spring-security

Author	SHA1	Message	Date
Rob Winch	54ffc98bb4	SEC-1606: Added a FirewalledRequestAwareRequestDispatcher that will call FirewalledRequest.reset() before a forward	16 years ago
Luke Taylor	1c3d530b60	Switch versions to 2.0.7.CI-SNAPSHOT	16 years ago
Luke Taylor	beb0ec4ba9	Version 2.0.6.RELEASE	16 years ago
Luke Taylor	dec2e59fba	SEC-1584: Backport of namespace support for injecting custom HttpFirewall instance into FilterChainProxy.	16 years ago
Luke Taylor	8f6ddb0f17	SEC-1584: Backport to 2.0.x branch of request firewalling (normalization checks and path-parameter stripping from servletPath and pathInfo).	16 years ago
Luke Taylor	9c6a5135a3	SEC-1532: Patch applied to 2.0.x branch	16 years ago
Luke Taylor	0acf262546	SEC-1462: Added suggested patch (effectively the same as changes in 3.0.x and master branches).	16 years ago
Luke Taylor	6ad652ae97	Update 2.0 branch pom versions.	16 years ago
Luke Taylor	d6f6a54455	SEC-1444: Backport of changes to 2.0.x	16 years ago
Luke Taylor	71adc26b0f	[maven-release-plugin] prepare release spring-security-2.0.5.RELEASE	17 years ago
Luke Taylor	3e393c9df6	Tidying test class	17 years ago
Luke Taylor	149fd5d8de	Add bundlor templates	17 years ago
Luke Taylor	f3f02d8aed	Update sec-2.0.x branch to use bundlor	17 years ago
Luke Taylor	781c99f257	SEC-1145: Updated LDAP code to make sure pooling flag is removed when binding as a specific user (for real this time)	17 years ago
Luke Taylor	b77f780993	SEC-1145: Updated LDAP code to make sure pooling flag is removed when binding as a specific user	17 years ago
Luke Taylor	4c3867718e	SEC-1031: Ported change from trunk.	18 years ago
Luke Taylor	97381fb448	SEC-974: Made getExceptionMappings() protected.	18 years ago
Luke Taylor	4542f00b14	SEC-975: Namespace security syntax does not interpret properties http://jira.springframework.org/browse/SEC-975. Changed creation of AccessDeniedHandler to use a BeanDefinition to make sure placeholders work OK.	18 years ago
Luke Taylor	5e4634d216	Minor Javadoc improvement.	18 years ago
Luke Taylor	d291def963	Removed invalid comment.	18 years ago
Luke Taylor	df59cb9dcd	Import cleaning.	18 years ago
Luke Taylor	ef0389ae79	SEC-976: Removed checks for presence of core-tiger classes.	18 years ago
Luke Taylor	5b9bb8ba54	[maven-release-plugin] prepare for next development iteration	18 years ago
Luke Taylor	73eed2656d	[maven-release-plugin] prepare release spring-security-parent-2.0.4	18 years ago
Luke Taylor	8661e17df9	OPEN - issue SEC-960: DN Encoding in LDAPUserDetailsManager.changePassword() causes bind errors http://jira.springframework.org/browse/SEC-960. Replaced call to toUrl() with toString() to prevent URL encoding when setting up principal name for reconnect() in changePassword() method.	18 years ago
Luke Taylor	5102be3a59	SEC-971: getter for cookieName in AbstractRememberMeServices http://jira.springframework.org/browse/SEC-971. Added getCookieName() method.	18 years ago
Luke Taylor	4e2d6f8b2e	SEC-967: TextUtils.java does not escape ampersand character http://jira.springframework.org/browse/SEC-967. Added escaping of '&' character	18 years ago
Luke Taylor	d781deffe7	OPEN - issue SEC-966: Consider adding escapeXml attribute to security:authentication http://jira.springframework.org/browse/SEC-966. Added escaping of rendered text as default.	18 years ago
Luke Taylor	a4e4120443	SEC-963: LDAP Group Search Root http://jira.springframework.org/browse/SEC-963. Changed namespace instances of DefaultAuthoritiesPopulator to use the root as the default search location.	18 years ago
Luke Taylor	83868a7334	SEC-955: ability to externalize port mapping for secured channel to a property file http://jira.springframework.org/browse/SEC-955. Changed schema to make port-mapping type xsd:string to allow placeholders.	18 years ago
