spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	2d271666a4	Add constructors to facilitate constructor-based injection for required/shared bean properties.	2011-07-05 20:25:49 +01:00
Rob Winch	c3a3a5bfbf	Updated core.gradle to include crypto as referenced project in eclipse	2011-06-21 07:22:35 -05:00
Luke Taylor	d253f5e109	SEC-1768: Use AopProxyUtils.ultimateTargetClass() to cater for the situation where the security interceptor is being applied to a proxy.	2011-06-18 14:35:56 +01:00
Luke Taylor	571bfc4869	Refactoring to use Utf8 encoder instead of String.getBytes("UTF-8").	2011-06-14 18:47:50 +01:00
Luke Taylor	361b77685d	Add crypto as an exported dependency of core in IDEA configuration.	2011-06-14 18:47:49 +01:00
Luke Taylor	2b8d4684a1	SEC-1764: Ensure password encoders use UTF-8 charset when creating strings from byte arrays.	2011-06-14 18:47:49 +01:00
Luke Taylor	e27f655e9d	SEC-1689: Re-instate crypto as separate library (for use in non-Spring Security apps), as well as packaging with core.	2011-06-10 00:01:25 +01:00
Luke Taylor	6d04670f87	SEC-1695: Allow customization of the session key under which the SecurityContext is stored.	2011-05-25 19:51:47 +01:00
Luke Taylor	42e0e158b4	Simplify Digester utility class.	2011-05-25 19:09:08 +01:00
Luke Taylor	21295a58e5	SEC-1751: Applied patch to use zero-IV for queryable text encryption.	2011-05-23 20:10:16 +01:00
Luke Taylor	5a4aed238c	SEC-1752: Fixed Utf8 codec to take account of the limit of the ByteBuffer returned by CharsetEncoder.encode().	2011-05-23 18:55:25 +01:00
Luke Taylor	63f160dc72	SEC-1749: Add support for PageContext lookup of objects and use of PermissionEvaluator when using web access expressions.	2011-05-19 15:27:35 +01:00
Luke Taylor	c758f36629	Forgot to add version information test previously	2011-05-17 23:54:43 +01:00
Luke Taylor	295ea27526	SEC-1743: Separate remoting from core into separate module.	2011-05-16 00:19:30 +01:00
Luke Taylor	396eced291	Add test to check version information.	2011-05-07 17:15:02 +01:00
Luke Taylor	6a2a636fd7	Update Javadoc for UserDetailsManager to reflect that the new password doesn't need to be stored in the security context (and probably shouldn't be).	2011-05-07 16:20:12 +01:00
Luke Taylor	a2858240f1	SEC-1728: Remove references to SUN provider and incorrect seeding of SecureRandom in SecureRandomBytesKeyGenerator.	2011-04-27 22:10:17 +01:00
Luke Taylor	73fb1764b8	SEC-1730: Fix broken KeyGenerators method.	2011-04-26 19:06:45 +01:00
Luke Taylor	614d8c0321	SEC-1723: Use standard SpEL syntax for accessing beans in the app context by name.	2011-04-22 13:47:59 +01:00
Luke Taylor	8178371927	SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes	2011-04-21 19:55:32 +01:00
Luke Taylor	5a9aa6d1aa	SEC-1700: Allow for case where JAAS config is not a simple file, but may be a jar resource, for example.	2011-04-20 14:35:09 +01:00
Luke Taylor	6db7472928	SEC-1181: Added extra I18N messages for LDAP locked, disabled etc.	2011-04-15 20:10:48 +01:00
Luke Taylor	59ac4c8b96	SEC-1181: Added option to parse AD sub-error codes.	2011-04-15 20:10:48 +01:00
Luke Taylor	01c9c4e4db	SEC-1697: Don't publish authorization success events in AbstractSecurityInterceptor by default.	2011-04-06 13:58:58 +01:00
Luke Taylor	8d99918798	SEC-1491: Add support for an external priority SecurityMetadataSource to be referenced from global-method-security.	2011-04-05 15:07:43 +01:00
Luke Taylor	3084ad878f	SEC-1491: Added AnnotationMetadataExtractor to SecuredAnnotationSecurityMetadataSource to allow a custom security annotation to be used.	2011-04-04 19:48:27 +01:00
Luke Taylor	244047ffe9	Delete unused test entities.	2011-04-04 18:39:57 +01:00
Luke Taylor	ead669f10c	Move single-use annotation test classes into SecuredAnnotationSecurityMetadataDefinitionSourceTests.	2011-04-04 18:25:25 +01:00
