spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	0b1beee432	Update Base64 implementation to include fixes (using diff) from the original up to version 2.3.7.	15 years ago
Luke Taylor	94b7868039	SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema.	15 years ago
Luke Taylor	088042b3d0	Upgrade spock and groovy versions, and make sure apacheDS work directory is set for config integrationTest task.	15 years ago
Luke Taylor	bc2448419b	SEC-1679: Make sure whitespace is trimmed from cookie names when specifying multiple cookies.	15 years ago
Luke Taylor	27be72a81c	SEC-1677: Split out LDAP server tests from config module.	15 years ago
Luke Taylor	44fb3aa4ab	SEC-1677: Create integrationTest task for Java projects and make all tests in itest module run as integration tests only.	15 years ago
Luke Taylor	a225dc3776	SEC-1677: Split out integration tests from LDAP test code.	15 years ago
Luke Taylor	9f8a47f73e	Reset post-release build version to snapshot.	15 years ago
Luke Taylor	b62d36d646	Set release version to 3.1.0.RC1	15 years ago
Luke Taylor	84ba7a0ea9	Additional tests for OpenID classes and minor refactoring of OpenID4JavaConsumer for easier testing.	15 years ago
Luke Taylor	164cba11c0	Increase max heap in gradle wrapper script.	15 years ago
Luke Taylor	bd7389b6ff	SEC-1652: Only use URI for ldif path if file isn't found.	15 years ago
Luke Taylor	3fe49dfae5	Added JDK and Spring links to Javadoc generation task.	15 years ago
Luke Taylor	12561660b1	Add Javadoc groups to build.	15 years ago
Luke Taylor	b0df1bd1b0	SEC-1673: Use a map to store the range values use in the bundlor templates.	15 years ago
Luke Taylor	eb9482b33b	Removal of some unused internal methods, plus additional tests for some areas lacking coverage.	15 years ago
Luke Taylor	20e65a93ea	Minor test updates.	15 years ago
Luke Taylor	5f58108717	Typo.	15 years ago
Luke Taylor	83050f96cb	SEC-1656: Document potential need for pre-emptive session creation if writing the security context manuall.	15 years ago
Luke Taylor	a790c7e192	SEC-1670: Take account of JNDI CompositeName escaping in value of SearchResult.getName() when performing a search for a user entry in SpringSecurityLdapTemplate.	15 years ago
Luke Taylor	4e349904e5	Add missing language attributes to programlisting tags for highlighting.	15 years ago
Luke Taylor	5caa41753a	Add check for coverage data before trying to produce report.	15 years ago
Rob Winch	8c08eeb57b	SEC-1666: Use constant time comparison for sensitive data. Constant time comparison helps to mitigate timing attacks. See the following link for more information * http://rdist.root.org/2010/07/19/exploiting-remote-timing-attacks/ * http://en.wikipedia.org/wiki/Timing_attack for more information.	15 years ago
Luke Taylor	6a62b51870	Fix typo in FAQ.	15 years ago
Rob Winch	2e822e9abe	SEC-1659: Ensure that Digester is returning digest(digest(value)...) instead of digesting the same value multiple times. Make it so that the Digester returns digest(digest(value)...) instead of digesting the same value multiple times. This alligns with the OWASP recommendations at http://www.owasp.org/index.php/Hashing_Java#Hardening_against_the_attacker.27s_attack	15 years ago
Luke Taylor	347a2a91a9	SEC-1494: Document the use of system properties for disabling authorize tag functionality.	15 years ago
Luke Taylor	66e2a5246d	SEC-1652: Use a URI for resolving the LDIF file for loading in ApacheDS container to allow for loading files which are contained in a jar.	15 years ago
Rob Winch	3f7f87e19f	SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests. The fix moves CommonUtils.readAndRespondToProxyReceptorRequest into CasAuthenticationFilter.attemptAuthentication. This makes sense since The CAS server is authenticating that the proxy url is valid (i.e. it exists and the SSL handshake succeeds). It also allows the FilterChain to not be processed by returning a null Authentication.	15 years ago
Luke Taylor	077af5e187	SEC-1661: Use a DistinguishedName to wrap the search base to avoid the need for JNDI escaping.	15 years ago
Luke Taylor	866615ceaa	SEC-1662: Cater for the case where a user uses two <http> elements without patterns and the RequestMatcher does not have two arguments.	15 years ago
Luke Taylor	d58dd79a52	SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled.	15 years ago
Luke Taylor	00200cecbc	SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour).	15 years ago
Rob Winch	1b32babbf9	SEC-1545: Removed unused i18n keys, changed keys to follow naming conventions, found missing keys based upon old keys, sorted keys, any unknown keys are entered as a comment with the English value. NOTE: The Groovy code that automated most of this is attached to SEC-1545 A mapping of Missing Key to the file that the key is found are as follows: ----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_de.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_it.properties---------- JdbcDaoImpl.noAuthority=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] JdbcDaoImpl.notFound=[../core/src/main/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImpl.java] PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pl.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] ----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties---------- PersistentTokenBasedRememberMeServices.cookieStolen=[../web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServices.java] How unknown keys were gussed by existing keys ----------../core/src/main/resources/org/springframework/security/messages_cs_CZ.