Luke Taylor
|
cb237055ac
|
SEC-600: Added Jdbc implementation of UserDetailsManager
|
2007-11-13 17:11:29 +00:00 |
|
Luke Taylor
|
81067840ef
|
SEC-485: Added calculateLoginLifetime method.
|
2007-11-13 01:16:27 +00:00 |
|
Luke Taylor
|
b681952933
|
SEC-545: Added utility methods for checking if user has a particular role to existing AuthorityUtils class. Class may be renamed at some point as more functionality is added.
|
2007-11-11 23:37:32 +00:00 |
|
Luke Taylor
|
315d4a247f
|
Added method to clear datasource field after use.
|
2007-11-11 23:10:21 +00:00 |
|
Luke Taylor
|
910e63f83c
|
SEC-586: Implemented secure channel support in namespace configuration.
|
2007-11-11 22:07:46 +00:00 |
|
Luke Taylor
|
c214f4a9bc
|
Simplified initialization of datasource.
|
2007-11-11 22:06:22 +00:00 |
|
Luke Taylor
|
4f3bbb52f6
|
Pulled methods and fields up into AbstractFilterInvocationDefinitionSource to make it easier to query the map size etc, regardless of the specific type.
|
2007-11-11 19:29:11 +00:00 |
|
Luke Taylor
|
28a138f8ec
|
Converted to use guard clause to reduce nesting.
|
2007-11-11 19:22:51 +00:00 |
|
Luke Taylor
|
756be6fed3
|
Removed unnecessary constructor.
|
2007-11-11 19:10:47 +00:00 |
|
Luke Taylor
|
964e6911a7
|
Added RememberMeServices to list of logout handlers.
|
2007-11-11 18:11:18 +00:00 |
|
Luke Taylor
|
2856a6ba43
|
Allow configuration of embedded ldap server port through ldap namespace configuration. Changed default port from 3389 to avoid conflict with windows remote desktop (as reported by Ray Krueger in dev list).
|
2007-11-11 16:10:30 +00:00 |
|
Luke Taylor
|
0e7dac6ca5
|
SEC-565: Refactoring of TokenBasedRememberMeServices. Changed arguments to makeValidSignature so that it could be used from both places where a signature is required and refactored the class to extend AbstractRememberMeServices. The method processAutoLoginCookie now returns a UserDetails, rather than username, as the UserDetails is needed in TokenBasedRememberMeServices.
|
2007-11-10 19:20:36 +00:00 |
|
Luke Taylor
|
1a5ef2dece
|
SEC-588: Completed JdbcTokenRepositoryImpl and added extra update method to PersistentTokenRepository interface (additional files from failed commit).
|
2007-11-10 15:56:07 +00:00 |
|
Luke Taylor
|
7caa1587b3
|
SEC-588: Completed JdbcTokenRepositoryImpl and added extra update method to PersistentTokenRepository interface.
|
2007-11-10 15:42:21 +00:00 |
Scott Battaglia
|
87a864619d
|
SEC-592
fixed failing test due to thinking a null value should be provided.
|
2007-11-07 21:44:15 +00:00 |
|
Scott Battaglia
|
981f185575
|
SEC-592
implemented NullStatelessTicketCache and test cases and made it the default for CasAuthenticationProvider.
|
2007-11-07 18:46:35 +00:00 |
|
Luke Taylor
|
0a50cd67ce
|
Tidied up logic for setting token repository in RememberMeBeanDefinitionParser. Plus some tinkering with attributes in rnc file.
|
2007-11-07 13:29:15 +00:00 |
|
Luke Taylor
|
9fa32bac7c
|
SEC-578: Set FilterInvocationDefinitionSource field in FilterChainProxy to null after it has been converted to a map of paths->filters.
|
2007-11-06 23:58:56 +00:00 |
|
Luke Taylor
|
9f2bc9a842
|
SEC-582: Namespace configuration implementation for remember-me support.
|
2007-11-06 23:20:25 +00:00 |
|
Luke Taylor
|
b868143fb1
|
Make sure "start" is called even if working directory is already set.
|
2007-11-06 22:18:13 +00:00 |
|
Luke Taylor
|
7ad8e2acf0
|
SEC-591: Removed default NullRememberMeServices in RememberMeProcessingFilter
|
2007-11-06 21:43:37 +00:00 |
|
Luke Taylor
|
4c44bd782f
|
SEC-588: Added extra tests to check cookie values.
|
2007-11-04 12:07:49 +00:00 |
|
Luke Taylor
|
55b1f9348d
|
SEC-588: PersistentTokenBasedRememberMeServices implementation.
|
2007-11-03 22:11:26 +00:00 |
|
Luke Taylor
|
8b199d38ed
|
Refactored autoLogin method to reduce nesting of conditionals and loops.
|
2007-10-30 21:09:47 +00:00 |
|
Luke Taylor
|
d7b6ca281a
|
Removed unused "autodetect" method.
|
2007-10-27 11:50:38 +00:00 |
|
Luke Taylor
|
43fc8e2660
|
Added Id keyword for all java files
|
2007-10-27 00:45:30 +00:00 |
|
Luke Taylor
|
d3b165749f
|
SEC-583: Implementation of namespace config for concurrent session support.
