Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,744 Commits 29 Branches 320 Tags 104 MiB
Commit Graph

4744 Commits

Author SHA1 Message Date
Luke Taylor a1c714cff4 SEC-1754: Added an InvalidSessionStrategy to allow SessionManagementFilter to delegate out the behaviour when an invalid session identifier is submitted. 2011-07-14 16:43:02 +01:00
Luke Taylor ac3d8b25f2 Expand LDAP authentication FAQ with information about bind authentication and unreadable password attributes. 2011-07-14 13:13:39 +01:00
Luke Taylor 8440743108 Remove Sql query objects from JdbcTokenRepositoryImpl in favour of direct JdbcTemplate use. 2011-07-13 23:28:41 +01:00
Luke Taylor 89fa771093 SEC-1753: Cater for missing DiscoveryInformation object in OpenID4JavaConsumer.endConsumption. 2011-07-13 22:29:47 +01:00
Luke Taylor 700fa9e0b6 SEC-1772: remote URL decoding of targetUrlParameter in AbstractAuthenticationTargetUrlRequestHandler. 2011-07-13 22:13:52 +01:00
Luke Taylor de97bac85b SEC-1763: Prevent nested switches in SwitchUserFilter by calling attemptExitUser() before doing the switch. 2011-07-13 21:59:11 +01:00
Luke Taylor a504cfae1a SEC-1770: Call refreshLastRequest on the session registry rather than the SessionInformation object to make sure it works with alternative SessionRegistry implementations. 2011-07-13 20:56:47 +01:00
Luke Taylor d5946b81b4 Added FAQ on how to add ApacheDS entries to pom. 2011-07-13 17:50:29 +01:00
Luke Taylor c117c643df SEC-1782: Javadoc correction for LdapAuthenticationProvider. 2011-07-12 01:50:24 +01:00
Rob Winch 330f82f562 SEC-1777: Corrected log in HttpSessionSecurityContextRepository to reference itself instead of HttpSessionContextIntegrationFilter 2011-07-09 19:24:12 -05:00
Florian Fankhauser 2e83d98c8f SEC-1776: Corrected typo in manual 2011-07-09 19:24:12 -05:00
Rob Winch 825f0061fb SEC-1761: Support HttpOnly Flag for Cookies when using Servlet 3.0 2011-07-09 19:23:51 -05:00
Luke Taylor 56e86dd36f Adding assertions on constructor arg values. 2011-07-06 20:50:25 +01:00
Luke Taylor f92589f051 Extract a SecurityFilterChain interface and create a default implementation to facilitate other configuration options. 2011-07-06 00:12:48 +01:00
Luke Taylor 2d271666a4 Add constructors to facilitate constructor-based injection for required/shared bean properties. 2011-07-05 20:25:49 +01:00
Luke Taylor 73442125de SEC-1775: Removed internal use of UserAttribute class in AnonymousAuthenticationFilter. 2011-07-04 21:09:48 +01:00
Luke Taylor 5d20f57fa8 Import cleaning. 2011-07-02 20:36:42 +01:00
Luke Taylor b15475ab3d SEC-1771: Change TokenBasedRememberMeServices to obtain password from UserDetailsService if necessary. 2011-07-02 20:36:42 +01:00
Luke Taylor 737a9d1825 Improved toString methods on request wrappers. 2011-07-02 20:36:41 +01:00
Rob Winch 85807fdfd0 Removed @Overrides from method that implements interface instead of overriding superclass to resolve Java 1.5 error 2011-06-21 07:22:35 -05:00
Rob Winch c3a3a5bfbf Updated core.gradle to include crypto as referenced project in eclipse 2011-06-21 07:22:35 -05:00
Luke Taylor d253f5e109 SEC-1768: Use AopProxyUtils.ultimateTargetClass() to cater for the situation where the security interceptor is being applied to a proxy. 2011-06-18 14:35:56 +01:00
