11d83cdce1
SEC-2651: Fix hellojs-jc after Thymeleaf Spring 4 changes
2014-06-13 09:43:32 -05:00
80c0f5fa17
SEC-2626: Add Geb integration tests for form-jc
2014-06-12 17:06:05 -05:00
2aea199001
SEC-2636: Added Geb integration tests for ldap-jc
2014-06-12 16:49:12 -05:00
10c4d8f1af
SEC-2651: Update Thymeleaf to Spring 4 variants in samples
2014-06-12 16:48:04 -05:00
cb94fb2c99
SEC-2631: Add spring-security-test to inmemory-jc pom
2014-06-12 15:08:53 -05:00
ac712f9f17
SEC-2617: Add JSTL to sample poms
2014-06-12 15:07:25 -05:00
5953a35c95
SEC-2624: Add Geb integration tests to contacts-xml
2014-06-12 15:05:54 -05:00
91b2b7f875
SEC-2634: Add Geb integration tests for jaas-xml
2014-06-12 12:18:56 -05:00
1bff58577c
SEC-2631: Add inmemory-jc MockMvc integration tests
2014-06-12 12:18:04 -05:00
15ab3316b3
SEC-2630: Add helloworld-jc Gebintegration tests
2014-06-12 12:18:04 -05:00
fb25273672
SEC-2617: Fix JSTL Samples
2014-06-12 12:01:04 -05:00
dd0253048e
SEC-2650: Fix Jetty Warn NoInitialContextException on shutdown
2014-06-12 11:53:22 -05:00
e9d9a83df4
SEC-2607: CAS Server logouts out synchronously
2014-05-21 15:43:56 -05:00
76bf378077
SEC-2580: Include ApacheDS in samples/ldap-xml
2014-05-01 11:28:27 -05:00
00e1094178
Add springio-platform plugin
2014-04-23 14:35:22 -05:00
8baf82532c
SEC-2015: Add spring-security-test
2014-04-22 16:47:48 -05:00
1c75d33adb
SEC-2560: Remove samples from .gitignore and add missing sample files
2014-04-16 21:17:02 -05:00
5b216bd0b2
Revert "SEC-2547: Consistent CAS client version"
...
This reverts commit f6cc9d87d5
2014-04-15 10:36:37 -05:00
f6cc9d87d5
SEC-2547: Consistent CAS client version
2014-04-14 22:48:55 -05:00
ccf96a4d69
SEC-2542: Polish dependency exclusions
...
This cleans up exclusions so the pom.xml are not as cluttered.
2014-04-02 09:47:29 -05:00
3118e39de8
SEC-2542: Use exclusions to remove duplicate dependencies
...
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.
In addition to the new exclusions, notable other changes are:
- Spring Data JPA has been updated to 1.4.1. This brings its
transitive dependency upon spring-data-commons into line with
Spring LDAP's and prevents both spring-data-commons-core and
spring-data-commons from being on the classpath
- All Servlet API dependencies have been updated to use the official
artifact with all transitive dependencies on unofficial servlet API
artifacts being excluded.
- In places, groovy has been replaced with groovy-all. This removes
some duplicates caused by groovy's transitive dependencies.
- JUnit has been updated to 4.11 which brings its transitive Hamcrest
dependency into line with other components.
