Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-08 07:27:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,288 Commits 55 Branches 369 Tags
Commit Graph

549 Commits

Author SHA1 Message Date
Luke Taylor
dac911ac08 Fixed test failures caused by reordering of authorities loading order in JdbcDaoImpl. 2008-01-09 18:31:54 +00:00
Luke Taylor
c77475cda6 SEC-272: Added groups support to JdbcDaoImpl. 2008-01-09 18:06:41 +00:00
Luke Taylor
f983ff204d SEC-414: Add useRelativeContext and sendRedirectMethod to SwitchUserProcessingFilter. 2008-01-08 22:41:28 +00:00
Luke Taylor
96dd564b79 Renamed obtainFullRequestUrl to obtainFullSavedRequestUrl. 2008-01-08 22:17:56 +00:00
Luke Taylor
07db88a367 Import cleaning. 2008-01-08 18:13:53 +00:00
Luke Taylor
2eca8ee7b0 SEC-572: Added allowSessionCreation (default=true) property to AbstractProcessingFilter and modified it and AuthenticationProcessingFilter to stop them creating a new session for storing data if this property is set to false. 2008-01-08 18:11:20 +00:00
Luke Taylor
41d90e9bdb SEC-399: Added tests for new session creation/attribute migration options. 2008-01-08 15:44:21 +00:00
Luke Taylor
c5e6a4cdfd SEC-546: Added AccountStatusException as base class for dibled, locked etc. Modified ProviderManager to prevent it querying further providers if either this exception or a ConcurrentLoginException is thrown. 2008-01-08 13:33:20 +00:00
Luke Taylor
99b7510482 Tidied up getters/setters in AbstractProcessingFilter. Removed unused getters and reduced the scope of others where possible. 2008-01-07 16:10:50 +00:00
Luke Taylor
c5bc0fc683 SEC-623: Added login success and failure hooks to RememberMeProcessingFilter. Also moved MockApplicationEventPublisher implementations to a single class. 2008-01-07 15:06:29 +00:00
Luke Taylor
5f1eea42fc Moved configuration of security interceptors with access and authentication manangers from post processing stage to bean creation stage. 2007-12-23 16:40:29 +00:00
Luke Taylor
9d671fbdbf Deleted original Ldap BD parser. 2007-12-23 01:05:35 +00:00
Luke Taylor
debfbe47cf Improvements to LDAP namespace configuration - splitting "ldap" element into ldap-server and ldap-authentication-provider. Also some minor changes to authentication-provider. 2007-12-23 00:17:37 +00:00
Luke Taylor
cf80292de3 Changes to namespace reinstating authentication-provider element in preference to "repository" to wrap convey that a user-service will be used as to authenticate against. Also introduced separate password-encoder element for use within authentication-provider. 2007-12-21 15:50:56 +00:00
Luke Taylor
70286f1197 Fixed problem caused by maven-2.0.8 change in test classpath. ldif file wasn't being loaded for tests. Default path should be "classpath*:" not "classpath:". (See discussing in Spring's PathMatchingResourcePatternResolver). 2007-12-20 20:53:26 +00:00
Luke Taylor
6e74d925fb Boosted logging to try to resolve issues on bamboo server. 2007-12-20 19:45:43 +00:00
Luke Taylor
85b10f79c2 Made servlet-api integration into an attribute of http, rather than a child element since it has no configuration. 2007-12-20 17:51:27 +00:00
Luke Taylor
31c09896ea Fixed problem with relative name being used in (member={0}) search in DefaultAuthoritiesPopulator. 2007-12-14 20:41:00 +00:00
Ben Alex
fa510b3187 Modify attribute names to use "ref" instead of "id", plus use a hyphen 
as an attribute value separator rather than a colon. This was changed 
for compatibility with other components in the Spring Portfolio. tests 
pass.
 2007-12-13 20:19:56 +00:00
Luke Taylor
ca996de2dc Added tests for SpringSecurityAuthenticationSource. 2007-12-10 23:37:08 +00:00
Luke Taylor
894c90dadd Moved AbstractAuthenticationManagerTests into ProviderManager as tested methods have already been moved there (maven wasn't running Abstract* tests but they were actually failing). 2007-12-10 23:36:27 +00:00
Luke Taylor
5382627d4a Added property to LdapAuthenticationProvider to allow the credentials to be set either using the submitted password (the default) or the credentials from the loaded UserDetails object (which may be null if the attribute isn't readable). 2007-12-09 23:46:28 +00:00
Luke Taylor
5e0cb21c8d SEC-619: Added test class for LdapUserDetailsService. The LdapAuthoritiesPopulator interface and also implementations have been moved to the org.springframework.security.ldap package since they are now used by both the ldap provider and the user service. 2007-12-09 18:40:28 +00:00
Ben Alex
4770c29094 Use hyphens in attribute names, and not Camel Case. This is to maintain 
consistency with the rest of Spring Portfolio. Camel Case was preserved 
for attribute values, consistent with Spring Portfolio usage such as 
autowiring modes (byName, byType etc).
