spring-security

Commit Graph

Author	SHA1	Message	Date
Luke Taylor	997faabe1e	SEC-1196: Removed ConfigUtils (no longer used).	17 years ago
Luke Taylor	5953af0f6b	SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements).	17 years ago
Luke Taylor	c5d6484b54	SEC-1210: RememberMe filter misses UserDetailsService in default <http /> tag config when it is declared in parent app context. Fixed by getting the UserDetailsServiceInjectionPostProcessor to check ancestor bean factories for a UserDetailsService if one isn't found in the current bean factory.	17 years ago
Luke Taylor	160aa512a1	Remove "infrastructure" type from authentication provider bean.	17 years ago
Luke Taylor	6ae61f95db	Minor updates to test XML context implementation.	17 years ago
Luke Taylor	a4a0aab66f	SEC-1164: Add additional component definitions so that Spring IDE picks them up and doesn;t report missing bean definitions	17 years ago
Luke Taylor	5d5df0c63d	Added extra 'manual' security interceptor config	17 years ago
Luke Taylor	3e6054b69f	SEC-1211: Rename SessionFixationProtectionFilter to SessionManagementFilter, since it no longer performs session-fixation protection directly, but just executes the AuthenticatedSessionStrategy.	17 years ago
Luke Taylor	609a68b12a	SEC-1077: Added DefaultAuthenticatedSessionStrategy test to check that saved request attribute is retained when migrateAttributes is false.	17 years ago
Luke Taylor	db90122179	SEC-1211: Create strategy for session handling on successful authentication. Added AuthenticatedSessionStrategy interface and default implementation which encapsulates the functionality that was previously in SessionFixationProtectionFilter and AbstractAuthentictationProcessingFilter. Updated the namespace to make use of these.	17 years ago
Luke Taylor	931cf90dbb	SEC-1203: Allow configuration of X509 subject-dn-regex attribute using PropertyPlaceholderConfigurer. Modified parser to use a BeanDefinition for the SubjectPrincipalDnExtractor to allow property subsititution.	17 years ago
Luke Taylor	8b115e2a21	SEC-1167: Added setRequestCache to SavedRequestAwareAuthenticationSuccessHandler and updated namespace parsing to set PortResolver on created HttpRequestCache.	17 years ago
Luke Taylor	f404bb3d74	SEC-1167: Introduce more flexible SavedRequest handling. Separated the concept of SavedRequest from SecurityContextHolderAwareFilter since the two are orthogonal requirements. This no longer takes a wrapper class property or uses reflection. SavedRequest functionality is accessed through the RequestCache interface, with the default implementation being HttpSessionRequestCache. A separate filter RequestCacheAwareFilter is now responsible for reconstituting the SavedRequest if it matches the current request. The functionality for matching and returning the wrapper is contained in the RequestCache method though.	17 years ago
Luke Taylor	491837ae34	SEC-1197: Moved support from session-controller-ref from authentication-manager to concurrent-session-control element. Plus refactoring of config classes into separate packages.	17 years ago
Luke Taylor	1afa67c954	SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block.	17 years ago
Luke Taylor	6346e31517	SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance. Implemented "parent" AuthenticationManager in ProviderManager which is delegated to when no authentication is returned by the instances list of authentication providers. Extracted the Authentication success/failure publishing into a separate strategy.	17 years ago
Luke Taylor	d59bdc0cbc	Reducing use of global bean Ids as part of SEC-1186	17 years ago
Luke Taylor	7622dfe092	SEC-1194: Added support for services-alias to remember-me	17 years ago
Luke Taylor	d02bbbf560	import cleaning.	17 years ago
