Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-01 16:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,023 Commits 56 Branches 348 Tags
Commit Graph

75 Commits

Author SHA1 Message Date
Luke Taylor
d7f202a111 Addition of final to constructor set fields to improve immutability of authentication and user objects 2009-04-22 04:11:38 +00:00
Luke Taylor
93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor
ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor
9efb5a7007 SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 12:23:23 +00:00
Luke Taylor
f746a20ab4 SEC-1132: package refactoring of non-core modules 2009-03-27 05:01:03 +00:00
Luke Taylor
bec84f874a SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples. 2009-03-26 07:18:36 +00:00
Luke Taylor
2a9a8a41db SEC-1125: Created separate web module spring-security-web 2009-03-25 06:28:18 +00:00
Luke Taylor
ddffdf1699 SEC-745: Renamed failureHandler and successHandler to have prefix 'authentication' 2008-12-28 17:32:25 +00:00
Luke Taylor
40ccd3be11 SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument. 2008-12-15 01:25:12 +00:00
Luke Taylor
2927b8464f SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException. 2008-12-14 22:20:21 +00:00
Luke Taylor
10e4d1fe1a SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver. 2008-12-12 22:30:57 +00:00
Luke Taylor
e5b1073501 SEC-1012: Added more generics and warning suppression 2008-11-11 09:06:50 +00:00
Luke Taylor
ec44f2bdfe SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections 2008-10-31 03:53:00 +00:00
Ray Krueger
3393ea7aaa SEC-923: Realm support for discovering relying parties. 
A new "realmMapping" property can be configured on the OpenIDAuthenticationProcessingFilter to map the "return_to" url to a realm. If there is no mapping present the "return_to" url will be parsed and the protocol, hostname and port will be used with a trailing "/"
 2008-07-31 19:23:12 +00:00
Luke Taylor
15b893f9ae SEC-809: OpenIDProcessingFilter updated to set authentication details (to make compatible with concurrent session control). 2008-05-12 20:05:24 +00:00
Luke Taylor
b62ad5b097 SEC-722: Changed openID filter to use its owen ordering value as it may be used together with form login. 2008-03-20 19:55:32 +00:00
Luke Taylor
5ba7091a20 SEC-690: Use consistent naming in OpenID classes 
http://jira.springframework.org/browse/SEC-690
 2008-02-29 12:52:13 +00:00
Luke Taylor
5e204e23f3 SEC-536: Introduced UserDetailsChecker strategy to extract code for checking status of accounts and allowing variation in pre/post authentication checks made by AbstractUserDetailsAuthenticationProvider 2008-02-15 18:05:12 +00:00
Luke Taylor
bd5a64825d SEC-552: Replaced authorites populators in CAS and OpenID with a plain UserDetailsService 2008-02-08 13:23:43 +00:00
Ray Krueger
c0e2842f90 General cleanup and removal of unused stuff 2008-02-01 16:32:20 +00:00
Luke Taylor
e42fdf29ae Don't add exception to session if allowSessionCreation is false. 2008-02-01 16:03:56 +00:00
Luke Taylor
abe62f9146 Modified to store the login name in the session when login fails, so that it is available to the view (as in AuthenticationProcessingFilter). 2008-02-01 16:00:46 +00:00
Luke Taylor
677012a5de Added Robin as author. 2008-02-01 15:20:37 +00:00
Luke Taylor
0d9c1924fb Added check for null consumer, removed unused "errorPage" property. 2008-02-01 14:00:28 +00:00
Ray Krueger
718eddadd7 Promoting OpenID out of the Sandbox 2008-01-27 02:57:57 +00:00