Commit Graph

4432 Commits

Author SHA1 Message Date
Rob Winch 761d5af6ec SEC-965: Added integration tests for CAS Sample Application 2011-04-17 18:14:14 -05:00
Rob Winch f1c064b3b9 SEC-965: Updated CAS Sample application for proxy authentication
* Configured for proxy authentication
* Cleaned up the jsps
* Changed the cas sample context root to cas-sample so the CAS Server's JSESSIONID cookie doesn't remove the cas samples
2011-04-17 18:00:37 -05:00
Rob Winch a76a947b12 SEC-965: Added support for CAS proxy ticket authentication on any URL 2011-04-17 18:00:35 -05:00
Luke Taylor 373d07ce46 SEC-1181: Added mock testing, to avoid need for AD server 2011-04-15 20:10:48 +01:00
Luke Taylor 6db7472928 SEC-1181: Added extra I18N messages for LDAP locked, disabled etc. 2011-04-15 20:10:48 +01:00
Luke Taylor 59ac4c8b96 SEC-1181: Added option to parse AD sub-error codes. 2011-04-15 20:10:48 +01:00
Luke Taylor 428991d997 Some additional tests to confirm there are no issues with spaces in LDAP URL. 2011-04-15 20:10:48 +01:00
Luke Taylor 530f686149 SEC-1181: Basic AuthenticationProvider for Active Directory. 2011-04-15 20:10:47 +01:00
Luke Taylor 4dc5d7d16e Typo. 2011-04-14 18:04:38 +01:00
Luke Taylor 8d702a4f98 SEC-1699: Make sure a FilterInvocation is passed to the AccessDecisionManager when checking the login page access in DefaultFilterChainValidator. 2011-04-14 18:04:29 +01:00
Luke Taylor acf4b91a89 SEC-1674: Test to check that absolute URLs work in SimpleUrlLogoutSuccessHandler. 2011-04-14 15:06:05 +01:00
Luke Taylor f9625836bb Typo in Javadoc. 2011-04-14 15:04:37 +01:00
Luke Taylor ef72dd1986 SEC-1714: RegexRequestMatcher should prepend question mark to query string. 2011-04-11 14:02:54 +01:00
Luke Taylor 49dd928faa SEC-1712: Javadoc typo fix. 2011-04-08 17:24:12 +01:00
Luke Taylor 160fed1bfe SEC-1713: Fix typo in schema RNC file. 2011-04-08 17:22:57 +01:00
Rob Winch 5c05575c0d Cleaned up warnings in openid module 2011-04-07 23:28:34 -05:00
Rob Winch 68ba11ba7b SEC-1711: Support verifying that attribute exchange parameters were signed 2011-04-07 23:28:34 -05:00
Rob Winch 62ba0fca5c SEC-1710: Added shutdown method to OpenID4JavaConsumer that invokes MultiThreadedHttpConnectionManager.shutdownAll() 2011-04-07 23:28:05 -05:00
Luke Taylor 3f1d8782c3 Minor fix to bundlor template for config module. 2011-04-06 14:02:01 +01:00
Luke Taylor 01c9c4e4db SEC-1697: Don't publish authorization success events in AbstractSecurityInterceptor by default. 2011-04-06 13:58:58 +01:00
Luke Taylor 74b0c1780e SEC-1707: Added metadata-source-ref attribute to namespace appendix. 2011-04-05 15:25:49 +01:00
Luke Taylor 8d99918798 SEC-1491: Add support for an external priority SecurityMetadataSource to be referenced from global-method-security. 2011-04-05 15:07:43 +01:00
Luke Taylor 3084ad878f SEC-1491: Added AnnotationMetadataExtractor to SecuredAnnotationSecurityMetadataSource to allow a custom security annotation to be used. 2011-04-04 19:48:27 +01:00
Luke Taylor 244047ffe9 Delete unused test entities. 2011-04-04 18:39:57 +01:00
Luke Taylor ead669f10c Move single-use annotation test classes into SecuredAnnotationSecurityMetadataDefinitionSourceTests. 2011-04-04 18:25:25 +01:00
Luke Taylor ddaf9eb64f SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter. 2011-03-31 21:09:54 +01:00
