github/spring-security

Author	SHA1 Message	Date
Luke Taylor	04d42211b1 SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter.	14 years ago
Rob Winch	6a87a5f1a1 SEC-1703: Updated namespace for intercept-url	14 years ago
Rob Winch	f6b21880a2 SEC-1703: Updated cas custom-filter@ref to match example bean id and custom-filter@position to be CAS_FILTER	14 years ago
Luke Taylor	198d5d0482 SEC-1701: Trim claimed identity parameter value before submitting to OpenID4Java.	14 years ago
Rob Winch	acee3e2593 SEC-1698: Update documentation to use correct package for RequestHeaderAuthenticationFilter	14 years ago
Luke Taylor	b87dabe1ac SEC-1683: Corrected typo	14 years ago
Luke Taylor	f509193604 Update Base64 implementation to include fixes (using diff) from the original up to version 2.3.7.	14 years ago
Luke Taylor	11a091f051 SEC-1680: Revert accidental updates to 3.0.x namespace appendix.	14 years ago
Luke Taylor	8e48658efb SEC-1675: Added missing "body-content" elements to taglib descriptor.	14 years ago
Rob Winch	afd556412e SEC-1672: Provide error message when ambiguous configuration of intercept-url contains attributes filters=none and (access or requires-channel)	14 years ago
Luke Taylor	187a530760 SEC-1670: Take account of JNDI CompositeName escaping in value of SearchResult.getName() when performing a search for a user entry in SpringSecurityLdapTemplate.	14 years ago
Rob Winch	1b6587a5d4 SEC-1666: Use constant time comparison for sensitive data.	14 years ago
Rob Winch	ece824fca2 SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests.	14 years ago
Luke Taylor	e3644e2d27 SEC-1661: Use a DistinguishedName to wrap the search base to avoid the need for JNDI escaping.	14 years ago
Rob Winch	b3943ac268 SEC-1545: Removed unused i18n keys, changed keys to follow naming conventions, found missing keys based upon old keys, sorted keys, any unknown keys are entered as a comment with the English value.	14 years ago
Luke Taylor	537d8f108a SEC-1654: Correct debug output in DigestAuthenticationFilter.	14 years ago
Luke Taylor	d0bada2bad SEC-1641: Correct code and test for null groupSearchBase.	15 years ago
Luke Taylor	952af853ac SEC-1641: Remove the private setGroupSearchBase method and allowed a null value to be set for the group search base in the constructor.	15 years ago
Rob Winch	4dea140331 SEC-1639: FirewalledRequest is now called on the specific FirewalledRequest instance rather that looping through ServletRequestWrappers.	15 years ago
Luke Taylor	bb3a973fcb SEC-1636: Add optimizations for universal match cases in AntUrlPathMatcher (using "/" and "" equality checks on the path).	15 years ago
Luke Taylor	522e8db5da Javadoc fix	15 years ago
Luke Taylor	8f71f6febf SEC-1557: Added getter to DelegatingMethodSecurityMetadataSource.	15 years ago
Luke Taylor	69a1fb76d3 SEC-1615: Changed key generation for anonymous provider to only use SecureRandom on demand.	15 years ago
Luke Taylor	156a6924fa Move docs on request matching to correct file and delete unused one	15 years ago
Luke Taylor	d53db3ba13 Update version to 3.0.6.CI-SNAPSHOT.	15 years ago
Luke Taylor	90304f64c6 Update version for 3.0.5 release	15 years ago
Luke Taylor	6349359b77 Enable aspectj module in 3.0.x build.	15 years ago
Luke Taylor	e80853b698 SEC-1412: DefaultSavedRequest should ignore "If-Modified-Since" headers to prevent re-displaying the login form (the cached result of the original request).	15 years ago
Luke Taylor	82d105cbc3 SEC-1587: Add explicit call to removeAttribute() to remove the context from the session if the current context is empty or anonymous.	15 years ago
Luke Taylor	e88f47a96a SEC-1561: Add check on whether the security context attribute is set in the current session to make sure it is stored when a new session has been created during the request.	15 years ago

Newer Older

Commit History Find

Commit History