03-28 11:51:23 +00:00
Ben Alex 22b8be49f0 Changed no-arg constructor to a form more suitable for unit testing. Also added an equals() method. 2004-03-28 11:49:24 +00:00
Ben Alex dcf78213a3 Corrected @author tag. 2004-03-28 11:48:35 +00:00
Ben Alex 4124b1c298 Changed internals to use list instead of set, to preserve element ordering. 2004-03-28 11:44:02 +00:00
Ben Alex fe379d9712 Initial commit. 2004-03-28 11:41:20 +00:00
Ben Alex 6c5a5cd311 No longer required. 2004-03-28 11:40:29 +00:00
Ben Alex 8808f5e8dd Expanded unit test coverage. 2004-03-28 11:39:38 +00:00
Ben Alex 6038d56ece Expanded unit test coverage, moving relevant methods to AbstractAdapterAuthenticationTokenTests. 2004-03-28 11:35:35 +00:00
Ben Alex bc847f564f Expanded unit test coverage. 2004-03-28 11:31:22 +00:00
Ben Alex 6a2870d8f0 No longer required. 2004-03-28 11:29:10 +00:00
Ben Alex ab01d829c5 Initial commit. 2004-03-27 00:46:50 +00:00
Ben Alex 14f27ae683 Make compatible with interface changes to aopalliance.jar. 2004-03-27 00:44:27 +00:00
Ben Alex e3dc29ae96 No longer required. 2004-03-27 00:43:12 +00:00
Ben Alex 94e384b944 Expand test coverage. 2004-03-26 13:17:48 +00:00
Ben Alex e153a54406 Expand test coverage. 2004-03-26 12:20:54 +00:00
Ben Alex 02559344bc Expand test coverage. 2004-03-26 12:02:30 +00:00
Ben Alex 1a040c7ddf Made no arg constructor protected to enable unit test coverage. 2004-03-26 11:51:47 +00:00
Ben Alex b4273c62b7 Expand test coverage. 2004-03-26 11:49:43 +00:00
Ben Alex a8c9b2c96f No longer required. 2004-03-26 11:18:44 +00:00
Ben Alex 22272223d2 Initial commit. 2004-03-26 11:12:54 +00:00
Ben Alex f7a82c29b3 Expand test coverage. 2004-03-26 11:12:08 +00:00
Ben Alex b485c40175 Improve JavaDocs. 2004-03-26 11:05:55 +00:00
Ben Alex a9569a2f60 Added equals() method. 2004-03-26 11:05:10 +00:00
Ben Alex ae434bd8b3 Initial commit. 2004-03-26 11:03:36 +00:00
Francois Beausoleil 1e4c234ea7 * src/net/sf/acegisecurity/adapters/AutoIntegrationFilter.java:
Use reflection instead of hard-coding the values to determine
  if we should integrate with a specific container implementation.
2004-03-24 18:33:19 +00:00
Francois Beausoleil 36a955e197 * test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java:
Removed testUsesAllAuthoritiesToDetermineAccess(), because it wasn't
  asserting anything.  Needs to be rewritten.
2004-03-23 17:33:47 +00:00
Francois Beausoleil d8275171e4 * test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java:
Bring Clover coverage to 100% by adding a single test.
2004-03-23 17:28:10 +00:00
Ben Alex c3507b26c9 Change to Apache License version 2.0. 2004-03-23 04:44:48 +00:00
Ben Alex 47a2d03429 Added tearDown() method to clear ContextHolder. 2004-03-23 00:35:43 +00:00
Francois Beausoleil 48b21524ed * build.xml:
Modified to create an acegi-taglib.jar.

* project.properties:
  Added new property to build acegi-taglib.jar.

* src/net/sf/acegisecurity/taglibs/authz.tld:
  Declare the Acegi Security authz tag library.

* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java,
  test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagAttributeTests.java:
  A set of tests that force the creation of a javax.servlet.jsp.Tag
  implementation that authorizes the output of the tag's body if the
  request's principal has or doesn't have certain authorities.

* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
  New class.  Implements AuthorizeTagTests and
  AuthorizeTagAttributeTests.
2004-03-22 16:42:53 +00:00
Ben Alex 35fe1e7b73 Initial commit. 2004-03-16 23:57:17 +00:00