Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 06:58:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,269 Commits 33 Branches 337 Tags
Commit Graph

1838 Commits

Author SHA1 Message Date
Luke Taylor
775a6c3939 [maven-release-plugin] prepare for next development iteration 2008-06-23 14:10:35 +00:00
Luke Taylor
87d50aecce [maven-release-plugin] prepare release spring-security-parent-2.0.3 2008-06-23 14:05:36 +00:00
Luke Taylor
3ee8733261 SEC-879: Added required BeanPostProcessor to set SessionRegistry is set on namespace registered AbstractProcessingFilter and SessionFixationProtectionFilter when using custom ConcurrentSessionController 
http://jira.springframework.org/browse/SEC-879.
 2008-06-20 22:08:05 +00:00
Luke Taylor
d5ee89bb7c Correct typo in error message. 2008-06-19 15:21:03 +00:00
Luke Taylor
ff5bfccdba SEC-892: Linked use of create-session='never' in namespace to corresponding properties in ExceptionTranslationFilter and AbstractProcessingFilter 2008-06-19 13:46:45 +00:00
Luke Taylor
c56d524bd9 SEC-887: Added setter method for account status checker. 2008-06-18 12:00:45 +00:00
Luke Taylor
af5f193ec1 SEC-890: Corrected use of dataSource property name in RememberMeBDP. 2008-06-18 10:35:30 +00:00
Luke Taylor
7d79ae5424 SEC-880: Fix incorrect index value. 2008-06-13 10:58:01 +00:00
Luke Taylor
32b8009bee SEC-875: Removed duplicated parameters from SavedRequestWrapper.getParameterValues() 2008-06-09 23:33:36 +00:00
Luke Taylor
3b775d29d3 SEC-870: Polish messages file contribution 2008-06-08 22:09:47 +00:00
Ben Alex
358f284f42 SEC-760: Correct bug where more than one concurrent JaasAuthenticationProvider used. 2008-06-06 06:13:14 +00:00
Luke Taylor
ff785a829f [maven-release-plugin] prepare for next development iteration 2008-06-03 16:07:20 +00:00
Luke Taylor
db1d8604a6 [maven-release-plugin] prepare release spring-security-parent-2.0.2 2008-06-03 16:05:40 +00:00
Luke Taylor
9308284bd4 SEC-864: Removed duplicate OpenID provider. 2008-06-03 14:53:43 +00:00
Luke Taylor
122e1c47ed Changed rnc filename prior to 2.0.2 release 2008-06-01 19:34:50 +00:00
Luke Taylor
64ab7e534c Spelling corrections in Javadoc. 2008-06-01 17:26:27 +00:00
Luke Taylor
ab6d29d927 SEC-862: Make logoutSuccessUrl accessible to sub-classes. 2008-06-01 16:15:09 +00:00
Luke Taylor
1d9d7eb9a7 Removed accidental commit of SavedRequest clearing code in TargetUrlResolverImpl 2008-05-30 17:53:09 +00:00
Luke Taylor
ecd2cc6da7 Added some Assert calls to setters and improved comments. 2008-05-30 15:29:51 +00:00
Luke Taylor
f228d013d8 SEC-861: Change default value of justUseSavedRequestOnGet to false 2008-05-30 15:09:51 +00:00
Luke Taylor
4de4bb8e87 SEC-860: Added setter for authenticationDetailsSource to AbstractRememberMeServices 2008-05-30 14:29:32 +00:00
Luke Taylor
f8cded10ee Typo. 2008-05-30 11:20:16 +00:00
Luke Taylor
c031588975 SEC-606: Added support for customizable credentials character set. 2008-05-29 18:00:15 +00:00
Luke Taylor
36a192b70f SEC-858: Replaced integer properties in schema with strings to allow use of placeholders. 2008-05-29 16:13:14 +00:00
Luke Taylor
980a72f9a0 Removed TODO (done). 2008-05-29 15:54:50 +00:00
Luke Taylor
517a7f117a SEC-857: Make request wrapper getParameterValues() consistent with getParameterMap() etc. 2008-05-29 15:49:43 +00:00
Luke Taylor
244579faf4 OPEN - issue SEC-856: GroupManager JdbcUserDetailsManager implementation: addGroupAuthority() method doesn't work. 
http://jira.springframework.org/browse/SEC-856. Refactored class to remove the JDBC-related inner classes.