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_de.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using SwitchUserProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_es_ES.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_fr.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_it.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using SwitchUserProcessingFilter.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using AbstractUserDetailsAuthenticationProvider.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_ko_KR.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pl.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pt_BR.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_pt_PT.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_uk_UA.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication ----------../core/src/main/resources/org/springframework/security/messages_zh_CN.properties---------- AccountStatusUserDetailsChecker.credentialsExpired was guessed using UserDetailsService.credentialsExpired AccountStatusUserDetailsChecker.disabled was guessed using UserDetailsService.disabled AccountStatusUserDetailsChecker.expired was guessed using SwitchUserProcessingFilter.expired AccountStatusUserDetailsChecker.locked was guessed using AbstractUserDetailsAuthenticationProvider.locked AclEntryAfterInvocationProvider.noPermission was guessed using BasicAclEntryAfterInvocationProvider.noPermission BindAuthenticator.emptyPassword was guessed using LdapAuthenticationProvider.emptyPassword ConcurrentSessionControlStrategy.exceededAllowed was guessed using ConcurrentSessionControllerImpl.exceededAllowed DigestAuthenticationFilter.incorrectRealm was guessed using DigestProcessingFilter.incorrectRealm DigestAuthenticationFilter.incorrectResponse was guessed using DigestProcessingFilter.incorrectResponse DigestAuthenticationFilter.missingAuth was guessed using DigestProcessingFilter.missingAuth DigestAuthenticationFilter.missingMandatory was guessed using DigestProcessingFilter.missingMandatory DigestAuthenticationFilter.nonceCompromised was guessed using DigestProcessingFilter.nonceCompromised DigestAuthenticationFilter.nonceEncoding was guessed using DigestProcessingFilter.nonceEncoding DigestAuthenticationFilter.nonceExpired was guessed using DigestProcessingFilter.nonceExpired DigestAuthenticationFilter.nonceNotNumeric was guessed using DigestProcessingFilter.nonceNotNumeric DigestAuthenticationFilter.nonceNotTwoTokens was guessed using DigestProcessingFilter.nonceNotTwoTokens DigestAuthenticationFilter.usernameNotFound was guessed using DigestProcessingFilter.usernameNotFound LdapAuthenticationProvider.badCredentials was guessed using PasswordComparisonAuthenticator.badCredentials LdapAuthenticationProvider.onlySupports was guessed using AbstractUserDetailsAuthenticationProvider.onlySupports SubjectDnX509PrincipalExtractor.noMatching was guessed using DaoX509AuthoritiesPopulator.noMatching SwitchUserFilter.noCurrentUser was guessed using SwitchUserProcessingFilter.noCurrentUser SwitchUserFilter.noOriginalAuthentication was guessed using SwitchUserProcessingFilter.noOriginalAuthentication	15 years ago
Luke Taylor	95b416b0e7	SEC-1660: Minor addition to FAQ text.	15 years ago
Luke Taylor	b542c73907	SEC-1660: Updated FAQ to explain that session-fixation protection may cause problems if switching between HTTP and HTTPS, and also updated information to advise against switching in the first place.	15 years ago
Luke Taylor	6b1b012e2c	Added check for maximum AES key size in crypto.gradle to skip tests if limited strength crypto policy files are in place.	15 years ago
Luke Taylor	594f6694bb	Add logging of jdk version to crypto build file	15 years ago
Luke Taylor	d686f64f26	Skip EncryptorsTests when using <JDK 1.6 as AES isn't available	15 years ago
Luke Taylor	60befb063a	SEC-1659: Added crypto module to list of project modules in reference manual intro and to dependencies appendix.	15 years ago
Luke Taylor	162cb64baa	SEC-1659: Label crypto utils package as only for internal use.	15 years ago
Keith Donald	38327d1b16	SEC-1659: crypto docs	15 years ago
Keith Donald	b646e44646	SEC-1659: fixed bundlor step of build	15 years ago
Keith Donald	ea76efdb2c	SEC-1659: favor AES encryption instead of DES as standard symmetric encryption algorithm	15 years ago
Keith Donald	ffa7301e7f	SEC-1569: initial commit of spring-security-crypto module, consisting of encrypt, keygen, password, and util packages	15 years ago
Luke Taylor	afd586c96e	Re-instate the CAS integration sequence description in the CAS chapter, with corrections (and minus proxying).	15 years ago
Luke Taylor	2eefbf3a23	SEC-1657: Added support for 'name' attribute in <http> element to expose filter chain as a list bean.	15 years ago
Rob Winch	f20649f035	SEC-1648: added null check for getTargetUrlParameter() in SavedRequestAwareAuthenticationSuccessHandler.onAuthenticationSuccess and updated validation for AbstractAuthenticationTargetUrlRequestHandler.setTargetUrlParameter	15 years ago
Luke Taylor	075b30ab44	SEC-1651: Added paragraph to FAQ mentioning dependencies appendix.	15 years ago
Luke Taylor	8da0de459b	SEC-1651: Added remaining module information to dependencies appendix.	15 years ago
Luke Taylor	79b8edbd1e	Update CAS client to 3.1.12	15 years ago

... 12 13 14 15 16 ...

4967 Commits (78f85cc12911015982e5e34bde77dfbd251c901b) All Branches Search

4967 Commits (78f85cc12911015982e5e34bde77dfbd251c901b)

All Branches