aed288da05
Fix Spring IO Tests
11 years ago
1f74ac811e
Fix Spring IO Tests
11 years ago
197ddb3cd1
SEC-3029: Fix Compatibility with Spring 4.2.x
11 years ago
0a118336d4
SEC-2955: Convert to "static" for inner classes
11 years ago
a67ef1c3a2
SEC-2944: Polish
11 years ago
3099f92154
SEC-2944 Add HttpStatusReturningLogoutSuccessHandler
...
* Add HttpStatusReturningLogoutSuccessHandler to provide better logout capabilities for RESTful APIs
11 years ago
e08e9cda00
SEC-2851: Remove DataAccessException import from Persistent RememberMe
11 years ago
09acc2b7a5
SEC-2962: SecurityContextHolderAwareRequestFilter default rolePrefix
11 years ago
d5dfeeca49
SEC-2927: Update chat-jc pom so Maven Builds
...
Previously there were some incorrect dependency versions. This commit fixes
that.
We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
11 years ago
0bfbd2923a
SEC-2915: Fix defaut login page tests with tabs
11 years ago
4fdfb8caba
SEC-2915: More Tabs -> Spaces
11 years ago
db531d9100
SEC-2917: Update to Spring 4.1.6
11 years ago
ae6af5d73c
SEC-2915: Updated Java Code Formatting
11 years ago
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
11 years ago
cf9f58a4ac
SEC-2915: XML spaces->tabs
11 years ago
b85ad33aef
SEC-2888: Polish
11 years ago
85955015f7
SEC-2888 AntPathRequestMatcher ignores variables in pattern when pattern
...
finishes with /**
11 years ago
e776a1fd35
SEC-2803: Add HttpStatusEntryPoint
11 years ago
9d0085bb64
SEC-2882: DefaultLoginPageGeneratingFilter match on /login
...
Previously DefaultLoginPageGeneratingFilter would match on /**/login
which was not ideal since other parts of the application may want to
match on the URL.
Now it matches on /login.
11 years ago
217152c8fd
Polish Http403ForbiddenEntryPoint whitespace
11 years ago
b04388ad62
SEC-2805: Remove unnecessary cast in Http403ForbiddenEntryPoint
11 years ago
6fd45df1e4
SEC-2879: Add Test
11 years ago
8c0b16820b
SEC-2879: JdbcTokenRepositoryImpl updateToken should use lastUsed arg
11 years ago
9ea7372405
SEC-2878: Clean imports in UsernamePasswordAuthenticationFilter
11 years ago
5f57e5b0c3
SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config
11 years ago
76d9ef4ec3
SEC-2872: CsrfAuthenticationStrategy Delay Saving CsrfToken
11 years ago
98ae03fc40
SEC-2832: Add Tests
11 years ago
310e5bb285
SEC-2832: Update request attributes with new CsrfToken
11 years ago
d973f5f80c
SEC-2078: AbstractPreAuthenticatedProcessingFilter requriesAuthentication support for non-String Principals
...
Previously, if the Principal returned by getPreAuthenticatedPrincipal was not a String,
it prevented requiresAuthentication from detecting when the Principal was the same.
This caused the need to authenticate the user for every request even when the Principal
did not change.
Now requiresAuthentication will check to see if the result of
getPreAuthenticatedPrincipal is equal to the current Authentication.getPrincipal().
11 years ago
706e7fd7a2
SEC-2863: Update to Spring 4.1.5
11 years ago
6a8475adbb
SEC-2830: Provide Same Origin support for SockJS
11 years ago
a27c33754c
SEC-2859: Add CsrfTokenArgumentResolver
11 years ago
1a35292750
SEC-2791: AbstractRememberMeServices sets the version
...
If the maxAge < 1 then the version must be 1 otherwise browsers ignore
the value.
11 years ago
1a00c397a4
SEC-2835: Polish
11 years ago
07c54e5d0e
SEC-2831: Regex/AntPath RequestMatcher handle invalid HTTP method
11 years ago
31234ecef9
SEC-2835: Add DelegatingAuthenticationFailureHandler
...
Add the DelegatingAuthenticationFailureHandler class to support
map each exception to AuthenticationFailureHandler. This class gives
more powerful options to customize default behavior for users.
11 years ago
1d0eee1d0b
SEC-2840: Modify typo in DelegatingAccessDeniedHandler
11 years ago
6627f76df7
SEC-2758: Make ROLE_ consistent
11 years ago
8f0001f59a
Next Development Version
11 years ago
49b69196de
Release version 4.0.0.RC1
11 years ago
11116c2b80
SEC-2787: Update Versions
11 years ago
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
11 years ago
b56e5edbbd
SEC-2784: Fix build plugins
11 years ago
6e204fff72
SEC-2781: Remove deprecations
11 years ago
eedbf44235
SEC-2348: Security HTTP Response Headers enabled by default w/ XML
11 years ago
2e1e9885ec
SEC-2054: Polish
...
Fix the tests to use .getName() for assertions
11 years ago
e2f7b38b87
SEC-2054: BasicAuthenticationFilter not invoked on ERROR dispatch
11 years ago
dfa17bdb98
SEC-2747: Remove spring-core dependency from spring-security-crypto
11 years ago
fa9e7999da
SEC-2569: SavedRequestAwareWrapper no longer overrides getCookies()
...
Previously SavedRequestAwareWrapper overrode the getCookies() method. This
meant that the cookies from the original request were used instead of the
new request. In general, this does not make sense since cookies are
automatically submitted in every request by a client. Additionally, this
caused problems with using a locale cookie that was specified after the
secured page was requested.
Now SavedRequestAwareWrapper uses the new incoming request for determining
the cookies.
11 years ago
5ba8f000a7
SEC-2714: Add AuthenticationPrincipal resolver for messaging support
11 years ago
Rob Winch
Alex Panchenko
Gunnar Hillert
Pascal Gehl
Michael Cramer
Marcin Mielnicki
Stillglade
Rob Winch
Kazuki Shimizu
Spring Buildmaster