ee32874308
Added X509 EhCache tests and fixed glaring bug in X509 EhCache implementation.
21 years ago
ec80ae22c1
Templated out event publishing. Added getApplicationContext(). Fixed javadoc formatting
21 years ago
3d4f8eed31
Refactoring to use Spring mock web classes.
21 years ago
d6f2b136ec
Refactored to use Spring mock classes.
21 years ago
458a2c9e39
Refactored to use Spring mock classes.
21 years ago
021abb7369
Added check for "path parameters" to ensure the filterProcessesUrl matches rewritten URLs with a jsessionid included. Refactored property checking to use Spring Assert class.
21 years ago
eaa5feb5f8
Refactored to use Spring mock objects for HttpRequest etc.
21 years ago
9649003d57
AbstractProcessingFilter no longer uses a set*FailureUrl approach for every exception, it now uses a properties object that maps authenticationExceptions to failure urls
21 years ago
798ebb1a3d
Correct NullPointerException as fixture missing an ApplicationContext and attempting to publish an event.
21 years ago
10c1926385
Added the ConcurrentSessionViolationEvent that will be published by the ConcurrentSessionControllerImpl before throwing the ConcurrentSessionViolationException
21 years ago
9f66c0eae9
Update to current Spring JAR dependencies.
21 years ago
c936801842
DigestProcessingFilter now provides userCache getter and setter.
21 years ago
0530351f0d
Provide toString() method on User.
21 years ago
a2b9da7e22
StringSplitUtils.split() ignored delimiter argument.
21 years ago
6f31ecb04b
UserDetails now indicates locked accounts.
21 years ago
918fc7c15a
License header added.
21 years ago
2a6c68deb6
Entry point tests
21 years ago
8592e3bcbf
Added tearDown method which resets the Context to null
21 years ago
04366d2b12
Corrected Javadoc
21 years ago
748f427a80
Prove SecureContextImpl.equals works as we want it to, in light of HttpSessionContextIntegrationFilter's attempts to avoid unnecessary HttpSession creation.
21 years ago
52c42a7a40
Corrected Authz parsing of whitespace in GrantedAuthoritys. Contributed by Francois Beausoleil.
21 years ago
632617f693
Test that the ConcurrentSessioncontrollerImpl implements ApplicationListener. This is critical and was left out once.
21 years ago
169449bf24
In response to: http://forum.springframework.org/viewtopic.php?t=3874
...
JaasAuthenticationProvider now checks that the java.security.auth.login.config is null before attempting to use it.
Also, The loginConfig resource is attempted as a file first as spaces in the path name can cause FileNotFoundExceptions for URLs
21 years ago
f594fdf751
Tidying and tests to bring Dao populator up to full coverage.
21 years ago
76f868c777
More tests.
21 years ago
9f62da7d1c
Better test method names.
21 years ago
0a4fc1731a
Tests added to bring X509ProcessingFilter up to full coverage.
21 years ago
5d1cd29dfb
Added tearDown method which resets the context to null to prevent occasional breaking of other test classes.
21 years ago
f578915728
Test class for X509 filter.
21 years ago
29050b29b2
Dao populator tests for X.509. Tests matching of regexps in the certificate Subject to extract the user name.
21 years ago
b898b87ffb
Enhance test coverage as part of diagnosis of reported bug at http://forum.springframework.org/viewtopic.php?p=15751 .
21 years ago
ae91b58685
First stab at X509 authentication provider
21 years ago
f1e071b0f1
Added remember-me services.
21 years ago
d47a2190f7
Correct test failure on high performance JREs.
21 years ago
44397bb05d
Committing ConcurrentSessionController feature and tests. Documentation is needed.
21 years ago
4125db5650
Added in a default constructor to use the original sessionid and a constructor for specifying the sessionId
21 years ago
693ac5a24a
Anonymous principal support. As requested by the community at various times, including in http://forum.springframework.org/viewtopic.php?t=1925 .
21 years ago
3c4faf58c7
HttpSessionEventPublisher, HttpSessionCreatedEvent, HttpSessionDestroyedEvent
...
Used together to provide published events in the ApplicationContext about HttpSessions.
Useful for things like Single Session logins.
21 years ago
8b24b1cf7a
MockFilterChain extended TestCase but had no public constructor and no test methods.
...
The expectedToProceed test is internally handled by a static call to TestCase.assertTrue() and TestCase.fail()
21 years ago
a3818184f4
Added Digest Authentication support (RFC 2617 and RFC 2069).
21 years ago
dda66a0454
Significantly refactor "well-known location model" to authentication processing mechanism and HttpSessionContextIntegrationFilter model.
21 years ago
ba02d45677
Clean up imports.
21 years ago
e52f3eacb1
Use WebAuthenticationDetails for Authentication.getDetails() by default.
21 years ago
a5ea6f5436
Rewrite FilterChainProxy to separate functionality from FilterToBeanProxy and properly implement filter chaining issues.
21 years ago
44f1c83dab
Move MockFilterChain to external class.
21 years ago
7c9fad0477
Added filter chain
21 years ago
1949c3b27e
Added AuthenticationException to the commence method signature of the AutenticationEntryPoint. The best example of this
...
is the BasicProcessingFilterEntryPoint where the authException.getMessage() is used to send back an informative 401,
instead of just the error code.
Added AccessDeniedException to the sendAccessDeniedError method signature. The accessDeniedException.getMessage() result
is used to send an invormative 403 error back to the servletResponse by default.
21 years ago
6370fadfdc
FilterSecurityInterceptor now only executes once per request (improves performance with SiteMesh). Suggested by Sanjiv Jivan.
21 years ago
cbe53e21b9
HttpSessionIntegrationFilter no longer creates a HttpSession unnecessarily.
21 years ago
834f69168d
Support getUserPrincipal().
21 years ago
Luke Taylor
Ray Krueger
Ben Alex
Carlos Sanchez