Tree: 07d7c0ddae

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.4.x/ch.qos.logback-logback-classic-1.5.26

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '07d7c0ddae'

${ noResults }

Commit Graph

102 Commits (07d7c0ddaee016e91b059ad9c70a5ff8a88dea13)

Author	SHA1	Message	Date
Luke Taylor	07d7c0ddae	Renamed form and openID filters to shorten names	17 years ago
Luke Taylor	1042305cfe	Renamed web.wrapper to web.servletapi. Added some package.html files.	17 years ago
Luke Taylor	673cf300fb	SEC-1229: Refactoring to remove package cycles.	17 years ago
Luke Taylor	acf13c74ca	SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session	17 years ago
Luke Taylor	2b89ebdfbb	SEC-1229: Further doc and mods to namespace config/naming to make it more consistent	17 years ago
Luke Taylor	073198886d	SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before.	17 years ago
Luke Taylor	abba569282	Tidying.	17 years ago
Luke Taylor	1ead8472d1	SEC-1229: Added failure handler to the SessionManagementFilter to deal with concurrent login errors.	17 years ago
Luke Taylor	bf39a5bb36	Added extra logging.	17 years ago
Luke Taylor	731402e9f5	SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context.	17 years ago
Luke Taylor	1c4a809e09	SEC-1245: Add role hierarchy support to expression handlers. Done.	17 years ago
Luke Taylor	e7486fc203	Removed Ordered interface from Http403EntryPoint (unused).	17 years ago
Luke Taylor	40cf50fc98	SEC-1148: Javadoc.	17 years ago
Luke Taylor	ff78ec00f7	SEC-1226: Additional Javadoc.	17 years ago
Luke Taylor	23c8f479b8	SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework.	17 years ago
Luke Taylor	593d2e227a	SEC-1226: Renamed useRelativeContext to contextRelative to match corresponding flag name in Spring Framework.	17 years ago
Luke Taylor	9c7423599e	SEC-1167: Extended SavedRequest interface to allow it to be used by wrapper. Removed null checks in wrapper, as the SavedRequest cannot now be null.	17 years ago
Luke Taylor	4064b7b4f6	SEC-1167: Introduce more flexible SavedRequest handling. Introduced interface for SavedRequest.	17 years ago
Luke Taylor	acd10dd716	SEC-1243: Make determineTargetUrl protected.	17 years ago
Luke Taylor	ac4e7bbadb	SEC-1241: Make sure saved request is removed after a match.	17 years ago
Luke Taylor	f518da9d8b	SEC-1236: Using HTTP Method-specific intercept-urls causes patterns with no method to be ignored. Fixed by also checking null key in map if no method-specific attributes are found.	17 years ago
Luke Taylor	5bdfd8cd77	Tidying imports etc to remove compiler warnings.	17 years ago
Luke Taylor	002b788a8c	Minor refactoring.	17 years ago
Mike Wiesner	5623c13038	SEC-1047: Added an option to DigestProcessingFilter that the created Authentication object is now marked as "authenticated"	17 years ago
Luke Taylor	936326f4ab	SEC-1180: Unreachable code inside UrlUtils.buildRequestUrl(...). Removed code block.	17 years ago
Luke Taylor	32dbb7e8bd	import cleaning	17 years ago
Luke Taylor	2039200617	SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace.	17 years ago
Luke Taylor	b2c2b93545	SEC-1190: Added "invalidateSessionOnPrincipalChange" property to AbstactPreAuthenticatedProcessingFilter. If set to true (the default) and a new principal is detected, the existing session will be invalidated before proceeding to authenticate the user.	17 years ago
Luke Taylor	3cc47c9c4d	SEC-1190: Added "checkForPrincipalChanges" property to AbstactPreAuthenticatedProcessingFilter.	17 years ago
Luke Taylor	dbcb13ad14	SEC-1229: Redesign Concurrent Session Control implementation. Renamed session strategy interface and introduced SessionAuthenticationException for rejection of session/Authentication combination.	17 years ago
Luke Taylor	a4ccc4ac21	Make WebSecurityExpressionRoot public to allow reuse.	17 years ago
Luke Taylor	471206a29d	SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy	17 years ago
Luke Taylor	ab0d66071a	SEC-1226: Introduce RedirectStrategy to replace RedirectUtils. Implemented strategy and applied throughout relevant classes.	17 years ago
Luke Taylor	fe33f08b73	SEC-1201: Allow requires-channel attribute to take placeholders.	17 years ago
Luke Taylor	0b5160d155	Javadoc correction.	17 years ago
Luke Taylor	5a8772df5b	Reset pom versions post release	17 years ago
Luke Taylor	0e5aa7008d	[maven-release-plugin] prepare release spring-security-3.0.0.M2	17 years ago
Luke Taylor	e6631be778	Import cleaning	17 years ago
Luke Taylor	6f76fe6fbb	Import cleaning	17 years ago
Luke Taylor	eb059cfd12	SEC-1211: removed SessionUtils (no longer used)	17 years ago
Luke Taylor	f536c80020	SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web	17 years ago
Luke Taylor	c12e5b4d0b	SEC-1142: Renamed setter argument to match property.	17 years ago
Luke Taylor	ea73fd0130	SEC-1142: Simplified implementation by removing template method.	17 years ago
Luke Taylor	90d76373cc	SEC-1142: Support for session timeout detection. Added redirect to invalidSessionUrl in SessionManagementFilter when an invalid session Id is supplied in the request.	17 years ago
Luke Taylor	3e6054b69f	SEC-1211: Rename SessionFixationProtectionFilter to SessionManagementFilter, since it no longer performs session-fixation protection directly, but just executes the AuthenticatedSessionStrategy.	17 years ago
Luke Taylor	5e285b3692	SEC-1211: Set the default AuthenticatedSessionStrategy to a null implementation to preserve existing behaviour.	17 years ago
Luke Taylor	609a68b12a	SEC-1077: Added DefaultAuthenticatedSessionStrategy test to check that saved request attribute is retained when migrateAttributes is false.	17 years ago
Luke Taylor	db90122179	SEC-1211: Create strategy for session handling on successful authentication. Added AuthenticatedSessionStrategy interface and default implementation which encapsulates the functionality that was previously in SessionFixationProtectionFilter and AbstractAuthentictationProcessingFilter. Updated the namespace to make use of these.	17 years ago
Luke Taylor	8b115e2a21	SEC-1167: Added setRequestCache to SavedRequestAwareAuthenticationSuccessHandler and updated namespace parsing to set PortResolver on created HttpRequestCache.	17 years ago
Luke Taylor	f404bb3d74	SEC-1167: Introduce more flexible SavedRequest handling. Separated the concept of SavedRequest from SecurityContextHolderAwareFilter since the two are orthogonal requirements. This no longer takes a wrapper class property or uses reflection. SavedRequest functionality is accessed through the RequestCache interface, with the default implementation being HttpSessionRequestCache. A separate filter RequestCacheAwareFilter is now responsible for reconstituting the SavedRequest if it matches the current request. The functionality for matching and returning the wrapper is contained in the RequestCache method though.	17 years ago