Also some minor adjustments to ordering of different http features in schema.
|
2007-10-27 00:28:24 +00:00 |
|
Luke Taylor
|
334d55b12e
|
Tidying.
|
2007-10-27 00:26:25 +00:00 |
|
Luke Taylor
|
685d74d81b
|
FilterSecurityInterceptor is now configured through ConfigUtils, rather than by autowiring.
|
2007-10-27 00:25:59 +00:00 |
|
Luke Taylor
|
0185dc5a90
|
Moved registration of ProviderManager bean to ConfigUtils.
|
2007-10-27 00:24:16 +00:00 |
|
Luke Taylor
|
06ce4b79e9
|
SEC-584: Remove use of default SessionRegistryImpl.
|
2007-10-27 00:23:21 +00:00 |
|
Luke Taylor
|
0cdac4912a
|
Changed to use a BeanReference when creating default login page to prevent duplication of filter bean.
|
2007-10-27 00:20:55 +00:00 |
|
Luke Taylor
|
3d9ea49d19
|
SEC-585: Made expiredUrl optional.
Also implemented Ordered interface for use in namespace configuration.
|
2007-10-26 23:32:40 +00:00 |
|
Luke Taylor
|
55ef50a4df
|
Added checking of path ordering to FilterChainProxy to detect misplaced universal match ("/**").
|
2007-10-26 13:51:32 +00:00 |
|
Luke Taylor
|
1bcb62af2e
|
Remove use of autoconfig, as it was really just a conveniece for creating default access and authentication managers.
|
2007-10-26 13:05:31 +00:00 |
|
Luke Taylor
|
700de0d388
|
Tidying.
|
2007-10-25 15:07:15 +00:00 |
|
Luke Taylor
|
03e285c31d
|
Moved responsability for creating AuthenticationManager into AuthenticationProviderBeanDefinitionParser. Tidied up SecrityNamespaceHandler.
|
2007-10-25 14:21:45 +00:00 |
|
Luke Taylor
|
3927ba9ed0
|
SEC-578: Removed additional FilterChainMap reference.
|
2007-10-25 13:40:51 +00:00 |
|
Luke Taylor
|
7ef57c67ed
|
SEC-578: Removed FilterChainMap class
|
2007-10-25 11:51:51 +00:00 |
|
Luke Taylor
|
fb72fa82de
|
Changed comment to remove reference to FilterChainMap.
|
2007-10-22 23:56:01 +00:00 |
|
Luke Taylor
|
acf3966651
|
SEC-578: Refactored to remove FilterChainMap and use a LinkedHashMap instead to maintain the path ordering. Also made use of Springs ManagedList and ManagedMap to preform resolution of bean names to Filter objects at runtime, replacing the unnecessary bean which was performing this task for the filter lists.
|
2007-10-22 23:52:29 +00:00 |
|
Luke Taylor
|
b9cfae5903
|
Exception for flagging errors in namespace config.
|
2007-10-20 23:18:41 +00:00 |
|
Luke Taylor
|
2d3d5ceb8d
|
Tidying.
|
2007-10-20 23:17:56 +00:00 |
|
Luke Taylor
|
cffd3131f0
|
Added building of filter chain in post-processing, support for basic authentication and automatic generation of login page, if no loginUrl supplied.
|
2007-10-20 23:17:01 +00:00 |
|
Luke Taylor
|
f0d8db5ce6
|
Store the default order values of security filters.
|
2007-10-20 23:12:41 +00:00 |
|
Luke Taylor
|
7afa99a21a
|
Security filter base class.
|
2007-10-20 23:10:53 +00:00 |
|
Luke Taylor
|
a6a372a5ab
|
SEC-568: Added the decorated for filter-chain-map to the namespace handler registry.
