Rob Winch
03f2d654ad
Fix WebTestClient Support
...
Fixes gh-4419
2017-07-13 21:02:07 -05:00
Rob Winch
915de03f42
Polish ExchangeMutatorWebFilter Support
...
Issue gh-4343
2017-05-31 13:23:55 -05:00
Rob Winch
7bc98db23c
Add WebTestClient test support
...
SecurityExchangeMutators
Fixes gh-4343
2017-05-19 15:09:23 -05:00
Rob Winch
e631805635
Remove RedirectMatcher
...
This is no longer necessary now that Spring 5 is the minimum version.
Fixes gh-4092
2017-05-11 14:38:18 -05:00
Rob Winch
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
Vedran Pavic
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
Rob Winch
dd6fc48dd8
Standardize Build
...
The build now uses spring build conventions to simplify the build
Fixes gh-4284
2017-04-21 10:55:05 -05:00
Joe Grandja
2ce174dbf0
Update poms to 5.0.0.BUILD-SNAPSHOT
2017-04-07 16:49:50 -04:00
Rob Winch
d2524eadfc
Update poms to new to SNAPSHOT version
2017-03-02 09:20:34 -06:00
Spring Buildmaster
081f0c4d94
Release version 4.2.2.RELEASE
2017-03-02 07:29:42 +00:00
Rob Winch
9c03571bbb
Use message in all Assert
...
This ensures compatibility with Spring 5.
Fixes gh-4193
2017-01-30 19:58:24 -06:00
Spring Buildmaster
7a7ce11ebb
Release version 4.2.1.RELEASE
2016-12-21 17:23:28 +00:00
Spring Buildmaster
24fcb6c45a
Release version 4.2.0.RELEASE
2016-11-09 23:42:11 +00:00
Spring Buildmaster
97b4cb0b73
Release version 4.2.0.RC1
2016-10-26 02:49:23 +00:00
Rob Winch
6a3a5f7beb
Polish Deprecations
...
Issue gh-4080
2016-10-17 17:02:59 -05:00
Rob Winch
52c6e3cf89
Create RedirectMatcher
...
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.
Issue gh-4080
2016-10-17 17:02:58 -05:00
Rob Winch
17cfd4707b
Fix deprecations
...
Issue gh-4080
2016-10-17 17:00:18 -05:00
Rob Winch
8a7ac398e6
Remove TheController from Bean
...
It is already picked up with classpath scanning
Issue gh-4080
2016-10-17 17:00:17 -05:00
Spring Buildmaster
c1b8150439
Release version 4.2.0.M1
2016-09-23 19:39:33 +00:00
Rob Winch
4d02a5c0a0
Update pom.xml dependencies
2016-08-30 11:27:29 -05:00
Rob Winch
050198e51b
Fix csrf() when used then not used
...
Previously if csrf() was used and subsequently not used, the
TestCsrfTokenRepository was still used. This makes it difficult to test
the actual CsrfTokenRepository implementation.
Now the TestCsrfTokenRepository is only used if explicitly enabled.
Fixes gh-4016
2016-08-09 17:09:16 -04:00
Spring Buildmaster
919f000c80
Release version 4.1.1.RELEASE
2016-07-07 00:57:35 +00:00
Rob Winch
8ad91ef6a5
WithSecurityContextTestExecutionListener > SqlScriptsTestExecutionListener
...
WithSecurityContextTestExecutionListener should order after
SqlScriptsTestExecutionListener so sql can setup the current user's info
in the database.
Fixes gh-3962
2016-07-06 16:09:17 -05:00
Rob Winch
bbeb7f94d7
Fix checkstyle
...
Issue gh-3920
2016-06-20 19:36:51 -05:00
Rob Winch
a2a06d19c1
Add formLogin() Accept Test
...
Issue gh-3920
2016-06-20 16:23:29 -05:00
Micah Silverman
314828859e
Added accept method call to buildRequest in SecurityMockMvcRequestBuilders with default of MediaType.APPLICATION_FORM_URLENCODED
2016-06-20 15:46:01 -05:00
Eddú Meléndez
a2ead4cf7a
Polish
...
Fixes gh-3892
2016-06-20 12:35:43 -05:00
Rob Winch
2d6051625f
Update pom.xml
2016-06-17 14:30:11 -05:00
Rob Winch
101190ad8b
Format WithSecurityContextTestExecutionListener
2016-05-20 10:46:26 -05:00
Rob Winch
336de35874
Polish WithSecurityContextTestExecutionListener
...
