Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-18 15:27:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,047 Commits 38 Branches 351 Tags
Commit Graph

81 Commits

Author SHA1 Message Date
Rob Winch
5dedbb6283 Update to jackson-databind-2.8.11.1 
Fixes: gh-5101
 2018-03-09 13:55:49 -06:00
Josh Cummings
72080bb5fe Authorities authenticate TestingAuthenticationToken 
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5097
 2018-03-09 13:27:27 -06:00
Rob Winch
da19435f21 Fix assertj 
Fix for 4.2.x
 2017-11-02 14:41:02 -05:00
Antoine
21efbb6ba7 Polish AssertJ assertions 
Fixes gh-4770
 2017-11-02 14:40:53 -05:00
Rob Winch
9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Rob Winch
f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Rob Winch
8ad0003456 Polish Whitespace 
Issue gh-3736
 2016-09-02 11:37:21 -05:00
Rob Winch
3531cc93c2 JSON tests ObjectMapper Cleanup 
* Move to @Setup
* Consistently extend from AbstractMixinTests and reuse ObjectMapper

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
bd925313af Improve Readablility of JSON test strings 
This improves the readability of the JSON strings used for
testing JSON serialize / deserialize of Spring Security

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
d4c48dd3e1 Remove MockitoJUnitRunner from JSON tests 
Previously the JSON tests unnecessarily had MockitoJUnitRunner.

This commit removes MockitoJUnitRunner from the JSON tests.

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
df613ed4cc JSON UserDetails deserializes null 
JSON UserDetails null use to be treated as "".

This changes null to be treated as a null

Issue gh-3736
 2016-09-02 11:37:16 -05:00
Rob Winch
3fb77f3b59 Polish SecurityJacksonModules 
Issue gh-3736
* ClassLoader argument - this is required because we do not want to assume
the ClassLoader that should be used
* Clean up logging - logging is now at debug level because we don't expect
all of the modules are loaded (they are quite possibly off the ClassPath)
* Remove ObjectUtils as it was being used on methods that expect a
Collection or Array with non collection based objects
* Polish Javadoc warnings
 2016-09-02 11:37:13 -05:00
Rob Winch
c2d8ea92d0 SimpleGrantedAuthorityMixin role->authority 
Issue gh-3736
 2016-09-02 11:36:33 -05:00
Rob Winch
6f2b24a62b Polish JSON warnings / javadoc 
Issue gh-3736
 2016-09-02 11:36:23 -05:00
Rob Winch
6d2003722e Polish JSON class scope 
Use package scope when possible

Issue gh-3736
 2016-09-02 11:36:06 -05:00
Rob Winch
03d8904a03 Polish constructor assertions 
Previously the JSON modules didn't use Spring's Assert.

This commit changes the assertions to use Spring's Assert and does
some minor restructuring.

Issue gh-3736
 2016-09-02 11:34:57 -05:00
Jitendra Singh Bisht
d77ca17e95 Add JSON Serialization 
Fixes gh-3812
 2016-09-02 11:29:53 -05:00
Eddú Meléndez
a2ead4cf7a Polish 
Fixes gh-3892
 2016-06-20 12:35:43 -05:00
Johnny Lim
933a7e8363 Remove duplicate words 
Fixes gh-3826
 2016-04-18 23:21:20 -05:00
Rob Winch
f221920a19 Clean up code to conform to basic checkstyle 
Issue gh-3746
 2016-03-14 00:15:12 -05:00
Billy Korando
71d4ce96ad Convert to assertj 
Fixes gh-3175
 2016-03-09 14:30:17 -06:00
Rob Winch
bb600a473e Start AssertJ Migration 
Issue gh-3175
 2016-03-09 14:26:30 -06:00
Rob Winch
4fdfb8caba SEC-2915: More Tabs -> Spaces 2015-04-17 11:34:34 -05:00
Rob Winch
ae6af5d73c SEC-2915: Updated Java Code Formatting 2015-03-25 13:09:18 -05:00
Rob Winch
c67ff42b8a SEC-2783: XML Configuration Defaults Should Match JavaConfig 
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
 2014-12-08 15:09:15 -06:00
Rob Winch
6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Rob Winch
02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch
934937d9c1 SEC-2688: CAS Proxy Ticket Authentication uses Service for host & port 2014-08-15 16:41:33 -05:00
Rob Winch
086056f191 SEC-2289: Make compatible with Spring 4 as well 
There are a few subtle changes in Spring 4 that this commit addresses
 2013-08-27 16:43:10 -05:00
Rob Winch
f5a30e55a3 SEC-2042: AbstractAuthenticationProcessingFilter supports RequestMatcher 2013-07-23 13:06:51 -05:00
Rob Winch
6b81f97081 SEC-2114: Polishing Spring Based Cache 2013-01-04 11:33:46 -06:00
Marten Deinum
01ea39ce35 SEC-2114: Provide Spring Cache Abstraction based cache implementations 
As of Spring 3.1 spring has its own cache abstraction. This commit adds cache
imlpementations based on that abstraction.
 2013-01-04 11:33:27 -06:00
Luke Taylor
8178371927 SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes 2011-04-21 19:55:32 +01:00
Rob Winch
a76a947b12 SEC-965: Added support for CAS proxy ticket authentication on any URL 2011-04-17 18:00:35 -05:00
Rob Winch
3f7f87e19f SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests. 
The fix moves CommonUtils.readAndRespondToProxyReceptorRequest into CasAuthenticationFilter.attemptAuthentication. This makes sense since
The CAS server is authenticating that the proxy url is valid (i.e. it exists and the SSL handshake succeeds). It also allows the FilterChain
to not be processed by returning a null Authentication.
 2011-01-27 09:25:01 -06:00
Luke Taylor
4a40d80da1 SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. 
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
 2010-12-03 16:41:46 +00:00
Luke Taylor
4ad0652787 Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken. 2010-12-01 20:52:37 +00:00
Luke Taylor
d64efe9747 SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object. 2010-11-25 15:19:37 +00:00
Luke Taylor
d1e8b8e29d More tests. Minor refactoring. 2010-08-24 20:57:45 +01:00
Luke Taylor
85c4c91e0e IDEA inspection refactorings. 2010-08-05 23:28:07 +01:00
Luke Taylor
0e57ce2dc3 SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection. 2010-05-21 15:59:50 +01:00
Luke Taylor
74896f217b SEC-1459: Generifying AuthenticationUserDetailsService. Now parameterized with <? extends Authentication>. 2010-04-20 23:47:47 +01:00
Luke Taylor
977bc2b164 SEC-1433: Reduce the number of direct dependencies on DataAccessException from spring-tx. 
It is still required as a compile-time dependency by classes which use Spring's JDBC support, but it doesn't really have to be used in many interfaces and classes which are not necessarily backed by JDBC implementations.
 2010-03-26 18:05:28 +00:00
Luke Taylor
36612377e2 Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents. 2010-02-14 23:23:23 +00:00
Luke Taylor
052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Scott Battaglia
7e817b9640 NOJIRA formatting fix 2009-12-24 14:40:24 +00:00
Scott Battaglia
4afe6c2c6a SEC-1341 
made it more extensible
 2009-12-24 14:39:40 +00:00
Luke Taylor
aeed49393c Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting). 2009-12-18 18:44:42 +00:00
Luke Taylor
a5ed2e579e Refactored CAS test to remove dependency on core tests jar. 2009-12-07 21:40:53 +00:00
Scott Battaglia
46ef4239ca SEC-1228 
added NO_PASSWORD instead of passing in NULL since the User object does not allowe NULL for the password.
 2009-11-18 15:19:55 +00:00