fb3f4af3b2
when extracting the original user, fix by referencing by the interface (UserDetail) rather than the concrete class (User)
21 years ago
24394b7b2b
added fix to preserve custom UserDetails implementations (Matt DeHoust fix recommendation)
21 years ago
d44b570087
Disable failing tests until Marc-Antoine has a chance to look at them.
21 years ago
ae9e7733db
Fix broken tests.
21 years ago
35ca25f085
BasicAuthenticationProcessingFilter no longer creates HttpSession via WebAuthenticationDetails call.
21 years ago
c7dcceb05c
Do not setAuthenticated(false) in the event of a public (unsecured) invocation. Thanks to Joseph Dane for reporting this issue on acegisecurity-developer on 3 September 2005.
21 years ago
486bbee35d
added context path to redirect
21 years ago
9d359780d9
finish user context switch event publishing
21 years ago
20ebb668a6
Added event for user context switching and updated switch user filter
21 years ago
55f5c3397a
Relocated JdbcDaoExtendedImpl.convertAclObjectIdentityToString to superclass (pursuant to suggestion made by Tim Kettering on acegisecurity-developer).
21 years ago
2bda6ec25c
Fix: SEC-48 http://opensource2.atlassian.com/projects/spring/browse/SEC-48
...
If the principal is an instanceof UserDetails, UserDetails.getUsername();
21 years ago
40a81ed220
Revisit synchonization issue and correct problem identified by Volker Malzahn.
21 years ago
ec5e39c2e8
Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications.
21 years ago
725ec767b6
Javadoc typo corrected (as suggested on mailing list)
21 years ago
c2c48b905b
Added package.html files to reamining java packages (see http://opensource.atlassian.com/projects/spring/browse/SEC-41 )
21 years ago
f5975dcf30
Whoops, almost forgot to remove System.out debug lines :-/
21 years ago
891cd7380c
Mirrored Ben's FilterChainProxy.java 1.5 spelling fix to its corresponding test class, which depended on equality of the exception message. All JUnit tests pass now.
21 years ago
dc31553f2a
Syntax
21 years ago
db4ed4bc44
Added debug statement to AbstractTicketValidator to help with Acegi+CAS+SSL setup (thanks Seth Ladd for the patch) (see http://opensource.atlassian.com/projects/spring/browse/SEC-34 )
21 years ago
c66c5dfab5
AuthorizeTag no longer depends on JDK 1.4. Tested on Websphere 5.0 w/JDK 1.3 (see http://opensource.atlassian.com/projects/spring/browse/SEC-11 )
21 years ago
32f62d1ef1
Added SiteminderAuthenticationProcessingFilter for Ben's review. <Untested>.
21 years ago
f625d06cd9
Avoid expense of HttpSession when working with anonymous users.
21 years ago
4ad98a7df3
Spelling correction, thanks to Zack Chandler.
21 years ago
4b98d357ff
SecureContextLoginModuleTest has been renamed to ...Tests as per Acegi project.
...
SecureContextLoginModule now throws a LoginException if there is no authentication present, if the ignoreMissingAuthentication option is true, the login() method will simply return false.
21 years ago
e51c38aec9
Removed reference in Javadoc to obtaining and validating the SecureContext (checking for null etc), as this is no longer relevant.
21 years ago
c89d4a8add
Added trimming of whitespace to tokens and use of Springs StringUtils.hasText() to check for content in the string passed to setAsText.
21 years ago
3287439421
Initial commit for captcha adapter
21 years ago
74588c8e53
Move acegifier code from core.
21 years ago
5bbc54ac42
Javadoc typo corrected
21 years ago
d9b1a8e83c
Fix typo in InteractiveAuthenticationSucces(s)Event
21 years ago
c7bfeeaf58
Clarify local variable name given it was the same as a member variable.
21 years ago
ab065923d4
Correct doctype for generated web.xml files and add declaration to test file.
21 years ago
22a28f3b39
Separate InMemoryResource class for use in Acegifier web application.
21 years ago
7268c81192
Fix for SEC-27. Now checks for a null authentication before proceeding to fire the success event.
21 years ago
f1656ee7fd
Tidying: removed unused intermediate variable.
21 years ago
6f467def90
Added conversion of URLs ending in '*' to the ant '**' form.
21 years ago
d13faf0815
Renaming and refactoring of web.xml converter.
21 years ago
118f6401d8
XSL file for converting web.xml to acegified version.
21 years ago
a2bc398915
Refactoring and commenting XSL
21 years ago
3e4a29eae9
FilterSecurityInterceptor now has an observeOncePerRequest boolean property, allowing multiple fragments of the HTTP request to be individually authorized (see http://opensource.atlassian.com/projects/spring/browse/SEC-14 ).
21 years ago
5c883e639f
Add InteractiveAuthenticationSuccessEvent handling to authentication mechanisms.
21 years ago
60f8095cf2
Make Authenticated.isAuthenticated() behaviour switchable. See http://opensource.atlassian.com/projects/spring/browse/SEC-13 .
21 years ago
ef8281f534
HttpSessionContextIntegrationFilter elegantly handles IOExceptions and ServletExceptions within filter chain (see http://opensource.atlassian.com/projects/spring/browse/SEC-20 ).
21 years ago
25fa471779
First version of web.xml to acegi translator
21 years ago
a312fede74
Refactor DAO authentication failure events under a consistent abstract superclass (thanks to Mark St Godard for suggestion).
21 years ago
c0f1d4e19d
Remove getters and setters from JdbcDaoImpl so IoC container cannot modify MappingSqlQuerys (thanks to David Durham for bug report).
21 years ago
a15691d9d7
Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable (thanks to Joseph Dane for reporting this bug).
21 years ago
5f75e9bf9a
Refactor Authentication.isAuthenticated() handling to be more performance (as per developer list discussion).
21 years ago
a7b5299e77
Correct synchronization issue with FilterToBeanProxy initialization (thanks to George Franciscus and Volker Malzahn as per acegisecurity-developer discussion 4 June 2005).
21 years ago
c699f7d40e
Support non-username as primary key.
21 years ago
Mark St. Godard
Ben Alex
Ray Krueger
Luke Taylor
Scott McCrory
Marc-Antoine Garrigue