spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	8178371927	SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes	15 years ago
Luke Taylor	5a9aa6d1aa	SEC-1700: Allow for case where JAAS config is not a simple file, but may be a jar resource, for example.	15 years ago
Luke Taylor	6db7472928	SEC-1181: Added extra I18N messages for LDAP locked, disabled etc.	15 years ago
Luke Taylor	59ac4c8b96	SEC-1181: Added option to parse AD sub-error codes.	15 years ago
Luke Taylor	01c9c4e4db	SEC-1697: Don't publish authorization success events in AbstractSecurityInterceptor by default.	15 years ago
Luke Taylor	8d99918798	SEC-1491: Add support for an external priority SecurityMetadataSource to be referenced from global-method-security.	15 years ago
Luke Taylor	3084ad878f	SEC-1491: Added AnnotationMetadataExtractor to SecuredAnnotationSecurityMetadataSource to allow a custom security annotation to be used.	15 years ago
Luke Taylor	244047ffe9	Delete unused test entities.	15 years ago
Luke Taylor	ead669f10c	Move single-use annotation test classes into SecuredAnnotationSecurityMetadataDefinitionSourceTests.	15 years ago
Luke Taylor	e470eaa41d	SEC-1689: Moved core codec code into crypto package and removed existing duplication (Hex encoding etc). Refactoring of crypto code to use CharSequence for where possible instead of String.	15 years ago
Luke Taylor	50828cdd43	SEC-1689: Move crypto module code to core for simplicity.	15 years ago
Luke Taylor	5a6afbff95	SEC-1688: Allow injection of a PasswordEncoder from the crypto module into DaoAuthenticationProvider.	15 years ago
Luke Taylor	885f0270dc	Some adjustments to the core build to make sure crypto classes are correctly exported to other tasks.	15 years ago
Luke Taylor	9d45828cb0	SEC-1689: Package crypto module classes with core.	15 years ago
Luke Taylor	fd1a70edc2	SEC-1665: Add extra check of non-public declared methods in MethodInvocationAdapter, if public method cannot be found.	15 years ago
Luke Taylor	131c80f444	SEC-1690: Refactor expression PropertyAccessor for dealing with properties as beans in the ApplicationContext.	15 years ago
Luke Taylor	7a0a2dace6	Revert deliberate test failure.	15 years ago
Luke Taylor	a9d325ea18	Deliberately fail test to test bamboo's reaction	15 years ago
Luke Taylor	4a7608b7a9	SEC-1640: Add support for "this" property to MethodSecurityExpressionRoot object, representing the object on which the method is actually being invoked.	15 years ago
Luke Taylor	0b1beee432	Update Base64 implementation to include fixes (using diff) from the original up to version 2.3.7.	15 years ago
Luke Taylor	b0df1bd1b0	SEC-1673: Use a map to store the range values use in the bundlor templates.	15 years ago
Luke Taylor	eb9482b33b	Removal of some unused internal methods, plus additional tests for some areas lacking coverage.	15 years ago
Luke Taylor	20e65a93ea	Minor test updates.	15 years ago
Rob Winch	8c08eeb57b	SEC-1666: Use constant time comparison for sensitive data. Constant time comparison helps to mitigate timing attacks. See the following link for more information * http://rdist.root.org/2010/07/19/exploiting-remote-timing-attacks/ * http://en.wikipedia.org/wiki/Timing_attack for more information.	15 years ago
Rob Winch	1b32babbf9	SEC-1545: Removed unused i18n keys, changed keys to follow naming conventions, found missing keys based upon old keys, sorted keys, any unknown keys are entered as a comment with the English value. NOTE: The Groovy code that automated most of this is attached to SEC-1545 A mapping of Missing Key to the file that the key is found are as follows: ----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_de.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_it.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pl.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] How unknown keys were gussed by existing keys ----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_de.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_es_ES.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_fr.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_it.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pl.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication	15 years ago
Luke Taylor	c1f2fa1983	SEC-1558: Changed signatures of PrePostInvocationAttributeFactory to take strings rather than annotation types to allow the metadata to be obtained from other sources (not just annotations).	15 years ago
Luke Taylor	5f6dab67e1	SEC-1492: Added SimpleAuthoritiesMapper which provides a one-to-one authority mapping with case-conversion and the addition of a "role" prefix to the authority name.	15 years ago
Luke Taylor	46f83c8a08	SEC-1492: Added RoleHierarchyAuthoritiesMapper as the new preferred way of using a RoleHierarchy.	15 years ago
Luke Taylor	c8820166c8	SEC-1576: Parameterize the secured object type in AccessDecisionVoter.	15 years ago
Luke Taylor	ce421f22bf	SEC-1635: Stop security interceptors from calling AfterInvocationManager if exception occurs during invocation	15 years ago
Luke Taylor	4a40d80da1	SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.	15 years ago
Luke Taylor	978b7d4707	SEC-1631: Reduced use of reflection in DefaultAuthenticationEventPublisher and added tests.	15 years ago
Luke Taylor	bfb723feac	SEC-1557: Added getter to DelegatingMethodSecurityMetadataSource. Also added some optimizations of cache lookup key equals method. A class type check is unnecessary since the key class is a private inner class.	15 years ago
Luke Taylor	4ad0652787	Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.	15 years ago
Luke Taylor	ca679e1479	Reformatting.	15 years ago
Luke Taylor	d64efe9747	SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object.	15 years ago
Luke Taylor	7754882ba9	SEC-1550: Additional signature change (in AnonymousAuthenticationToken)	15 years ago
Luke Taylor	1c8d28501c	SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.	15 years ago
Luke Taylor	337477de6a	SEC-1604: Change log level to debug for "Validated configuration attributes" message.	15 years ago
Luke Taylor	43ec2beec0	SEC-1183: Modified Attributes2GrantedAuthoritiesMapper to return Collection<? extends GrantedAuthority>.	15 years ago
Luke Taylor	2671e52d5a	Expand message on incorrect Spring version to suggest checking the classpath for unwanted jars.	15 years ago
Luke Taylor	deef2706ef	SEC-1607: Report correct version for Spring Security (not Spring version).	15 years ago
Luke Taylor	21ed5feb8d	SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.	15 years ago
Luke Taylor	091a6d26f1	SEC-1548: Added extra logging to Dao-authentication classes to clarify reasons for authentication failure (missing user vs wrong password etc.).	15 years ago
Luke Taylor	54694d5ab7	SEC-1583: Added hasAuthority and hasAnyAuthority imlementations to SecurityExpressionRoot.	15 years ago
Luke Taylor	695c8f4ad6	Import cleaning and suppression of deprecation warnings.	15 years ago
Rob Winch	8249492ce9	SEC-1578: Use ThreadLocal.remove() instead of ThreadLocal.set(null)	15 years ago
Luke Taylor	62cbd51d54	SEC-1562: Made SecurityExpressionRootPropertyAccessor a package private class as it is no longer referenced from multiple packages.	15 years ago
Luke Taylor	829444d59b	SEC-1564: testCompile configurations should include jcl-over-slf4j rather than logback.	16 years ago
rwinch	58d9903ebc	SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider	16 years ago

... 22 23 24 25 26 ...

3271 Commits (finalize)