 2008-05-28 16:25:28 +00:00
Luke Taylor
d63536cc0d SEC-821: Added support for eternal session registry and concurrent session controller to the 2.0.2 namespace. 2008-05-27 13:14:21 +00:00
Luke Taylor
8b5bbe3800 SEC-830: Changed SavedRequestAwareWrapper to make wrapped request parameters take precedence over saved request ones. 2008-05-25 22:57:03 +00:00
Luke Taylor
45c3084502 SEC-836: Made LDAP namespace elements use subtree group searching by default. 2008-05-23 23:57:01 +00:00
Luke Taylor
871e529840 SEC-850: custom-authentication-provider Registering Separate Bean Definitions in App Context and Providers List 
http://jira.springframework.org/browse/SEC-850. Added extra test.
 2008-05-23 23:32:57 +00:00
Luke Taylor
d1005e4cfb SEC-850: custom-authentication-provider Registering Separate Bean Definitions in App Context and Providers List 
http://jira.springframework.org/browse/SEC-850. Changed bean decorator to add a bean reference to the ProviderManager rather than a bean definition.
 2008-05-23 23:25:09 +00:00
Luke Taylor
9ce0270226 Fixed typo in test name 2008-05-23 22:57:30 +00:00
Luke Taylor
7603ce2f97 SEC-848: Remove all Spring LDAP dependecy loading from namespace parsers 
http://jira.springframework.org/browse/SEC-848. Replaced class references with class names.
 2008-05-23 21:30:57 +00:00
Luke Taylor
25ba269db0 SEC-835: use setContentType on response for J2EE 1.3 compatibility. 2008-05-23 20:55:10 +00:00
Luke Taylor
11b448c0e0 SEC-847: Updated the xsl file to inline openid-login and other elements 2008-05-23 16:29:44 +00:00
Luke Taylor
08c5fe8925 Fixed autoboxing issue 2008-05-22 12:19:00 +00:00
Luke Taylor
fbe3ca48f4 SEC-823, SEC-843: Allow setting of custom RememberMeServices and token validity periodon remember-me namespace element 2008-05-21 16:03:05 +00:00
Luke Taylor
3e33b8a880 Update InMemoryXmlApplicationContext to use 2.0.2 schema 2008-05-20 22:46:37 +00:00
Luke Taylor
b60c578b25 SEC-844: Support for SHA-256 hashing. 2008-05-20 22:45:02 +00:00
Luke Taylor
03981ab6a0 SEC-844: Added sec-256 to namespace schema 2008-05-20 22:32:03 +00:00
Luke Taylor
e9adbd4d62 SEC-844, SEC-843, SEC-823: Added support for sha-256, custom remember-me services and setting of remember me token validity period to namespace schema. Also added 2.0.2 XSD file 2008-05-20 19:48:32 +00:00
Luke Taylor
29d31b72d0 SEC-837: Add special character filtering to LDAP search filters 2008-05-20 19:25:37 +00:00
Luke Taylor
3fb1f59fde SEC-837: Add special character filtering to LDAP search filterscore/src/test/java/org/springframework/security/ldap 2008-05-20 19:22:49 +00:00
Luke Taylor
5af53da106 Improved doc for'filters' attribute 2008-05-18 11:09:50 +00:00
Luke Taylor
2329dadf48 Removed jalopy parameter comments 2008-05-15 17:58:15 +00:00
Luke Taylor
f269373442 IDE-791: Remove explicit Spring LDAP class dependencies from LdapServerBDP. 2008-05-15 14:33:42 +00:00
Luke Taylor
8b2c0468ff OPEN - issue SEC-834: Session fixation attack protection will cause problems with URL rewriting 
http://jira.springframework.org/browse/SEC-834. Modified HttpSecurityBDP to add session-fixation parameters to openId and form-login filters. Also added sessionRegistry property to AbstractProcessingFilter so that it doesn't conflict with concurrent session control.
 2008-05-15 01:34:14 +00:00
Luke Taylor
d17a2da9e0 SEC-834: Session fixation attack protection will cause problems with URL rewriting 
http://jira.springframework.org/browse/SEC-834. Changed position of SessionFixationProtectionFilter and modified it to make a decision about whether authentication has taken place prior to calling doFilter(). Previously it did this on the return through the filter chain, which caused the problem described in this issue.
 2008-05-15 00:26:27 +00:00
Luke Taylor
7f38c656ca SEC-820: Expand regular expression used in hierarchical roles. 2008-05-14 22:59:33 +00:00