Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 23:31:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,995 Commits 33 Branches 337 Tags
Commit Graph

2995 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luke Taylor
e982e91846 SEC-944: Added db schema reference (and start of namespace appendix) 2008-08-01 13:57:42 +00:00
Luke Taylor
54ac7b3e46 SEC-935: Updated schema to include OpenID filter name. Also updated some doc comments and added default schema name (spring-security.xsd) to schemas. 2008-08-01 12:51:31 +00:00
Luke Taylor
3049b933d9 Moved XML test snippet to ConfigTestUtils class and removed context files from core-tiger tests in favour of in-memory XML 2008-07-31 21:35:29 +00:00
Luke Taylor
c8b22d8e36 SEC-923: Fixed broken build due to missing test class. 2008-07-31 21:22:19 +00:00
Luke Taylor
1d96283876 Removed commented out line. 2008-07-31 20:45:25 +00:00
Luke Taylor
ef44bd91f2 SEC-933: Added test for security pointcut applied to a UserDetailsService. 2008-07-31 20:32:43 +00:00
Luke Taylor
d7926f3557 SEC-943: Forgot to commit tests. 2008-07-31 20:30:56 +00:00
Luke Taylor
e5d86b13b7 SEC-941: Embedded ldap-server uses hard-coded ldap url for importing ldif files 
http://jira.springframework.org/browse/SEC-941. Changed LdapUtils.parseRootDnFromUrl to use URI.getRawPath() so the returned root value still contains the escaping. I think this should be Ok.
 2008-07-31 19:50:08 +00:00
Ray Krueger
3393ea7aaa SEC-923: Realm support for discovering relying parties. 
A new "realmMapping" property can be configured on the OpenIDAuthenticationProcessingFilter to map the "return_to" url to a realm. If there is no mapping present the "return_to" url will be parsed and the protocol, hostname and port will be used with a trailing "/"
 2008-07-31 19:23:12 +00:00
Luke Taylor
67e5afbb79 OPEN - issue SEC-881: PreAuthenticatedFilter continues filter chain after unsuccessfulAuthentication(...) 
http://jira.springframework.org/browse/SEC-881. Updated Javadoc.
 2008-07-31 15:56:37 +00:00
Luke Taylor
000bb1cbed OPEN - issue SEC-881: PreAuthenticatedFilter continues filter chain after unsuccessfulAuthentication(...) 
http://jira.springframework.org/browse/SEC-881. Added test class.
 2008-07-31 15:42:04 +00:00
Luke Taylor
243c4f22d4 OPEN - issue SEC-899: GrantedAuthorityImpl.compareTo should handle null roles 
http://jira.springframework.org/browse/SEC-899. Changed to return -1 when compared to custom auhority which returns null from getAuthority()
 2008-07-31 13:01:22 +00:00
Luke Taylor
d4c105d8ba OPEN - issue SEC-934: security:intercept-url throws NPE if defined twice with the same url 
http://jira.springframework.org/browse/SEC-934. Added log warning when the same url is used multiple times.
 2008-07-30 15:03:47 +00:00
Luke Taylor
f6ff958411 Renamed rnc file. 2008-07-30 11:05:44 +00:00
Luke Taylor
4bb3eb12c3 SEC-933: global-method-security and aop:aspectj-autoproxy throws NullPointerException in some situations 
http://jira.springframework.org/browse/SEC-933. Removed the setting of the attributeSource field from the interceptor in MethodDefinitionSourceAdvisor as this was overwriting the version supplied with the constructor with null (causing the NPE).
Also implemented lazy initialization of the authentication provider list from the bean factory in a custom NamespaceAuthenticationManager (extends ProviderManager and introspects the BeanFactory when getProviders() is first called). This should prevent the perennial problem of the eager initialization of UserDetailsService and other beans when the interceptor is eagerly initialized by something like aspectj-autoproxy.
 2008-07-30 11:01:23 +00:00
Luke Taylor
f538a36cd3 SEC-939: Changed XML header to include schema locations for clarification. 2008-07-29 10:40:50 +00:00
Luke Taylor
6e06789a28 SEC-937: Added CAS logout filter to sample application 2008-07-28 10:53:55 +00:00
Luke Taylor
6b45eda37c SEC-877, SEC-553: Added code to sandbox/other 2008-07-17 17:46:11 +00:00
Luke Taylor
f453264bde SEC-909: custom remember me services doesn't get registered as logout handler 
http://jira.springframework.org/browse/SEC-909. HttpSecurityBeanDefinitionParser now passes the resolved RememberMeServices bean name to the LogoutBeanDefinitionparser so that it an use it explicitly.
 2008-07-15 18:22:53 +00:00
Luke Taylor
1ddc033fe5 SEC-903: Wrong attribute mapping when using jdbc-user-service bean 
http://jira.springframework.org/browse/SEC-903. Corrected property name set by JdbcUserServiceBeanDefinitionParser (was setting authorities query rather than groups one).