|
2007-10-20 23:10:28 +00:00 |
|
Luke Taylor
|
2b14d2da98
|
Make Spring Security filters implement the Ordered interface, for use when post-processing the application context
|
2007-10-20 23:09:23 +00:00 |
|
Luke Taylor
|
9b8c06e9f6
|
SEC-568: Introduced FilterChainMap as a simpler option for configuring FilterChainProxy and introduced a namespace-based for configuring it. The Url pattern matching is factored out into a separate strategy with ant and regex versions.
|
2007-10-20 23:05:03 +00:00 |
|
Luke Taylor
|
d6fe97de43
|
Latest updates to namespace configuration.
|
2007-10-20 22:58:59 +00:00 |
|
Luke Taylor
|
28d04c1759
|
Removed unnecessary casts, corrected incomplete comment and reformatted code.
|
2007-10-19 11:53:26 +00:00 |
|
Luke Taylor
|
380b22f50d
|
Removed unused autodetect method and reformatted code.
|
2007-10-18 16:50:31 +00:00 |
|
Luke Taylor
|
c51bcd9c1f
|
Changed method protection config to make it compatible with MethodDefinitionMap for the time being.
|
2007-10-14 14:29:15 +00:00 |
|
Luke Taylor
|
a4b522351f
|
Added "unprotected" method for tests
|
2007-10-14 14:15:51 +00:00 |
|
Luke Taylor
|
0b54eece28
|
Added code to set the manager username and password if supplied.
|
2007-10-13 21:20:19 +00:00 |
|
Luke Taylor
|
3d0f3302dc
|
RNC file used for convenience to generate the namespace xsd schema file.
|
2007-10-13 16:27:14 +00:00 |
|
Luke Taylor
|
0f4cdf345d
|
Intermediate checkin of experimental namespace config work (additional parser files).
|
2007-10-13 16:26:08 +00:00 |
|
Luke Taylor
|
627b0b38ad
|
Intermediate checkin of experimental namespace config work.
|
2007-10-13 16:24:24 +00:00 |
|
Luke Taylor
|
98f6111d06
|
Corrected wrong error message in ProviderManager.
|
2007-10-13 12:15:13 +00:00 |
|
Luke Taylor
|
e561b87987
|
Switched testOperation method to use unicode escaped characters.
|
2007-10-13 11:40:16 +00:00 |
|
Luke Taylor
|
75bc838ae8
|
Switched testOperation method to use French locale to prevent use of default machine locales such as Chinese (see previous commit sg).
|
2007-10-11 16:18:28 +00:00 |
|
Luke Taylor
|
0a214e4930
|
Removed locale-specific message value assertions which will cause tests to fail if run with a different standard locale for which we have a message file (e.g. Chinese).
|
2007-10-11 15:23:01 +00:00 |
|
Luke Taylor
|
92bc57eefd
|
Switch test to use a specific locale for which we have a message file (french). The default ResourceBundle behaviour is to attempt to load the platform locale if the specified one isn't found before using the default. We don't have a messages_en.properties file, hence trying to use "en" locale on a Chinese computer will result in Chinese messages being used (and test failing).
|
2007-10-11 15:16:06 +00:00 |
|
Luke Taylor
|
650a5467e8
|
Renamed ApacheDSStartStopBean to ApacheDSContainer and implemented LifeCycle interface.
|
2007-10-03 18:09:53 +00:00 |
|
Luke Taylor
|
3f2b9cd6fb
|
SEC-562: More changes of Acegi name in comments, docs etc.
|
2007-10-03 14:02:39 +00:00 |
|
Luke Taylor
|
9dbeda1c85
|
Corrected out of date comments referring to SecurityEnforcementFilter etc.
|
2007-10-03 11:13:40 +00:00 |
|
Luke Taylor
|
87ddc63f73
|
Format to correct spacing.
|
2007-10-02 16:13:55 +00:00 |
|
Luke Taylor
|
6fbf73e74f
|
Added explicit dependency override on mina 1.0.5 to get round this problem:
http://issues.apache.org/jira/browse/DIRMINA-366
when using apache DS embedded. It causes failures on linux, but not on OS X.
|
2007-10-02 16:13:06 +00:00 |
|
Luke Taylor
|
438dc44004
|
Minor changes to improve robustess of LDAP tests.
|
2007-10-02 14:50:08 +00:00 |
|
Luke Taylor
|
5a3f5fcd78
|
Minor changes to improve robustess of LDAP tests.
|
2007-10-02 14:49:08 +00:00 |
|
Luke Taylor
|
a4266f3fb8
|
Minor imrovements to configuration of embedded apache server.
