Luke Taylor
|
e7486fc203
|
Removed Ordered interface from Http403EntryPoint (unused).
|
2009-09-14 16:06:15 +00:00 |
Luke Taylor
|
897960cd70
|
Add expression string to failed expression evaluation exception message to help clarify the context.
|
2009-09-13 22:29:07 +00:00 |
Luke Taylor
|
27be04f5be
|
SEC-1223: Remove ntlm module from pom
|
2009-09-13 22:13:24 +00:00 |
Luke Taylor
|
d52a806a1d
|
SEC-1233: Removed NTLM support for 3.0
|
2009-09-13 21:55:14 +00:00 |
Luke Taylor
|
40cf50fc98
|
SEC-1148: Javadoc.
|
2009-09-13 21:51:54 +00:00 |
Luke Taylor
|
ff78ec00f7
|
SEC-1226: Additional Javadoc.
|
2009-09-13 21:22:17 +00:00 |
Luke Taylor
|
23c8f479b8
|
SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework.
|
2009-09-13 20:45:38 +00:00 |
Luke Taylor
|
593d2e227a
|
SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework.
|
2009-09-13 20:44:52 +00:00 |
Luke Taylor
|
9c7423599e
|
SEC-1167: Extended SavedRequest interface to allow it to be used by wrapper. Removed null checks in wrapper, as the SavedRequest cannot now be null.
|
2009-09-13 16:27:35 +00:00 |
Luke Taylor
|
4064b7b4f6
|
SEC-1167: Introduce more flexible SavedRequest handling. Introduced interface for SavedRequest.
|
2009-09-13 15:03:14 +00:00 |
Luke Taylor
|
71ab83255d
|
SEC-1242: Check that RememberMeServices is an instance of AbstractRememberMeServices before attempting to inject a UserDetailsService.
|
2009-09-11 21:10:16 +00:00 |
Luke Taylor
|
acd10dd716
|
SEC-1243: Make determineTargetUrl protected.
|
2009-09-11 20:48:41 +00:00 |
Luke Taylor
|
fa7404741b
|
SEC-1167: Introduce more flexible SavedRequest handling. Add namespace support for a custom RequestCache through the request-cache element.
|
2009-09-09 21:40:12 +00:00 |
Luke Taylor
|
aa2999caec
|
SEC-1238: Removed portlet module
|
2009-09-09 20:54:10 +00:00 |
Luke Taylor
|
1d00b92d25
|
Removed portlet sample
|
2009-09-09 20:53:19 +00:00 |
Luke Taylor
|
aec730ae7e
|
SEC-1238: Disable portlet module
|
2009-09-09 20:03:00 +00:00 |
Luke Taylor
|
6851655ea9
|
SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class.
|
2009-09-09 19:49:44 +00:00 |
Luke Taylor
|
ef2df77889
|
SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString().
|
2009-09-09 17:41:35 +00:00 |
Luke Taylor
|
6640eab9dc
|
SEC-1240: Added {ssha} support to PasswordEncoderParser.
|
2009-09-09 12:12:29 +00:00 |
Luke Taylor
|
ac4e7bbadb
|
SEC-1241: Make sure saved request is removed after a match.
|
2009-09-09 10:11:45 +00:00 |
Luke Taylor
|
9d26527f30
|
SEC-1237-Re-enabled maven source plugin
|
2009-09-06 13:16:43 +00:00 |
Luke Taylor
|
f518da9d8b
|
SEC-1236: Using HTTP Method-specific intercept-urls causes patterns with no method to be ignored. Fixed by also checking null key in map if no method-specific attributes are found.
|
2009-09-05 15:26:07 +00:00 |
Luke Taylor
|
5bdfd8cd77
|
Tidying imports etc to remove compiler warnings.
|
2009-09-05 14:14:58 +00:00 |
Luke Taylor
|
d099d14e9b
|
SEC-1235: Added test to attempt to verify (failed to reproduce).
|
2009-09-05 14:14:12 +00:00 |
Luke Taylor
|
8632946f30
|
SEC-1213: Added "order" atrribute to global-method-security
|
2009-09-04 15:54:42 +00:00 |
Mike Wiesner
|
ed0686cacf
|
Upgraded to AspectJ 1.6.5 and fixes some maven plugin config bugs
|
2009-09-04 15:25:23 +00:00 |
Mike Wiesner
|
a1751aec2c
|
SEC-1232: Added the aspect library needed for <global-method-security mode="aspectj"/> and a small sample
|
2009-09-04 13:53:55 +00:00 |
Luke Taylor
|
002b788a8c
|
Minor refactoring.