Rob Winch 79e17e22bc SEC-1703: Updated namespace for intercept-url 2011-03-29 21:58:29 -05:00
Rob Winch d9d5ee1114 SEC-1703: Updated cas custom-filter@ref to match example bean id and custom-filter@position to be CAS_FILTER 2011-03-29 20:13:07 -05:00
Luke Taylor 9c88576992 Added extra FAQ on "Bad Credentials" message and on testing LDAP authentication. Minor mods to LDAP doc. 2011-03-29 15:30:08 +01:00
Luke Taylor 78d5495945 SEC-1702: Add Burt's patch implementing hashcode method in AntPathRequestMatcher 2011-03-25 20:44:18 +00:00
Luke Taylor 4a1908188a SEC-1701: Trim claimed identity parameter value before submitting to OpenID4Java. 2011-03-25 19:13:06 +00:00
Rob Winch 236efadfb7 SEC-1698: Update documentation to use correct package for RequestHeaderAuthenticationFilter 2011-03-16 23:53:29 -05:00
Luke Taylor 1dc309b041 SEC-1689: Minor doc updates related to use of password encoding and the crypto package. 2011-03-17 01:45:19 +00:00
Luke Taylor e470eaa41d SEC-1689: Moved core codec code into crypto package and removed existing duplication (Hex encoding etc). Refactoring of crypto code to use CharSequence for where possible instead of String. 2011-03-17 01:43:31 +00:00
Luke Taylor 3a3b2df1c5 Minor rewording of "child web context" FAQ. 2011-03-13 20:45:22 +00:00
Rob Winch bb3b8e4683 Update AspectJPlugin to configure EclipseProject and EclipseClasspath tasks 2011-03-12 18:46:17 -06:00
Luke Taylor 315c225bcb Removed unused aspectj gradle file 2011-03-10 23:04:25 +00:00
Luke Taylor 4654f7065a SEC-1693: Expand upper bound on EHCache OSGi version to version 2.5 2011-03-10 19:38:04 +00:00
Luke Taylor 9c09f0b73d Remove unnecessary repos from main build file (EBR should only be needed for bundlor) and we generally have no need to build against snapshots other than for one-off testing. 2011-03-10 19:36:10 +00:00
Luke Taylor 50828cdd43 SEC-1689: Move crypto module code to core for simplicity. 2011-03-10 18:58:47 +00:00
Luke Taylor a25d131f21 Some doc clarifications on the use of UserDetailService vs AuthenticationProvider. 2011-03-10 16:12:16 +00:00
Luke Taylor b26f2309f4 Add paragraph to manual database appendix to clarify that the standard schema is completely optional if you aren't using JdbcDaoImpl. 2011-03-10 13:41:44 +00:00
Luke Taylor 9cf8ba02ba Adding some extra section IDs in namespace appendix to provide bookmarkable URLs. 2011-03-10 13:15:58 +00:00
Luke Taylor ccc548b9e4 Fixing bundlor warnings. 2011-03-08 16:20:37 +00:00
Luke Taylor 5a6afbff95 SEC-1688: Allow injection of a PasswordEncoder from the crypto module into DaoAuthenticationProvider. 2011-03-08 16:20:26 +00:00
Luke Taylor 885f0270dc Some adjustments to the core build to make sure crypto classes are correctly exported to other tasks. 2011-03-08 16:19:51 +00:00
Luke Taylor 57c3afd31a SEC-1689: Adjust manual to remove references to separate crypto module. 2011-03-08 12:58:28 +00:00
Rob Winch a50c9afbab Modified jaas sample's LoginModule to prevent empty string username/password 2011-03-07 22:25:19 -06:00
Rob Winch 9e5d35235c Made the principal for jaas sample serializable 2011-03-07 22:25:16 -06:00
Rob Winch 6983b166d8 Configure Eclipse wtp to use the same context root as jetty 2011-03-07 22:12:13 -06:00