|
2007-10-02 14:20:27 +00:00 |
|
Luke Taylor
|
acb02246e0
|
Refactored embedded LDAP server tests to make use of new namespace configuration. Use Junit 4 annotations in preference to AbstractDependencyInjectionSpringContextTests so that it is possible to clear up the context after each class is run rather than at JVM shutdown (causes problems with running embedded apache DS).
|
2007-10-02 10:52:06 +00:00 |
|
Luke Taylor
|
77b6503e2e
|
SEC-271: Added namespace handler class and experimental LDAP parser. The latter creates an embedded Apache DS server if no server URL is supplied, so changed dependencies on the latter to compile-time/optional.
|
2007-10-02 10:46:38 +00:00 |
|
Luke Taylor
|
5066fc5e39
|
SEC-562: Changed urls for login, logout, switch user etc.
|
2007-09-24 15:39:51 +00:00 |
|
Luke Taylor
|
eacbc71ba1
|
Switch ldap server port to 3999 (intermittent test failures occurring).
|
2007-09-23 20:57:01 +00:00 |
|
Luke Taylor
|
18c8ba4ac2
|
SEC-562: Changing constants and key names.
|
2007-09-23 11:16:01 +00:00 |
|
Luke Taylor
|
757b153430
|
SEC-562: Repackaging adapters module.
|
2007-09-22 11:54:13 +00:00 |
|
Luke Taylor
|
5a586c04a9
|
SEC-562: Repackaging core.
|
2007-09-21 18:18:21 +00:00 |
|
Luke Taylor
|
274658f9b0
|
SEC-272: Added group tables to test DB.
|
2007-09-21 15:51:36 +00:00 |
|
Luke Taylor
|
d19fe54c01
|
Renamed test class to match target (JdbcDaoImpl).
|
2007-09-21 15:50:23 +00:00 |
|
Luke Taylor
|
400a3b90f0
|
SEC-232: Additional updates to hierachical roles code from contributor.
|
2007-09-19 22:10:31 +00:00 |
|
Luke Taylor
|
eb0307bcd9
|
SEC-557: Reinstate use of default AccessDeniedHandlerImpl for the time being (2.0 branch).
|
2007-09-19 16:49:18 +00:00 |
|
Luke Taylor
|
477dc308f8
|
SEC-413: Consistent redirect behaviour between LogoutFilter and AbstractProcessingFilter. (previous commit of AbstractProcessingFilter has an erroneous message).
|
2007-09-19 16:27:23 +00:00 |
|
Luke Taylor
|
7139cbafbb
|
Removed assertions on response buffer size.
|
2007-09-19 16:25:31 +00:00 |
|
Luke Taylor
|
dde3803532
|
Removed assertions on response buffer size.
|
2007-09-19 16:24:20 +00:00 |
|
Luke Taylor
|
03beaf0777
|
SEC-448: MD4 password encode implementation.
|
2007-09-19 15:28:57 +00:00 |
|
Luke Taylor
|
2ef2bfc514
|
SEC-561: Removed setting of respose buffer size prior to redirect.
|
2007-09-19 15:17:29 +00:00 |
|
Luke Taylor
|
809c962d3b
|
Corrected method name in comment.
|
2007-09-19 15:04:30 +00:00 |
|
Luke Taylor
|
0288204432
|
SEC-369: Made spring-jdbc and spring-remoting optional dependencies in core. Removed explicit commons-lang dependency and updated commons logging to 1.1.
|
2007-09-19 00:23:33 +00:00 |
|
Luke Taylor
|
fdd3dfc51f
|
Remove explicit commons-lang dependency.
|
2007-09-19 00:17:04 +00:00 |
|
Luke Taylor
|
2f03000b68
|
SEC-232: Add role hierarchy contribution.
|
2007-09-17 22:37:39 +00:00 |
|
Luke Taylor
|
1a4b32e50e
|
Remove unused import.
|
2007-09-17 22:17:42 +00:00 |
|
Luke Taylor
|
e872823490
|
SEC-559: Throw an initialization exception if configured truststore file doesn't exist.
|
2007-09-17 21:29:40 +00:00 |
|
Luke Taylor
|
96eb11aadc
|
SEC-399: Add support for invalidating the existing session on successful authentication.
|
2007-09-17 15:54:07 +00:00 |
|
Luke Taylor
|
0efa5c3090
|
SEC-458: implementy hashCode() in PrincipalSid and GrantedAuthoritySid.
|
2007-09-17 13:10:17 +00:00 |
|
Luke Taylor
|
d79d55c8b6
|
SEC-8: Changes to LDAP authenticator API to take an authentication object rather than username/password.