Luke Taylor	e470eaa41d	SEC-1689: Moved core codec code into crypto package and removed existing duplication (Hex encoding etc). Refactoring of crypto code to use CharSequence for where possible instead of String.	2011-03-17 01:43:31 +00:00
Luke Taylor	50828cdd43	SEC-1689: Move crypto module code to core for simplicity.	2011-03-10 18:58:47 +00:00
Luke Taylor	5a6afbff95	SEC-1688: Allow injection of a PasswordEncoder from the crypto module into DaoAuthenticationProvider.	2011-03-08 16:20:26 +00:00
Luke Taylor	885f0270dc	Some adjustments to the core build to make sure crypto classes are correctly exported to other tasks.	2011-03-08 16:19:51 +00:00
Luke Taylor	9d45828cb0	SEC-1689: Package crypto module classes with core.	2011-03-07 17:44:38 +00:00
Luke Taylor	fd1a70edc2	SEC-1665: Add extra check of non-public declared methods in MethodInvocationAdapter, if public method cannot be found.	2011-03-04 17:45:37 +00:00
Luke Taylor	131c80f444	SEC-1690: Refactor expression PropertyAccessor for dealing with properties as beans in the ApplicationContext.	2011-03-02 16:33:25 +00:00
Luke Taylor	7a0a2dace6	Revert deliberate test failure.	2011-02-25 23:55:22 +00:00
Luke Taylor	a9d325ea18	Deliberately fail test to test bamboo's reaction	2011-02-25 23:53:27 +00:00
Luke Taylor	4a7608b7a9	SEC-1640: Add support for "this" property to MethodSecurityExpressionRoot object, representing the object on which the method is actually being invoked.	2011-02-17 17:51:22 +00:00
Luke Taylor	0b1beee432	Update Base64 implementation to include fixes (using diff) from the original up to version 2.3.7.	2011-02-14 22:40:41 +00:00
Luke Taylor	b0df1bd1b0	SEC-1673: Use a map to store the range values use in the bundlor templates.	2011-02-07 16:06:23 +00:00
Luke Taylor	eb9482b33b	Removal of some unused internal methods, plus additional tests for some areas lacking coverage.	2011-02-07 00:24:20 +00:00
Luke Taylor	20e65a93ea	Minor test updates.	2011-02-06 17:27:07 +00:00
Rob Winch	8c08eeb57b	SEC-1666: Use constant time comparison for sensitive data. Constant time comparison helps to mitigate timing attacks. See the following link for more information * http://rdist.root.org/2010/07/19/exploiting-remote-timing-attacks/ * http://en.wikipedia.org/wiki/Timing_attack for more information.	2011-01-31 23:03:51 -06:00
Rob Winch	1b32babbf9	SEC-1545: Removed unused i18n keys, changed keys to follow naming conventions, found missing keys based upon old keys, sorted keys, any unknown keys are entered as a comment with the English value. NOTE: The Groovy code that automated most of this is attached to SEC-1545 A mapping of Missing Key to the file that the key is found are as follows: ----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_de.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_it.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pl.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] How unknown keys were gussed by existing keys ----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_de.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_es_ES.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_fr.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_it.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pl.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication	2011-01-21 12:56:43 -06:00
Luke Taylor	c1f2fa1983	SEC-1558: Changed signatures of PrePostInvocationAttributeFactory to take strings rather than annotation types to allow the metadata to be obtained from other sources (not just annotations).	2011-01-05 16:56:28 +00:00
Luke Taylor	5f6dab67e1	SEC-1492: Added SimpleAuthoritiesMapper which provides a one-to-one authority mapping with case-conversion and the addition of a "role" prefix to the authority name.	2010-12-19 17:33:27 +00:00
Luke Taylor	46f83c8a08	SEC-1492: Added RoleHierarchyAuthoritiesMapper as the new preferred way of using a RoleHierarchy.	2010-12-16 16:00:43 +00:00
Luke Taylor	c8820166c8	SEC-1576: Parameterize the secured object type in AccessDecisionVoter.	2010-12-16 15:21:22 +00:00
