Commit Graph

3622 Commits

Author SHA1 Message Date
Luke Taylor e7486fc203 Removed Ordered interface from Http403EntryPoint (unused). 2009-09-14 16:06:15 +00:00
Luke Taylor 897960cd70 Add expression string to failed expression evaluation exception message to help clarify the context. 2009-09-13 22:29:07 +00:00
Luke Taylor 27be04f5be SEC-1223: Remove ntlm module from pom 2009-09-13 22:13:24 +00:00
Luke Taylor d52a806a1d SEC-1233: Removed NTLM support for 3.0 2009-09-13 21:55:14 +00:00
Luke Taylor 40cf50fc98 SEC-1148: Javadoc. 2009-09-13 21:51:54 +00:00
Luke Taylor ff78ec00f7 SEC-1226: Additional Javadoc. 2009-09-13 21:22:17 +00:00
Luke Taylor 23c8f479b8 SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework. 2009-09-13 20:45:38 +00:00
Luke Taylor 593d2e227a SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework. 2009-09-13 20:44:52 +00:00
Luke Taylor 9c7423599e SEC-1167: Extended SavedRequest interface to allow it to be used by wrapper. Removed null checks in wrapper, as the SavedRequest cannot now be null. 2009-09-13 16:27:35 +00:00
Luke Taylor 4064b7b4f6 SEC-1167: Introduce more flexible SavedRequest handling. Introduced interface for SavedRequest. 2009-09-13 15:03:14 +00:00
Luke Taylor 71ab83255d SEC-1242: Check that RememberMeServices is an instance of AbstractRememberMeServices before attempting to inject a UserDetailsService. 2009-09-11 21:10:16 +00:00
Luke Taylor acd10dd716 SEC-1243: Make determineTargetUrl protected. 2009-09-11 20:48:41 +00:00
Luke Taylor fa7404741b SEC-1167: Introduce more flexible SavedRequest handling. Add namespace support for a custom RequestCache through the request-cache element. 2009-09-09 21:40:12 +00:00
Luke Taylor aa2999caec SEC-1238: Removed portlet module 2009-09-09 20:54:10 +00:00
Luke Taylor 1d00b92d25 Removed portlet sample 2009-09-09 20:53:19 +00:00
Luke Taylor aec730ae7e SEC-1238: Disable portlet module 2009-09-09 20:03:00 +00:00
Luke Taylor 6851655ea9 SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class. 2009-09-09 19:49:44 +00:00
Luke Taylor ef2df77889 SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString(). 2009-09-09 17:41:35 +00:00
Luke Taylor 6640eab9dc SEC-1240: Added {ssha} support to PasswordEncoderParser. 2009-09-09 12:12:29 +00:00
Luke Taylor ac4e7bbadb SEC-1241: Make sure saved request is removed after a match. 2009-09-09 10:11:45 +00:00
Luke Taylor 9d26527f30 SEC-1237-Re-enabled maven source plugin 2009-09-06 13:16:43 +00:00
Luke Taylor f518da9d8b SEC-1236: Using HTTP Method-specific intercept-urls causes patterns with no method to be ignored. Fixed by also checking null key in map if no method-specific attributes are found. 2009-09-05 15:26:07 +00:00
Luke Taylor 5bdfd8cd77 Tidying imports etc to remove compiler warnings. 2009-09-05 14:14:58 +00:00
Luke Taylor d099d14e9b SEC-1235: Added test to attempt to verify (failed to reproduce). 2009-09-05 14:14:12 +00:00
Luke Taylor 8632946f30 SEC-1213: Added "order" atrribute to global-method-security 2009-09-04 15:54:42 +00:00
Mike Wiesner ed0686cacf Upgraded to AspectJ 1.6.5 and fixes some maven plugin config bugs 2009-09-04 15:25:23 +00:00
Mike Wiesner a1751aec2c SEC-1232: Added the aspect library needed for <global-method-security mode="aspectj"/> and a small sample 2009-09-04 13:53:55 +00:00
Luke Taylor 002b788a8c Minor refactoring. 2009-09-04 12:15:19 +00:00
Luke Taylor 8081a1a3cc Set Id svn keyword. 2009-09-03 19:55:18 +00:00
Mike Wiesner 5623c13038 SEC-1047: Added an option to DigestProcessingFilter that the created Authentication object is now marked as "authenticated" 2009-09-02 16:12:19 +00:00
Mike Wiesner e14a904306 SEC-1181: fixed recursive import in template.mf 2009-09-02 15:31:22 +00:00
Mike Wiesner 660b408e6e SEC-1181: added import to template.mf for the DNS classes 2009-09-02 15:20:26 +00:00
Mike Wiesner 58ee9a364e SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers. 2009-09-02 14:29:35 +00:00
Luke Taylor 245fc96137 SEC-1075: Update the embedded LDAP server to use Apache DS 1.5. Updated to use the new 1.5.5 release for the embedded server. 2009-09-01 23:21:44 +00:00
Scott Battaglia 53baac2fd9 SEC-1228
started adding support for supporting creating UserDetails via Assertions.
2009-09-01 19:53:19 +00:00
Scott Battaglia bfd421016e SEC-1228
added constructor so a wrapper can be instanciated in one line of code.
2009-09-01 19:52:43 +00:00
Luke Taylor 936326f4ab SEC-1180: Unreachable code inside UrlUtils.buildRequestUrl(...). Removed code block. 2009-09-01 18:13:28 +00:00
Luke Taylor f6f5855b52 SEC-1222: Provide a constructor for LdapUserDetailsService that does not require an LdapAuthoritiesPopulator. Done. 2009-09-01 16:42:11 +00:00
Luke Taylor 32dbb7e8bd import cleaning 2009-09-01 16:41:53 +00:00
Luke Taylor 2039200617 SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace. 2009-09-01 16:08:20 +00:00
Luke Taylor b2c2b93545 SEC-1190: Added "invalidateSessionOnPrincipalChange" property to AbstactPreAuthenticatedProcessingFilter. If set to true (the default) and a new principal is detected, the existing session will be invalidated before proceeding to authenticate the user. 2009-09-01 00:18:48 +00:00
Luke Taylor 3cc47c9c4d SEC-1190: Added "checkForPrincipalChanges" property to AbstactPreAuthenticatedProcessingFilter. 2009-08-31 23:28:40 +00:00
Luke Taylor dbcb13ad14 SEC-1229: Redesign Concurrent Session Control implementation. Renamed session strategy interface and introduced SessionAuthenticationException for rejection of session/Authentication combination. 2009-08-31 22:48:49 +00:00
Luke Taylor 0d7b990e0a SEC-1184: Moved ACL cache classes and interface out of jdbc package. 2009-08-31 22:15:37 +00:00
Luke Taylor 6236858356 SEC-951: Acl Serialization Errors that cohere with parent-child-structure of Acls. Modified tests to reproduce the issue and applied suggested fix (recursive call to set transient fields on parent). 2009-08-31 19:15:13 +00:00
Luke Taylor 98ffda85e0 minor doc update 2009-08-30 14:35:33 +00:00
Luke Taylor a4ccc4ac21 Make WebSecurityExpressionRoot public to allow reuse. 2009-08-28 14:02:02 +00:00
Luke Taylor 471206a29d SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy 2009-08-27 10:43:01 +00:00
Luke Taylor ab0d66071a SEC-1226: Introduce RedirectStrategy to replace RedirectUtils. Implemented strategy and applied throughout relevant classes. 2009-08-27 10:42:11 +00:00
Luke Taylor 092d7b5c2b Fix CAS filter configuration. 2009-08-25 20:26:12 +00:00