spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	5b7ed79b6a	SEC-539: Reformatted "divider" comments (//~ Methods=== etc). Simplified boolean expression in afterPropertiesSet.	19 years ago
Luke Taylor	d7cef1ba31	SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged.	19 years ago
Luke Taylor	47c5a6d43f	SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session).	19 years ago
Luke Taylor	f7a6129657	SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter.	19 years ago
Luke Taylor	d1be9f9980	SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use.	19 years ago
Luke Taylor	3dd0716611	SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter().	19 years ago
Luke Taylor	fa63d8ecfb	SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession()	19 years ago
Luke Taylor	ce3eb599ed	SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter().	19 years ago
Luke Taylor	ba88214d1d	SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic.	19 years ago
Luke Taylor	27ef2caf45	SEC-539: Removed filterApplied boolean.	19 years ago
Luke Taylor	e8d11f28f2	SEC-539: Extracted storeSecurityContextInSession() method.	19 years ago
Luke Taylor	bcf69cbe3d	SEC-539: Extracted populateSecurityContextFromSession() method.	19 years ago
Luke Taylor	6651a240de	Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not.	19 years ago
Luke Taylor	6fe00b3433	SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true. Also removed unnecessary assertions from PathBasedFilterDefinitionMapTests.	19 years ago
Luke Taylor	4ba77fa736	SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected.	19 years ago
Luke Taylor	e189bc685f	SEC-408: Fix. Provide getter for filterProcessesUrl.	19 years ago
Luke Taylor	c8077c5e87	SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes.	19 years ago
Luke Taylor	3f123e1478	SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache).	19 years ago
Luke Taylor	87d6b8dedd	SEC-412: Fix. Added extra constructor to UsernameNotFoundException allow use of extraInformation property of parent class.	19 years ago
Luke Taylor	dda88e3931	SEC-502: Fix. Use a Map instead of HashMap in the API. Also some minor tidying of test class.	19 years ago
Luke Taylor	57f3d268a1	SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys.	19 years ago
Luke Taylor	1c72b7989e	Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl.	19 years ago
Luke Taylor	82599a72ba	Reformatted LogoutFilter.	19 years ago
Luke Taylor	f8689b18b2	SEC-526: Fixed. Support for different case prefixes ({SHA}, {sha} etc).	19 years ago
Luke Taylor	0425d3b638	Rolled back unnecessary changes (whitespace, imports etc) for SEC-398 to make actual change from revision 1858 clearer.	19 years ago
Ben Alex	db3024f9a4	SEC-271: Revert Ordered and ApplicationContextAware usage at this time, due to release of 1.0..	19 years ago
Vishal Puri	2b4d8a6378	Removed print statement	19 years ago
Luke Taylor	3fbc7beb88	SEC-251: Document use of {1} parameter in javadoc for DefaultLdapAuthoritiesPopulator.	19 years ago
Vishal Puri	bc30b903f8	SEC-398: Lazy update of 'filterApplied' to true	19 years ago
Luke Taylor	a499e74102	SEC-449: Add spring-ldap dependency to pom.xml.	19 years ago
Luke Taylor	b646a06443	Fix for SEC-512. Removed unnecessary context creation.	19 years ago
Luke Taylor	aea1148ffb	Fix broken test caused by null application context in AbtractAccessDecisionManager when auto-detection of voters is called.	19 years ago
Vishal Puri	c5cc42e16c	made two instance variables protected for RBA solution	19 years ago
Vishal Puri	5ea8232f84	SEC-484: fixed concurrency issue	19 years ago
Vishal Puri	0e46e5307c	SEC-271: added Ordered interface to AcessDecisionVoters	19 years ago
Vishal Puri	ef38844a6d	Improved comments and made TokenBasedRememberMeServices modular to support subclasses	19 years ago
Ray Krueger	0159b617cf	Refactored the failureUrl lookup into a protected method to allow customization	19 years ago
Vishal Puri	b2c30277f4	SEC-271: work on security:autoconfig	19 years ago
Carlos Sanchez	165d2c0122	[maven-release-plugin] prepare for next development iteration	19 years ago
Carlos Sanchez	942b5d7345	[maven-release-plugin] prepare release acegi-security-1.0.4-maven2	19 years ago
Ben Alex	4561c3a1f1	Remove unused imports that were causing warnings.	19 years ago
Ben Alex	e252f4a497	Make compatible with Assert static class in Spring 1.2.9.	19 years ago
Vishal Puri	5b97b3458c	utility class added required to copy ordering information from one object to another	19 years ago
Ben Alex	10bf40fc03	SEC-472: Provide support for subclasses to select the login form URL to use for a given request.	19 years ago
Vishal Puri	b30162191e	SEC-271: Moved spring security namespaces cnfig code to sandbox	19 years ago
Ben Alex	a8b402462e	SEC-470: Provide flexibility to customize cookie name.	19 years ago
Ben Alex	24b31c0c57	SEC-443: Provide useRelativeContext property.	19 years ago
Ben Alex	c8d5374602	SEC-436: Add hashCode() methods.	19 years ago
Ben Alex	95735017e6	SEC-421: MutableAcl.setParent(MutableAcl) method to accept Acl parameter, not MutableAcl.	19 years ago
Ben Alex	d0d645788a	SEC-405: Extract out target URL determination method.	19 years ago

1 2 3 4 5 ...

1034 Commits (1.0.x)