Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-31 06:38:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
957 Commits 48 Branches 362 Tags
Commit Graph

443 Commits

Author SHA1 Message Date
Ben Alex
d44b570087 Disable failing tests until Marc-Antoine has a chance to look at them. 2005-09-18 22:38:37 +00:00
Ben Alex
ae9e7733db Fix broken tests. 2005-09-18 22:38:05 +00:00
Ben Alex
35ca25f085 BasicAuthenticationProcessingFilter no longer creates HttpSession via WebAuthenticationDetails call. 2005-09-08 11:15:48 +00:00
Ben Alex
c7dcceb05c Do not setAuthenticated(false) in the event of a public (unsecured) invocation. Thanks to Joseph Dane for reporting this issue on acegisecurity-developer on 3 September 2005. 2005-09-08 09:32:24 +00:00
Mark St. Godard
486bbee35d added context path to redirect 2005-09-03 21:43:08 +00:00
Mark St. Godard
9d359780d9 finish user context switch event publishing 2005-09-03 20:24:35 +00:00
Mark St. Godard
20ebb668a6 Added event for user context switching and updated switch user filter 2005-08-25 02:59:19 +00:00
Ben Alex
55f5c3397a Relocated JdbcDaoExtendedImpl.convertAclObjectIdentityToString to superclass (pursuant to suggestion made by Tim Kettering on acegisecurity-developer). 2005-08-23 22:45:17 +00:00
Ray Krueger
2bda6ec25c Fix: SEC-48 http://opensource2.atlassian.com/projects/spring/browse/SEC-48 
If the principal is an instanceof UserDetails, UserDetails.getUsername();
 2005-08-23 15:15:06 +00:00
Ben Alex
40a81ed220 Revisit synchonization issue and correct problem identified by Volker Malzahn. 2005-08-21 10:10:16 +00:00
Mark St. Godard
ec5e39c2e8 Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications. 2005-08-04 05:49:12 +00:00
Luke Taylor
725ec767b6 Javadoc typo corrected (as suggested on mailing list) 2005-08-01 20:05:02 +00:00
Scott McCrory
c2c48b905b Added package.html files to reamining java packages (see http://opensource.atlassian.com/projects/spring/browse/SEC-41) 2005-07-26 01:54:18 +00:00
Scott McCrory
f5975dcf30 Whoops, almost forgot to remove System.out debug lines :-/ 2005-07-26 00:55:53 +00:00
Scott McCrory
891cd7380c Mirrored Ben's FilterChainProxy.java 1.5 spelling fix to its corresponding test class, which depended on equality of the exception message. All JUnit tests pass now. 2005-07-26 00:50:43 +00:00
Scott McCrory
dc31553f2a Syntax 2005-07-25 22:49:05 +00:00
Scott McCrory
db4ed4bc44 Added debug statement to AbstractTicketValidator to help with Acegi+CAS+SSL setup (thanks Seth Ladd for the patch) (see http://opensource.atlassian.com/projects/spring/browse/SEC-34) 2005-07-25 03:46:23 +00:00
Scott McCrory
c66c5dfab5 AuthorizeTag no longer depends on JDK 1.4. Tested on Websphere 5.0 w/JDK 1.3 (see http://opensource.atlassian.com/projects/spring/browse/SEC-11) 2005-07-25 00:52:15 +00:00
Scott McCrory
32f62d1ef1 Added SiteminderAuthenticationProcessingFilter for Ben's review. <Untested>. 2005-07-24 23:59:08 +00:00
Ben Alex
f625d06cd9 Avoid expense of HttpSession when working with anonymous users. 2005-07-23 09:52:42 +00:00
Ben Alex
4ad98a7df3 Spelling correction, thanks to Zack Chandler. 2005-07-23 07:40:43 +00:00
Ben Alex
c5ba30b001 Comment how to make a signing certificate. 2005-07-23 07:39:56 +00:00
Ray Krueger
4b98d357ff SecureContextLoginModuleTest has been renamed to ...Tests as per Acegi project. 
SecureContextLoginModule now throws a LoginException if there is no authentication present, if the ignoreMissingAuthentication option is true, the login() method will simply return false.