Extract method for reuse
SecurityContext createSecurityContext(AnnotatedElement annotated,
WithSecurityContext withSecurityContext,
TestContext context)
Issue gh-3888
2016-05-20 10:46:26 -05:00
Eddú Meléndez
a53d022312
Support WithSecurityContextFactory on superclass
...
Fixes gh-3888
2016-05-20 10:46:14 -05:00
Rob Winch
7b61a44929
Fix test .standaloneSetup
...
Previously, Spring Security's test support did not work well with the
standalone setup. This was because the springSecurityFilterChain was not
found by the WebTestUtils.
This commit ensures that the springSecurityFilterChain is added as a
servlet attribute if it is explicitly defined. WebTestUtils can then
find the springSecurityFilterChain in the ServletContext.
Fixes gh-3881
2016-05-16 11:02:40 -04:00
Rob Winch
602bb457b8
Formatting
...
Issue gh-3881
2016-05-16 11:02:40 -04:00
Spring Buildmaster
001b05569a
Release version 4.1.0.RELEASE
2016-05-05 04:25:46 +00:00
Rob Winch
78bf6e2bd5
WithSecurityContextTestExecutionListener supports generic Annotation
...
Previously Spring Security's WithSecurityContextTestExecutionListener
allowed a WithSecurityContextFactory<Annotation> to be used. This
was broken in SEC-3074.
This commit ensures that WithSecurityContextFactory<Annotation> is
supported again.
Fixes gh-3837
2016-05-03 15:41:25 -04:00
Jens Goldhammer
ceef70946b
Resolve springSecurityFilterChain to Filter
...
When enabling debug for spring security, the FilterChainProxy will be wrapped by the DebugFilter.
This DebugFilter will be registered as bean springSecurityFilterChain. The WebTestUtils will now search for the bean by name instead of FilterChainProxy class.
In this case we have to cast to a Java ServletFilter to support both filter...
Fixes gh-3836
2016-04-26 15:53:38 -04:00
Spring Buildmaster
24d0069668
Release version 4.1.0.RC2
2016-04-21 01:47:25 +00:00
Rob Winch
b2b53f7a81
Fix unauthenitcated() and AnonymousAuthenticationToken
...
Previously if unauthenticated() experienced an AnonymousAuthenticationToken
it would not match.
This commit ensures that if the user is anonymous (not just null)
unauthenticated() works.
Fixes gh-3409
2016-04-19 15:08:47 -05:00
Rob Winch
8a28a27225
Formatting Polish
2016-04-19 14:24:11 -05:00
Rob Winch
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
Joe Grandja
b90242f2fa
Updates all POM versions to 4.1.0 snapshot build.
...
Fixes gh-3804
2016-04-12 10:35:43 -04:00
Eddú Meléndez Gonzales
a5a5d9a1a9
Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities ( #3793 )
...
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)
Fixes gh-3791
2016-04-08 08:55:53 -05:00
Rob Winch
8abb882927
Rename poorly named withUser variable
...
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.
This commit renames the variables to withSecurityContext.
Fixes gh-3775
2016-04-01 10:27:14 -05:00
Spring Buildmaster
044acf7e27
Release version 4.1.0.RC1
2016-03-23 07:15:15 -07:00
Rob Winch
ec4e6c7453
Update pom.xml to 4.1.0.BUILD-SNAPSHOT
2016-03-14 00:51:35 -05:00
Rob Winch
f221920a19
Clean up code to conform to basic checkstyle
...
Issue gh-3746
2016-03-14 00:15:12 -05:00
Rob Winch
df5e3ba6ee
Polish Imports
2016-03-09 16:24:50 -06:00
Rob Winch
835ac0a217
Add @WithUserDetails userDetailsServiceBeanName
...
Fixes gh-3346
2016-03-09 15:59:23 -06:00
Rob Winch
618b8a2d83
Fix WebTestUtils when no matching HttpSecurity found
...
Previously a NullPointerException would be thrown if no HttpSecurity
matched on the request passed in. This was because findFilters would
return null rather than an empty List.
This commit returns null if findFilters gets a null result.
Fixes gh-3343
2016-03-09 15:20:10 -06:00
Billy Korando
71d4ce96ad
Convert to assertj
...
Fixes gh-3175
2016-03-09 14:30:17 -06:00
Rob Winch
bb600a473e
Start AssertJ Migration
...
Issue gh-3175
2016-03-09 14:26:30 -06:00
Rob Winch
dd092431a0
SEC-2941: Default RequestPostProcessor overrides
...
