Luke Taylor
|
7fcdd4a6ff
|
More tidying...
|
19 years ago |
|
Luke Taylor
|
510cd5050f
|
Tidied up SessionRegistryImpl and rolled back reformatting of its test class to incorrect width.
|
19 years ago |
|
Luke Taylor
|
6c169d9acf
|
SEC-508: Added CDATA sections to multi-line text values in tutorial and contacts sample context files to prevent eclipse reforatting bug from messing them up.
|
19 years ago |
|
Luke Taylor
|
e87956358f
|
Added missing "'" to login page in tutorial app.
|
19 years ago |
|
Luke Taylor
|
5f993e5627
|
SEC-534: Refactored JaasAuthenticationProvider to use ApplicationPublisherAware rather than ApplicationContextAware.
|
19 years ago |
|
Luke Taylor
|
1467527c0a
|
SEC-538: Deleted maven 1 files.
|
19 years ago |
|
Luke Taylor
|
5b7ed79b6a
|
SEC-539: Reformatted "divider" comments (//~ Methods=== etc). Simplified boolean expression in afterPropertiesSet.
|
19 years ago |
|
Luke Taylor
|
d7cef1ba31
|
SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged.
|
19 years ago |
|
Luke Taylor
|
47c5a6d43f
|
SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session).
|
19 years ago |
|
Luke Taylor
|
f7a6129657
|
SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter.
|
19 years ago |
|
Luke Taylor
|
d1be9f9980
|
SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use.
|
19 years ago |
|
Luke Taylor
|
3dd0716611
|
SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter().
|
19 years ago |
|
Luke Taylor
|
fa63d8ecfb
|
SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession()
|
19 years ago |
|
Luke Taylor
|
ce3eb599ed
|
SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter().
|
19 years ago |
|
Luke Taylor
|
ba88214d1d
|
SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic.
|
19 years ago |
|
Luke Taylor
|
27ef2caf45
|
SEC-539: Removed filterApplied boolean.
|
19 years ago |
|
Luke Taylor
|
e8d11f28f2
|
SEC-539: Extracted storeSecurityContextInSession() method.
|
19 years ago |
|
Luke Taylor
|
bcf69cbe3d
|
SEC-539: Extracted populateSecurityContextFromSession() method.
|
19 years ago |
|
Luke Taylor
|
6651a240de
|
Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not.
|
19 years ago |
|
Luke Taylor
|
6fe00b3433
|
SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true.
Also removed unnecessary assertions from PathBasedFilterDefinitionMapTests.
|
19 years ago |
|
Luke Taylor
|
036ea034ac
|
SEC-521: Updated svn URLs to match recent repository restructuring.
|
19 years ago |
|
Luke Taylor
|
4ba77fa736
|
SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected.
|
19 years ago |
|
Luke Taylor
|
e189bc685f
|
SEC-408: Fix. Provide getter for filterProcessesUrl.
|
19 years ago |
|
Luke Taylor
|
c8077c5e87
|
SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes.
|
19 years ago |
|
Luke Taylor
|
3f123e1478
|
SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache).
|
19 years ago |
|
Luke Taylor
|
87d6b8dedd
|
SEC-412: Fix. Added extra constructor to UsernameNotFoundException allow use of extraInformation property of parent class.
|
19 years ago |
|
Luke Taylor
|
f47ccd81a6
|
SEC-487: Added documentation on use of #NONE# in FilterChainProxy. Also changed doc version to 1.0.5.
|
19 years ago |
|
Luke Taylor
|
dda88e3931
|
SEC-502: Fix. Use a Map instead of HashMap in the API. Also some minor tidying of test class.
|
19 years ago |
|
Luke Taylor
|
57f3d268a1
|
SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys.
|
19 years ago |
|
Luke Taylor
|
1c72b7989e
|
Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl.
|
19 years ago |
|
Luke Taylor
|
82599a72ba
|
Reformatted LogoutFilter.
|
19 years ago |
|
Luke Taylor
|
f8689b18b2
|
SEC-526: Fixed. Support for different case prefixes ({SHA}, {sha} etc).
|
19 years ago |
|
Luke Taylor
|
0425d3b638
|
Rolled back unnecessary changes (whitespace, imports etc) for SEC-398 to make actual change from revision 1858 clearer.
|
19 years ago |
|
Luke Taylor
|
ed944fa537
|
SEC-514: Re-enable contact sample in maven build.
|
19 years ago |
|
Luke Taylor
|
6a36ae7a0d
|
SEC-509: removed clirr plugin declaration from maven build.
Also removed regexp javadoc link as it doesn't seem to be a project dependency any more.
|
19 years ago |
|
Luke Taylor
|
c682a79e46
|
SEC-505: Fixed. Minor corrections to docbook source.
|
19 years ago |
|
Luke Taylor
|
709dba101c
|
SEC-498: Correct name of AfterInvocationProviderManager
|
19 years ago |
|
Luke Taylor
|
70875a3c70
|
SEC-523: Made sentence about where GrantedAuthority objects come from a bit clearer.
|
19 years ago |
|
Luke Taylor
|
cbc74de7c6
|
Removed old LDAP code from sandbox and adjusted dependencies accordingly.
|
19 years ago |
Mark St. Godard
|
5474b3a78c
|
SEC-279 - Deleting Contacts Tiger sample project
|
19 years ago |
Ben Alex
|
93b303e343
|
Support Spring LDAP.
|
19 years ago |
|
Ben Alex
|
db3024f9a4
|
SEC-271: Revert Ordered and ApplicationContextAware usage at this time, due to release of 1.0..
|
19 years ago |
|
Ben Alex
|
7a5c1ee328
|
Rename to spring-security. This is only a temporary commit, as in the future Maven 2 will be used and this file will be removed from Subversion.
|
19 years ago |
|
Ben Alex
|
8b6c592180
|
Finalization of repository restructure.
|
19 years ago |
Vishal Puri
|
2b4d8a6378
|
Removed print statement
|
19 years ago |
|
Luke Taylor
|
3fbc7beb88
|
SEC-251: Document use of {1} parameter in javadoc for DefaultLdapAuthoritiesPopulator.
|
19 years ago |
|
Luke Taylor
|
fd0d4cd8b0
|
SEC-521: Fixed sourceforge svn URLs.
|
19 years ago |
John Lewis
|
8396f04ae6
|
implemented unit tests for portlet support
|
19 years ago |
|
John Lewis
|
0efdd5d2bf
|
added javadoc package.html files for portlet classes
|
19 years ago |
|
John Lewis
|
f70cba5d0e
|
added PortletProcessingFilterEntryPoint for accessing servlet resources via portlet authentication
|
19 years ago |