 2008-07-15 16:43:57 +00:00
Luke Taylor
e303e8b71a SEC-924: Implement automatic injection of namespace created RememberMeServices into custom AbstractProcessingFilter based beans. 
http://jira.springframework.org/browse/SEC-924. Delayed setting of NullRememberMeServices in AbstractProcessingFilter until afterPropertiesSet method is called, allowing the null value to be read by the namespace and the confgiured RememberMeServices bean injected.
 2008-07-15 14:52:13 +00:00
Luke Taylor
bf5896600e OPEN - issue SEC-913: SwitchUserProcessingFilter modifies the switchFailureUrl member variable on failure 
http://jira.springframework.org/browse/SEC-913. Applied patch as suggested (use sendRedirect method for failure URL).
 2008-07-15 13:42:30 +00:00
Luke Taylor
b4c63db680 SEC-921: Improved messages_zh_CN.properties for Chinese 
http://jira.springframework.org/browse/SEC-921. Added contributed file.
 2008-07-15 11:11:21 +00:00
Luke Taylor
a56c13fb22 SEC-912: Added callback methods to BasicProcessingFilter for successful and unsuccessful authentication. 2008-07-12 17:40:39 +00:00
Luke Taylor
697c7c5f48 SEC-918: Added more info on DB schema to javadoc 2008-07-12 15:21:24 +00:00
Luke Taylor
b32a418175 Added mmore info on 'springSecurityFilter' chain and warning not to use this bean name explicitly 2008-07-12 15:14:43 +00:00
Luke Taylor
4cebc67088 Added example config for JDBCDaoImpl and user-service-ref in namespace 2008-07-11 19:33:15 +00:00
Luke Taylor
fbc7c31b5e SEC-918: Added DDL or user and authorities tables to section on JDBC UserDetailsService 2008-07-11 19:21:00 +00:00
Luke Taylor
7dc998196a Added faq on JDK and Spring version requirements 2008-07-11 14:43:36 +00:00
Luke Taylor
768219af81 Added exta sub-headings to facilitate searching for particular topics from content page 2008-07-11 13:27:19 +00:00
Luke Taylor
7039bfdfbe Minor text spacing correction 2008-07-11 13:11:35 +00:00
Luke Taylor
d13b32c77f Clarified that paths are relative to the checked out source tree 2008-07-11 12:19:19 +00:00
Luke Taylor
dce709a669 Minor code formatting in docbookk 2008-07-11 12:14:00 +00:00
Luke Taylor
d9634bcb39 SEC-920: Update preauth sample to make use of internal authentication manager 
http://jira.springframework.org/browse/SEC-920. Updated context file to use <custom-authentication-provider>.
 2008-07-11 10:56:57 +00:00
Luke Taylor
8fe1b4b402 SEC-914: Slight modification of tld description text for readability. 2008-07-11 08:14:28 +00:00
Luke Taylor
30f1e5729a SEC-914: Corrected tagllib descriptor documentation for var attribute in authentication tag. 2008-07-11 07:52:52 +00:00
Luke Taylor
6d179122d3 SEC-916: Added Spanish messages contribution. 2008-07-10 15:32:01 +00:00
Luke Taylor
bd4ed794ea SEC-904: Renamed SessionRegistryImplMultithreadedTests 2008-07-02 19:25:28 +00:00
Luke Taylor
2cda6242c8 SEC-904: Moved multi-threaded tests into sandbox 2008-07-02 19:19:21 +00:00
Luke Taylor
479693ced7 SEC-900: Added extra checks on expiry time 2008-07-02 18:40:55 +00:00
Luke Taylor
d5df35f739 Update sandbox poms post-release 2008-07-02 16:27:02 +00:00
Luke Taylor
b99a5dec29 Various mods to heavyduty app 2008-07-02 16:25:18 +00:00
Luke Taylor
e1fcacbca5 Added general question on other security concerns 2008-07-01 21:00:30 +00:00
Luke Taylor
bf45ff94e7 SEC-901: Improve docs on custom-filter and avoiding conflicts with namespace filters 2008-07-01 14:20:18 +00:00
Luke Taylor
c372c2df87 SEC-896: Changed result.toString() to String.valueOf(result) in tag class to prevent NPE when value of property is null 2008-06-30 21:02:23 +00:00
Luke Taylor
dd5edbcce9 Added labels to faqs 2008-06-30 20:59:27 +00:00
Luke Taylor
3a25766da1 Adding sub-headings etc to 'secure objects' section 2008-06-27 13:12:27 +00:00
Luke Taylor
6ff0b969d5 Corrected ldap sample config (traditional bean version was wrong) 2008-06-23 23:43:48 +00:00
Luke Taylor
775a6c3939 [maven-release-plugin] prepare for next development iteration 2008-06-23 14:10:35 +00:00
Luke Taylor
87d50aecce [maven-release-plugin] prepare release spring-security-parent-2.0.3 2008-06-23 14:05:36 +00:00