There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level
Conflicts:
samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
9988fa141c
Update Spring Security version in pom.xml
2014-03-06 08:13:52 -06:00
8afa8d8588
Fix integration tests
2014-03-06 07:56:40 -06:00
6dfdb10e31
Fix move to 4.0
2014-03-05 16:52:19 -06:00
7f99a2dfbb
SEC-2487: Update to Spring 3.2.8.RELEASE
2014-02-19 09:30:40 -06:00
ec8b48150d
SEC-2474: Update poms
2014-02-07 17:01:11 -06:00
8c580dc170
SEC-2444: Polish Thymeleaf for samples
2013-12-16 09:51:00 -06:00
b7041ed00e
SEC-2436: Add @EnableWebMvcSecurity
2013-12-14 14:40:01 -06:00
2df5541905
SEC-2448: Update to HSQL 2.3.1
2013-12-14 10:19:06 -06:00
4708287ad3
SEC-2444: Convert Java Config samples to thymeleaf and tiles
2013-12-13 15:47:28 -06:00
a34178bc40
SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA
2013-12-12 08:16:59 -06:00
4460e84b29
Updates to pom.xml author and repo
2013-12-09 08:57:30 -06:00
feeb380b51
Polish Guides
2013-12-06 11:12:07 -06:00
ec524da6cb
SEC-2416: Fix Hello MVC guide
2013-12-05 15:47:38 -06:00
fc6fc19eed
Fix guides
2013-12-05 13:16:59 -06:00
2c8946c406
Next development version
2013-11-01 14:20:55 -05:00
9c703a3051
Release version 3.2.0.RC2
2013-11-01 14:20:49 -05:00
348e3a22b6
SEC-2365: registerAuthentication->configure
2013-10-16 13:59:56 -05:00
0978c12c47
SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder
2013-10-15 12:35:32 -05:00
0b0e7dbea9
SEC-2359: Merge DefaultLoginPageViewFilter w/ DefaultLoginPageGeneratingFilter
2013-10-14 15:00:24 -05:00
4ef0460ef6
SEC-2321: Improve Java Config defaults for JavaScript clients
2013-10-11 14:53:11 -05:00
76a8bbe98d
SEC-2354: Add failOnMissingWebXml=false to sample pom.xml
2013-10-07 08:12:35 -05:00
88f41cdf62
SEC-2341: Update to Gradle 1.8
...
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
3d2f23602f
SEC-2294: Update Spring Version to 3.2.4.RELEASE
2013-08-31 11:26:43 -05:00
658a93178c
SEC-2252: Add custom form guide
2013-08-19 15:22:04 -05:00
51b9c4a19a
Hide logout in main.jsp if not logged in
2013-08-17 14:38:39 -05:00
d62c2e0835
SEC-2244: Defaults based on loginPage are now updated when loginPage changes
2013-08-16 14:48:45 -05:00
e9bb9e766e
SEC-1574: Add CSRF Support
2013-08-15 14:49:21 -05:00
54c2166567
SEC-2194: Remove unnecessary MessageSecurityWebApplicationInitializer from helloworld
2013-08-15 12:50:41 -05:00
fea4d01aad
SEC-2194: hello samples displays username and logout properly
2013-08-15 12:50:41 -05:00
b5ecaf61ed
SEC-2194: Remove samples errors/tabs folders
2013-08-15 12:50:41 -05:00
f036970f8b
SEC-2194: Add margin to links in header of samples
2013-08-15 12:50:41 -05:00
2feded5fc5
SEC-2194: Update samples to have jsp-api
2013-08-15 12:50:40 -05:00
22e4d1646a
SEC-2194: Remove login page from hellomvc and insecuremvc
2013-08-15 12:50:40 -05:00
e8278f3b9b
SEC-2249: AbstractSecurityWebApplicationInitializer allows register config
2013-08-08 14:33:54 -05:00
976d9a9016
SEC-2194: Polish java config sample apps
2013-08-08 14:33:54 -05:00
1f86d5dad9
SEC-2097: Add Tomcat Gradle plugin
2013-08-05 16:49:34 -05:00
388a4dd9db
SEC-2194: Add Java Config samples
2013-08-05 16:49:33 -05:00
36418b964d
Remove samples/runall.sh
2013-08-01 13:19:21 -05:00
e242aeff3e
SEC-2230: Polish and clickjacking demo
2013-08-01 10:19:36 -05:00
8c3ac719bb
SEC-2230: Added testing certificates
2013-08-01 09:48:09 -05:00
0bc08f8a23
SEC-2230: Update contacts sample to use <headers> with no child elements
2013-08-01 09:47:57 -05:00
0adf5aea91
SEC-2098, SEC-2099: Created HeadersFilter
...
