Luke Taylor
|
fcce29f8df
|
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
|
16 years ago |
|
Luke Taylor
|
aeed49393c
|
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
|
17 years ago |
|
Luke Taylor
|
354b043fd1
|
SEC-1337: Add Serializable interface to internal comparator
|
17 years ago |
|
Luke Taylor
|
55679971f0
|
SEC-1337: Make User serializable by moving anonymous comparator class
|
17 years ago |
|
Luke Taylor
|
cad32ffe39
|
SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface.
|
17 years ago |
|
Luke Taylor
|
ef3d9c7877
|
Tidying Javadoc.
|
17 years ago |
|
Luke Taylor
|
1e8ea55030
|
SEC-1320: JaasAuthenticationProvider can not find jaas realm defined inside service archive. Added flag to control refresh of configuration on startup.
|
17 years ago |
|
Luke Taylor
|
33b109f0b3
|
Made session maps final in SessionRegistryImpl.
|
17 years ago |
|
Luke Taylor
|
558737363f
|
Added some extra tracing to SessionRegistryImpl.
|
17 years ago |
|
Luke Taylor
|
cde9cd6b36
|
Correct toString() method in User class.
|
17 years ago |
|
Luke Taylor
|
02a9db7bcf
|
SEC-1317: Removed check in ProviderManager.getProviders() for empty provider list. A ProviderManager with a non-null parent may have an empty provider list. The afterPropertiesSet() method performs the necessary checks.
|
17 years ago |
Scott Battaglia
|
dada789814
|
NOJIRA
removed unnecessary cast and use StringBuilder rather than non-final String and concatenation.
|
17 years ago |
|
Luke Taylor
|
ed92d5ea71
|
SEC-1304: Removed unused compareTo method from custom GrantedAuthority.
|
17 years ago |
|
Luke Taylor
|
8a0f69b955
|
SEC-1295: Placing Security on Roo Aspected method fails. Added suggested fix - check for null target and use Signature.declaredType instead.
|
17 years ago |
|
Luke Taylor
|
7e0c7ffc0e
|
SEC-1304: Removed "Comparable" from GrantedAuthority
|
17 years ago |
|
Luke Taylor
|
e72cfd58d4
|
SEC-1304: Remove Comparable interface from GrantedAuthority to enable it to be imlemented by an enum.
|
17 years ago |
|
Luke Taylor
|
1df82654e3
|
SEC-1310: Added toString() implementations to Pre and PostInvocationExpressionAttribute classes.
|
17 years ago |
|
Luke Taylor
|
69699431b1
|
SEC-1303: Added internal Hex and Base64 classes, and moved commons-codec dependency to test scope
|
17 years ago |
|
Luke Taylor
|
d4d5012035
|
SEC-1272: <authentication-manager> does not register default event handler DefaultAuthenticationEventPublisher. Update AuthenticationManagerBeanDefinitionParser to register a DefaultAuthenticationeventPublisher and set it on the registered ProviderManager.
|
17 years ago |
|
Luke Taylor
|
248e826342
|
SEC-1282: Clarified javadoc
|
17 years ago |
|
Luke Taylor
|
0615b94f55
|
Converted expression test to use static method.
|
17 years ago |
|
Luke Taylor
|
4dcb9de67a
|
SEC-1257: Some additional API changes to use Collection instead of List...
|
17 years ago |
|
Luke Taylor
|
f213cc5d9e
|
SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted.
|
17 years ago |
|
Luke Taylor
|
caff3ee9ba
|
SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).
|
17 years ago |
|
Luke Taylor
|
acf13c74ca
|
SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session
|
17 years ago |
|
Luke Taylor
|
2a1430f1ce
|
SEC-1229: Removed legacy concurrency classes
|
17 years ago |
|
Luke Taylor
|
9639340fef
|
SEC-1049: RoleHierarchy in SidRetrievalStrategy. Added optional RoleHierarchy injection to SidRetrievalStrategyImpl
|
17 years ago |
|
Luke Taylor
|
1c4a809e09
|
SEC-1245: Add role hierarchy support to expression handlers. Done.
|
17 years ago |
|
Luke Taylor
|
897960cd70
|
Add expression string to failed expression evaluation exception message to help clarify the context.
|
17 years ago |
|
Luke Taylor
|
6851655ea9
|
SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class.
|
17 years ago |
|
Luke Taylor
|
ef2df77889
|
SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString().
|
17 years ago |
|
Luke Taylor
|
8081a1a3cc
|
Set Id svn keyword.
|
17 years ago |
Mike Wiesner
|
58ee9a364e
|
SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers.
|
17 years ago |
|
Scott Battaglia
|
bfd421016e
|
SEC-1228
added constructor so a wrapper can be instanciated in one line of code.
|
17 years ago |
|
Luke Taylor
|
471206a29d
|
SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy
|
17 years ago |
|
Luke Taylor
|
9bf8656d66
|
SEC-1201: PropertyPlaceholderConfigurer does not work for intercept-url attributes. Added use of ManagedMaps and BeanDefinitions to support placeholders in the pattern and access attributes.
|
17 years ago |
|
Luke Taylor
|
bb4d818862
|
SEC-1188: Added "getContexHolderStrategy" method to SecurityContextHolder.
|
17 years ago |
|
Luke Taylor
|
972cd0a53c
|
javadoc
|
17 years ago |
|
Luke Taylor
|
d65b1b3581
|
SEC-1200: Ukranian messages file
|
17 years ago |
|
Luke Taylor
|
0f6642d3ab
|
SEC-1216: Replacement of custom-after-invocation-provider with after-invocation-provider element. Some changes to help prevent proxying of aop infrastructure classes (use of AopInfrastructureBean marker interface)
|
17 years ago |
|
Luke Taylor
|
5953af0f6b
|
SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements).
|
17 years ago |
|
Luke Taylor
|
fdb7325cbc
|
Javadoc update
|
17 years ago |
|
Luke Taylor
|
efd1dbf54a
|
Removed public modifier from getSessionController() method on ProviderManager.
|
17 years ago |
|
Luke Taylor
|
1afa67c954
|
SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block.
|
17 years ago |
|
Luke Taylor
|
6346e31517
|
SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance. Implemented "parent" AuthenticationManager in ProviderManager which is delegated to when no authentication is returned by the instances list of authentication providers. Extracted the Authentication success/failure publishing into a separate strategy.
|
17 years ago |
|
Luke Taylor
|
1ca2e6e6fc
|
Tidying.
|
17 years ago |
|
Luke Taylor
|
5d389d953d
|
RoleVoter test class.
|
17 years ago |
|
Luke Taylor
|
946f3d1067
|
Converted to use mockito.
|
17 years ago |
|
Luke Taylor
|
3b1cdc3ab4
|
Tidying.
|
17 years ago |
|
Luke Taylor
|
8a3930e673
|
Refactoring of ProviderManager to ensure that any AuthenticationException from the ConcurrentSessionController will prevent further polling of providers.
|
17 years ago |
