spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	5b543f83ec	Removed web dependency on core-tests	17 years ago
Luke Taylor	e94baf38b3	Tidying up to remove warnings (generics, use of deprecated test classes etc).	17 years ago
Luke Taylor	50ac9d3b05	More generification to remove last warnings in core package.	17 years ago
Luke Taylor	1454cbb78e	SEC-1132: Moved TextUtils to web module and StringSplit utils into Digest authentication package (as they aren't used elsewhere).	17 years ago
Luke Taylor	a76cbee4bc	SEC-1132: Moved ThrowableAnalyzer code to web module as it is only used in ExceptionTranslationFilter	17 years ago
Luke Taylor	305ce125fb	SEC-863: Hierarchical roles should use the interface GrantedAuthority. Applied submitted patch.	17 years ago
Luke Taylor	ba6664f77f	SEC-1012: Refactor SessionRegistry interface to use Java 5 generics.	17 years ago
Luke Taylor	cac2bce382	Refactored SessionRegistryImpl to remove servlet API deps and moved back into core, along with other concurrent authentication package classes.	17 years ago
Luke Taylor	93bdcccaee	SEC-1132: Moved userdetails into core and added core/authority sub-package	17 years ago
Luke Taylor	c770998d92	SEC-1132: Move authoritymapping to core as it is actually used in loading authorities for a use, not in making access decisions.	17 years ago
Luke Taylor	10673780db	OPEN - issue SEC-1136: Removed SpringSecurityException. Introduced new AclException as base class for Acl module. Refactored JAAS authentication to map to AuthenticationExcpetions rather than SpringSecurityException. Modified ExceptionTranslationFilter to look explicitly for AuthenticationException or AccessDeniedException (which it should do since these are the only two it handles).	17 years ago
Luke Taylor	ca7d055c2b	SEC-1132: Created core and authentication packages within core module.	17 years ago
Luke Taylor	9efb5a7007	SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet	17 years ago
Luke Taylor	7c4d54f356	SEC-1131: Applied patch for portlet upgrade	17 years ago
Luke Taylor	365ae3936e	Moved MockAuthenticationManager to test package.	17 years ago
Luke Taylor	bec84f874a	SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.	17 years ago
Luke Taylor	2a9a8a41db	SEC-1125: Created separate web module spring-security-web	17 years ago
Luke Taylor	2c985a1c36	SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources	17 years ago
Luke Taylor	4aff4b2350	SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring	17 years ago
Luke Taylor	4aae5ec42e	SEC-1124: Refactored LDAP code into separate module	17 years ago
Luke Taylor	591681c180	Upgrade to Spring M2 and correct expression classes and pom files to match changes	17 years ago
Luke Taylor	9de9f638fe	SEC-1083: Removed unnecessary import	17 years ago
Luke Taylor	30748e8615	SEC-1083: PersistentTokenBasedRememberMeServices does not clear tokens on logout. Override logout method to remove tokens for user.	17 years ago
Luke Taylor	ddffdf1699	SEC-745: Renamed failureHandler and successHandler to have prefix 'authentication'	17 years ago
Luke Taylor	4a41416c9b	Tidying up and removing compiler warnings.	17 years ago
Luke Taylor	9cb361e88a	SEC-745: Added LogoutSuccessHandler strategy for use in LogoutFilter.	17 years ago
Luke Taylor	cc5966bc7e	Tidying up, removing compiler warnings etc.	17 years ago
Luke Taylor	8f598e9b11	SEC-1052: Add support for the namespace option 'disable-url-rewriting'.	18 years ago
Luke Taylor	171456a26c	SEC-1018: Changes to allow external reference to SaltSource bean from the namespace.	18 years ago
Luke Taylor	585e5f393a	Added warning suppression for deprecation.	18 years ago
Luke Taylor	d8b5f770e9	Added warning suppression for deprecation.	18 years ago
Luke Taylor	db5f1e69f1	SEC-949: Added the option of specifying -1 as the token-validity-seconds value in order to set the cookie maxAge to expire when the browser closes.	18 years ago
Luke Taylor	998f0b3ea1	SEC-993: Updated retrievePassword method to return null if an Authentication object with null credentials is presented (e.g. with OpenID). Prevents NPE when toString() is called.	18 years ago
Luke Taylor	74fd5fe8a4	Finish refactoring JdbcDaoIml to remove MappingSqlQuery objects. Updated Javadoc to avoid user confusion.	18 years ago
Luke Taylor	b24cc17dea	SEC-1052: Added "disableUrlRewriting" parameter to HttpSessionSecurityContextRepository.	18 years ago
Luke Taylor	f54d7ee6bc	SEC-535: Added "postOnly" flag to AuthenticationProcessingFilter, defaulting to "true" so that only POST requests are allowed by default.	18 years ago
Luke Taylor	898ef36d02	SEC-959: Converted SwitchUserFilter to use new Authentication success and failure strategies from SEC-745 for managing redirects.	18 years ago
Luke Taylor	c3181d9db0	SEC-1063: Moved the justUseSavedRequestOnGet property to ExceptionTranslationFilter. If set, it will not store the SavedRequest for unless the request is a GET.	18 years ago
Luke Taylor	40ccd3be11	SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument.	18 years ago
Luke Taylor	fcc68e636e	SEC-1062: Added authentication-success-handler-ref and authentication-failure-handler-ref to the namespace definition.	18 years ago
Luke Taylor	a0bcf7184c	SEC-1061: Renamed serverSideRedirect property.	18 years ago
Luke Taylor	3f38035057	SEC-1058: Renamed "forwardToDestination" to "useForward" for simplicity and consistency with the namespace.	18 years ago
Luke Taylor	2927b8464f	SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.	18 years ago
Luke Taylor	10e4d1fe1a	SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver.	18 years ago
Luke Taylor	aec23749d7	SEC-1056: Remove deprecated FilterToBeanProxy: It's gone	18 years ago
Luke Taylor	3fcc7b5403	SEC-1051: Moved voter and afterinvocation packages into acl package. Also moved filterer classes fom core, as they are used in the acl after-invocation classes	18 years ago
Luke Taylor	a443e55832	SEC-1057: Refactored TargetUrlResolver to remove SavedRequest from determineTargetUrl method.	18 years ago
Luke Taylor	3f40604b82	SEC-1055: Converted interfaces and methods using ServletRequest/Response to HttpServletRequest/Response where appropriate.	18 years ago
Luke Taylor	7fe6a0fc0d	SEC-1033: Added support for web IP ranges based on an address and netmask.	18 years ago
Luke Taylor	7767a9ed60	SEC-1033: Add basic equality support for hasIpAddress() expression.	18 years ago

1 2 3 4 5 ...

865 Commits (29fafbbf1822e2b35aff19d64ccab3a7d5d7a8cd)