Previously a default RequestPostProcessor overrode additional
RequestPostProcessor instances added to the request. This was due to
SPR-12945. Now that SPR-12945 is fixed, this commit adds a test to
ensure this stays fixed.
2015-10-21 16:06:49 -05:00
zhanhb
29f2cc0ab1
snasphot -> snapshot
2015-09-25 15:28:39 -05:00
Rob Winch
81e2778106
SEC-3097: Change CsrfRequestPostProcessor to use TestCsrfTokenRepository
...
This ensures that when using a wrapped HttpServletRequest (i.e. Spring
Session) that the CSRF token test support still works.
2015-09-02 00:21:40 -05:00
Rob Winch
ea94706319
SEC-3097: Use MockMvc for SecurityMockMVcRequestPostProcessorsCsrfTests
...
This is necessary because the changes for this issue are going to make
the mocked version of the tests invalid.
2015-09-02 00:21:39 -05:00
Rob Winch
35393098f8
SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor
2015-08-27 15:17:44 -05:00
Rob Winch
5f328b1178
SEC-2709: Fix WithSecurityContextTestExecutionListener Order
2015-08-20 10:41:09 -05:00
Rob Winch
327695ab0c
SEC-3084: Doc SecurityContextRequestPostProcessorSupport & SecurityContextHolder
2015-08-20 09:30:24 -05:00
Rob Winch
567c51e109
SEC-3074: Add Test Meta Annotation Support
2015-08-19 16:05:54 -05:00
Rob Winch
969f3a7d1b
Update pom.xml to latest snapshots
2015-08-03 09:46:01 -05:00
Thomas Darimont
ad1d858e2b
SEC-3056 - Fix JavaDoc errors.
...
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
Rob Winch
e8c9f75f9c
Update pom.xml to latest versions
2015-07-22 12:51:04 -05:00
Rob Winch
bc53945d89
Remove unused import in WithSecurityContextTestExecutionListenerTests
2015-07-22 12:44:34 -05:00
Rob Winch
2d448658cd
SEC-3042: Add SecurityTestExecutionListeners
2015-07-16 13:51:37 -05:00
Rob Winch
4cafd575c0
SEC-3041: Fix WithSecurityContextTestExecutionListener w/ no ApplicationContext
2015-07-16 13:13:46 -05:00
Rob Winch
e4517016ca
SEC-2984: Add @WithMockUser authorities property
2015-07-16 08:41:40 -05:00
Rob Winch
1bca645add
SEC-2935: Multiple MockMvc invocations proper SecurityContext setup
...
Previously if a MockMvc instance was setup with a user and then again with
no user, then the original user would be setup.
This commit ensures that if a user is setup and then no user is setup no
user is used.
2015-04-22 16:12:18 -05:00
Rob Winch
d5dfeeca49
SEC-2927: Update chat-jc pom so Maven Builds
...
Previously there were some incorrect dependency versions. This commit fixes
that.
We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
Rob Winch
db531d9100
SEC-2917: Update to Spring 4.1.6
2015-03-25 15:18:59 -05:00
Rob Winch
ae6af5d73c
SEC-2915: Updated Java Code Formatting
2015-03-25 13:09:18 -05:00
Rob Winch
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
2015-03-25 13:08:59 -05:00
Rob Winch
cf9f58a4ac
SEC-2915: XML spaces->tabs
2015-03-25 13:08:52 -05:00
Rob Winch
706e7fd7a2
SEC-2863: Update to Spring 4.1.5
2015-02-20 11:43:04 -06:00
Rob Winch
9c5cb2f438
SEC-2593: Add additional test
2015-02-05 10:58:49 -06:00
Rob Winch
8f0001f59a
Next Development Version
2014-12-11 20:39:26 -06:00
Spring Buildmaster
49b69196de
Release version 4.0.0.RC1
2014-12-11 20:36:55 -06:00
Rob Winch
1677836d53
SEC-2790: Deprecate @EnableWebMvcConfig
2014-12-10 21:10:27 -06:00
Rob Winch
3171cc4364
SEC-2788: Add @Configuration as meta annotation to @Enable* annotations
2014-12-10 21:10:15 -06:00
Rob Winch
11116c2b80
SEC-2787: Update Versions
2014-12-10 16:37:19 -06:00
Rob Winch
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
Rob Winch
b56e5edbbd
SEC-2784: Fix build plugins
2014-12-08 14:24:34 -06:00
Rob Winch
dfa17bdb98
SEC-2747: Remove spring-core dependency from spring-security-crypto
2014-11-20 16:16:22 -06:00
Rob Winch
5ba8f000a7
SEC-2714: Add AuthenticationPrincipal resolver for messaging support
2014-09-23 16:28:48 -05:00
Rob Winch
d316f661e8
SEC-2719: Fix order sensitive authenticated().withRoles(..)
