0c28845d4e
SEC-787: Converted SQL in BasicLookupStrategy to lower case to make it consistent with other classes.
18 years ago
d3a0f05de9
SEC-783: GlobalMethodSecurityBeanDefinitionParser should support AfterInvocationProviders
...
http://jira.springframework.org/browse/SEC-783 . Added support for custom-after-invocation-provider
18 years ago
348d211b8c
SEC-797: Minor javadoc correction.
18 years ago
d1e23b3d2c
SEC-783: Added custom-after-invocation-provider element to namespace.
18 years ago
1090072fff
SEC-795: Add check for protected login page when using namespace
...
http://jira.springframework.org/browse/SEC-795 . I've added checks for the various scenarios which will result in a protected login page and suitable warning messages.
18 years ago
882509fb2a
Renamed context file
18 years ago
5d51b35cfa
SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter.
...
http://jira.springframework.org/browse/SEC-792 . Updated FilterChainProxyPostProcessor to raise an exception if two filters have the same order, and also to unwrap wrapped filters once the sorting by order has been performed.
18 years ago
eba18675fc
Removed old acegi file from tutorial sample as it's causing confusion with users.
18 years ago
38774ec94f
SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter.
...
http://jira.springframework.org/browse/SEC-792 . The filters are now maintained as a list in the context and have to be stored there explicitly on registration.
18 years ago
80cd7f4acc
Removed accidental commit of tutorial context file
18 years ago
c184d2d8c5
Added 'heavyduty' sample to sandbox for testing
18 years ago
01185475a1
OPEN - issue SEC-793: ldap-authentication-provider element parser ignores hash attribute.
...
http://jira.springframework.org/browse/SEC-793 . Added support for hash attribute. password-encoder still takes precendence with a warning if both are present.
18 years ago
7e63fe7357
SEC-790: DefaultLoginPageGeneratingFilter should be a better HTTP citizen
...
http://jira.springframework.org/browse/SEC-790 . Applied submitted patch.
18 years ago
8ea7487ec3
Removed unused method.
18 years ago
ec81e780b2
Import cleaning.
18 years ago
599d9fea04
Minor improvements to toString() methods for logging.
18 years ago
a845a69cb7
Updated surefire plugin to 2.4.2
18 years ago
0cf745b85f
Updated clean plugin to 2.2
18 years ago
b2e9e82727
Fixed typo in message.
18 years ago
63decfeb93
SEC-761: HttpSessionContextIntegrationFilter.contextObject should be created in afterPropertiesSet(), not the constructor
...
http://jira.springframework.org/browse/SEC-761 . Added call to generateNewContext() in the afterPropertiesSet() method to take account of custom security context classes.
18 years ago
1ae167434a
SEC-756: Add checks for duplicate use of namespace elements such as global-method-security
...
http://jira.springframework.org/browse/SEC-756 . Refactored HttpSecurityBDP and added check for duplicate usage of the element.
18 years ago
083644f2fe
SEC-756: Refactored GlobalMethodSecurityDefinitionParser and added check for duplicate registration.
18 years ago
eec62e9760
Removed reference in petclinic tutorial to acegisecurity.org
18 years ago
c5f6cbb8f5
Removed corrupt character in author name which was causing build problems with bamboo.
18 years ago
1258fa854e
SEC-788: x509 authentication does not work properly
...
http://jira.springframework.org/browse/SEC-788 . Added check for X509 element when choosing entry point, if nothing else is available.
18 years ago
e12b6afefa
SEC-776: Http Session created for Anonymous request
...
http://jira.springframework.org/browse/SEC-776 . Added AuthenticationtrustResolver to HttpSCIF to check for anonymous authentication.
18 years ago
88ea87642a
SEC-791: RequestKey.equals throws NPE if method is null
...
http://jira.springframework.org/browse/SEC-791 . Fixed handling of equals when one http method is null.
18 years ago
9eaa1cbbdd
OPEN - issue SEC-789: Add support for optional role-prefix attribute to namespace
...
http://jira.springframework.org/browse/SEC-789 . Added role-prefix attribute to ldap provider and jdbc/ldap user-service elements.
18 years ago
aba5a22b6c
SEC-789: Add support for optional role-prefix attribute to namespace
...
http://jira.springframework.org/browse/SEC-789 . Added support for role-prefix to jdbc-user-service element.
18 years ago
1a4130528a
SEC-782: Incorrect UrlMatcher initialization in FilterChainProxy results in wrong lowercase/uppercase matching
...
http://jira.springframework.org/browse/SEC-782 . I've updated FilterChainProxy to make sure the same UrlMatcher is used throughout when converting a legacy configuration.
18 years ago
5bb558bd6a
SEC-777: The disabled status cannot be set in <user-service>
...
http://jira.springframework.org/browse/SEC-777 . Added the disabled flag to the relax grammar file.
18 years ago
993fdd7a32
Added better toString() method to OrderedFilterDecorator to make it report the delegate filter information.
18 years ago
1663142cf1
SEC-784: removed 'optional' tag on dependencies
18 years ago
469f55ce05
SEC-773: global-method-security fails with JPA
...
http://jira.springframework.org/browse/SEC-773 . Added extra constructor to MethodDefinitionSourceAdvisor to allow for lazy initialization of the advice (MethodSecurityInterceptor), and in turn the AuthenticationManager and ay referenced UserDetailsService implementations.
18 years ago
4d347cfdb5
Updated surefire plugin versions
18 years ago
2cc3068de7
Minor site css adjustments
18 years ago
09ccc35119
Updated index file to include release features
18 years ago
7238097310
OPEN - issue SEC-775: CLONE -impossible to specify "observeOncePerRequest" property in the namespace based configuration.
...
http://jira.springframework.org/browse/SEC-775 . Corrected check for value of observe-once-per-request attribute. Should be a check for "false" as it is true by default.
18 years ago
31a9fa553d
added section on maven repo downloads
18 years ago
680b2d3b74
Updated version number for reference manual
18 years ago
d2ddbc1ee3
Removed references to packaged docs
18 years ago
35698edc04
Website URL updates in readme file
18 years ago
b5dc523041
[maven-release-plugin] prepare for next development iteration
18 years ago
0c42670431
[maven-release-plugin] prepare release spring-security-parent-2.0.0
18 years ago
4d714b33e0
SEC-770: Mark old org.springframework.security.acl module as @deprecated .
18 years ago
ce34ef366d
SEC-426: Provide better ACL documentation.
18 years ago
9dea82773c
Added clear:both to programlisting to stop it overlapping with sidebars
18 years ago
57b5f38df1
OPEN - issue SEC-769: Remember-Me functionality not available in namespace configuration
...
http://jira.springframework.org/browse/SEC-769 . I've added a check in FormLoginBeanDefintionParser to see if RememberMeServices is registered. If so, it will inject the bean into the filter. Also added a check in HttpSecurityBeanDefinitionParserTests that the field has been set.
18 years ago
8f52c6a79c
Corrected name in cas samples pom
18 years ago
2c85f61091
Tidied root pom
18 years ago
Luke Taylor
Ben Alex