Luke Taylor	ce421f22bf	SEC-1635: Stop security interceptors from calling AfterInvocationManager if exception occurs during invocation	2010-12-14 16:24:51 +00:00
Luke Taylor	4a40d80da1	SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.	2010-12-03 16:41:46 +00:00
Luke Taylor	978b7d4707	SEC-1631: Reduced use of reflection in DefaultAuthenticationEventPublisher and added tests.	2010-12-02 18:19:27 +00:00
Luke Taylor	bfb723feac	SEC-1557: Added getter to DelegatingMethodSecurityMetadataSource. Also added some optimizations of cache lookup key equals method. A class type check is unnecessary since the key class is a private inner class.	2010-12-01 21:55:33 +00:00
Luke Taylor	4ad0652787	Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.	2010-12-01 20:52:37 +00:00
Luke Taylor	ca679e1479	Reformatting.	2010-12-01 20:52:37 +00:00
Luke Taylor	d64efe9747	SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object.	2010-11-25 15:19:37 +00:00
Luke Taylor	7754882ba9	SEC-1550: Additional signature change (in AnonymousAuthenticationToken)	2010-11-09 13:48:57 +00:00
Luke Taylor	1c8d28501c	SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.	2010-11-03 13:48:59 +00:00
Luke Taylor	337477de6a	SEC-1604: Change log level to debug for "Validated configuration attributes" message.	2010-11-02 20:06:42 +00:00
Luke Taylor	43ec2beec0	SEC-1183: Modified Attributes2GrantedAuthoritiesMapper to return Collection<? extends GrantedAuthority>.	2010-11-02 14:02:55 +00:00
Luke Taylor	2671e52d5a	Expand message on incorrect Spring version to suggest checking the classpath for unwanted jars.	2010-11-02 12:31:44 +00:00
Luke Taylor	deef2706ef	SEC-1607: Report correct version for Spring Security (not Spring version).	2010-11-02 11:13:32 +00:00
Luke Taylor	21ed5feb8d	SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.	2010-10-27 13:25:40 +01:00
Luke Taylor	091a6d26f1	SEC-1548: Added extra logging to Dao-authentication classes to clarify reasons for authentication failure (missing user vs wrong password etc.).	2010-10-27 13:25:40 +01:00
Luke Taylor	54694d5ab7	SEC-1583: Added hasAuthority and hasAnyAuthority imlementations to SecurityExpressionRoot.	2010-10-27 13:25:39 +01:00
Luke Taylor	695c8f4ad6	Import cleaning and suppression of deprecation warnings.	2010-10-27 13:25:39 +01:00
Rob Winch	8249492ce9	SEC-1578: Use ThreadLocal.remove() instead of ThreadLocal.set(null)	2010-10-04 17:07:04 -05:00
Luke Taylor	62cbd51d54	SEC-1562: Made SecurityExpressionRootPropertyAccessor a package private class as it is no longer referenced from multiple packages.	2010-09-13 13:52:24 +01:00
Luke Taylor	829444d59b	SEC-1564: testCompile configurations should include jcl-over-slf4j rather than logback.	2010-09-11 11:01:12 +01:00
rwinch	58d9903ebc	SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider	2010-09-10 20:17:22 -05:00
Luke Taylor	8bf1b8420a	SEC-1563: Move PermissionEvaluator and related methods to SecurityExpressionRoot	2010-09-08 15:06:00 +01:00
Luke Taylor	ca44ebd3cc	SEC-1338: Applied submitted patch, making use of java.util.concurrent classes in place of traditional synchronization.	2010-09-08 12:59:49 +01:00
Luke Taylor	af56f4844d	SEC-1562: Created SecurityExpressionHandler interface and AbstractSecurityExpressionHandler.	2010-09-07 19:46:45 +01:00
Luke Taylor	577ec27507	Polishing.	2010-08-30 19:03:47 +01:00
Luke Taylor	f4d57ab5e8	SEC-1456: Remove maven poms as we are now using gradle for the build.	2010-08-30 19:02:19 +01:00
Luke Taylor	696150f3c3	Remove unused import.	2010-08-30 11:52:52 +01:00
Luke Taylor	1a1372ab84	Removed deprecated AspectJInterceptor classes since these cannot be used with the existing MethodSecurityMetadataSource implementations (which no longer support JoinPoin as a secured object). Added some more tests.	2010-08-28 21:41:19 +01:00
Luke Taylor	f71d9df7fe	Deprecate unnecessary method in SecurityConfig	2010-08-24 18:26:38 +01:00