|
2007-09-17 12:28:07 +00:00 |
|
Luke Taylor
|
c7354c125a
|
SEC-417: Fix. Remove hard-coded messages from JdbcDaoImpl to allow internationalized versions for "user not found" etc.
|
2007-09-16 22:20:08 +00:00 |
|
Luke Taylor
|
8a35f7da75
|
SEC-558: Combine user mapping implementations into a single interface and make more use of DirContextOperations in SS LDAP APIs.
|
2007-09-16 18:56:00 +00:00 |
|
Luke Taylor
|
56deb3dd83
|
SEC-549: Trim whitespace from username submitted with login form.
|
2007-09-14 14:25:21 +00:00 |
|
Luke Taylor
|
8398e940cf
|
SEC-449: Corrected comment.
|
2007-09-14 14:18:54 +00:00 |
|
Luke Taylor
|
fdbcbec9d8
|
SEC-449: Reamed template test class to match tested class. Added test method for case when no attribute value is found.
|
2007-09-14 14:17:30 +00:00 |
|
Luke Taylor
|
223a597208
|
SEC-449: Changed role searching to use parent spring ldap template search method.
|
2007-09-14 14:16:28 +00:00 |
|
Luke Taylor
|
b7d9466f99
|
SEC-449: Remoned unnecessary declaration of ContextMapper interface.
|
2007-09-14 14:12:32 +00:00 |
|
Luke Taylor
|
97ef5f389f
|
SEC-449: Remoned unnecessary declaration of ContextMapper interface.
|
2007-09-14 14:11:57 +00:00 |
|
Luke Taylor
|
d208cf3824
|
SEC-449: Make LdapUserDetailsMapper a pure ContextMapper so it can be used with LdapTemplate.
|
2007-09-13 20:42:50 +00:00 |
|
Luke Taylor
|
6d8f92e1b8
|
Allow an ldif file to be set in the configuration and loaded on initialization.
|
2007-09-13 20:40:49 +00:00 |
|
Luke Taylor
|
ae40919d13
|
Tidying up class.
|
2007-09-12 19:55:52 +00:00 |
|
Luke Taylor
|
c0f5230667
|
SEC-302: Add rolePrefix property to SecurityContextHolderAwareRequestFilter.
|
2007-09-11 17:29:47 +00:00 |
|
Luke Taylor
|
6a6bafa219
|
Make sure test classes which are setting the context clear it in their tearDown methods.
|
2007-09-11 14:13:50 +00:00 |
|
Luke Taylor
|
c56b8c4117
|
SEC-471: Allow names of username and password parameters to be customized in AuthenticationProcessingFilter.
|
2007-09-11 12:12:14 +00:00 |
|
Luke Taylor
|
3326525b65
|
SEC-368: Tidied up captcha spelling.
|
2007-09-11 11:16:07 +00:00 |
|
Luke Taylor
|
dd2a46c7ca
|
SEC-368: Tidied up captcha spelling.
|
2007-09-11 11:11:05 +00:00 |
|
Luke Taylor
|
c91400b03b
|
Corrected scm sections of core and parent poms.
|
2007-09-10 23:18:43 +00:00 |
|
Luke Taylor
|
448e8cfb42
|
SEC-551: Convert RegExpBasedFilterInvocationDefinitionMap and DaoX509AuthoritiesPopulator to use JDK regexps. Removed ORO dependency from the project.
|
2007-09-10 23:09:36 +00:00 |
|
Luke Taylor
|
6eb17c8546
|
SEC-513: Ldap user manager implementation classes changed to use new spring ldap apis.
|
2007-09-10 21:13:45 +00:00 |
|
Luke Taylor
|
afaa169e97
|
SEC-449: Test data ldif file for ApacheDS.
|
2007-09-10 21:09:59 +00:00 |
|
Luke Taylor
|
0503c3e1ab
|
SEC-449: Refactoring towards more use of Spring LDAP. Also borrowed the Spring LDAP integration testing setup which is much better and makes use of the full LDAP stack. There were still problems with using Apache DS's CoreContextFactory (e.g. compare operations) so it is an improvement on that front too. Moved spring ldap to 1.2-RC1 version.
|
2007-09-10 21:09:02 +00:00 |
|
Scott Battaglia
|
f7815e8da2
|
SEC-520
added parameter to determine whether to encode the session id or not and an explanation on when it should/should not be used.
|
2007-09-10 15:11:56 +00:00 |
|
Luke Taylor
|
e7ede68352
|
Update ldap test base class to use LdapContext by default.