Luke Taylor	150f3d97d0	SEC-832: NamingEnumeration.hasMore fails on MS AD with PartialResultException http://jira.springframework.org/browse/SEC-832. Changed searchForSingleEntry method to ignore PartialResultException, similar to Spring LDAP's approach.	18 years ago
Luke Taylor	7f28a8bc5d	Refactored DefaultLdapAuthoritiesPopulator to remove contextSource field and setter method.	18 years ago
Luke Taylor	1cfd886517	SEC-922: Spring Security should respect Spring XML boolean operators for AJ pointcut http://jira.springframework.org/browse/SEC-922. Added method to substitute boolean operators "and, not, or" with aspectj versions "&&, !, \|\|".	18 years ago
Luke Taylor	bb457e1d07	SEC-957: logger.debug without guard causing massive performance hit http://jira.springframework.org/browse/SEC-957. Added debug logging guard as requested.	18 years ago
Luke Taylor	09cf90258f	SEC-758: Both AspectJSecurityInterceptor and AspectJAnnotationSecurityInterceptor not usable with @AspectJ notation http://jira.springframework.org/browse/SEC-758. Added "throws Throwable" to AspectJAnnotationCallback signature.	18 years ago
Luke Taylor	e15d7a78cd	SEC-956: Remove MapBasedMethodDefinitionSource.lookupAttributes http://jira.springframework.org/browse/SEC-956. Done.	18 years ago
Luke Taylor	3bf5e406b7	SEC-936: NPE in AbstractFallbackMethodDefinitionSource http://jira.springframework.org/browse/SEC-936. Changed to check if the value of MethodInvocation.getThis() is null to prevent NPE. MapBasedMethodDefinitionSource now ignores calls to findAttributes() with a null target class (all its entries require a class) and the fallback option in AbstractFallbackMethodDefinitionSource is used if the targetClass is null (i.e. Method.getDeclaringClass() will be used as the Class)	18 years ago
Luke Taylor	55d357f42d	OPEN - issue SEC-905: <protect-pointcut /> pointcuts do not respect method arguments http://jira.springframework.org/browse/SEC-905. Added extra registration method to MapBasedMethodDefinitionSource which takes a Method instance rather than the method name.	18 years ago
Luke Taylor	d9ab0758ee	SEC-954: Removed test dependency on AbstractMethodDefinitionSource.	18 years ago
Luke Taylor	36b35e3b1f	CLOSED - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching http://jira.springframework.org/browse/SEC-953. Fixed autoboxing issue.	18 years ago
Luke Taylor	39a656eb78	OPEN - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching http://jira.springframework.org/browse/SEC-953. Added stripQueryStringFromUrls parameter to FilterChainProxy which works the same as the one on DefaultFilterInvocationDefinitionSource. This defaults to true when used with ant path matching.	18 years ago
Luke Taylor	b6dec19e90	SEC-932: Added supplied class and test class.	18 years ago
Luke Taylor	3ab9fcdcaf	Tidying.	18 years ago
Luke Taylor	3a9eb018ba	SEC-950: Added test to attempt to reproduce problem.	18 years ago
Luke Taylor	b3a23b4377	Some minor improvements to schema comments	18 years ago
Luke Taylor	25814d341d	Tidying.	18 years ago
Luke Taylor	e951c42c2b	Improved javadoc. Some tidying up.	18 years ago
Luke Taylor	7258d30e13	Reinstated missing author tag and some minor tidying (de-jalopying). Removed unused logger.	18 years ago
Luke Taylor	3ee3591feb	SEC-947: Added check on "before" and "after" values to make sure they don't overflow when decremented/incremented respectfully.	18 years ago
Luke Taylor	1af7eed433	SEC-883: RoleHierarchyVoter http://jira.springframework.org/browse/SEC-883. Added RoleHierarchyVoter and deprecated existing approach. Also moved TestingAuthenticationToken to test package structure.	18 years ago

1 2 3 4 5 ...

1709 Commits (54ffc98bb437e6e8e9d80930600db385a72dc2fd)