Luke Taylor
|
6eb17c8546
|
SEC-513: Ldap user manager implementation classes changed to use new spring ldap apis.
|
19 years ago |
|
Luke Taylor
|
afaa169e97
|
SEC-449: Test data ldif file for ApacheDS.
|
19 years ago |
|
Luke Taylor
|
0503c3e1ab
|
SEC-449: Refactoring towards more use of Spring LDAP. Also borrowed the Spring LDAP integration testing setup which is much better and makes use of the full LDAP stack. There were still problems with using Apache DS's CoreContextFactory (e.g. compare operations) so it is an improvement on that front too. Moved spring ldap to 1.2-RC1 version.
|
19 years ago |
Scott Battaglia
|
f7815e8da2
|
SEC-520
added parameter to determine whether to encode the session id or not and an explanation on when it should/should not be used.
|
19 years ago |
|
Luke Taylor
|
e7ede68352
|
Update ldap test base class to use LdapContext by default.
|
19 years ago |
|
Luke Taylor
|
ff1f1d8ef5
|
SEC-449: Rename internal LdapTemplate class to SpringSecurityLdapTemplate to avoid confusion.
|
19 years ago |
|
Luke Taylor
|
f178ca2a39
|
Updated trunk poms to 2.0-SNAPSHOT version
|
19 years ago |
|
Luke Taylor
|
70239a9769
|
SEC-513: First check in of user management stuff.
|
19 years ago |
|
Luke Taylor
|
9b71b5aa00
|
SEC-449: Mostly changes to aid moving towards compatibility with spring-ldap.
|
19 years ago |
|
Luke Taylor
|
8d4b97f685
|
Updated poms post-release 1.0.5
|
19 years ago |
|
Luke Taylor
|
c8b6111418
|
Release 1.0.5.
|
19 years ago |
|
Luke Taylor
|
3de8745494
|
Commented out (another) failing captcha test whose behaviour varies with speed of the build server (makes assumptions about the interval within which certain lines of code are executed).
|
19 years ago |
|
Luke Taylor
|
6289503643
|
Commented out failing captcha test whose behaviour varies with speed of the build server (makes assumptions about the interval within which certain lines of code are executed).
|
19 years ago |
|
Luke Taylor
|
34527c3305
|
Changed spring version to 1.2.9 and modified dependencies to get build to work with this version. Corrected some javadoc links.
|
19 years ago |
|
Luke Taylor
|
15ee5b2364
|
SEC-540,SEC-541: Changes for maven 2 site generation and use of docbkx.
|
19 years ago |
|
Luke Taylor
|
4e452046ec
|
Comment out System.out.println
|
19 years ago |
Ray Krueger
|
edd7bbeceb
|
Removed repeated downcasting of ServletRequest and ServletResponse
|
19 years ago |
|
Luke Taylor
|
b2799985f2
|
SEC-398: Added patch which uses response wrapper to set context in session on redirect or error.
|
19 years ago |
|
Luke Taylor
|
219b865c01
|
SEC-544: Added German localization messages from Andreas Senft.
|
19 years ago |
|
Luke Taylor
|
c021bf4682
|
SEC-542: Made SessionInformation serializable. Also remove unused default constructor.
|
19 years ago |
|
Luke Taylor
|
0adf0d6f1c
|
SEC-529: Added French translation of messages from Laurent Pireyn
|
19 years ago |
|
Luke Taylor
|
bc411c7c3b
|
SEC-457: Added Czech translation of messages from Jan Novotný
|
19 years ago |
|
Luke Taylor
|
ea61964f56
|
SEC-483: Fix. Make getGroupSearchBase protected.
|
19 years ago |
|
Luke Taylor
|
0c4916ee98
|
SEC-427: Fix. Added NullAuthoritiesPopulator and extra constructor.
|
19 years ago |
|
Luke Taylor
|
301626fd6e
|
SEC-346: Fix. Added suggested change. Also some minor tidying up of comments etc.
|
19 years ago |
|
Luke Taylor
|
2e8d16c538
|
SEC-484: Multithreaded tests for SessionRegistryImpl.
|
19 years ago |
|
Luke Taylor
|
ad43d433b4
|
SEC-484: Fix for NPE concurreny issue. Also reinstated synchronized on registerNewSession (had removed it for testing).
|
19 years ago |
|
Luke Taylor
|
aa4ee54f86
|
Added logging to SessionRegistryImpl.
|
19 years ago |
|
Luke Taylor
|
7fcdd4a6ff
|
More tidying...
|
19 years ago |
|
Luke Taylor
|
510cd5050f
|
Tidied up SessionRegistryImpl and rolled back reformatting of its test class to incorrect width.
|
19 years ago |
|
Luke Taylor
|
5f993e5627
|
SEC-534: Refactored JaasAuthenticationProvider to use ApplicationPublisherAware rather than ApplicationContextAware.
|
19 years ago |
|
Luke Taylor
|
1467527c0a
|
SEC-538: Deleted maven 1 files.
|
19 years ago |
|
Luke Taylor
|
5b7ed79b6a
|
SEC-539: Reformatted "divider" comments (//~ Methods=== etc). Simplified boolean expression in afterPropertiesSet.
|
19 years ago |
|
Luke Taylor
|
d7cef1ba31
|
SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged.
|
19 years ago |
|
Luke Taylor
|
47c5a6d43f
|
SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session).
|
19 years ago |
|
Luke Taylor
|
f7a6129657
|
SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter.
|
19 years ago |
|
Luke Taylor
|
d1be9f9980
|
SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use.
|
19 years ago |
|
Luke Taylor
|
3dd0716611
|
SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter().
|
19 years ago |
|
Luke Taylor
|
fa63d8ecfb
|
SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession()
|
19 years ago |
|
Luke Taylor
|
ce3eb599ed
|
SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter().
|
19 years ago |
|
Luke Taylor
|
ba88214d1d
|
SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic.
|
19 years ago |
|
Luke Taylor
|
27ef2caf45
|
SEC-539: Removed filterApplied boolean.
|
19 years ago |
|
Luke Taylor
|
e8d11f28f2
|
SEC-539: Extracted storeSecurityContextInSession() method.
|
19 years ago |
|
Luke Taylor
|
bcf69cbe3d
|
SEC-539: Extracted populateSecurityContextFromSession() method.
|
19 years ago |
|
Luke Taylor
|
6651a240de
|
Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not.
|
19 years ago |
|
Luke Taylor
|
6fe00b3433
|
SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true.
Also removed unnecessary assertions from PathBasedFilterDefinitionMapTests.
|
19 years ago |
|
Luke Taylor
|
4ba77fa736
|
SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected.
|
19 years ago |
|
Luke Taylor
|
e189bc685f
|
SEC-408: Fix. Provide getter for filterProcessesUrl.
|
19 years ago |
|
Luke Taylor
|
c8077c5e87
|
SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes.
|
19 years ago |
|
Luke Taylor
|
3f123e1478
|
SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache).
|
19 years ago |
