spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	1dc4bb112e	SEC-1318: Correct logic for checking combination of session-management attributes.	17 years ago
Luke Taylor	3469a8d4a3	Javadoc.	17 years ago
Luke Taylor	ac564fc34e	SEC-1317: Forgot to commit test from config module.	17 years ago
Luke Taylor	d4e4a09801	SEC-1312: Add detection of 2.0 schemas. Added check to SecurityNamespaceHandler and reinstated old schemas.	17 years ago
Luke Taylor	dab76249db	Added gradle build files (experimental)	17 years ago
Luke Taylor	eddde8ea28	SEC-1309: Namespace configurations should support Spring EL. Removed premature conversion of URL paths to lower case, which messes up if they are case-sensitive expressions or placeholders. Some other minor changes to suppport EL configuration.	17 years ago
Luke Taylor	e9402fa0f9	Removed commented deps from pom.	17 years ago
Luke Taylor	69699431b1	SEC-1303: Added internal Hex and Base64 classes, and moved commons-codec dependency to test scope	17 years ago
Luke Taylor	5546698fef	SEC-1253: Decouple spring-security-config module from spring-security-web. Added ClassUtils.isPresent() check for FilterChainProxy before attempting to register web-related parsers and decorators. Added use of namespace to dms sample for testing.	17 years ago
Luke Taylor	66b1b1957c	SEC-1298: Deleted custom-filter BeanDefinitionDecorator	17 years ago
Luke Taylor	3444b31615	SEC-1291: Add logout namespace support for custom success handler. Added attribute "success-handler-ref" to <logout> element in namespace.	17 years ago
Luke Taylor	9eae7b899c	SEC-1284: Added proxy-target-class attribute to method security namespace	17 years ago
Luke Taylor	afdd80235c	SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Fixed Spring RC1 - RC2 regression problem with test (addApplicationListener() behaviour has changed).	17 years ago
Luke Taylor	d4d5012035	SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Update AuthenticationManagerBeanDefinitionParser to register a DefaultAuthenticationeventPublisher and set it on the registered ProviderManager.	17 years ago
Luke Taylor	a2468c523a	SEC-1283: AuthenticationConfigBuilder.createAnonymousFilter uses httpElt instead of anonymousElt. Corrected element name.	17 years ago
Luke Taylor	197737a2b4	SEC-1281: make sure correct 'key' value is used for RememberMeAuthenticationProvider when external RememberMeServices is used	17 years ago
Luke Taylor	799b96520b	SEC-1269: Combining <form-login> and <open-id> fails to find entry point. Fixed entry point choice conditions when using openID and/or form-login	17 years ago
Luke Taylor	3f963ef8ca	Restore versions and svn URLs in trunk (release plugin fail)	17 years ago
Luke Taylor	af563e826c	[maven-release-plugin] prepare release spring-security-3.0.0.RC1	17 years ago
Luke Taylor	73df14c912	Allow any ordering of authentication-provider elements within authentication-manager	17 years ago
Luke Taylor	ed2ddf9323	SEC-1263: Add FactoryBean for namespace AuthenticationManager. <http> now uses AuthenticationManagerFactoryBean. Method security already uses a delegate object to lookup the AuthenticationManager. This now uses the same error message if the bean isn't found, rather than allowing the BeanFactory NoSuchBeanDefinitionException to be thrown directly.	17 years ago
Luke Taylor	ac5237c127	SEC:1263: Added FactoryBean for AuthenticationManager	17 years ago
Luke Taylor	e398922f85	Removing elements that are no longer supported from the namespace	17 years ago
Luke Taylor	80eb47c6fe	SEC-1261: Convert FilterChainOrder to an enum (SecurityFilters).	17 years ago
Luke Taylor	4dcb9de67a	SEC-1257: Some additional API changes to use Collection instead of List...	17 years ago
Luke Taylor	1286741c7c	SEC-1259: Improve consistency of authentication filter names.	17 years ago
Luke Taylor	f213cc5d9e	SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted.	17 years ago
Luke Taylor	5d486a51b6	SEC-1256: Added support for expression attributes in filter-security-metadata-source configuration.	17 years ago
Luke Taylor	07d7c0ddae	Renamed form and openID filters to shorten names	17 years ago
Luke Taylor	1042305cfe	Renamed web.wrapper to web.servletapi. Added some package.html files.	17 years ago
Luke Taylor	673cf300fb	SEC-1229: Refactoring to remove package cycles.	17 years ago
Luke Taylor	acf13c74ca	SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session	17 years ago
Luke Taylor	2b89ebdfbb	SEC-1229: Further doc and mods to namespace config/naming to make it more consistent	17 years ago
Luke Taylor	073198886d	SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before.	17 years ago
Luke Taylor	c34d719004	SEC-1252: Remove 2.0.x schemas from 3.0. Removed files and updated spring.schemas to remove 2.0.x versions	17 years ago
Luke Taylor	2a1430f1ce	SEC-1229: Removed legacy concurrency classes	17 years ago
Luke Taylor	ebada9fd12	SEC-1229: Added support for parsing error URL in session-management	17 years ago
Luke Taylor	203cc5a8dc	SEC-1229: Added error-url to concurrency-control element and changed "exception-if-max-exceeded" to "error-if-max-exceeded"	17 years ago
Luke Taylor	7109b7e183	Import cleaning.	17 years ago
Luke Taylor	aa153681bf	SEC-1229: Added session-management element to namespace and refactored existing session-related attributes and concurrency control. Refactored <http> parsing code to split it up into more manageable units.	17 years ago
Luke Taylor	731402e9f5	SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context.	17 years ago
Luke Taylor	71ab83255d	SEC-1242: Check that RememberMeServices is an instance of AbstractRememberMeServices before attempting to inject a UserDetailsService.	17 years ago
Luke Taylor	fa7404741b	SEC-1167: Introduce more flexible SavedRequest handling. Add namespace support for a custom RequestCache through the request-cache element.	17 years ago
Luke Taylor	aec730ae7e	SEC-1238: Disable portlet module	17 years ago
Luke Taylor	6640eab9dc	SEC-1240: Added {ssha} support to PasswordEncoderParser.	17 years ago
Luke Taylor	d099d14e9b	SEC-1235: Added test to attempt to verify (failed to reproduce).	17 years ago
Luke Taylor	8632946f30	SEC-1213: Added "order" atrribute to global-method-security	17 years ago
Luke Taylor	245fc96137	SEC-1075: Update the embedded LDAP server to use Apache DS 1.5. Updated to use the new 1.5.5 release for the embedded server.	17 years ago
Luke Taylor	2039200617	SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace.	17 years ago
Luke Taylor	dbcb13ad14	SEC-1229: Redesign Concurrent Session Control implementation. Renamed session strategy interface and introduced SessionAuthenticationException for rejection of session/Authentication combination.	17 years ago

1 2 3

136 Commits (0f25601f54239e37d2abd145ebdd04500877220a)