Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,677 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

116 Commits

Author SHA1 Message Date
Luke Taylor ed2ddf9323 SEC-1263: Add FactoryBean for namespace AuthenticationManager. <http> now uses AuthenticationManagerFactoryBean. Method security already uses a delegate object to lookup the AuthenticationManager. This now uses the same error message if the bean isn't found, rather than allowing the BeanFactory NoSuchBeanDefinitionException to be thrown directly. 2009-10-09 14:41:34 +00:00
Luke Taylor ac5237c127 SEC:1263: Added FactoryBean for AuthenticationManager 2009-10-09 12:11:45 +00:00
Luke Taylor e398922f85 Removing elements that are no longer supported from the namespace 2009-10-08 14:40:52 +00:00
Luke Taylor 80eb47c6fe SEC-1261: Convert FilterChainOrder to an enum (SecurityFilters). 2009-10-08 13:18:32 +00:00
Luke Taylor 4dcb9de67a SEC-1257: Some additional API changes to use Collection instead of List... 2009-10-07 21:08:20 +00:00
Luke Taylor 1286741c7c SEC-1259: Improve consistency of authentication filter names. 2009-10-07 14:43:55 +00:00
Luke Taylor f213cc5d9e SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted. 2009-10-06 19:46:44 +00:00
Luke Taylor 5d486a51b6 SEC-1256: Added support for expression attributes in filter-security-metadata-source configuration. 2009-10-06 16:39:56 +00:00
Luke Taylor 07d7c0ddae Renamed form and openID filters to shorten names 2009-10-05 17:33:34 +00:00
Luke Taylor 1042305cfe Renamed web.wrapper to web.servletapi. Added some package.html files. 2009-10-05 16:59:37 +00:00
Luke Taylor 673cf300fb SEC-1229: Refactoring to remove package cycles. 2009-10-05 16:40:32 +00:00
Luke Taylor acf13c74ca SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session 2009-10-05 15:51:00 +00:00
Luke Taylor 2b89ebdfbb SEC-1229: Further doc and mods to namespace config/naming to make it more consistent 2009-10-03 16:08:51 +00:00
Luke Taylor 073198886d SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before. 2009-10-02 17:29:43 +00:00
Luke Taylor c34d719004 SEC-1252: Remove 2.0.x schemas from 3.0. Removed files and updated spring.schemas to remove 2.0.x versions 2009-09-29 17:56:01 +00:00
Luke Taylor 2a1430f1ce SEC-1229: Removed legacy concurrency classes 2009-09-29 16:18:25 +00:00
Luke Taylor ebada9fd12 SEC-1229: Added support for parsing error URL in session-management 2009-09-29 16:17:05 +00:00
Luke Taylor 203cc5a8dc SEC-1229: Added error-url to concurrency-control element and changed "exception-if-max-exceeded" to "error-if-max-exceeded" 2009-09-29 16:16:06 +00:00
Luke Taylor 7109b7e183 Import cleaning. 2009-09-29 00:30:29 +00:00
Luke Taylor aa153681bf SEC-1229: Added session-management element to namespace and refactored existing session-related attributes and concurrency control. Refactored <http> parsing code to split it up into more manageable units. 2009-09-29 00:29:09 +00:00
Luke Taylor 731402e9f5 SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context. 2009-09-16 00:23:13 +00:00
Luke Taylor 71ab83255d SEC-1242: Check that RememberMeServices is an instance of AbstractRememberMeServices before attempting to inject a UserDetailsService. 2009-09-11 21:10:16 +00:00
Luke Taylor fa7404741b SEC-1167: Introduce more flexible SavedRequest handling. Add namespace support for a custom RequestCache through the request-cache element. 2009-09-09 21:40:12 +00:00
Luke Taylor aec730ae7e SEC-1238: Disable portlet module 2009-09-09 20:03:00 +00:00
Luke Taylor 6640eab9dc SEC-1240: Added {ssha} support to PasswordEncoderParser. 2009-09-09 12:12:29 +00:00
