root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 18 Packages Projects Releases Wiki Activity
4,727 Commits 47 Branches 367 Tags 124 MiB
Commit Graph

4727 Commits

Author SHA1 Message Date
Rob Winch b1a6a574ac Merge pull request #159 from ractive/3.1.x 
SEC-2812: Fix german translations
 2015-01-14 16:29:47 -06:00
james 979badd550 SEC-2812: Fix german translations 2015-01-12 13:51:33 +01:00
Spring Buildmaster 2263a545ea Next development version 2014-08-15 11:39:31 -07:00
Rob Winch 0d86164a49 SEC-2547: Update to cas-client-core-3.3.3 2014-08-15 12:49:13 -05:00
Rob Winch b78bd897cd SEC-2688: CAS Proxy Ticket Authentication uses Service for host & port 2014-07-24 16:56:58 -05:00
Rob Winch 055eb72d60 Remove explict LDAP dir for integration tests 2014-06-18 09:50:17 -05:00
Rob Winch f4914b2271 Remove ApacheDSContainer import 2014-06-18 09:43:35 -05:00
Rob Winch 541aee8e3e SEC-2449: <ldap-server> default port should fallback to dynamic value 2014-06-18 09:34:49 -05:00
Rob Winch a6cab1be74 SEC-2606: ApacheDSServerIntegrationTests scan for available port 2014-06-12 12:28:40 -05:00
Rob Winch bbfcab0c81 SEC-2607: CAS Server logouts out synchronously 2014-06-12 12:28:40 -05:00
Spring Buildmaster 6e431e7d16 Next development version 2014-03-10 14:26:38 -07:00
Rob Winch 2eec67fe73 SEC-2507: Fix test imports 2014-03-10 15:09:36 -05:00
Rob Winch 88559882e9 SEC-2500: Prevent anonymous bind for ActiveDirectoryLdapAuthenticator 2014-03-10 14:43:59 -05:00
Rob Winch 9270845a21 SEC-2507: WebExpressionVoter.supports support subclasses of FilterInvocation 2014-03-10 14:43:56 -05:00
Spring Buildmaster 1d53dc5e5c Next development version 2014-02-19 07:12:15 -08:00
Rob Winch ac6cf5396a SEC-2468: JdbcUserDetailsManager#createNewAuthentication uses null credentials 2014-02-14 17:00:07 -06:00
james 5a2e99c940 SEC-2467: Fix Small errors in itest-web's jsps 2014-01-28 16:09:09 -06:00
Rob Winch 6f3c6f9b5b SEC-2447: JdbcMutableAclServiceTests should invoke aclCache.clearCache() 2013-12-14 10:20:31 -06:00
Rob Winch 1feb38048b Update to Gradle 1.9 
Necessary to work with the latest Bamboo and Artifactory Gradle updates
 2013-12-05 09:08:26 -06:00
Rob Winch 905c59f599 SEC-2313: Gradle javadoc hotfix 2013-09-11 15:42:53 -07:00
Rob Winch 241e984ea4 SEC-2171: Include Information about pooling in Spring LDAP documentation 2013-08-25 11:31:05 -05:00
Rob Winch 8053cb0de7 SEC-2103: Fix tests to verify debug logging instead of info 2013-08-25 10:05:48 -05:00
Rob Winch 889bba1d67 SEC-2103: Change log of no results to debug 2013-08-24 23:40:48 -05:00
Rob Winch f9fd448d88 SEC-2139: named-security-filter are all defined and ordered correctly 2013-08-24 15:20:23 -05:00
Rob Winch 7bf6046408 SEC-2108: Fix typo in ldap section of manual 2013-08-24 15:20:23 -05:00
Guillaume Smet 5dfeea7631 SEC-2245: Cast to interface instead of implementation 
Makes our life easier when we want to override the
MethodSecurityExpressionRoot.
 2013-08-05 17:06:09 -05:00
Luke Taylor f42720b1b6 SEC-2175: Correct XSD docs on auto-config. 2013-06-09 14:46:56 +01:00
Rob Winch 113e28a148 Update to next dev version - 3.1.5.CI-SNAPSHOT 2013-04-29 08:47:30 -05:00
Spring Buildmaster de6bcb80b9 [artifactory-release] Next development version 2013-04-27 13:05:38 -07:00
Rob Winch 102da87080 Disable artifactoryPublish for projects without artifacts 2013-04-27 13:56:12 -05:00
Rob Winch f1ae9da55e Remove ApacheDSContainerTests successfulStartupAndShutdown since it was commented out 2013-04-25 11:17:21 -05:00
Rob Winch 94e2e0c65e SEC-2161: <ldap-server> creates unique dir for embedded LDAP 2013-04-25 11:17:21 -05:00
Rob Winch fa3a30cc20 SEC-2162: ApacheDSContainer throws RuntimeException on failure to start 2013-04-25 11:17:21 -05:00
Rob Winch ee6e6ceafb SEC-2133: Update doc from ChannelAuthenticationFilter to ChannelProcessingFilter 2013-04-25 08:51:51 -05:00
Rob Winch 095594daea SEC-2147: Deprecate .encoding.PasswordEncoding 2013-04-25 08:49:33 -05:00
Rob Winch e9215c4dc3 SEC-2087: GlobalMethodSecurityBeanDefinitionParser uses AuthenticationManager to create AuthenticationManagerDelegator 2013-04-24 17:30:51 -05:00
@fbiville 0d70c703df SEC-2138: Fix code snippet in Hierarchical Roles section 
The bean definition of RoleHierarchyVoter was syntactically incorrect.
 2013-02-26 09:47:02 -06:00
Rob Winch 73710bf7b8 Add CONTRIBUTING.md 2013-02-25 17:14:21 -06:00
Jean-Pierre Bergamin ca5501eb31 SEC-2118: Fixing spring and aspectj OSGi version ranges [3.2, 3.2) -> [3.2, 3.3) 2013-02-25 17:10:07 -06:00
Rob Winch c703806fa2 Revert "SEC-2078: AbstractPreAuthenticatedProcessingFilter requriesAuthentication support for non-String Principals" 
This reverts commit 3fe7791266.
 2012-12-06 16:16:50 -06:00
Rob Winch 67eb9821f3 Revert "SEC-2078: Updated Javadoc to reflect that updates to Principal will also trigger reauthentication" 
This reverts commit ece4a0f067.
 2012-12-06 16:16:33 -06:00
Rob Winch 7b93ffd5d4 SEC-2078: Updated Javadoc to reflect that updates to Principal will also trigger reauthentication 2012-12-06 09:05:21 -06:00
Rob Winch 5fa252b848 SEC-2078: AbstractPreAuthenticatedProcessingFilter requriesAuthentication support for non-String Principals 
Previously, if the Principal returned by getPreAuthenticatedPrincipal was not a String,
it prevented requiresAuthentication from detecting when the Principal was the same.
This caused the need to authenticate the user for every request even when the Principal
did not change.

