eba18675fc
Removed old acegi file from tutorial sample as it's causing confusion with users.
2008-04-23 21:08:41 +00:00
38774ec94f
SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter.
...
http://jira.springframework.org/browse/SEC-792 . The filters are now maintained as a list in the context and have to be stored there explicitly on registration.
2008-04-23 16:06:54 +00:00
80cd7f4acc
Removed accidental commit of tutorial context file
2008-04-23 13:13:56 +00:00
c184d2d8c5
Added 'heavyduty' sample to sandbox for testing
2008-04-23 13:11:26 +00:00
01185475a1
OPEN - issue SEC-793: ldap-authentication-provider element parser ignores hash attribute.
...
http://jira.springframework.org/browse/SEC-793 . Added support for hash attribute. password-encoder still takes precendence with a warning if both are present.
2008-04-23 12:50:09 +00:00
7e63fe7357
SEC-790: DefaultLoginPageGeneratingFilter should be a better HTTP citizen
...
http://jira.springframework.org/browse/SEC-790 . Applied submitted patch.
2008-04-23 00:41:52 +00:00
8ea7487ec3
Removed unused method.
2008-04-22 23:20:49 +00:00
ec81e780b2
Import cleaning.
2008-04-22 22:27:51 +00:00
599d9fea04
Minor improvements to toString() methods for logging.
2008-04-22 22:21:20 +00:00
a845a69cb7
Updated surefire plugin to 2.4.2
2008-04-22 22:01:28 +00:00
0cf745b85f
Updated clean plugin to 2.2
2008-04-22 21:59:40 +00:00
b2e9e82727
Fixed typo in message.
2008-04-22 21:54:54 +00:00
63decfeb93
SEC-761: HttpSessionContextIntegrationFilter.contextObject should be created in afterPropertiesSet(), not the constructor
...
http://jira.springframework.org/browse/SEC-761 . Added call to generateNewContext() in the afterPropertiesSet() method to take account of custom security context classes.
2008-04-22 21:51:12 +00:00
1ae167434a
SEC-756: Add checks for duplicate use of namespace elements such as global-method-security
...
http://jira.springframework.org/browse/SEC-756 . Refactored HttpSecurityBDP and added check for duplicate usage of the element.
2008-04-22 21:25:35 +00:00
083644f2fe
SEC-756: Refactored GlobalMethodSecurityDefinitionParser and added check for duplicate registration.
2008-04-22 18:25:35 +00:00
eec62e9760
Removed reference in petclinic tutorial to acegisecurity.org
2008-04-22 18:17:20 +00:00
c5f6cbb8f5
Removed corrupt character in author name which was causing build problems with bamboo.
2008-04-22 15:10:11 +00:00
1258fa854e
SEC-788: x509 authentication does not work properly
...
http://jira.springframework.org/browse/SEC-788 . Added check for X509 element when choosing entry point, if nothing else is available.
2008-04-22 14:53:11 +00:00
e12b6afefa
SEC-776: Http Session created for Anonymous request
...
http://jira.springframework.org/browse/SEC-776 . Added AuthenticationtrustResolver to HttpSCIF to check for anonymous authentication.
2008-04-22 13:22:38 +00:00
88ea87642a
SEC-791: RequestKey.equals throws NPE if method is null
...
http://jira.springframework.org/browse/SEC-791 . Fixed handling of equals when one http method is null.
2008-04-22 12:32:33 +00:00
9eaa1cbbdd
OPEN - issue SEC-789: Add support for optional role-prefix attribute to namespace
...
http://jira.springframework.org/browse/SEC-789 . Added role-prefix attribute to ldap provider and jdbc/ldap user-service elements.
2008-04-21 18:29:54 +00:00
aba5a22b6c
SEC-789: Add support for optional role-prefix attribute to namespace
...
http://jira.springframework.org/browse/SEC-789 . Added support for role-prefix to jdbc-user-service element.
2008-04-21 17:44:32 +00:00
1a4130528a
SEC-782: Incorrect UrlMatcher initialization in FilterChainProxy results in wrong lowercase/uppercase matching
...
http://jira.springframework.org/browse/SEC-782 . I've updated FilterChainProxy to make sure the same UrlMatcher is used throughout when converting a legacy configuration.