 2005-07-22 04:35:31 +00:00
Luke Taylor
e51c38aec9 Removed reference in Javadoc to obtaining and validating the SecureContext (checking for null etc), as this is no longer relevant. 2005-07-21 22:59:30 +00:00
Luke Taylor
c89d4a8add Added trimming of whitespace to tokens and use of Springs StringUtils.hasText() to check for content in the string passed to setAsText. 2005-07-21 22:55:27 +00:00
Marc-Antoine Garrigue
3287439421 Initial commit for captcha adapter 2005-07-19 12:35:50 +00:00
Luke Taylor
74588c8e53 Move acegifier code from core. 2005-07-16 19:35:30 +00:00
Luke Taylor
5bbc54ac42 Javadoc typo corrected 2005-07-15 14:28:44 +00:00
Ben Alex
d9b1a8e83c Fix typo in InteractiveAuthenticationSucces(s)Event 2005-07-11 01:23:20 +00:00
Ben Alex
c7bfeeaf58 Clarify local variable name given it was the same as a member variable. 2005-07-11 01:19:41 +00:00
Luke Taylor
ab065923d4 Correct doctype for generated web.xml files and add declaration to test file. 2005-07-09 23:32:08 +00:00
Luke Taylor
22a28f3b39 Separate InMemoryResource class for use in Acegifier web application. 2005-07-09 21:37:50 +00:00
Luke Taylor
7268c81192 Fix for SEC-27. Now checks for a null authentication before proceeding to fire the success event. 2005-07-08 21:16:12 +00:00
Luke Taylor
f1656ee7fd Tidying: removed unused intermediate variable. 2005-07-08 21:10:26 +00:00
Luke Taylor
6f467def90 Added conversion of URLs ending in '*' to the ant '**' form. 2005-07-06 17:22:19 +00:00
Luke Taylor
9e1a773cc7 Add xsl resources to build. 2005-07-06 15:22:52 +00:00
Luke Taylor
d13faf0815 Renaming and refactoring of web.xml converter. 2005-06-30 21:23:50 +00:00
Luke Taylor
118f6401d8 XSL file for converting web.xml to acegified version. 2005-06-29 23:00:54 +00:00
Luke Taylor
a2bc398915 Refactoring and commenting XSL 2005-06-27 21:56:13 +00:00
Ben Alex
3e4a29eae9 FilterSecurityInterceptor now has an observeOncePerRequest boolean property, allowing multiple fragments of the HTTP request to be individually authorized (see http://opensource.atlassian.com/projects/spring/browse/SEC-14). 2005-06-27 03:57:31 +00:00
Ben Alex
5c883e639f Add InteractiveAuthenticationSuccessEvent handling to authentication mechanisms. 2005-06-27 03:34:36 +00:00
Ben Alex
60f8095cf2 Make Authenticated.isAuthenticated() behaviour switchable. See http://opensource.atlassian.com/projects/spring/browse/SEC-13. 2005-06-27 03:05:26 +00:00
Ben Alex
ef8281f534 HttpSessionContextIntegrationFilter elegantly handles IOExceptions and ServletExceptions within filter chain (see http://opensource.atlassian.com/projects/spring/browse/SEC-20). 2005-06-27 02:55:01 +00:00
Luke Taylor
25fa471779 First version of web.xml to acegi translator 2005-06-26 17:30:36 +00:00
Ben Alex
a312fede74 Refactor DAO authentication failure events under a consistent abstract superclass (thanks to Mark St Godard for suggestion). 2005-06-22 08:07:52 +00:00
Ben Alex
c0f1d4e19d Remove getters and setters from JdbcDaoImpl so IoC container cannot modify MappingSqlQuerys (thanks to David Durham for bug report). 2005-06-22 08:06:28 +00:00
Ben Alex
a15691d9d7 Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable (thanks to Joseph Dane for reporting this bug). 2005-06-22 07:03:53 +00:00
Ben Alex
5f75e9bf9a Refactor Authentication.isAuthenticated() handling to be more performance (as per developer list discussion). 2005-06-22 06:30:46 +00:00
Ben Alex
a7b5299e77 Correct synchronization issue with FilterToBeanProxy initialization (thanks to George Franciscus and Volker Malzahn as per acegisecurity-developer discussion 4 June 2005). 2005-06-22 05:22:05 +00:00
Ben Alex
c699f7d40e Support non-username as primary key. 2005-05-29 09:46:51 +00:00