Luke Taylor
df59cb9dcd
Import cleaning.
2008-09-11 14:41:00 +00:00
Luke Taylor
ef0389ae79
SEC-976: Removed checks for presence of core-tiger classes.
2008-09-11 14:37:55 +00:00
Luke Taylor
5b9bb8ba54
[maven-release-plugin] prepare for next development iteration
2008-09-05 19:04:22 +00:00
Luke Taylor
73eed2656d
[maven-release-plugin] prepare release spring-security-parent-2.0.4
2008-09-05 18:57:43 +00:00
Luke Taylor
f935830cdf
Class index generation files
2008-09-05 14:26:26 +00:00
Luke Taylor
ee04b189b7
Updated schema verisions to 2.0.4
2008-09-05 14:23:42 +00:00
Luke Taylor
8661e17df9
OPEN - issue SEC-960: DN Encoding in LDAPUserDetailsManager.changePassword() causes bind errors
...
http://jira.springframework.org/browse/SEC-960 . Replaced call to toUrl() with toString() to prevent URL encoding when setting up principal name for reconnect() in changePassword() method.
2008-09-05 13:49:38 +00:00
Ben Alex
c45b4e0989
SEC-951: Overcome serialization error caused by BasicLookupStrategy failing to modify AccessControlEntryImpl.acl field to the replacement AclImpl (previously old references to StubAclParent were retained).
2008-09-05 05:33:41 +00:00
Ben Alex
0f8ea229c2
SEC-908: Correct issue with BasePermission static initialization failure.
2008-09-05 04:33:52 +00:00
Luke Taylor
5102be3a59
SEC-971: getter for cookieName in AbstractRememberMeServices
...
http://jira.springframework.org/browse/SEC-971 . Added getCookieName() method.
2008-09-04 16:05:34 +00:00
Luke Taylor
de379dc2ac
Converted literals to classname/interfacename docbook tags for easier indexing
2008-09-02 01:05:57 +00:00
Luke Taylor
09c70bb28e
SEC-970: Corrected link in docbook html banner
2008-09-01 16:56:50 +00:00
Luke Taylor
4e2d6f8b2e
SEC-967: TextUtils.java does not escape ampersand character
...
http://jira.springframework.org/browse/SEC-967 . Added escaping of '&' character
2008-08-29 12:01:45 +00:00
Luke Taylor
d781deffe7
OPEN - issue SEC-966: Consider adding escapeXml attribute to security:authentication
...
http://jira.springframework.org/browse/SEC-966 . Added escaping of rendered text as default.
2008-08-26 16:21:29 +00:00
Luke Taylor
a4e4120443
SEC-963: LDAP Group Search Root
...
http://jira.springframework.org/browse/SEC-963 . Changed namespace instances of DefaultAuthoritiesPopulator to use the root as the default search location.
2008-08-26 13:51:01 +00:00
Luke Taylor
83868a7334
SEC-955: ability to externalize port mapping for secured channel to a property file
...
http://jira.springframework.org/browse/SEC-955 . Changed schema to make port-mapping type xsd:string to allow placeholders.
2008-08-26 13:20:01 +00:00
Luke Taylor
150f3d97d0
SEC-832: NamingEnumeration.hasMore fails on MS AD with PartialResultException
...
http://jira.springframework.org/browse/SEC-832 . Changed searchForSingleEntry method to ignore PartialResultException, similar to Spring LDAP's approach.
2008-08-26 12:49:37 +00:00
Luke Taylor
7f28a8bc5d
Refactored DefaultLdapAuthoritiesPopulator to remove contextSource field and setter method.
2008-08-26 12:38:02 +00:00
Luke Taylor
1cfd886517
SEC-922: Spring Security should respect Spring XML boolean operators for AJ pointcut
...
http://jira.springframework.org/browse/SEC-922 . Added method to substitute boolean operators "and, not, or" with aspectj versions "&&, !, ||".
2008-08-18 23:31:14 +00:00
Luke Taylor
bb457e1d07
SEC-957: logger.debug without guard causing massive performance hit
...
http://jira.springframework.org/browse/SEC-957 . Added debug logging guard as requested.
2008-08-18 18:20:48 +00:00
Luke Taylor
09cf90258f
SEC-758: Both AspectJSecurityInterceptor and AspectJAnnotationSecurityInterceptor not usable with @AspectJ notation
...
http://jira.springframework.org/browse/SEC-758 . Added "throws Throwable" to AspectJAnnotationCallback signature.
2008-08-18 14:47:28 +00:00
Luke Taylor
e15d7a78cd
SEC-956: Remove MapBasedMethodDefinitionSource.lookupAttributes
...
http://jira.springframework.org/browse/SEC-956 . Done.
