Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 08:58:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,983 Commits 34 Branches 337 Tags
Commit Graph

1026 Commits

Author SHA1 Message Date
Luke Taylor
d208cf3824 SEC-449: Make LdapUserDetailsMapper a pure ContextMapper so it can be used with LdapTemplate. 2007-09-13 20:42:50 +00:00
Luke Taylor
6d8f92e1b8 Allow an ldif file to be set in the configuration and loaded on initialization. 2007-09-13 20:40:49 +00:00
Luke Taylor
ae40919d13 Tidying up class. 2007-09-12 19:55:52 +00:00
Luke Taylor
c0f5230667 SEC-302: Add rolePrefix property to SecurityContextHolderAwareRequestFilter. 2007-09-11 17:29:47 +00:00
Luke Taylor
6a6bafa219 Make sure test classes which are setting the context clear it in their tearDown methods. 2007-09-11 14:13:50 +00:00
Luke Taylor
c56b8c4117 SEC-471: Allow names of username and password parameters to be customized in AuthenticationProcessingFilter. 2007-09-11 12:12:14 +00:00
Luke Taylor
3326525b65 SEC-368: Tidied up captcha spelling. 2007-09-11 11:16:07 +00:00
Luke Taylor
dd2a46c7ca SEC-368: Tidied up captcha spelling. 2007-09-11 11:11:05 +00:00
Luke Taylor
c91400b03b Corrected scm sections of core and parent poms. 2007-09-10 23:18:43 +00:00
Luke Taylor
448e8cfb42 SEC-551: Convert RegExpBasedFilterInvocationDefinitionMap and DaoX509AuthoritiesPopulator to use JDK regexps. Removed ORO dependency from the project. 2007-09-10 23:09:36 +00:00
Luke Taylor
6eb17c8546 SEC-513: Ldap user manager implementation classes changed to use new spring ldap apis. 2007-09-10 21:13:45 +00:00
Luke Taylor
afaa169e97 SEC-449: Test data ldif file for ApacheDS. 2007-09-10 21:09:59 +00:00
Luke Taylor
0503c3e1ab SEC-449: Refactoring towards more use of Spring LDAP. Also borrowed the Spring LDAP integration testing setup which is much better and makes use of the full LDAP stack. There were still problems with using Apache DS's CoreContextFactory (e.g. compare operations) so it is an improvement on that front too. Moved spring ldap to 1.2-RC1 version. 2007-09-10 21:09:02 +00:00
Scott Battaglia
f7815e8da2 SEC-520 
added parameter to determine whether to encode the session id or not and an explanation on when it should/should not be used.
 2007-09-10 15:11:56 +00:00
Luke Taylor
e7ede68352 Update ldap test base class to use LdapContext by default. 2007-09-07 20:52:03 +00:00
Luke Taylor
ff1f1d8ef5 SEC-449: Rename internal LdapTemplate class to SpringSecurityLdapTemplate to avoid confusion. 2007-09-07 20:49:38 +00:00
Luke Taylor
f178ca2a39 Updated trunk poms to 2.0-SNAPSHOT version 2007-09-07 20:14:55 +00:00
Luke Taylor
70239a9769 SEC-513: First check in of user management stuff. 2007-09-07 20:01:46 +00:00
Luke Taylor
9b71b5aa00 SEC-449: Mostly changes to aid moving towards compatibility with spring-ldap. 2007-09-07 19:55:45 +00:00
Luke Taylor
8d4b97f685 Updated poms post-release 1.0.5 2007-09-06 02:52:09 +00:00
Luke Taylor
c8b6111418 Release 1.0.5. 2007-09-06 01:52:53 +00:00
Luke Taylor
3de8745494 Commented out (another) failing captcha test whose behaviour varies with speed of the build server (makes assumptions about the interval within which certain lines of code are executed). 2007-09-04 01:06:58 +00:00
Luke Taylor
6289503643 Commented out failing captcha test whose behaviour varies with speed of the build server (makes assumptions about the interval within which certain lines of code are executed). 2007-09-03 23:33:13 +00:00
