1a7f71fc0f
SEC-1372: Return an empty list rather than null from SessionRegistryImpl.getAllSessions()
...
If the principal has no sessions, null is returned which contradicts the interface contract. In practice it didn't matter as the null was checked for, but it is cleaner to disallow a null value.
16 years ago
0f90e69004
SEC-1362: Updated French messages translation.
16 years ago
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
16 years ago
93973a4b75
SEC-1304: Removed compareTo method from GrantedAuthorityImpl
...
This method had been left by mistake when the Comparable
interface was removed. See also SEC-1347.
16 years ago
80aacf447f
Refactored JaasAuthenticationProvider
...
The toUrl() method on File gives a deprecation warning with Java 6, so I reimplemented
the logic for building the Jaas config URL.
16 years ago
893f212fa5
Tidying
16 years ago
bcb1ff8921
SEC-1342: Introduced extra factory method in SecurityConfig to get round problem with Spring converting a string with commas to an array
17 years ago
fcce29f8df
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
17 years ago
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
17 years ago
354b043fd1
SEC-1337: Add Serializable interface to internal comparator
17 years ago
55679971f0
SEC-1337: Make User serializable by moving anonymous comparator class
17 years ago
cad32ffe39
SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface.
17 years ago
ef3d9c7877
Tidying Javadoc.
17 years ago
1e8ea55030
SEC-1320: JaasAuthenticationProvider can not find jaas realm defined inside service archive. Added flag to control refresh of configuration on startup.
17 years ago
33b109f0b3
Made session maps final in SessionRegistryImpl.
17 years ago
558737363f
Added some extra tracing to SessionRegistryImpl.
17 years ago
cde9cd6b36
Correct toString() method in User class.
17 years ago
02a9db7bcf
SEC-1317: Removed check in ProviderManager.getProviders() for empty provider list. A ProviderManager with a non-null parent may have an empty provider list. The afterPropertiesSet() method performs the necessary checks.
17 years ago
dada789814
NOJIRA
...
removed unnecessary cast and use StringBuilder rather than non-final String and concatenation.
17 years ago
ed92d5ea71
SEC-1304: Removed unused compareTo method from custom GrantedAuthority.
17 years ago
8a0f69b955
SEC-1295: Placing Security on Roo Aspected method fails. Added suggested fix - check for null target and use Signature.declaredType instead.
17 years ago
7e0c7ffc0e
SEC-1304: Removed "Comparable" from GrantedAuthority
17 years ago
e72cfd58d4
SEC-1304: Remove Comparable interface from GrantedAuthority to enable it to be imlemented by an enum.
17 years ago
1df82654e3
SEC-1310: Added toString() implementations to Pre and PostInvocationExpressionAttribute classes.
17 years ago
69699431b1
SEC-1303: Added internal Hex and Base64 classes, and moved commons-codec dependency to test scope
17 years ago
d4d5012035
SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Update AuthenticationManagerBeanDefinitionParser to register a DefaultAuthenticationeventPublisher and set it on the registered ProviderManager.
17 years ago
248e826342
SEC-1282: Clarified javadoc
17 years ago
0615b94f55
Converted expression test to use static method.
17 years ago
4dcb9de67a
SEC-1257: Some additional API changes to use Collection instead of List...
17 years ago
f213cc5d9e
SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted.
17 years ago
caff3ee9ba
SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).
17 years ago
acf13c74ca
SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session
17 years ago
2a1430f1ce
SEC-1229: Removed legacy concurrency classes
17 years ago
9639340fef
SEC-1049: RoleHierarchy in SidRetrievalStrategy. Added optional RoleHierarchy injection to SidRetrievalStrategyImpl
17 years ago
1c4a809e09
SEC-1245: Add role hierarchy support to expression handlers. Done.
17 years ago
897960cd70
Add expression string to failed expression evaluation exception message to help clarify the context.
17 years ago
6851655ea9
SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class.
17 years ago
ef2df77889
SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString().
17 years ago
8081a1a3cc
Set Id svn keyword.
17 years ago
58ee9a364e
SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers.
17 years ago
bfd421016e
SEC-1228
...
added constructor so a wrapper can be instanciated in one line of code.
17 years ago
471206a29d
SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy
17 years ago
9bf8656d66
SEC-1201: PropertyPlaceholderConfigurer does not work for intercept-url attributes. Added use of ManagedMaps and BeanDefinitions to support placeholders in the pattern and access attributes.
17 years ago
bb4d818862
SEC-1188: Added "getContexHolderStrategy" method to SecurityContextHolder.
17 years ago
972cd0a53c
javadoc
17 years ago
d65b1b3581
SEC-1200: Ukranian messages file
17 years ago
0f6642d3ab
SEC-1216: Replacement of custom-after-invocation-provider with after-invocation-provider element. Some changes to help prevent proxying of aop infrastructure classes (use of AopInfrastructureBean marker interface)
17 years ago
5953af0f6b
SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements).
17 years ago
fdb7325cbc
Javadoc update
17 years ago
efd1dbf54a
Removed public modifier from getSessionController() method on ProviderManager.
17 years ago
Luke Taylor
Scott Battaglia
Mike Wiesner