Luke Taylor 5a1ddc660b SEC-1768: Added tests to reproduce "double-proxying" issue combining intercept-methods and tx-annotation-driven. Problem is caused by use of ProxyFactoryBean with auto-proxying. 2011-06-18 14:32:31 +01:00
Luke Taylor b0a60a7ff2 Reset to snapshot version. 2011-06-17 11:49:18 +01:00
Luke Taylor 926be1ca78 Intermediate crypto release version. 2011-06-17 11:46:19 +01:00
Luke Taylor 2861a951aa Minor FAQ update on version info. 2011-06-17 11:45:56 +01:00
Luke Taylor 1f1faa6da0 Use getClass() in logger instantiation in AbstractLdapAuthenticationProvider. 2011-06-15 14:06:57 +01:00
Luke Taylor d9ccebd565 Add crypto module to LDAP bundlor template 2011-06-15 11:47:29 +01:00
Luke Taylor 89b7b2b935 SEC-1764: Remove use of Java 6 method Arrays.copyOfRange. 2011-06-15 11:22:17 +01:00
Luke Taylor 571bfc4869 Refactoring to use Utf8 encoder instead of String.getBytes("UTF-8"). 2011-06-14 18:47:50 +01:00
Luke Taylor 361b77685d Add crypto as an exported dependency of core in IDEA configuration. 2011-06-14 18:47:49 +01:00
Luke Taylor 2b8d4684a1 SEC-1764: Ensure password encoders use UTF-8 charset when creating strings from byte arrays. 2011-06-14 18:47:49 +01:00
Luke Taylor dc92baa257 Remove truststore settings from tutorial sample as they aren't required. 2011-06-13 15:03:51 +01:00
Luke Taylor e4ecdd55f6 Enable https in tutorial sample. 2011-06-13 13:45:09 +01:00
Luke Taylor 52c0ee6756 Improve error reporting of missing web classes in namespace handler. Now catches and logs the class-loading error. 2011-06-13 13:39:55 +01:00
Luke Taylor e27f655e9d SEC-1689: Re-instate crypto as separate library (for use in non-Spring Security apps), as well as packaging with core. 2011-06-10 00:01:25 +01:00
Luke Taylor ecfffaaa3f Make aspectj dependencies optional throughout and spring-jdbc/tx optional in core poms. Reduces exclusions required in third-party poms (e.g. spring-social). 2011-06-09 22:57:49 +01:00
Luke Taylor 80fd96df6d SEC-1650: Updates and corrections to tutorial sample to fit better with new tutorial. 2011-06-07 16:46:38 +01:00
Luke Taylor 685f12c5a0 SEC-1733: Support explicit zero netmask correctly. 2011-06-07 12:15:07 +01:00
Rob Winch c9b328d8c7 SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts 2011-06-02 21:19:01 -05:00
Luke Taylor 132163ec2e Add FAQ on accessing password from a UserDetailsService. 2011-05-26 18:38:45 +01:00
Luke Taylor f5f410ae3b Clean unused imports. 2011-05-25 20:39:16 +01:00
Luke Taylor ec97b70df9 SEC-1668: Allow customization of username parameter in SwitchUserFilter. 2011-05-25 20:03:02 +01:00
Luke Taylor 6d04670f87 SEC-1695: Allow customization of the session key under which the SecurityContext is stored. 2011-05-25 19:51:47 +01:00
Luke Taylor 42e0e158b4 Simplify Digester utility class. 2011-05-25 19:09:08 +01:00
Luke Taylor 84902ebb50 Javadoc correction. 2011-05-24 12:01:04 +01:00
Luke Taylor b53d430798 Doc update to reflect change in cas integration module name since 3.0. 2011-05-23 21:29:40 +01:00
Luke Taylor 21295a58e5 SEC-1751: Applied patch to use zero-IV for queryable text encryption. 2011-05-23 20:10:16 +01:00
Luke Taylor 5a4aed238c SEC-1752: Fixed Utf8 codec to take account of the limit of the ByteBuffer returned by CharsetEncoder.encode(). 2011-05-23 18:55:25 +01:00
Luke Taylor e8a1a6e40b Added spring-expression to config module testCompile to fix build. 2011-05-19 23:50:35 +01:00