Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,918 Commits 34 Branches 337 Tags
Commit Graph

1627 Commits

Author SHA1 Message Date
Luke Taylor
43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor
2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor
a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor
8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor
83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex
0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex
f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor
f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor
18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00
Luke Taylor
028af06d61 SEC-428: Security interceptor does not work with schema based aop:config 
http://jira.springframework.org/browse/SEC-428. Fixed broken test method.
 2008-03-24 22:43:08 +00:00
Luke Taylor
a375d8e59e SEC-428: Added test 2008-03-24 20:50:58 +00:00
Luke Taylor
1dd5f42142 Adding svn keywords, correcting typos etc. 2008-03-24 20:48:45 +00:00
Ben Alex
9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Ben Alex
6ab301981c Update dependency versions and POM structure. 2008-03-24 09:05:44 +00:00
Luke Taylor
fe0e05a6c8 SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 
http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
 2008-03-23 22:38:13 +00:00
Luke Taylor
b54e3978dc SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc 2008-03-23 00:31:32 +00:00
Luke Taylor
30a6abbe50 Tidied formatting of toString output for FilterBasedLdapUserSearch 2008-03-22 21:40:54 +00:00
Luke Taylor
162933155e Added implementation of GrantedAuthoritiesContainer to allow refactoring of duplication in various preauth details classes 2008-03-22 19:29:13 +00:00
Luke Taylor
2ea94e2cc9 Tidying imports etc 2008-03-22 11:44:28 +00:00
Luke Taylor
563dabda2f SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
 2008-03-21 23:47:09 +00:00
Luke Taylor
b89dbc6060 Import cleaning 2008-03-21 21:51:48 +00:00
Luke Taylor
9871685ea3 SEC-722: Fixed problem with empty loginpage string (rather than null) preventing default login page filter from being added to the stack. 2008-03-21 21:50:26 +00:00
Luke Taylor
b73736ffaf Updated example configuration in javadoc for LdapAuthenticationProvider. 2008-03-21 17:12:22 +00:00
Ben Alex
16ea8faa0d SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4. 2008-03-21 02:15:47 +00:00
Luke Taylor
acc22b2745 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added check for MAIN_ENTRY_POINT bean when resolving entry points. If this has been set during parsing it will be used.
 2008-03-20 20:11:34 +00:00
Luke Taylor
815f04b6c3 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added element to namespace and modified form login parser to handle open id element. Also added openID support to login page generator.
 2008-03-20 20:05:11 +00:00
Luke Taylor
bbc5fea598 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added extra constants for OpenID support.
 2008-03-20 19:51:59 +00:00
Luke Taylor
d333655b0b Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom 2008-03-20 19:43:55 +00:00
Luke Taylor
56b967f935 Removed filer name duplication in rnc file. 2008-03-20 15:10:21 +00:00
Luke Taylor
a65b5a9ed8 Corrected separators between http method strings in rnc file. 2008-03-20 14:56:02 +00:00
Luke Taylor
8f379768a8 SEC-720: Design for extension: PreAuthenticatedGrantedAuthoritiesUserDetailsService 
http://jira.springframework.org/browse/SEC-720. Added createUserDetails method to allow custom UserDetails object t be created.
 2008-03-19 18:29:38 +00:00
Luke Taylor
030550a88e Applied XSL transform to XSD file 2008-03-19 17:04:39 +00:00
Luke Taylor
f8d855f1a2 SEC-716: Default (non-web) AuthenticationDetailsSource implementation. 2008-03-18 18:45:38 +00:00
Luke Taylor
c9ff912b2f SEC-723: Change PreAuthenticatedAuthenticationProvider to reject authentication tokens with null credentials. Also introduced a property "throwExceptionWhenTokenIsRejected" which raises a BadCredentialsException when the toke is invalid. 2008-03-18 18:29:48 +00:00
Luke Taylor
163fb1052f SEC-721: Call Principal.getName() in AbstractAuthenticationToken.getName() if principal instaceof Principal 2008-03-18 18:06:56 +00:00
Luke Taylor
2df2eaa169 SEC-719: Introduced base class for J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource to extract non-http specific functionality (for use in portlet version). 2008-03-18 17:22:02 +00:00
Luke Taylor
52b92b209c Removed out of date email address for Ben. 2008-03-17 22:44:13 +00:00
Luke Taylor
8f7b216de3 Import cleaning, removal of unnecessary constructors etc based on eclipse warnings 2008-03-17 14:10:22 +00:00
Luke Taylor
abd5e384fe removed unused eh-cache config file 2008-03-17 14:07:19 +00:00
Luke Taylor
60de6314d4 Replaced casting to check validity of provider list with call to Assert.isInstanceof. 2008-03-17 13:50:37 +00:00
Ben Alex
e4c6022b36 SEC-718: Support additional HTTP methods. 2008-03-16 04:14:21 +00:00
Ben Alex
6bc0585e4a SEC-717: Resolve UserDetails.getAuthorities() sort logic issue. 2008-03-16 04:02:55 +00:00
Luke Taylor
5743763599 SEC-625: Remove references to FilterToBeanProxy 2008-03-13 18:52:31 +00:00
Luke Taylor
5d6ec8ed71 SEC-702: Updated use of UsernameNotFoundException to set extraInformation property 2008-03-13 16:49:19 +00:00
Luke Taylor
712f1770d9 SEC-714: Refactor PreAuthenticatedGrantedAuthoritiesSetter and PreAuthenticatedGrantedAuthoritiesRetriever 
http://jira.springframework.org/browse/SEC-714
 2008-03-13 16:03:18 +00:00
Luke Taylor
42a80931c1 SEC-671: Changed AuthenticationDetailsSource to take an object as argument instead of an HttpServletRequest and renamed AuthenticationDetailsSourceImpl to WebAuthenticationDetailsSource. Also removed some preauth dependencies on commons lang 2008-03-13 14:42:38 +00:00
Luke Taylor
df0d52ada7 SEC-708: Improve generation of XSD file from Relax NG schema 
http://jira.springframework.org/browse/SEC-708. Committed XSL transformed XSD file and some minor changes to organisation of RNC file.
 2008-03-13 10:33:28 +00:00
Luke Taylor
3a364a3343 SEC-713: Made MethodDefinitionAdvisor an infrastructure bean as required by Spring 2.0.7+ and upgraded to Spring 2.0.8 2008-03-11 17:53:04 +00:00
Luke Taylor
089bffa10f SEC-712: HttpSessionContextIntegrationFilter "context" property should be renamed 
http://jira.springframework.org/browse/SEC-712
 2008-03-11 14:16:40 +00:00
Luke Taylor
ed08ba10ba Added test file for CustomAuthenticationProviderBeanDefinitionDecorator 2008-03-11 13:50:53 +00:00