|
2007-09-07 20:52:03 +00:00 |
|
Luke Taylor
|
ff1f1d8ef5
|
SEC-449: Rename internal LdapTemplate class to SpringSecurityLdapTemplate to avoid confusion.
|
2007-09-07 20:49:38 +00:00 |
|
Luke Taylor
|
f178ca2a39
|
Updated trunk poms to 2.0-SNAPSHOT version
|
2007-09-07 20:14:55 +00:00 |
|
Luke Taylor
|
70239a9769
|
SEC-513: First check in of user management stuff.
|
2007-09-07 20:01:46 +00:00 |
|
Luke Taylor
|
9b71b5aa00
|
SEC-449: Mostly changes to aid moving towards compatibility with spring-ldap.
|
2007-09-07 19:55:45 +00:00 |
|
Luke Taylor
|
8d4b97f685
|
Updated poms post-release 1.0.5
|
2007-09-06 02:52:09 +00:00 |
|
Luke Taylor
|
c8b6111418
|
Release 1.0.5.
|
2007-09-06 01:52:53 +00:00 |
|
Luke Taylor
|
3de8745494
|
Commented out (another) failing captcha test whose behaviour varies with speed of the build server (makes assumptions about the interval within which certain lines of code are executed).
|
2007-09-04 01:06:58 +00:00 |
|
Luke Taylor
|
6289503643
|
Commented out failing captcha test whose behaviour varies with speed of the build server (makes assumptions about the interval within which certain lines of code are executed).
|
2007-09-03 23:33:13 +00:00 |
|
Luke Taylor
|
34527c3305
|
Changed spring version to 1.2.9 and modified dependencies to get build to work with this version. Corrected some javadoc links.
|
2007-09-03 15:47:39 +00:00 |
|
Luke Taylor
|
15ee5b2364
|
SEC-540,SEC-541: Changes for maven 2 site generation and use of docbkx.
|
2007-09-02 13:22:24 +00:00 |
|
Luke Taylor
|
4e452046ec
|
Comment out System.out.println
|
2007-09-01 14:59:41 +00:00 |
Ray Krueger
|
edd7bbeceb
|
Removed repeated downcasting of ServletRequest and ServletResponse
|
2007-09-01 14:43:09 +00:00 |
|
Luke Taylor
|
b2799985f2
|
SEC-398: Added patch which uses response wrapper to set context in session on redirect or error.
|
2007-08-31 20:39:33 +00:00 |
|
Luke Taylor
|
219b865c01
|
SEC-544: Added German localization messages from Andreas Senft.
|
2007-08-31 12:15:13 +00:00 |
|
Luke Taylor
|
c021bf4682
|
SEC-542: Made SessionInformation serializable. Also remove unused default constructor.
|
2007-08-30 21:38:07 +00:00 |
|
Luke Taylor
|
0adf0d6f1c
|
SEC-529: Added French translation of messages from Laurent Pireyn
|
2007-08-30 21:27:49 +00:00 |
|
Luke Taylor
|
bc411c7c3b
|
SEC-457: Added Czech translation of messages from Jan Novotný
|
2007-08-30 21:20:19 +00:00 |
|
Luke Taylor
|
ea61964f56
|
SEC-483: Fix. Make getGroupSearchBase protected.
|
2007-08-30 21:15:14 +00:00 |
|
Luke Taylor
|
0c4916ee98
|
SEC-427: Fix. Added NullAuthoritiesPopulator and extra constructor.
|
2007-08-30 21:12:16 +00:00 |
|
Luke Taylor
|
301626fd6e
|
SEC-346: Fix. Added suggested change. Also some minor tidying up of comments etc.
|
2007-08-30 20:55:49 +00:00 |
|
Luke Taylor
|
2e8d16c538
|
SEC-484: Multithreaded tests for SessionRegistryImpl.
|
2007-08-30 19:26:24 +00:00 |
|
Luke Taylor
|
ad43d433b4
|
SEC-484: Fix for NPE concurreny issue. Also reinstated synchronized on registerNewSession (had removed it for testing).
|
2007-08-30 19:04:18 +00:00 |
|
Luke Taylor
|
aa4ee54f86
|
Added logging to SessionRegistryImpl.
|
2007-08-30 18:22:40 +00:00 |
|
Luke Taylor
|
7fcdd4a6ff
|
More tidying...
|
2007-08-30 11:31:36 +00:00 |
|
Luke Taylor
|
510cd5050f
|
Tidied up SessionRegistryImpl and rolled back reformatting of its test class to incorrect width.
|
2007-08-30 11:21:28 +00:00 |
|
Luke Taylor
|
5f993e5627
|
SEC-534: Refactored JaasAuthenticationProvider to use ApplicationPublisherAware rather than ApplicationContextAware.
