43b51ca64d
SEC-689: Session Fixation protection should be available to all authentication mechanisms.
...
http://jira.springframework.org/browse/SEC-689 . Added support to namespace.
18 years ago
2af2f299cb
SEC-689: Further tests, logging improvements.
18 years ago
a29842a467
SEC-689: Tests for SessionFixationProtectionFilter
18 years ago
8f5bcb64a6
SEC-689: Session Fixation protection should be available to all authentication mechanisms.
...
http://jira.springframework.org/browse/SEC-689 . Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
18 years ago
83bcc6ad7c
Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger.
18 years ago
0860333a3f
SEC-733: AspectJ Pointcut Expression Parsing support.
18 years ago
f4eb15b08b
SEC-428: Tests to prove proxy-target-class="true" works.
18 years ago
f8b5000d40
SEC-428: Make sure context is cleared before running test.
18 years ago
18fef571c3
Import cleaning.
18 years ago
028af06d61
SEC-428: Security interceptor does not work with schema based aop:config
...
http://jira.springframework.org/browse/SEC-428 . Fixed broken test method.
18 years ago
a375d8e59e
SEC-428: Added test
18 years ago
1dd5f42142
Adding svn keywords, correcting typos etc.
18 years ago
ed645958fa
per email with Ben and Luke removed cas-adapter and reworked cas module to just be the CAS client code.
18 years ago
9a4977ebd1
SEC-99/428/429/563: Various refactoring of method security metadata support.
18 years ago
beba7221cf
Update dependency versions and POM structure.
18 years ago
f67c7bcb38
Update dependency versions and POM structure
18 years ago
6ab301981c
Update dependency versions and POM structure.
18 years ago
9a02b9862e
Fixed preauth sample configuration to match recent changes in naming in core code.
18 years ago
fe0e05a6c8
SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value
...
http://jira.springframework.org/browse/SEC-725 . Added fix as recommended in issue.
18 years ago
b54e3978dc
SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc
18 years ago
3d0e0fcea5
fixed links in reference.xml
18 years ago
30a6abbe50
Tidied formatting of toString output for FilterBasedLdapUserSearch
18 years ago
162933155e
Added implementation of GrantedAuthoritiesContainer to allow refactoring of duplication in various preauth details classes
18 years ago
2ea94e2cc9
Tidying imports etc
18 years ago
1d47945893
Added portlet and ldap samples to build
18 years ago
696e3c8034
Udated maven eclipse plugin version
18 years ago
69f2075872
SEC-722: Fix jstl versions in openID sample login page.
18 years ago
563dabda2f
SEC-722: Add Open ID Namespace Support
...
http://jira.springframework.org/browse/SEC-722 . Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
18 years ago
b89dbc6060
Import cleaning
18 years ago
9871685ea3
SEC-722: Fixed problem with empty loginpage string (rather than null) preventing default login page filter from being added to the stack.
18 years ago
b73736ffaf
Updated example configuration in javadoc for LdapAuthenticationProvider.
18 years ago
037ccd5eaa
Removed eclipse settings directory
18 years ago
16ea8faa0d
SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4.
18 years ago
119cc9ff04
Remove notice.txt due to mvn eclipse:eclipse issues with import from parent directory.
18 years ago
5466fe0022
Added servlet api dep to captcha and cas
18 years ago
acc22b2745
SEC-722: Add Open ID Namespace Support
...
http://jira.springframework.org/browse/SEC-722 . Added check for MAIN_ENTRY_POINT bean when resolving entry points. If this has been set during parsing it will be used.
18 years ago
815f04b6c3
SEC-722: Add Open ID Namespace Support
...
http://jira.springframework.org/browse/SEC-722 . Added element to namespace and modified form login parser to handle open id element. Also added openID support to login page generator.
18 years ago
b62ad5b097
SEC-722: Changed openID filter to use its owen ordering value as it may be used together with form login.
18 years ago
bbc5fea598
SEC-722: Add Open ID Namespace Support
...
http://jira.springframework.org/browse/SEC-722 . Added extra constants for OpenID support.
18 years ago
d333655b0b
Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom
18 years ago
56b967f935
Removed filer name duplication in rnc file.
18 years ago
a65b5a9ed8
Corrected separators between http method strings in rnc file.
18 years ago
8f379768a8
SEC-720: Design for extension: PreAuthenticatedGrantedAuthoritiesUserDetailsService
...
http://jira.springframework.org/browse/SEC-720 . Added createUserDetails method to allow custom UserDetails object t be created.
18 years ago
f3a6f768ba
SEC-724: Create portlet sample
...
http://jira.springframework.org/browse/SEC-724
18 years ago
030550a88e
Applied XSL transform to XSD file
18 years ago
2a0a041386
SEC-719: removed explicit toString() call to prevent NPE when userInfo is null
18 years ago
b78bd3ed4f
SEC-719: Change default value of useAuthTypeAsCredentials to true to prevent tests breaking
18 years ago
5de0f3b8f0
SEC-719: Refactor portlet code to make more use of core classes
...
http://jira.springframework.org/browse/SEC-719 . Rewrote provider as a preauthenticated provider.
18 years ago
f8d855f1a2
SEC-716: Default (non-web) AuthenticationDetailsSource implementation.
18 years ago
c9ff912b2f
SEC-723: Change PreAuthenticatedAuthenticationProvider to reject authentication tokens with null credentials. Also introduced a property "throwExceptionWhenTokenIsRejected" which raises a BadCredentialsException when the toke is invalid.
18 years ago
Luke Taylor
Ben Alex
Scott Battaglia