Now requiresAuthentication will check to see if the result of
getPreAuthenticatedPrincipal is equal to the current Authentication.getPrincipal().
 2012-12-04 13:04:41 -06:00
Rob Winch 87c3c7edb9 Use AspectJMethodSecurityInterceptor in reference 
Change reference to use AspectJMethodSecurityInterceptor instead of
undefined AspectJSecurityInterceptor.
 2012-12-04 10:07:30 -06:00
Rob Winch 7f342f3321 SEC-2074: Update reference to use <method-security-metadata-source> 2012-12-04 10:07:30 -06:00
Rob Winch 2f6325f651 SEC-2084: AntPathRequestMatcher and RegexpRequestMatcher support request.getMethod() 
Previously a NullPointerException would occur if an HttpServletRequest.getMethod()
returned null.

Now AntPathRequestMatcher and RegexpRequestMatcher will handle if the
HttpServletRequest.getMethod() returns null. While under normal circumstances,
it is unlikely for the method to be null this can occur when using
DefaultWebInvocationPrivilegeEvaluator.isAllowed(String, Authentication).
 2012-12-03 15:08:37 -06:00
Rob Winch e3f53908af SEC-2072: <security:anonymous> granted-authority supports multiple authorities again 2012-11-02 16:23:37 -05:00
Rob Winch 4d1127106b Add 3.1.x suffix to eclipse projects 2012-11-02 10:00:45 -05:00
Rob Winch c0dfb70ca0 Added generatePom task 
This can be used to generate the pom.xml for adding the Spring Security
snapshot jars as a Maven Dependency to another project. For example,
if mywebapp requires the Spring Security 3.1.4.CI-SNAPSHOT jars one
could generate the pom.xml files and then use that to convert the project
into a valid Maven project within the IDE. Then the SNAPSHOT dependendies
could be added to mywebapp. This prevents the need to install the SNAPSHOT
dependencies in the local Maven repository.
 2012-11-01 15:18:10 -05:00
Rob Winch 78cbdd2c93 Reserve Server Ports in integrationTests 
Previously the build would look up a server port dynamically, but since
it closed the port immediately it may not be reserved by the time jetty
started up.

We now reserve the port and do not close it till just before Jetty starts.
While there is still a race condition, it is much smaller window of time
than it was previously.
 2012-11-01 11:14:50 -05:00