|
2007-08-29 11:51:02 +00:00 |
|
Luke Taylor
|
1467527c0a
|
SEC-538: Deleted maven 1 files.
|
2007-08-29 11:00:28 +00:00 |
|
Luke Taylor
|
5b7ed79b6a
|
SEC-539: Reformatted "divider" comments (//~ Methods=== etc). Simplified boolean expression in afterPropertiesSet.
|
2007-08-28 23:19:06 +00:00 |
|
Luke Taylor
|
d7cef1ba31
|
SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged.
|
2007-08-28 23:11:58 +00:00 |
|
Luke Taylor
|
47c5a6d43f
|
SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session).
|
2007-08-28 22:43:13 +00:00 |
|
Luke Taylor
|
f7a6129657
|
SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter.
|
2007-08-28 22:40:56 +00:00 |
|
Luke Taylor
|
d1be9f9980
|
SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use.
|
2007-08-28 22:38:55 +00:00 |
|
Luke Taylor
|
3dd0716611
|
SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter().
|
2007-08-28 21:58:30 +00:00 |
|
Luke Taylor
|
fa63d8ecfb
|
SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession()
|
2007-08-28 21:25:17 +00:00 |
|
Luke Taylor
|
ce3eb599ed
|
SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter().
|
2007-08-28 21:11:48 +00:00 |
|
Luke Taylor
|
ba88214d1d
|
SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic.
|
2007-08-28 20:16:19 +00:00 |
|
Luke Taylor
|
27ef2caf45
|
SEC-539: Removed filterApplied boolean.
|
2007-08-28 19:56:33 +00:00 |
|
Luke Taylor
|
e8d11f28f2
|
SEC-539: Extracted storeSecurityContextInSession() method.
|
2007-08-28 19:54:24 +00:00 |
|
Luke Taylor
|
bcf69cbe3d
|
SEC-539: Extracted populateSecurityContextFromSession() method.
|
2007-08-28 19:16:37 +00:00 |
|
Luke Taylor
|
6651a240de
|
Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not.
|
2007-08-28 18:26:04 +00:00 |
|
Luke Taylor
|
6fe00b3433
|
SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true.
Also removed unnecessary assertions from PathBasedFilterDefinitionMapTests.
|
2007-08-28 16:53:05 +00:00 |
|
Luke Taylor
|
4ba77fa736
|
SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected.
|
2007-08-28 15:26:59 +00:00 |
|
Luke Taylor
|
e189bc685f
|
SEC-408: Fix. Provide getter for filterProcessesUrl.
|
2007-08-28 11:37:05 +00:00 |
|
Luke Taylor
|
c8077c5e87
|
SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes.
|
2007-08-28 00:31:30 +00:00 |
|
Luke Taylor
|
3f123e1478
|
SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache).
|
2007-08-27 23:41:59 +00:00 |
|
Luke Taylor
|
87d6b8dedd
|
SEC-412: Fix. Added extra constructor to UsernameNotFoundException allow use of extraInformation property of parent class.
|
2007-08-27 23:22:48 +00:00 |
|
Luke Taylor
|
dda88e3931
|
SEC-502: Fix. Use a Map instead of HashMap in the API. Also some minor tidying of test class.
|
2007-08-27 17:21:16 +00:00 |
|
Luke Taylor
|
57f3d268a1
|
SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys.
|
2007-08-27 17:17:25 +00:00 |
|
Luke Taylor
|
1c72b7989e
|
Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl.
|
2007-08-27 17:14:23 +00:00 |
|
Luke Taylor
|
82599a72ba
|
Reformatted LogoutFilter.
|
2007-08-27 16:56:33 +00:00 |
|
Luke Taylor
|
f8689b18b2
|
SEC-526: Fixed. Support for different case prefixes ({SHA}, {sha} etc).
|
2007-08-27 16:23:14 +00:00 |
|
Luke Taylor
|
0425d3b638
|
Rolled back unnecessary changes (whitespace, imports etc) for SEC-398 to make actual change from revision 1858 clearer.
|
2007-08-27 13:29:39 +00:00 |
Ben Alex
|
db3024f9a4
|
SEC-271: Revert Ordered and ApplicationContextAware usage at this time, due to release of 1.0..
|
2007-08-25 00:15:30 +00:00 |
Vishal Puri
|
2b4d8a6378
|
Removed print statement
|
2007-08-22 04:48:04 +00:00 |
|
Luke Taylor
|
3fbc7beb88
|
SEC-251: Document use of {1} parameter in javadoc for DefaultLdapAuthoritiesPopulator.