Created HeadersFilter for setting security headers added including a
bean definition parser for easy configuration of the headers. Enables
easy configuration for the X-Frame-Options, X-XSS-Protection and
X-Content-Type-Options headers. Also allows for additional headers to
be added.
2013-07-25 16:22:43 -05:00
5e6ca12b01
SEC-2097: Update integrationTestCompile to use optional and provided
...
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
02551e1b7a
SEC-2214: Update Spring Version
2013-07-16 15:15:47 -05:00
faa8b354b7
SEC-2209: add pom.xml
2013-07-16 15:15:47 -05:00
e5fc063680
SEC-2206: Gradle Propdeps
2013-07-16 15:15:42 -05:00
07c3fdf8a7
SEC-2195: Update Groovy, Geb, Spock, httpcomponents, and Jetty
2013-07-16 15:02:39 -05:00
896339087f
SEC-2122: Update samples to use bcrypt.
...
Data sources modified to store bcrypt hashes and configs now
use BCryptPassworEncoder.
2013-05-17 18:44:30 +01:00
e8661913d1
SEC-2119: Update to 3.2 schema and use default schema version when available
2013-03-01 16:29:27 -06:00
22e333b9c6
SEC-2092: Add servlet api example
2012-12-11 17:44:57 -06:00
1ed643ca1f
SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
...
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
78cbdd2c93
Reserve Server Ports in integrationTests
...
Previously the build would look up a server port dynamically, but since
it closed the port immediately it may not be reserved by the time jetty
started up.
We now reserve the port and do not close it till just before Jetty starts.
While there is still a race condition, it is much smaller window of time
than it was previously.
2012-11-01 11:14:50 -05:00
6af3e1958b
Update to Groovy 1.8
2012-09-04 09:48:29 -05:00
a2452ab514
SEC-1906: Update to Gradle 1.0
2012-07-05 12:41:56 -05:00
dec44811fc
Gave correct role name
2012-02-28 14:41:14 +01:00
0e413cedcb
Gave correct role name
2012-02-28 14:39:30 +01:00
044861eb20
Renamed **/*Spec.groovy to **/*Tests.groovy to better follow conventions
2011-12-29 12:59:24 -06:00
b60367e30c
Upgrade to validater 4.2
2011-11-01 00:20:45 +00:00
9d66e1fac3
Exclude static resources from filter chain in tutorial sample.
2011-09-25 22:30:14 +01:00
7e44580c75
Minor refactoring of aspects tests.
2011-07-20 17:42:05 +01:00
dc92baa257
Remove truststore settings from tutorial sample as they aren't required.
2011-06-13 15:03:51 +01:00
e4ecdd55f6
Enable https in tutorial sample.
2011-06-13 13:45:09 +01:00
80fd96df6d
SEC-1650: Updates and corrections to tutorial sample to fit better with new tutorial.
2011-06-07 16:46:38 +01:00
c9b328d8c7
SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts
2011-06-02 21:19:01 -05:00
e8a1a6e40b
Added spring-expression to config module testCompile to fix build.
2011-05-19 23:50:35 +01:00
3de0041874
Reverted cas Readme.txt from instructing to run from samples/cas/sample
2011-05-16 22:09:58 -05:00
076a75d8c3
Cleaned up cas task dependency declarations
2011-05-15 22:09:28 -05:00
11dc3363cc
Moved cas server and cas sample into common parent folder (samples/cas)
2011-05-15 22:09:08 -05:00
1c1ffe2f0f
Added CA's to server.jks from cacerts included with Sun JDK
...
