 Luke Taylor
|
00125cddee
SEC-1016: Moved the MapBasedDefinitionSource to the top of the list of delegates (before expressions), but changed the code to only add it if there are pointcuts defined, so there should be no unnecessary overhead.
|
17 년 전 |
|
Luke Taylor
|
585e5f393a
Added warning suppression for deprecation.
|
17 년 전 |
|
Luke Taylor
|
d8b5f770e9
Added warning suppression for deprecation.
|
17 년 전 |
|
Luke Taylor
|
e86c76f555
Updated Spring version.
|
17 년 전 |
|
Luke Taylor
|
db5f1e69f1
SEC-949: Added the option of specifying -1 as the token-validity-seconds value in order to set the cookie maxAge to expire when the browser closes.
|
17 년 전 |
|
Luke Taylor
|
c2e688610c
SEC-1011: Introduced methods for extracting the remember-me cookie and for creating the returned token.
|
17 년 전 |
|
Luke Taylor
|
7fa9a959b5
Added webAppRootKey context-param to samples to prevent conflicts when run together in Tomcat.
|
17 년 전 |
|
Luke Taylor
|
998f0b3ea1
SEC-993: Updated retrievePassword method to return null if an Authentication object with null credentials is presented (e.g. with OpenID). Prevents NPE when toString() is called.
|
17 년 전 |
|
Luke Taylor
|
d0fcbd9baf
Tidying up Javadoc.
|
17 년 전 |
|
Luke Taylor
|
a1bd48733a
Minor Javadoc correction.
|
17 년 전 |
|
Luke Taylor
|
681f1ee00c
Fix duplicate logging.
|
17 년 전 |
|
Luke Taylor
|
74fd5fe8a4
Finish refactoring JdbcDaoIml to remove MappingSqlQuery objects. Updated Javadoc to avoid user confusion.
|
17 년 전 |
|
Luke Taylor
|
b24cc17dea
SEC-1052: Added "disableUrlRewriting" parameter to HttpSessionSecurityContextRepository.
|
17 년 전 |
 Scott Battaglia
|
717fdcfec3
SEC-1046
|
17 년 전 |
|
Luke Taylor
|
bf409b5b25
Improvements to Javadoc.
|
17 년 전 |
|
Luke Taylor
|
55cc98ab54
SEC-1006: Fixed Javadoc.
|
17 년 전 |
|
Luke Taylor
|
f54d7ee6bc
SEC-535: Added "postOnly" flag to AuthenticationProcessingFilter, defaulting to "true" so that only POST requests are allowed by default.
|
17 년 전 |
|
Luke Taylor
|
224c86a0b3
Tidying.
|
17 년 전 |
|
Luke Taylor
|
898ef36d02
SEC-959: Converted SwitchUserFilter to use new Authentication success and failure strategies from SEC-745 for managing redirects.
|
17 년 전 |
|
Luke Taylor
|
c3181d9db0
SEC-1063: Moved the justUseSavedRequestOnGet property to ExceptionTranslationFilter. If set, it will not store the SavedRequest for unless the request is a GET.
|
17 년 전 |
|
Luke Taylor
|
c564a879d4
Some tests used for obtaining performance data.
|
17 년 전 |
|
Luke Taylor
|
40ccd3be11
SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument.
|
17 년 전 |
|
Luke Taylor
|
fcc68e636e
SEC-1062: Added authentication-success-handler-ref and authentication-failure-handler-ref to the namespace definition.
|
17 년 전 |
|
Luke Taylor
|
a0bcf7184c
SEC-1061: Renamed serverSideRedirect property.
|
17 년 전 |
|
Luke Taylor
|
cf3cac90ad
SEC-1058, SEC-745: Updating comments
|
17 년 전 |
|
Luke Taylor
|
3f38035057
SEC-1058: Renamed "forwardToDestination" to "useForward" for simplicity and consistency with the namespace.
|
17 년 전 |
|
Luke Taylor
|
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
|
17 년 전 |
|
Luke Taylor
|
839279161d
SEC-745: Added concrete failure handling strategies.
|
17 년 전 |
|
Luke Taylor
|
6664f57ff6
SEC-992: Removed the line setting returningObj to false.
|
17 년 전 |
|
Luke Taylor
|
10e4d1fe1a
SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver.
|
17 년 전 |
