f31bcbee07
Minor formatting
18 years ago
3ee3591feb
SEC-947: Added check on "before" and "after" values to make sure they don't overflow when decremented/incremented respectfully.
18 years ago
fbeb47d559
SEC-947: Added clarification to docs that FIRST and LAST should be used with position attribute
18 years ago
1c9c8f0883
SEC-910: Updates to ns appendix
18 years ago
f821b0f0f8
Fix issues with move of TestingAuthenticationToken
18 years ago
4165e15861
Fix issues with move of TestingAuthenticationToken
18 years ago
aa75b2fa6d
Fixes to match TestingAuthenticationToken changes
18 years ago
d6918c88a7
Fixes to match TestingAuthenticationToken changes
18 years ago
b6d088e40d
SEC-944: Minor updates to schema appendix
18 years ago
069a75b8fc
minor change to wording
18 years ago
1af7eed433
SEC-883: RoleHierarchyVoter
...
http://jira.springframework.org/browse/SEC-883 . Added RoleHierarchyVoter and deprecated existing approach. Also moved TestingAuthenticationToken to test package structure.
18 years ago
e982e91846
SEC-944: Added db schema reference (and start of namespace appendix)
18 years ago
54ac7b3e46
SEC-935: Updated schema to include OpenID filter name. Also updated some doc comments and added default schema name (spring-security.xsd) to schemas.
18 years ago
3049b933d9
Moved XML test snippet to ConfigTestUtils class and removed context files from core-tiger tests in favour of in-memory XML
18 years ago
c8b22d8e36
SEC-923: Fixed broken build due to missing test class.
18 years ago
1d96283876
Removed commented out line.
18 years ago
ef44bd91f2
SEC-933: Added test for security pointcut applied to a UserDetailsService.
18 years ago
d7926f3557
SEC-943: Forgot to commit tests.
18 years ago
e5d86b13b7
SEC-941: Embedded ldap-server uses hard-coded ldap url for importing ldif files
...
http://jira.springframework.org/browse/SEC-941 . Changed LdapUtils.parseRootDnFromUrl to use URI.getRawPath() so the returned root value still contains the escaping. I think this should be Ok.
18 years ago
3393ea7aaa
SEC-923: Realm support for discovering relying parties.
...
A new "realmMapping" property can be configured on the OpenIDAuthenticationProcessingFilter to map the "return_to" url to a realm. If there is no mapping present the "return_to" url will be parsed and the protocol, hostname and port will be used with a trailing "/"
18 years ago
67e5afbb79
OPEN - issue SEC-881: PreAuthenticatedFilter continues filter chain after unsuccessfulAuthentication(...)
...
http://jira.springframework.org/browse/SEC-881 . Updated Javadoc.
18 years ago
000bb1cbed
OPEN - issue SEC-881: PreAuthenticatedFilter continues filter chain after unsuccessfulAuthentication(...)
...
http://jira.springframework.org/browse/SEC-881 . Added test class.
18 years ago
243c4f22d4
OPEN - issue SEC-899: GrantedAuthorityImpl.compareTo should handle null roles
...
http://jira.springframework.org/browse/SEC-899 . Changed to return -1 when compared to custom auhority which returns null from getAuthority()
18 years ago
d4c105d8ba
OPEN - issue SEC-934: security:intercept-url throws NPE if defined twice with the same url
...
http://jira.springframework.org/browse/SEC-934 . Added log warning when the same url is used multiple times.
18 years ago
f6ff958411
Renamed rnc file.
18 years ago
4bb3eb12c3
SEC-933: global-method-security and aop:aspectj-autoproxy throws NullPointerException in some situations
...
http://jira.springframework.org/browse/SEC-933 . Removed the setting of the attributeSource field from the interceptor in MethodDefinitionSourceAdvisor as this was overwriting the version supplied with the constructor with null (causing the NPE).
Also implemented lazy initialization of the authentication provider list from the bean factory in a custom NamespaceAuthenticationManager (extends ProviderManager and introspects the BeanFactory when getProviders() is first called). This should prevent the perennial problem of the eager initialization of UserDetailsService and other beans when the interceptor is eagerly initialized by something like aspectj-autoproxy.
18 years ago
f538a36cd3
SEC-939: Changed XML header to include schema locations for clarification.
18 years ago
6e06789a28
SEC-937: Added CAS logout filter to sample application
18 years ago
6b45eda37c
SEC-877, SEC-553: Added code to sandbox/other
18 years ago
f453264bde
SEC-909: custom remember me services doesn't get registered as logout handler
...
http://jira.springframework.org/browse/SEC-909 . HttpSecurityBeanDefinitionParser now passes the resolved RememberMeServices bean name to the LogoutBeanDefinitionparser so that it an use it explicitly.
18 years ago
1ddc033fe5
SEC-903: Wrong attribute mapping when using jdbc-user-service bean
...
http://jira.springframework.org/browse/SEC-903 . Corrected property name set by JdbcUserServiceBeanDefinitionParser (was setting authorities query rather than groups one).
18 years ago
e303e8b71a
SEC-924: Implement automatic injection of namespace created RememberMeServices into custom AbstractProcessingFilter based beans.
...
http://jira.springframework.org/browse/SEC-924 . Delayed setting of NullRememberMeServices in AbstractProcessingFilter until afterPropertiesSet method is called, allowing the null value to be read by the namespace and the confgiured RememberMeServices bean injected.
18 years ago
bf5896600e
OPEN - issue SEC-913: SwitchUserProcessingFilter modifies the switchFailureUrl member variable on failure
...
http://jira.springframework.org/browse/SEC-913 . Applied patch as suggested (use sendRedirect method for failure URL).
18 years ago
b4c63db680
SEC-921: Improved messages_zh_CN.properties for Chinese
...
http://jira.springframework.org/browse/SEC-921 . Added contributed file.
18 years ago
a56c13fb22
SEC-912: Added callback methods to BasicProcessingFilter for successful and unsuccessful authentication.
18 years ago
697c7c5f48
SEC-918: Added more info on DB schema to javadoc
18 years ago
b32a418175
Added mmore info on 'springSecurityFilter' chain and warning not to use this bean name explicitly
18 years ago
4cebc67088
Added example config for JDBCDaoImpl and user-service-ref in namespace
18 years ago
fbc7c31b5e
SEC-918: Added DDL or user and authorities tables to section on JDBC UserDetailsService
18 years ago
7dc998196a
Added faq on JDK and Spring version requirements
18 years ago
768219af81
Added exta sub-headings to facilitate searching for particular topics from content page
18 years ago
7039bfdfbe
Minor text spacing correction
18 years ago
d13b32c77f
Clarified that paths are relative to the checked out source tree
18 years ago
dce709a669
Minor code formatting in docbookk
18 years ago
d9634bcb39
SEC-920: Update preauth sample to make use of internal authentication manager
...
http://jira.springframework.org/browse/SEC-920 . Updated context file to use <custom-authentication-provider>.
18 years ago
8fe1b4b402
SEC-914: Slight modification of tld description text for readability.
18 years ago
30f1e5729a
SEC-914: Corrected tagllib descriptor documentation for var attribute in authentication tag.
18 years ago
6d179122d3
SEC-916: Added Spanish messages contribution.
18 years ago
bd4ed794ea
SEC-904: Renamed SessionRegistryImplMultithreadedTests
18 years ago
2cda6242c8
SEC-904: Moved multi-threaded tests into sandbox
18 years ago
Luke Taylor
Ray Krueger