- Allow handshake to succeed for the build to upload to amazon
- Allows the same trust store to work for openid and CAS sample applications
2011-05-13 18:05:16 -05:00
e1f4c3d325
Created a casserver module to better isolate it from the cas sample application now that an overlay is being done
2011-05-12 22:17:43 -05:00
4d786d74cf
Reworded CASSampleSpec test method to reflect single logout
2011-05-12 22:17:43 -05:00
4c43bde064
Set log levels to ERROR level when running CAS integration tests
2011-05-12 22:17:43 -05:00
9525403385
Added CAS Server overlay to make single logout be synchronous and enabled itests for the cas sample
2011-05-12 22:17:43 -05:00
d2175468ee
Disable CAS interation tests until CI problems are resolved.
2011-04-28 19:17:29 +01:00
06faea8cfc
Typos.
2011-04-28 18:55:38 +01:00
97afb0c9ac
SEC-965: Added assert to LoginPage.at
2011-04-18 23:52:20 -05:00
01fb4bdb6d
SEC-1718: Update documentation and sample application to demonstrate how to use a PGT to authenticate to stateless services using a PT
2011-04-17 18:17:14 -05:00
abfa558c3c
Removed Dummy.java from cas sample
2011-04-17 18:14:16 -05:00
11331d34d9
SEC-1717: Document how to perform Single Logout with CAS and added integration test for sample application to test Single Logout
2011-04-17 18:14:16 -05:00
761d5af6ec
SEC-965: Added integration tests for CAS Sample Application
2011-04-17 18:14:14 -05:00
f1c064b3b9
SEC-965: Updated CAS Sample application for proxy authentication
...
* Configured for proxy authentication
* Cleaned up the jsps
* Changed the cas sample context root to cas-sample so the CAS Server's JSESSIONID cookie doesn't remove the cas samples
2011-04-17 18:00:37 -05:00
ddaf9eb64f
SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter.
2011-03-31 21:09:54 +01:00
a50c9afbab
Modified jaas sample's LoginModule to prevent empty string username/password
2011-03-07 22:25:19 -06:00
9e5d35235c
Made the principal for jaas sample serializable
2011-03-07 22:25:16 -06:00
72f031253f
Remove unnecessary dependency repos and update GAE version.
2011-02-28 15:43:25 +00:00
d58dd79a52
SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled.
2011-01-25 13:16:46 +00:00
19e56f4397
Stripping out unnecessary dependencies from sample jars.
2011-01-10 17:27:58 +00:00
7316bcff75
Updated outdated CAS sample readme with instructions for running CAS using gradle
2010-12-20 22:22:19 +00:00
bbcc611af5
CAS server version upgrade and minor tweaks to CAS sample build file.
2010-12-20 22:12:35 +00:00
4a40d80da1
SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
...
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
51a53ddbaa
Minor refactoring of GAE code to use specific GrantedAuthority type.
2010-11-17 14:15:11 +00:00
fc00d7ef1d
Move the unix scripts for the tutorial sample into a subdirectory
2010-11-12 15:19:46 +00:00
37810a19c4
SEC-1619: Added check in GAE sample for change of Google user while still logged into the app.
...
Also updated GAE version and build script. Uploading to GAE now works when run from the gradle build file using the command 'gradle gaeDeploy'.
2010-11-10 15:37:42 +00:00
ffccc5f446
SEC-1617: Added spring-security-taglibs as a runtime dependency to jaas.gradle
2010-11-08 19:27:44 -06:00
685e0417a7
SEC-1544: Update the tutorial sample to attempt to delete the JSESSIONID cookie on logout.
2010-09-19 18:30:52 +01:00
de819378fc
SEC-1536: added JAAS API Integration, updated doc, updated jaas sample
2010-09-13 13:12:45 -05:00
58d9903ebc
SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider
2010-09-10 20:17:22 -05:00
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
bdb906e588
Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.
2010-08-24 18:25:39 +01:00
b39b63bf3d
Add logback configuration for contacts sample.
2010-08-22 22:43:49 +01:00
b2fc1d8491
Fix namespace schema version in CAS sample.
2010-08-22 22:43:10 +01:00
07d8275ee6
Modify order of saxon and xerces deps in dependency list to prevent Aelfred parser from being used in build.