Luke Taylor	bdb906e588	Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.	2010-08-24 18:25:39 +01:00
Luke Taylor	1680807470	Added eclipse plugin to build. Some minor fixes to remove eclipse warnings.	2010-08-18 14:11:16 +01:00
Luke Taylor	3c02989d67	Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).	2010-08-18 02:32:43 +01:00
Luke Taylor	281d77271e	SEC-1486, SEC-1538, SEC-1537: Generification of AuthenticationDetailsSource. Deprecation of non-web pre-authentication classes and other unnecessary classes. Removal of reflection in WebAuthenticationDetailsSource.	2010-08-13 15:51:05 +01:00
Luke Taylor	2222a7be07	Use Integer.valueOf() in preference to new Integer()	2010-08-11 18:17:23 +01:00
Luke Taylor	dca0fd871c	SEC-1532: Add cache of previously matched beans to ProtectPointcutPostProcessor to ensure that it doesn't perform pointcut matching every time a new prototype bean is created.	2010-08-09 17:16:43 +01:00
Luke Taylor	85c4c91e0e	IDEA inspection refactorings.	2010-08-05 23:28:07 +01:00
Luke Taylor	64375484a1	More build and logging tuning.	2010-08-04 22:55:17 +01:00
Luke Taylor	c4ee46824c	Removing log4j.properties files and adding logback config ones.	2010-08-04 21:16:05 +01:00
Luke Taylor	ab248b2583	SEC-1454: Added use of Spring's new AopProxyUtils.ultimateTargetClass() method when resolving the target class in MethodSecurityEvaluationContext.	2010-07-30 14:36:41 +01:00
Luke Taylor	b854e67952	SEC-1522: Treat empty attribute collection the same as null when returned by SecurityMetadataSource. Both are now treated as public invocations.	2010-07-27 02:20:09 +01:00
Luke Taylor	2afccfc633	Remove commons-logging dependency properly and switch tutorial sample to logback/slf4j.	2010-07-23 01:57:31 +01:00
Luke Taylor	443ac0487a	SEC-1093: Namespace support for jee element. Adds a J2eePreAuthenticatedProcessingFilter to the stack, using a SimpleAttributes2GrantedAuthoritiesMapper to process the role attributes defined in the "mappable-roles" attribute. Provider uses a PreAuthenticatedGrantedAuthoritiesUserDetailsService by default.	2010-07-07 22:42:26 +01:00
Luke Taylor	03fa8fce4d	SEC-1507: Applied patch to return empty authority list rather than null from RoleHierarchyImpl.	2010-07-02 19:51:00 +01:00
Luke Taylor	026517f674	Removal of deprecated methods and classes.	2010-06-26 16:23:42 +01:00
Luke Taylor	db913f6857	SEC-1493: Added CredentialsContainer interface and implemented it in User, AbstractAuthenticationToken and UsernamePasswordAuthenticationToken. ProviderManager makes use of this to erase the credentials of the returned Authentication object (and its contents) if configured to do so by setting the 'eraseCredentialsAfterAuthentication' property.	2010-06-20 21:09:33 +01:00
Luke Taylor	d56adb8ffb	SEC-1495: Convert User class equals and hashcode methods to only use the "username" property. This prevents situations where other data may have changed when a User object is reloaded (during a subsequent authentication attempt, in which case and Set.contains()/Map.containsKey() will return false even though the collection in question contains a principal representing the same user.	2010-06-10 22:27:50 +01:00
Luke Taylor	efb600166a	SEC-1488: Remove commons-logging dependencies from maven poms.	2010-05-28 13:10:59 +01:00
Luke Taylor	0e57ce2dc3	SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection.	2010-05-21 15:59:50 +01:00
Luke Taylor	c95cf6ec7d	SEC-1483: Change User constructor to use a generic wildcard for authorities collection.	2010-05-21 15:58:35 +01:00
Luke Taylor	b3aad4cf19	Javadoc fixes.	2010-05-06 20:02:08 +01:00
Luke Taylor	e7646a65f4	SEC-1421: Add setters to JdbcUserDetailsManager for group sql operations.	2010-05-03 14:53:06 +01:00
Luke Taylor	3c3aabf5be	SEC-1465: Change empty check to a null check for list of delegates for DelegatingMethodSecurityMetadataSource.	2010-04-25 22:11:35 +01:00

1 2 3 4 5 ...

2176 Commits