d7f202a111
Addition of final to constructor set fields to improve immutability of authentication and user objects
2009-04-22 04:11:38 +00:00
93bdcccaee
SEC-1132: Moved userdetails into core and added core/authority sub-package
2009-04-15 07:39:21 +00:00
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
2009-04-13 13:43:23 +00:00
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
2009-04-12 12:23:23 +00:00
f746a20ab4
SEC-1132: package refactoring of non-core modules
2009-03-27 05:01:03 +00:00
bec84f874a
SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.
2009-03-26 07:18:36 +00:00
2a9a8a41db
SEC-1125: Created separate web module spring-security-web
2009-03-25 06:28:18 +00:00
ddffdf1699
SEC-745: Renamed failureHandler and successHandler to have prefix 'authentication'
2008-12-28 17:32:25 +00:00
40ccd3be11
SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument.
2008-12-15 01:25:12 +00:00
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
2008-12-14 22:20:21 +00:00
10e4d1fe1a
SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver.
2008-12-12 22:30:57 +00:00
e5b1073501
SEC-1012: Added more generics and warning suppression
2008-11-11 09:06:50 +00:00
ec44f2bdfe
SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections
2008-10-31 03:53:00 +00:00
3393ea7aaa
SEC-923: Realm support for discovering relying parties.
...
A new "realmMapping" property can be configured on the OpenIDAuthenticationProcessingFilter to map the "return_to" url to a realm. If there is no mapping present the "return_to" url will be parsed and the protocol, hostname and port will be used with a trailing "/"
2008-07-31 19:23:12 +00:00
15b893f9ae
SEC-809: OpenIDProcessingFilter updated to set authentication details (to make compatible with concurrent session control).
2008-05-12 20:05:24 +00:00
b62ad5b097
SEC-722: Changed openID filter to use its owen ordering value as it may be used together with form login.
2008-03-20 19:55:32 +00:00
5ba7091a20
SEC-690: Use consistent naming in OpenID classes
...
http://jira.springframework.org/browse/SEC-690
2008-02-29 12:52:13 +00:00
5e204e23f3
SEC-536: Introduced UserDetailsChecker strategy to extract code for checking status of accounts and allowing variation in pre/post authentication checks made by AbstractUserDetailsAuthenticationProvider
2008-02-15 18:05:12 +00:00
bd5a64825d
SEC-552: Replaced authorites populators in CAS and OpenID with a plain UserDetailsService
2008-02-08 13:23:43 +00:00
c0e2842f90
General cleanup and removal of unused stuff
2008-02-01 16:32:20 +00:00
e42fdf29ae
Don't add exception to session if allowSessionCreation is false.
2008-02-01 16:03:56 +00:00
abe62f9146
Modified to store the login name in the session when login fails, so that it is available to the view (as in AuthenticationProcessingFilter).
2008-02-01 16:00:46 +00:00
677012a5de
Added Robin as author.
2008-02-01 15:20:37 +00:00
0d9c1924fb
Added check for null consumer, removed unused "errorPage" property.
2008-02-01 14:00:28 +00:00
718eddadd7
Promoting OpenID out of the Sandbox
2008-01-27 02:57:57 +00:00
Luke Taylor
Ray Krueger