2008-08-18 13:13:18 +00:00
Luke Taylor
3bf5e406b7
SEC-936: NPE in AbstractFallbackMethodDefinitionSource
...
http://jira.springframework.org/browse/SEC-936 . Changed to check if the value of MethodInvocation.getThis() is null to prevent NPE. MapBasedMethodDefinitionSource now ignores calls to findAttributes() with a null target class (all its entries require a class) and the fallback option in AbstractFallbackMethodDefinitionSource is used if the targetClass is null (i.e. Method.getDeclaringClass() will be used as the Class)
2008-08-16 02:31:36 +00:00
Luke Taylor
6a68a2531c
SEC-904: Moved test module out of sandbox
2008-08-16 02:24:32 +00:00
Luke Taylor
959cdd8335
SEC-936: Tests
2008-08-16 01:58:45 +00:00
Luke Taylor
8e0a6b9d1a
SEC-904: Test module updates
2008-08-15 23:54:16 +00:00
Luke Taylor
827d0e1ebf
OPEN - issue SEC-865: Re-Challenge NTLM Clients after Authentication Failure
...
http://jira.springframework.org/browse/SEC-865 . Changed NTLM filter to re-challenge if retryOnAuthFailure is set and the Smb logon call fails. Updated JCIFS version in pom.
2008-08-15 22:44:22 +00:00
Luke Taylor
55d357f42d
OPEN - issue SEC-905: <protect-pointcut /> pointcuts do not respect method arguments
...
http://jira.springframework.org/browse/SEC-905 . Added extra registration method to MapBasedMethodDefinitionSource which takes a Method instance rather than the method name.
2008-08-12 17:11:38 +00:00
Luke Taylor
d9ab0758ee
SEC-954: Removed test dependency on AbstractMethodDefinitionSource.
2008-08-12 17:08:55 +00:00
Luke Taylor
36b35e3b1f
CLOSED - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching
...
http://jira.springframework.org/browse/SEC-953 . Fixed autoboxing issue.
2008-08-11 21:15:09 +00:00
Luke Taylor
39a656eb78
OPEN - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching
...
http://jira.springframework.org/browse/SEC-953 . Added stripQueryStringFromUrls parameter to FilterChainProxy which works the same as the one on DefaultFilterInvocationDefinitionSource. This defaults to true when used with ant path matching.
2008-08-11 19:15:33 +00:00
Luke Taylor
b6dec19e90
SEC-932: Added supplied class and test class.
2008-08-11 16:36:01 +00:00
Luke Taylor
69e776f581
Fixed invalid tags in faq.fml
2008-08-11 16:18:26 +00:00
Luke Taylor
3ab9fcdcaf
Tidying.
2008-08-11 15:05:16 +00:00
Luke Taylor
5e3204a5cb
Typo
2008-08-09 11:22:35 +00:00
Luke Taylor
6409f140e0
SEC-902: Changed Ntlm entry point to send 403 if no failure URL set
2008-08-08 16:44:13 +00:00
Luke Taylor
130e70373f
SEC-936: Initial test which fails to reproduce the problem
2008-08-08 16:41:23 +00:00
Luke Taylor
3a9eb018ba
SEC-950: Added test to attempt to reproduce problem.
2008-08-08 15:41:14 +00:00
Luke Taylor
8b376ccdeb
SEC-910: Finished LDAP ns reference
2008-08-08 14:59:44 +00:00
Luke Taylor
b3a23b4377
Some minor improvements to schema comments
2008-08-07 19:15:13 +00:00
Luke Taylor
7461d0e5f1
Added authentication, method security and start of LDAP ns info
2008-08-07 19:12:56 +00:00
Luke Taylor
566f656eba
Added ldap-server xml:id
2008-08-07 19:11:43 +00:00
Luke Taylor
e5d2578aec
Added example of @Secured use and some extra explanation
2008-08-07 19:10:53 +00:00
Luke Taylor
fb3d0b7f25
Fixed link
2008-08-07 19:09:49 +00:00
Luke Taylor
2d0b594a97
Fixed missing section closing tag
2008-08-07 15:21:25 +00:00
Luke Taylor
42af39a59e
Some corrections to explicit FilterChainProxy information
2008-08-07 13:33:36 +00:00
Luke Taylor
930be9338b
Added info on default target options when using form-login
2008-08-07 12:41:12 +00:00
Luke Taylor
c1a6ae0832
Added faq on required dependencies
2008-08-07 12:40:25 +00:00
Luke Taylor
c49bc7ffbb
SEC-910: Finishing off http part of namespace appendix
2008-08-07 10:47:59 +00:00
Luke Taylor
25814d341d
Tidying.
2008-08-06 16:18:05 +00:00