2014-09-16 10:54:50 -05:00
Rob Winch
02c3565e22
Fix compiling in Eclipse
2014-09-16 10:18:46 -05:00
Rob Winch
533b71b9b8
SEC-2688: Remove ORDER constant
2014-08-15 21:14:12 -05:00
Rob Winch
3187ee8bf3
SEC-2700: Register WithSecurityContextTestExecutionListener by default
2014-08-15 16:41:33 -05:00
Rob Winch
b72c1ad314
SEC-2686: Create SecurityMockMvcConfigurer
2014-07-22 15:11:37 -05:00
Rob Winch
9654817fd8
SEC-2601: Add DigestRequestPostProcessor
2014-07-21 22:46:18 -05:00
Rob Winch
c8348d60e1
SEC-2602: Add test support for x509 certificate
2014-07-21 15:09:30 -05:00
Rob Winch
906a0cb0e2
SEC-2684: Correct spelling of WithSecurityContextTestExecutionListener
2014-07-18 13:53:41 -05:00
Rob Winch
e4fa42c399
SEC-2593: Add test for TestSecurityContext RPP in stateless mode
2014-06-13 15:28:06 -05:00
Rob Winch
7e3e821db1
SEC-2593: Support stateless mode in Spring Security Test
2014-06-13 15:22:06 -05:00
Rob Winch
6d45957eec
SEC-2572: Add spring-security-test method showcase
...
This will allow for using the showcase in the documentation.
2014-05-07 10:45:52 -05:00
Rob Winch
dabe3a03e7
SEC-2586: Create DefaultSecurityTestExecutionListeners
2014-05-07 10:44:05 -05:00
Rob Winch
00e1094178
Add springio-platform plugin
2014-04-23 14:35:22 -05:00
Rob Winch
8baf82532c
SEC-2015: Add spring-security-test
2014-04-22 16:47:48 -05:00
Ben Alex
b8b31d6f65
Tidy up Maven migration by eliminating unnecessary directories and having Eclipse classpath use MAVEN_REPO.
2004-12-05 07:21:30 +00:00
Ben Alex
2426bb9e8e
Make JdbcDaoTests use in-memory database.
2004-07-29 03:32:23 +00:00
Colin Sampaleanu
e2de3c9dbc
Enhance AuthenticationProcessingFilterEntryPoint and related classes, to support a property forcing the login page to be access via https even if the original intercepted request came in as http.
2004-04-22 21:47:05 +00:00
Colin Sampaleanu
3ceb492cb2
move password encoder tests to proper packages.
...
rename saltSource param in PasswordEncoder interfce to salt. It was already called salt in subclasses, and is in fact supposed to be the salt, not the source for the salt, although depending on the implementation it may still be treated as the latter.
2004-04-17 02:18:46 +00:00
Colin Sampaleanu
3d089aaa67
move and rename password encoding classes.
...
change saltSource arument to salt argument, which impl may or may not use.
2004-04-16 03:44:04 +00:00
Colin Sampaleanu
5d9d734735
more final version of the various PasswordEncoder implementations.
...
add unit tests for PasswordEncoder implementations.
remove ignore password case and ignore username case flags and handling from DaoAuthenticationProvider.
remove requirement described in JavaDoc for AuthenticationDao that it ignore case when returning a user by username. Implementations may still do so if configured as such.
2004-04-15 16:32:09 +00:00
Colin Sampaleanu
41a837f8cd
add back HSQL db in test dir, as it turns out _it is_ supposed to be in CVS
...
modify JdbcDaoTests to test for role prefix functionality
fix glitch in JdbcDaoImpl
modify Eclipse classpath so HSQL lib is loaded, so unit tests can run in Eclipse as well.
2004-04-15 03:34:18 +00:00
Colin Sampaleanu
547b1ff4e3
remove test data that somehow got checked into CVS
2004-04-14 03:39:30 +00:00
Colin Sampaleanu
6c26e79a0f
change AuthenticationProcessingFilter and SecurityEnforcementFilter to use Spring's WebApplicationContextUtils by defualt to find their config context.
2004-04-09 02:44:17 +00:00
Ben Alex
0a17d65d37
Initial commit.
2004-03-29 02:49:51 +00:00