2010-08-22 22:31:01 +01:00
102bc2d6a0
Reduce unnecessary use of aspectj as a build dependency
2010-08-19 23:23:03 +01:00
c37ca1c2a9
Sample app build adjustments to remove unwanted deps such as jsp-api, tidy up use of JSTL, make sure all are using servlet 2.5 etc.
2010-08-19 22:41:51 +01:00
6abfa2e887
Update minimum required schema to 3.1.
2010-08-17 02:19:55 +01:00
992566b6cb
SEC-1527: Internationalization of contacts sample (Adding message resource bundle and RequestContextFilter). Re-working of L12n section of manual to mention existing localized message files and use of RequestContextFilter.
2010-08-14 01:07:51 +01:00
281d77271e
SEC-1486, SEC-1538, SEC-1537: Generification of AuthenticationDetailsSource. Deprecation of non-web pre-authentication classes and other unnecessary classes. Removal of reflection in WebAuthenticationDetailsSource.
2010-08-13 15:51:05 +01:00
1a838c2049
SEC-1533: AclAuthorizationStrategyImpl can now take either one or three GrantedAuthority arguments. If only one is supplied, it will be used for all 3 of the permissions supported by the class.
2010-08-07 14:41:25 +01:00
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
413b2a06e3
Improvements in up-to-date checking and use of parallel tests where possible.
2010-08-05 02:11:00 +01:00
64375484a1
More build and logging tuning.
2010-08-04 22:55:17 +01:00
c4ee46824c
Removing log4j.properties files and adding logback config ones.
2010-08-04 21:16:05 +01:00
d1279aeda2
Logging adjustments for gae sample.
2010-08-02 19:51:24 +01:00
6ba8257cab
Renamed file to fix case-sensitivity issue.
2010-08-02 12:13:58 +01:00
52edf115ce
Workaround for repeated attempt to download CAS server poms (GRADLE-1072)
2010-07-28 20:04:15 +01:00
2d9a848265
Added missing gradle build files for remaining samples. Some related reordering, dependency fixing etc. CAS sample no longer requires two separate subprojects as both client and server app can be run from a single gradle build.
2010-07-27 02:20:36 +01:00
a74077f9b1
SEC-1490: Minor changes to GAE sample. Simplification of redirect to registration page (only needs to be done after authentication).
2010-07-25 20:46:00 +01:00
e659e15f90
Tidying.
2010-07-23 01:57:45 +01:00
2afccfc633
Remove commons-logging dependency properly and switch tutorial sample to logback/slf4j.
2010-07-23 01:57:31 +01:00
a681dee0e1
Minor sample build changes. JSTL dependency update.
2010-07-20 23:45:20 +01:00
e5a302b5c4
SEC-1490: Correct loggedout URL.
2010-07-20 23:43:43 +01:00
5d35919ca3
SEC-1490: Code for GAE Sample webapp
2010-07-20 23:41:31 +01:00
c1c8fd1874
SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request).
2010-07-20 19:46:47 +01:00
565ef7383d
SEC-1513
...
upgraded to latest version of cas client
2010-07-06 22:09:24 -04:00
026517f674
Removal of deprecated methods and classes.
2010-06-26 16:23:42 +01:00
5939f17708
Fix openid sample configuration.
2010-06-09 22:52:43 +01:00
6a37e4be86
Fix OpenID sample to use new syntax for excluding requests.
2010-06-05 16:53:01 +01:00
efb600166a
SEC-1488: Remove commons-logging dependencies from maven poms.
2010-05-28 13:10:59 +01:00
080430150a
SEC-187: Refactoring contact Dao to use JdbcTemplate, and removing unused query objects (which have been there since 2004!)
2010-05-25 16:47:57 +01:00
Rob Winch
Hans-Joachim Kliemeck
Rob Winch
Spring Buildmaster
Marten Deinum
Luke Taylor
Abdull
Rob Winch
Luke Taylor
Scott Battaglia