Luke Taylor d099d14e9b SEC-1235: Added test to attempt to verify (failed to reproduce). 2009-09-05 14:14:12 +00:00
Luke Taylor 8632946f30 SEC-1213: Added "order" atrribute to global-method-security 2009-09-04 15:54:42 +00:00
Luke Taylor 245fc96137 SEC-1075: Update the embedded LDAP server to use Apache DS 1.5. Updated to use the new 1.5.5 release for the embedded server. 2009-09-01 23:21:44 +00:00
Luke Taylor 2039200617 SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace. 2009-09-01 16:08:20 +00:00
Luke Taylor dbcb13ad14 SEC-1229: Redesign Concurrent Session Control implementation. Renamed session strategy interface and introduced SessionAuthenticationException for rejection of session/Authentication combination. 2009-08-31 22:48:49 +00:00
Luke Taylor 0d7b990e0a SEC-1184: Moved ACL cache classes and interface out of jdbc package. 2009-08-31 22:15:37 +00:00
Luke Taylor 471206a29d SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy 2009-08-27 10:43:01 +00:00
Luke Taylor fe33f08b73 SEC-1201: Allow requires-channel attribute to take placeholders. 2009-08-23 16:42:06 +00:00
Luke Taylor 00352227ac Tidying. 2009-08-23 16:03:40 +00:00
Luke Taylor ea01e9cdf7 SEC-1201: PropertyPlaceholderConfigurer does not work for intercept-url attributes. Ensure that channel processing handles paths which are placeholders. 2009-08-23 15:57:59 +00:00
Luke Taylor 9bf8656d66 SEC-1201: PropertyPlaceholderConfigurer does not work for intercept-url attributes. Added use of ManagedMaps and BeanDefinitions to support placeholders in the pattern and access attributes. 2009-08-22 21:09:34 +00:00
Luke Taylor 579644fa95 SEC-1225: Use bean references for authentication providers. Updated AuthenticationManagerBDP to regsiter the providers as top level beans. 2009-08-22 12:37:14 +00:00
Luke Taylor 24911eb606 Corrected links in manual, comment in schema file. 2009-08-22 01:54:31 +00:00
Luke Taylor 5a8772df5b Reset pom versions post release 2009-08-21 12:02:49 +00:00
Luke Taylor 0e5aa7008d [maven-release-plugin] prepare release spring-security-3.0.0.M2 2009-08-20 15:51:26 +00:00
Luke Taylor 48988bde84 SEC-935: Support for OpenID attribute exchange and changes to namespace syntax to allow simple configuration of attributes to request. 2009-08-13 23:55:25 +00:00
Luke Taylor f536c80020 SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web 2009-08-10 14:18:18 +00:00
Luke Taylor 966f3e4101 SEC-1182: Added tst to confirm that this is no longer an issue due to other changes 2009-08-10 11:32:02 +00:00
Luke Taylor b4bb489638 SEC-1164: Further registering on bean components for tooling and removal of global ids. 2009-08-08 21:08:12 +00:00
Luke Taylor b387d63aba Removing unnecessary global bean names. 2009-08-08 18:57:51 +00:00
Luke Taylor a67448c867 SEC-1216: Remove unused code. 2009-08-08 18:51:15 +00:00
Luke Taylor 229866e293 SEC-1142: Support for session timeout detection. Added namespace support for invalid-session-url 2009-08-07 23:57:10 +00:00
Luke Taylor 0f6642d3ab SEC-1216: Replacement of custom-after-invocation-provider with after-invocation-provider element. Some changes to help prevent proxying of aop infrastructure classes (use of AopInfrastructureBean marker interface) 2009-08-04 00:18:07 +00:00
Luke Taylor eaa0dc4fce typo 2009-08-03 16:30:26 +00:00
Luke Taylor e40b9fbc75 SEC-1196: Introduce AuthenticationManagerDelegator is MethodSecurityInterceptor which is configured by global-method-security. Prevents regression of SEC-933 caused by eager init of AuthenitcationManager and dependent beans 2009-08-03 01:44:49 +00:00