514bca669f
SEC-999: Introduced custom SecurityExpressionEvaluationContext which is responsible for lazy initialization of parameter values in the context. Also some further conversion of code using GrantedAuthority arrays.
18 years ago
ec44f2bdfe
SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections
18 years ago
e891b334e6
SEC-1009: removed additional container adapter specific code
18 years ago
09cc58d7ac
SEC-1009: removed additional container adapter specific code
18 years ago
3521af4cae
Added missing test class.
18 years ago
a7d046357b
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
18 years ago
c7abdadc06
SEC-999: Moved caching from AbstractFallbackMethodDefinitionSource to DelegatingMethodDefinitionSource, to allow ExpressionBasedMethodDefinitionSource to take advantage of it. The latter no-longer uses the fallback approach as it requires its own strategy to combine annotations which may be defined at method-on-class, class, method-on-interface or interface level.
18 years ago
f2ec8c978a
Moved MethodDefinitionSource to standalone class.
18 years ago
f592357c27
SEC-999,SEC-1013: removed ConfigAtributeDefinition from ObjectDefinitionSource and implementations. Modified el-authz to allow methods which use an annotation without explicitly specifying a PreAuthorize condition
18 years ago
5174693c64
SEC-999: Expression language based access decision support
...
http://jira.springframework.org/browse/SEC-999 . Added missing test class.
18 years ago
4aa32f7d06
SEC-999: First commit of expression-based authorization implementation
18 years ago
91c44a47fd
SEC-999: Added spel-annotations to newly created 2.5 schema file.
...
http://jira.springframework.org/browse/SEC-999
18 years ago
b031124f61
SEC-991: Removed deprecated getAttributes() method from LdapUserDetails interface
18 years ago
b589f78918
SEC-954: Deprecate AbstractMethodDefinitionSource
18 years ago
c947d42146
SEC-1010: Moved TestingAuthenticationProvider and token to main core src tree and updated poms to match
18 years ago
6c8a82fa13
Updated poms to Spring 2.5 and fixed up sandbox to work with latest build
18 years ago
7cc0965383
SEC-1001: Move core tiger code into core and adjust pom files
18 years ago
97381fb448
SEC-974: Made getExceptionMappings() protected.
18 years ago
4542f00b14
SEC-975: Namespace security syntax does not interpret properties
...
http://jira.springframework.org/browse/SEC-975 . Changed creation of AccessDeniedHandler to use a BeanDefinition to make sure placeholders work OK.
18 years ago
5e4634d216
Minor Javadoc improvement.
18 years ago
d291def963
Removed invalid comment.
18 years ago
df59cb9dcd
Import cleaning.
18 years ago
ef0389ae79
SEC-976: Removed checks for presence of core-tiger classes.
18 years ago
5b9bb8ba54
[maven-release-plugin] prepare for next development iteration
18 years ago
73eed2656d
[maven-release-plugin] prepare release spring-security-parent-2.0.4
18 years ago
8661e17df9
OPEN - issue SEC-960: DN Encoding in LDAPUserDetailsManager.changePassword() causes bind errors
...
http://jira.springframework.org/browse/SEC-960 . Replaced call to toUrl() with toString() to prevent URL encoding when setting up principal name for reconnect() in changePassword() method.
18 years ago
5102be3a59
SEC-971: getter for cookieName in AbstractRememberMeServices
...
http://jira.springframework.org/browse/SEC-971 . Added getCookieName() method.
18 years ago
4e2d6f8b2e
SEC-967: TextUtils.java does not escape ampersand character
...
http://jira.springframework.org/browse/SEC-967 . Added escaping of '&' character
18 years ago
d781deffe7
OPEN - issue SEC-966: Consider adding escapeXml attribute to security:authentication
...
http://jira.springframework.org/browse/SEC-966 . Added escaping of rendered text as default.
18 years ago
a4e4120443
SEC-963: LDAP Group Search Root
...
http://jira.springframework.org/browse/SEC-963 . Changed namespace instances of DefaultAuthoritiesPopulator to use the root as the default search location.
18 years ago
83868a7334
SEC-955: ability to externalize port mapping for secured channel to a property file
...
http://jira.springframework.org/browse/SEC-955 . Changed schema to make port-mapping type xsd:string to allow placeholders.
18 years ago
150f3d97d0
SEC-832: NamingEnumeration.hasMore fails on MS AD with PartialResultException
...
http://jira.springframework.org/browse/SEC-832 . Changed searchForSingleEntry method to ignore PartialResultException, similar to Spring LDAP's approach.
18 years ago
7f28a8bc5d
Refactored DefaultLdapAuthoritiesPopulator to remove contextSource field and setter method.
18 years ago
1cfd886517
SEC-922: Spring Security should respect Spring XML boolean operators for AJ pointcut
...
http://jira.springframework.org/browse/SEC-922 . Added method to substitute boolean operators "and, not, or" with aspectj versions "&&, !, ||".
18 years ago
bb457e1d07
SEC-957: logger.debug without guard causing massive performance hit
...
http://jira.springframework.org/browse/SEC-957 . Added debug logging guard as requested.
18 years ago
09cf90258f
SEC-758: Both AspectJSecurityInterceptor and AspectJAnnotationSecurityInterceptor not usable with @AspectJ notation
...
http://jira.springframework.org/browse/SEC-758 . Added "throws Throwable" to AspectJAnnotationCallback signature.
18 years ago
e15d7a78cd
SEC-956: Remove MapBasedMethodDefinitionSource.lookupAttributes
...
http://jira.springframework.org/browse/SEC-956 . Done.
18 years ago
3bf5e406b7
SEC-936: NPE in AbstractFallbackMethodDefinitionSource
...
http://jira.springframework.org/browse/SEC-936 . Changed to check if the value of MethodInvocation.getThis() is null to prevent NPE. MapBasedMethodDefinitionSource now ignores calls to findAttributes() with a null target class (all its entries require a class) and the fallback option in AbstractFallbackMethodDefinitionSource is used if the targetClass is null (i.e. Method.getDeclaringClass() will be used as the Class)
18 years ago
55d357f42d
OPEN - issue SEC-905: <protect-pointcut /> pointcuts do not respect method arguments
...
http://jira.springframework.org/browse/SEC-905 . Added extra registration method to MapBasedMethodDefinitionSource which takes a Method instance rather than the method name.
18 years ago
d9ab0758ee
SEC-954: Removed test dependency on AbstractMethodDefinitionSource.
18 years ago
36b35e3b1f
CLOSED - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching
...
http://jira.springframework.org/browse/SEC-953 . Fixed autoboxing issue.
18 years ago
39a656eb78
OPEN - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching
...
http://jira.springframework.org/browse/SEC-953 . Added stripQueryStringFromUrls parameter to FilterChainProxy which works the same as the one on DefaultFilterInvocationDefinitionSource. This defaults to true when used with ant path matching.
18 years ago
b6dec19e90
SEC-932: Added supplied class and test class.
18 years ago
3ab9fcdcaf
Tidying.
18 years ago
3a9eb018ba
SEC-950: Added test to attempt to reproduce problem.
18 years ago
b3a23b4377
Some minor improvements to schema comments
18 years ago
25814d341d
Tidying.
18 years ago
e951c42c2b
Improved javadoc. Some tidying up.
18 years ago
7258d30e13
Reinstated missing author tag and some minor tidying (de-jalopying). Removed unused logger.
18 years ago
3ee3591feb
SEC-947: Added check on "before" and "after" values to make sure they don't overflow when decremented/incremented respectfully.
18 years ago
Luke Taylor