|
2007-08-17 15:45:57 +00:00 |
|
Vishal Puri
|
bc30b903f8
|
SEC-398: Lazy update of 'filterApplied' to true
|
2007-07-25 05:34:40 +00:00 |
|
Luke Taylor
|
a499e74102
|
SEC-449: Add spring-ldap dependency to pom.xml.
|
2007-07-24 17:23:47 +00:00 |
|
Luke Taylor
|
b646a06443
|
Fix for SEC-512. Removed unnecessary context creation.
|
2007-07-24 17:01:36 +00:00 |
|
Luke Taylor
|
aea1148ffb
|
Fix broken test caused by null application context in AbtractAccessDecisionManager when auto-detection of voters is called.
|
2007-07-24 16:48:49 +00:00 |
|
Vishal Puri
|
c5cc42e16c
|
made two instance variables protected for RBA solution
|
2007-07-23 07:59:28 +00:00 |
|
Vishal Puri
|
5ea8232f84
|
SEC-484: fixed concurrency issue
|
2007-07-23 07:58:31 +00:00 |
|
Vishal Puri
|
0e46e5307c
|
SEC-271: added Ordered interface to AcessDecisionVoters
|
2007-07-06 13:34:43 +00:00 |
|
Vishal Puri
|
ef38844a6d
|
Improved comments and made TokenBasedRememberMeServices modular to support subclasses
|
2007-06-27 08:33:37 +00:00 |
|
Ray Krueger
|
0159b617cf
|
Refactored the failureUrl lookup into a protected method to allow customization
|
2007-06-19 13:09:57 +00:00 |
|
Vishal Puri
|
b2c30277f4
|
SEC-271: work on security:autoconfig
|
2007-06-19 04:08:19 +00:00 |
Carlos Sanchez
|
165d2c0122
|
[maven-release-plugin] prepare for next development iteration
|
2007-06-02 21:28:53 +00:00 |
|
Carlos Sanchez
|
942b5d7345
|
[maven-release-plugin] prepare release acegi-security-1.0.4-maven2
|
2007-06-02 21:21:51 +00:00 |
|
Ben Alex
|
4561c3a1f1
|
Remove unused imports that were causing warnings.
|
2007-05-25 05:33:06 +00:00 |
|
Ben Alex
|
e252f4a497
|
Make compatible with Assert static class in Spring 1.2.9.
|
2007-05-25 05:32:32 +00:00 |
|
Vishal Puri
|
5b97b3458c
|
utility class added required to copy ordering information from one object to another
|
2007-05-25 03:25:28 +00:00 |
|
Ben Alex
|
10bf40fc03
|
SEC-472: Provide support for subclasses to select the login form URL to use for a given request.
|
2007-05-25 03:21:17 +00:00 |
|
Vishal Puri
|
b30162191e
|
SEC-271: Moved spring security namespaces cnfig code to sandbox
|
2007-05-25 03:17:12 +00:00 |
|
Ben Alex
|
a8b402462e
|
SEC-470: Provide flexibility to customize cookie name.
|
2007-05-25 03:12:49 +00:00 |
|
Ben Alex
|
24b31c0c57
|
SEC-443: Provide useRelativeContext property.
|
2007-05-25 02:55:25 +00:00 |
|
Ben Alex
|
c8d5374602
|
SEC-436: Add hashCode() methods.
|
2007-05-25 02:28:40 +00:00 |
|
Ben Alex
|
95735017e6
|
SEC-421: MutableAcl.setParent(MutableAcl) method to accept Acl parameter, not MutableAcl.
|
2007-05-25 02:22:18 +00:00 |
|
Ben Alex
|
d0d645788a
|
SEC-405: Extract out target URL determination method.
|
2007-05-25 02:07:44 +00:00 |
|
Ben Alex
|
998fc938df
|
SEC-403: Add support for Chinese.
|
2007-05-25 02:04:44 +00:00 |
|
Ben Alex
|
296d235135
|
SEC-343: Make obtainAllDefinedFilters() protected.
|
2007-05-25 02:03:12 +00:00 |
|
Ben Alex
|
1fa89e99c4
|
SEC-307: Preserve result of AuthenticationManager.authenticate(Authentication).
|
2007-05-25 02:00:37 +00:00 |
|
Ben Alex
|
3b9a8dc53e
|
SEC-444: Handle synchronization issues if multiple authentications taking place for same session ID concurrently.
|
2007-05-25 01:38:42 +00:00 |