|
2009-09-04 12:15:19 +00:00 |
Luke Taylor
|
8081a1a3cc
|
Set Id svn keyword.
|
2009-09-03 19:55:18 +00:00 |
Mike Wiesner
|
5623c13038
|
SEC-1047: Added an option to DigestProcessingFilter that the created Authentication object is now marked as "authenticated"
|
2009-09-02 16:12:19 +00:00 |
Mike Wiesner
|
e14a904306
|
SEC-1181: fixed recursive import in template.mf
|
2009-09-02 15:31:22 +00:00 |
Mike Wiesner
|
660b408e6e
|
SEC-1181: added import to template.mf for the DNS classes
|
2009-09-02 15:20:26 +00:00 |
Mike Wiesner
|
58ee9a364e
|
SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers.
|
2009-09-02 14:29:35 +00:00 |
Luke Taylor
|
245fc96137
|
SEC-1075: Update the embedded LDAP server to use Apache DS 1.5. Updated to use the new 1.5.5 release for the embedded server.
|
2009-09-01 23:21:44 +00:00 |
Scott Battaglia
|
53baac2fd9
|
SEC-1228
started adding support for supporting creating UserDetails via Assertions.
|
2009-09-01 19:53:19 +00:00 |
Scott Battaglia
|
bfd421016e
|
SEC-1228
added constructor so a wrapper can be instanciated in one line of code.
|
2009-09-01 19:52:43 +00:00 |
Luke Taylor
|
936326f4ab
|
SEC-1180: Unreachable code inside UrlUtils.buildRequestUrl(...). Removed code block.
|
2009-09-01 18:13:28 +00:00 |
Luke Taylor
|
f6f5855b52
|
SEC-1222: Provide a constructor for LdapUserDetailsService that does not require an LdapAuthoritiesPopulator. Done.
|
2009-09-01 16:42:11 +00:00 |
Luke Taylor
|
32dbb7e8bd
|
import cleaning
|
2009-09-01 16:41:53 +00:00 |
Luke Taylor
|
2039200617
|
SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace.
|
2009-09-01 16:08:20 +00:00 |
Luke Taylor
|
b2c2b93545
|
SEC-1190: Added "invalidateSessionOnPrincipalChange" property to AbstactPreAuthenticatedProcessingFilter. If set to true (the default) and a new principal is detected, the existing session will be invalidated before proceeding to authenticate the user.
|
2009-09-01 00:18:48 +00:00 |
Luke Taylor
|
3cc47c9c4d
|
SEC-1190: Added "checkForPrincipalChanges" property to AbstactPreAuthenticatedProcessingFilter.
|
2009-08-31 23:28:40 +00:00 |
Luke Taylor
|
dbcb13ad14
|
SEC-1229: Redesign Concurrent Session Control implementation. Renamed session strategy interface and introduced SessionAuthenticationException for rejection of session/Authentication combination.
|
2009-08-31 22:48:49 +00:00 |
Luke Taylor
|
0d7b990e0a
|
SEC-1184: Moved ACL cache classes and interface out of jdbc package.
|
2009-08-31 22:15:37 +00:00 |
Luke Taylor
|
6236858356
|
SEC-951: Acl Serialization Errors that cohere with parent-child-structure of Acls. Modified tests to reproduce the issue and applied suggested fix (recursive call to set transient fields on parent).
|
2009-08-31 19:15:13 +00:00 |
Luke Taylor
|
98ffda85e0
|
minor doc update
|
2009-08-30 14:35:33 +00:00 |
Luke Taylor
|
a4ccc4ac21
|
Make WebSecurityExpressionRoot public to allow reuse.
|
2009-08-28 14:02:02 +00:00 |
Luke Taylor
|
471206a29d
|
SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy
|
2009-08-27 10:43:01 +00:00 |
Luke Taylor
|
ab0d66071a
|
SEC-1226: Introduce RedirectStrategy to replace RedirectUtils. Implemented strategy and applied throughout relevant classes.
|
2009-08-27 10:42:11 +00:00 |
Luke Taylor
|
092d7b5c2b
|
Fix CAS filter configuration.
|
2009-08-25 20:26:12 +00:00 |