Luke Taylor
34527c3305 Changed spring version to 1.2.9 and modified dependencies to get build to work with this version. Corrected some javadoc links. 2007-09-03 15:47:39 +00:00
Luke Taylor
15ee5b2364 SEC-540,SEC-541: Changes for maven 2 site generation and use of docbkx. 2007-09-02 13:22:24 +00:00
Luke Taylor
4e452046ec Comment out System.out.println 2007-09-01 14:59:41 +00:00
Ray Krueger
edd7bbeceb Removed repeated downcasting of ServletRequest and ServletResponse 2007-09-01 14:43:09 +00:00
Luke Taylor
b2799985f2 SEC-398: Added patch which uses response wrapper to set context in session on redirect or error. 2007-08-31 20:39:33 +00:00
Luke Taylor
219b865c01 SEC-544: Added German localization messages from Andreas Senft. 2007-08-31 12:15:13 +00:00
Luke Taylor
c021bf4682 SEC-542: Made SessionInformation serializable. Also remove unused default constructor. 2007-08-30 21:38:07 +00:00
Luke Taylor
0adf0d6f1c SEC-529: Added French translation of messages from Laurent Pireyn 2007-08-30 21:27:49 +00:00
Luke Taylor
bc411c7c3b SEC-457: Added Czech translation of messages from Jan Novotný 2007-08-30 21:20:19 +00:00
Luke Taylor
ea61964f56 SEC-483: Fix. Make getGroupSearchBase protected. 2007-08-30 21:15:14 +00:00
Luke Taylor
0c4916ee98 SEC-427: Fix. Added NullAuthoritiesPopulator and extra constructor. 2007-08-30 21:12:16 +00:00
Luke Taylor
301626fd6e SEC-346: Fix. Added suggested change. Also some minor tidying up of comments etc. 2007-08-30 20:55:49 +00:00
Luke Taylor
2e8d16c538 SEC-484: Multithreaded tests for SessionRegistryImpl. 2007-08-30 19:26:24 +00:00
Luke Taylor
ad43d433b4 SEC-484: Fix for NPE concurreny issue. Also reinstated synchronized on registerNewSession (had removed it for testing). 2007-08-30 19:04:18 +00:00
Luke Taylor
aa4ee54f86 Added logging to SessionRegistryImpl. 2007-08-30 18:22:40 +00:00
Luke Taylor
7fcdd4a6ff More tidying... 2007-08-30 11:31:36 +00:00
Luke Taylor
510cd5050f Tidied up SessionRegistryImpl and rolled back reformatting of its test class to incorrect width. 2007-08-30 11:21:28 +00:00
Luke Taylor
5f993e5627 SEC-534: Refactored JaasAuthenticationProvider to use ApplicationPublisherAware rather than ApplicationContextAware. 2007-08-29 11:51:02 +00:00
Luke Taylor
1467527c0a SEC-538: Deleted maven 1 files. 2007-08-29 11:00:28 +00:00
Luke Taylor
5b7ed79b6a SEC-539: Reformatted "divider" comments (//~ Methods=== etc). Simplified boolean expression in afterPropertiesSet. 2007-08-28 23:19:06 +00:00
Luke Taylor
d7cef1ba31 SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged. 2007-08-28 23:11:58 +00:00
Luke Taylor
47c5a6d43f SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session). 2007-08-28 22:43:13 +00:00
Luke Taylor
f7a6129657 SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter. 2007-08-28 22:40:56 +00:00
Luke Taylor
d1be9f9980 SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use. 2007-08-28 22:38:55 +00:00
Luke Taylor
3dd0716611 SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter(). 2007-08-28 21:58:30 +00:00
Luke Taylor
fa63d8ecfb SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession() 2007-08-28 21:25:17 +00:00
Luke Taylor
ce3eb599ed SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter(). 2007-08-28 21:11:48 +00:00