Luke Taylor	43dab4c3b3	SEC-1186: Additional changes to remove custom-filter decorator functionality.	17 years ago
Luke Taylor	abddcb044a	SEC-1186: Remove functionality from CustomFilterBeanDefinitionDecorator and report a warning instead.	17 years ago
Luke Taylor	b3366a1646	SEC-1186: Tidying up changes to http parsing	17 years ago
Luke Taylor	eae670269d	Tidying	17 years ago
Luke Taylor	853b4c8753	SEC-1186: Make sure an Element is always supplied when registering the AuthenticationManager. Fixes broken tests.	17 years ago
Luke Taylor	d5bf5d7adc	SEC-1186: validator for filter chain beans	17 years ago
Luke Taylor	8ddd96af2b	SEC-1186: intermediate commit of namespace changes for improved tooling support	17 years ago
Luke Taylor	f6e2e36346	Remove use of property editor internally.	17 years ago
Luke Taylor	074fa7d629	SEC-1186: Refactoring to bring all filter registrations into the HttpBDP parse method in preparation for building the filter chain and map at that point, rather than in a post-processor	17 years ago
Luke Taylor	37d3401d0c	SEC-1016: Rollback changes.	17 years ago
Luke Taylor	a963be4719	SEC-1095: Register AuthenticationManager from GlobalMethodSecurityBDP.	17 years ago
Luke Taylor	0473cfbfc0	SEC-1137: Added support for an external UserDetailsContextMapper using the attribute user-context-mapper-ref.	17 years ago
Luke Taylor	bfa2806034	Add component definition registration for tooling.	17 years ago
Luke Taylor	aa511bb1f4	SEC-1175: Changed default anonymous username to match that in the schema docs.	17 years ago
Luke Taylor	66f7e8bcc8	SEC-1168: Added filter-security-metadat-source to namespace.	17 years ago
Luke Taylor	9993a7f6e4	Added newlines to filter list to test use of xsd:token.	17 years ago
Luke Taylor	a8215fa2cb	SEC-1160: Renaming of authentication filters and entry points and associated doc changes	17 years ago
Luke Taylor	4bad213b19	SEC-1132: Moved remaining preauth code from core to web	17 years ago
Luke Taylor	76438b3347	SEC-1132: Refactoring of access/intercept package to extract packages and classes which are externally depended on or potentially may be used outside of the standard interceptor model (e.g. SecurityMetadataSource)	17 years ago
Luke Taylor	14c4739605	SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL.	17 years ago
Luke Taylor	b3ccee4dbc	Some additional tests on session creation.	17 years ago
Luke Taylor	29fafbbf18	Misc tidying up of old files and refactoring of tests	17 years ago
Luke Taylor	cef089376c	SEC-1152: Changes to add anonymous filter to default namespace configuration and added enabled flag to allow overriding of the behaviour.	17 years ago
Luke Taylor	6d655aa514	SEC-1132: More refactoring to remove cycles ad reduce complexity metrics	17 years ago
Luke Taylor	8c94e39150	SEC-1118: Added run-as-manager-ref attribute to global-method-security element. Also updated schema to use xsd:token in place of xsd:string where appropriate.	17 years ago
Luke Taylor	5aeca2d7dd	Added test XML file for use messing about in an XML editor while generating schema.	17 years ago
Luke Taylor	90b849c271	SEC-1100: Added support for <access-denied-handler> element which can take a ref or an error-page attribute.	17 years ago
Luke Taylor	39cc865a36	SEC-1143: Fixed by using BeanDefinitionRegistry.isBeanNameInUse() instead of containsBeanDefinition() to check for the SessionRegistry availability. The former picks up the alias registration of the standard bean Id for user's bean Id.	17 years ago
Luke Taylor	4f33f4677b	Import cleaning.	17 years ago
Luke Taylor	1ac0ea9d3f	Moved InMemoryXmlApplicationContext to test src as it is only used in tests.	17 years ago
Luke Taylor	cac2bce382	Refactored SessionRegistryImpl to remove servlet API deps and moved back into core, along with other concurrent authentication package classes.	17 years ago

1 2

59 Commits (997faabe1e3175bd164c8ea31cce8dbccff2eec0)