 2007-12-09 03:42:20 +00:00
Luke Taylor
a1abcc39d2 SEC-513: Minor work on LDAP UserDetailsManager implementation. 2007-12-06 00:13:42 +00:00
Luke Taylor
22052115b6 SEC-617: Make LDAPAuthenticationProvider a standalone class. 2007-12-05 14:39:46 +00:00
Ben Alex
9b6c798a52 SEC-496: <annotation-driven> element. 2007-12-04 14:14:17 +00:00
Ben Alex
949205b369 Correction of equals(Object) and hashCode() methods. 2007-12-04 12:44:40 +00:00
Ben Alex
85085abf9e Add namespace support for Servlet API integration. 2007-12-04 12:23:41 +00:00
Ben Alex
8e7c540b16 General refactorings and improvements to namespace support, including 
autoDetect="true" attribute for <http> element.
 2007-12-04 10:35:08 +00:00
Ben Alex
2441ab6d9a Move "realm" attribute to be on <http> element rather than <http-basic>. 
This faciltiates reuse with other mechanisms (like Digest) whilst also 
moving towards the <http-auto-configure> element (which benefits from 
having shared configuration in <http> as opposed to mechanism-specific 
elements).
 2007-12-04 08:02:40 +00:00
Ben Alex
d9ec944579 Refactor strings to static fields. To facilitate unit testing, package 
protected visibility was adopted for all element names, attribute names, 
and attribute default values. A public access modifier was used for all 
bean IDs assigned to bean definitions created by the 
BeanDefinitionParsers.
 2007-12-04 07:12:08 +00:00
Ben Alex
9b4bb0ffd8 <repository> element and JdbcUserDetailsManager support. 2007-12-04 05:58:54 +00:00
Ben Alex
0b0b174eda Support <repository> and JbcUserDetailsManager. 2007-12-04 05:27:17 +00:00
Luke Taylor
248d97c9d6 SEC-513: Added support for cache flushing after updating or deleting data in JdbcUserDetailsManager. 2007-12-03 22:12:02 +00:00
Ben Alex
a53357778f Remove superfluous method. 2007-12-03 07:32:23 +00:00
Ben Alex
47229be5cb Make samples and tests use username "rod". 2007-12-03 02:56:52 +00:00
Luke Taylor
843a20e691 Changed default namespace in config files to "security" for clarity. 2007-11-29 13:14:15 +00:00
Luke Taylor
09c588a138 Removed unecessary check in additionalAuthenticationChecks() for null credentials in authentication object. Previous line already throws an exception if null is found. 2007-11-28 19:20:33 +00:00
Luke Taylor
88e01624eb SEC-560: Removed local password comparison form PasswordComparisonAuthenticator. 2007-11-28 18:29:04 +00:00
Luke Taylor
9e2f372bad SEC-607: Deprecated InitialDirContextFactory and replaced it with SpringSecurityContextSource. 
Also some refactoring of LdapUserDetailsManager to use a strategy for creating DNs from usernames.
 2007-11-20 20:54:48 +00:00
Luke Taylor
3e3dac4050 SEC-600: Added extra test assertions on authentication details object after password change. 2007-11-13 17:17:25 +00:00
Luke Taylor
cb237055ac SEC-600: Added Jdbc implementation of UserDetailsManager 2007-11-13 17:11:29 +00:00
Luke Taylor
b681952933 SEC-545: Added utility methods for checking if user has a particular role to existing AuthorityUtils class. Class may be renamed at some point as more functionality is added. 2007-11-11 23:37:32 +00:00
Luke Taylor
315d4a247f Added method to clear datasource field after use. 2007-11-11 23:10:21 +00:00
Luke Taylor
910e63f83c SEC-586: Implemented secure channel support in namespace configuration. 2007-11-11 22:07:46 +00:00
Luke Taylor
c214f4a9bc Simplified initialization of datasource. 2007-11-11 22:06:22 +00:00
Luke Taylor
756be6fed3 Removed unnecessary constructor. 2007-11-11 19:10:47 +00:00
Luke Taylor
2856a6ba43 Allow configuration of embedded ldap server port through ldap namespace configuration. Changed default port from 3389 to avoid conflict with windows remote desktop (as reported by Ray Krueger in dev list). 2007-11-11 16:10:30 +00:00
Luke Taylor
0e7dac6ca5 SEC-565: Refactoring of TokenBasedRememberMeServices. Changed arguments to makeValidSignature so that it could be used from both places where a signature is required and refactored the class to extend AbstractRememberMeServices. The method processAutoLoginCookie now returns a UserDetails, rather than username, as the UserDetails is needed in TokenBasedRememberMeServices. 2007-11-10 19:20:36 +00:00