Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,809 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

135 Commits

Author SHA1 Message Date
Luke Taylor e64866ae6a Updated bundlor templates and introduced spring.version variable 2009-12-22 01:10:04 +00:00
Luke Taylor 3418aab46e SEC-1327: Javadoc additions to clarify some behaviour 2009-12-21 17:32:54 +00:00
Luke Taylor fcce29f8df SEC-1326: Updating dependencies to match Spring versions. Removing unused deps. 2009-12-21 17:32:38 +00:00
Luke Taylor 97a31cae04 SEC-1333: Added error message for invalid redirect URL assertion 2009-12-18 19:29:36 +00:00
Luke Taylor aeed49393c Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting). 2009-12-18 18:44:42 +00:00
Luke Taylor 76731254c0 SEC-1328: Fixed issue with redirect to context relative URLs where the context name is part of the domain name. 2009-12-18 18:04:03 +00:00
Luke Taylor 06e092d46a Midor Javadoc correction. 2009-12-15 15:39:01 +00:00
Luke Taylor 6805761d85 Extra test to confirm http-method specific matching behaviour. 2009-12-14 13:55:48 +00:00
Luke Taylor cad32ffe39 SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface. 2009-12-13 17:37:24 +00:00
Luke Taylor 520e733cb2 [maven-release-plugin] prepare for next development iteration 2009-12-08 21:19:41 +00:00
Luke Taylor f2cf17bd49 [maven-release-plugin] prepare release spring-security-3.0.0.RC2 2009-12-08 21:19:20 +00:00
Luke Taylor 075e7a15ad Corrected package name in Javadoc. 2009-12-07 21:44:02 +00:00
Luke Taylor 444d93b13f SEC-1316: Remove 'removeAfterRequest' property from AnonymousAuthenticationFilter 2009-12-07 13:54:39 +00:00
Luke Taylor b27d7afd24 SEC-1315: Modify HttpSessionSecurityContextRepository to check for anonymous token before creating a session. Moved the anonymity check to be before the session creation. 2009-12-06 15:28:03 +00:00
Luke Taylor aee6b8f3f9 SEC-1314: Deprecate cloneFromHttpSession and securityContextClass in HttpSessionSecurityContextRepository. Both deprecated. 2009-12-06 15:09:33 +00:00
Luke Taylor dab76249db Added gradle build files (experimental) 2009-12-04 21:33:17 +00:00
Luke Taylor 69699431b1 SEC-1303: Added internal Hex and Base64 classes, and moved commons-codec dependency to test scope 2009-11-24 09:31:03 +00:00
Luke Taylor 4d8956a227 SEC-1288: Changed claimedIdentityFieldName in OpenIDAuthenticationFilter to "openid_identifier", as recommended by the 2.0 spec. 2009-11-17 22:05:38 +00:00
Luke Taylor d84542cf88 SEC-1285: minor vulnerability in BasicProcessingFilter. Changed logging of Basic authentication information. 2009-11-17 15:29:07 +00:00
Luke Taylor 617e517e5e SEC-1280: NullPointerException in PersistentTokenBasedRememberMeServices when logging out twice. Added check for null authentication in logout method. 2009-11-04 17:20:13 +00:00
Luke Taylor 930c1b6b53 Coverted to Junit 4 test. 2009-10-14 21:48:30 +00:00
Luke Taylor 11e476c486 Added issue numbers in comment. 2009-10-14 14:23:34 +00:00
Luke Taylor d4d45e1311 Make getHeader() methods check case-insensitive matching on header name. 2009-10-14 14:12:27 +00:00
Luke Taylor 7282eed197 Import cleaning. 2009-10-14 00:30:55 +00:00
Luke Taylor 799b96520b SEC-1269: Combining <form-login> and <open-id> fails to find entry point. Fixed entry point choice conditions when using openID and/or form-login 2009-10-14 00:30:28 +00:00
Luke Taylor 3f963ef8ca Restore versions and svn URLs in trunk (release plugin fail) 2009-10-11 21:59:38 +00:00
Luke Taylor af563e826c [maven-release-plugin] prepare release spring-security-3.0.0.RC1 2009-10-11 21:43:42 +00:00
Luke Taylor 881632cc08 SEC-1250: Removed duplicate property. 2009-10-11 15:20:24 +00:00
Luke Taylor 0da99171da SEC-1250: RequestHeaderPreAuthenticatedProcessingFilter cannot be use to fail back to another authentication type. Added exceptionIfHeaderMissing property. 2009-10-08 16:37:53 +00:00
Luke Taylor 3f72983a1e SEC-1257: Some additional API changes to use Collection instead of List... 2009-10-07 21:08:41 +00:00
Luke Taylor 1286741c7c SEC-1259: Improve consistency of authentication filter names. 2009-10-07 14:43:55 +00:00
Luke Taylor f213cc5d9e SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted. 2009-10-06 19:46:44 +00:00
Luke Taylor caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Luke Taylor 07d7c0ddae Renamed form and openID filters to shorten names 2009-10-05 17:33:34 +00:00
Luke Taylor 1042305cfe Renamed web.wrapper to web.servletapi. Added some package.html files. 2009-10-05 16:59:37 +00:00
Luke Taylor 673cf300fb SEC-1229: Refactoring to remove package cycles. 2009-10-05 16:40:32 +00:00
Luke Taylor acf13c74ca SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session 2009-10-05 15:51:00 +00:00
Luke Taylor 2b89ebdfbb SEC-1229: Further doc and mods to namespace config/naming to make it more consistent 2009-10-03 16:08:51 +00:00
Luke Taylor 073198886d SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before. 2009-10-02 17:29:43 +00:00
Luke Taylor abba569282 Tidying. 2009-09-30 15:53:46 +00:00
Luke Taylor 1ead8472d1 SEC-1229: Added failure handler to the SessionManagementFilter to deal with concurrent login errors. 2009-09-29 16:14:31 +00:00
Luke Taylor bf39a5bb36 Added extra logging. 2009-09-29 16:13:16 +00:00
Luke Taylor 731402e9f5 SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context. 2009-09-16 00:23:13 +00:00
Luke Taylor 1c4a809e09 SEC-1245: Add role hierarchy support to expression handlers. Done. 2009-09-15 17:17:21 +00:00
Luke Taylor e7486fc203 Removed Ordered interface from Http403EntryPoint (unused). 2009-09-14 16:06:15 +00:00
Luke Taylor 40cf50fc98 SEC-1148: Javadoc. 2009-09-13 21:51:54 +00:00
Luke Taylor ff78ec00f7 SEC-1226: Additional Javadoc. 2009-09-13 21:22:17 +00:00
Luke Taylor 23c8f479b8 SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework. 2009-09-13 20:45:38 +00:00
Luke Taylor 593d2e227a SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework. 2009-09-13 20:44:52 +00:00
Luke Taylor 9c7423599e SEC-1167: Extended SavedRequest interface to allow it to be used by wrapper. Removed null checks in wrapper, as the SavedRequest cannot now be null. 2009-09-13 16:27:35 +00:00