2008-04-21 16:51:06 +00:00
5bb558bd6a
SEC-777: The disabled status cannot be set in <user-service>
...
http://jira.springframework.org/browse/SEC-777 . Added the disabled flag to the relax grammar file.
2008-04-21 15:59:08 +00:00
993fdd7a32
Added better toString() method to OrderedFilterDecorator to make it report the delegate filter information.
2008-04-21 12:53:54 +00:00
1663142cf1
SEC-784: removed 'optional' tag on dependencies
2008-04-19 12:40:17 +00:00
469f55ce05
SEC-773: global-method-security fails with JPA
...
http://jira.springframework.org/browse/SEC-773 . Added extra constructor to MethodDefinitionSourceAdvisor to allow for lazy initialization of the advice (MethodSecurityInterceptor), and in turn the AuthenticationManager and ay referenced UserDetailsService implementations.
2008-04-18 13:15:56 +00:00
4d347cfdb5
Updated surefire plugin versions
2008-04-15 19:59:15 +00:00
2cc3068de7
Minor site css adjustments
2008-04-15 19:58:53 +00:00
09ccc35119
Updated index file to include release features
2008-04-15 18:45:09 +00:00
7238097310
OPEN - issue SEC-775: CLONE -impossible to specify "observeOncePerRequest" property in the namespace based configuration.
...
http://jira.springframework.org/browse/SEC-775 . Corrected check for value of observe-once-per-request attribute. Should be a check for "false" as it is true by default.
2008-04-15 16:57:47 +00:00
31a9fa553d
added section on maven repo downloads
2008-04-14 14:20:11 +00:00
680b2d3b74
Updated version number for reference manual
2008-04-14 14:09:06 +00:00
d2ddbc1ee3
Removed references to packaged docs
2008-04-14 14:05:42 +00:00
35698edc04
Website URL updates in readme file
2008-04-14 13:00:57 +00:00
b5dc523041
[maven-release-plugin] prepare for next development iteration
2008-04-14 07:06:44 +00:00
0c42670431
[maven-release-plugin] prepare release spring-security-parent-2.0.0
2008-04-14 07:05:46 +00:00
4d714b33e0
SEC-770: Mark old org.springframework.security.acl module as @deprecated.
2008-04-14 06:50:01 +00:00
ce34ef366d
SEC-426: Provide better ACL documentation.
2008-04-14 06:15:28 +00:00
9dea82773c
Added clear:both to programlisting to stop it overlapping with sidebars
2008-04-13 23:39:15 +00:00
57b5f38df1
OPEN - issue SEC-769: Remember-Me functionality not available in namespace configuration
...
http://jira.springframework.org/browse/SEC-769 . I've added a check in FormLoginBeanDefintionParser to see if RememberMeServices is registered. If so, it will inject the bean into the filter. Also added a check in HttpSecurityBeanDefinitionParserTests that the field has been set.
2008-04-13 22:11:09 +00:00
8f52c6a79c
Corrected name in cas samples pom
2008-04-13 21:26:43 +00:00
2c85f61091
Tidied root pom
2008-04-13 21:25:32 +00:00
4ae40150c9
SEC-752: ClassLoading in GlobalMethodSecurityBeanDefinitionParser doesn't work in tooling
...
http://jira.springframework.org/browse/SEC-752 . Removed check for JSR-250 class.
2008-04-13 20:59:39 +00:00
552dc6486a
SEC-703: Expose customization of SQL used by <jdbc-user-service>
...
http://jira.springframework.org/browse/SEC-703 . Added suggested attributes for sql queries.
2008-04-13 20:51:40 +00:00
d6e5dbbcfd
SEC-767: Added override for flushBuffer in response wrapper.
2008-04-13 20:22:31 +00:00
9d54c2d22b
OPEN - issue SEC-637: Dependency on RequestUtils
...
http://jira.springframework.org/browse/SEC-637 . Removed use of ServletRequestUtils in AbstractRememberMeServices
2008-04-13 12:53:01 +00:00
511403832f
SEC-653: Added entry-point-ref info
2008-04-13 12:03:43 +00:00
b8490bddb2
SEC-762: Updated CAS configuration from sample app
2008-04-13 12:02:16 +00:00
da72a7dc00
Forgot to add cas samples parent pom
2008-04-13 00:25:11 +00:00
Luke Taylor
Ben Alex