 Luke Taylor
|
0c09780644
SEC-1476: Modify AbstractPreAuthenticatedProcessingFilter to store authentication exception in request instead of creating a new session.
|
преди 15 години |
|
Luke Taylor
|
d5ffdd9c27
Import cleaning
|
преди 15 години |
|
Luke Taylor
|
64d59e1d32
Some extra FAQs and added comment to samples runall.sh script to explain that it's for dev only.
|
преди 15 години |
|
Luke Taylor
|
e7646a65f4
SEC-1421: Add setters to JdbcUserDetailsManager for group sql operations.
|
преди 15 години |
|
Luke Taylor
|
2c44461264
SEC-1473: Remove references to ContactSecurityVoter.
|
преди 15 години |
|
Luke Taylor
|
fcf33afce0
Formatting.
|
преди 15 години |
|
Luke Taylor
|
dccb30ad63
Remove use of wrong DOMUtils class (from com.sun package).
|
преди 15 години |
|
Luke Taylor
|
863ccecf55
SEC-1466: Report error if authentication-provider element has child elements when used with "ref" attribute.
|
преди 15 години |
|
Luke Taylor
|
165cbb0d19
SEC-1445: Added support for custom username and password parameters in form-login.
|
преди 15 години |
|
Luke Taylor
|
47ab2655d0
Remove outdated scm information from pom.xml
|
преди 15 години |
|
Luke Taylor
|
c95fe8af28
Adjust section in namespace chapter and increase section depth in manual TOC for easier reference.
|
преди 15 години |
|
Luke Taylor
|
bca6c1aeac
SEC-1468: Doc and Javadoc updates.
|
преди 15 години |
|
Luke Taylor
|
5b573d5d1e
Upgrade Maven build to Spring 3.0.2.
|
преди 15 години |
|
Luke Taylor
|
3c3aabf5be
SEC-1465: Change empty check to a null check for list of delegates for DelegatingMethodSecurityMetadataSource.
|
преди 15 години |
|
Luke Taylor
|
a421370a3d
SEC-1465: Change DelegatingMethodSecurityMetadataSource to use constructor injection to get round the problem of it being invoked before it has been initialized properly. Also changed the contacts tests to use the same app context and loading order as the actual webapp, to give better reassurance that the app will run successfully.
|
преди 15 години |
|
Luke Taylor
|
3bbbf07235
SEC-1464: Fix broken test (flags in returned user object were not being copied from stored user).
|
преди 15 години |
|
Luke Taylor
|
024e6904ff
SEC-1464: Deprecate UserMap, InMemoryDaoImpl and other related classes in favour of the simpler (non-property editor based) InMemoryUserDetailsManager.
|
преди 15 години |
|
Luke Taylor
|
f5859fabcf
SEC-1464: Created InMemoryUserDetailsManager and converted user-service BDP to use it for its in-memory database.
|
преди 15 години |
 Luke Taylor
|
82bbd09b71
SEC-1460: Documentation of changes.
|
преди 15 години |
|
Luke Taylor
|
dada047e04
SEC-1456: Set rtexprvalue=true for "url" attribute in access tag to allow dynamic values (such as URL of current page).
|
преди 15 години |
|
Luke Taylor
|
def5f88c8c
SEC-1431: Added openid-selector to openid sample, plus AX configuration for myopenid.com.
|
преди 15 години |
|
Luke Taylor
|
2f025fba6c
SEC-1460: Added AxFetchListFactory which matches OpenID identifiers to lists of attributes to use in a fetch-request.
|
преди 15 години |
|
Luke Taylor
|
3af75afec1
Clarify that multiple authentication-provider elements can be used in combination.
|
преди 15 години |
|
Luke Taylor
|
ee1fd1bc50
SEC-1431: Modify OpenID sample to use a custom UserDetailsService which allows any user to authenticate, allocating them a standard role and "registers" their ID in a map, allowing it to be retrieved in subsequent logins.
|
преди 15 години |
|
Luke Taylor
|
f5468087c2
Remove cached DiscoveryInformation from session in OpenID4JavaConsumer's endConsumption method.
|
преди 15 години |
|
Luke Taylor
|
d3d9c5db59
Refactoring of UserDetailsService injection (for X509, OpenID and RememberMeServices) to use a factory bean rather than a post-processor.
|
преди 15 години |
|
Luke Taylor
|
74896f217b
SEC-1459: Generifying AuthenticationUserDetailsService. Now parameterized with <? extends Authentication>.
|
преди 15 години |
|
Luke Taylor
|
a45d2a4fb2
SEC-1462: Only apply session fixation protection strategy if request.isRequestedSessionIdValid() returns true. We don't need to create a new session if the current one already has a different Id from the client.
|
преди 15 години |
|
Luke Taylor
|
93deec8d40
SEC-1458: Remove logger field in HttpSessionEventPublisher in favour of direct lookup. Prevents early initialization of logging system when listener is initialized.
|
преди 15 години |
|
Luke Taylor
|
0521d10069
SEC-1294: Enable access to beans from ApplicationContext in EL expressions.
|
преди 15 години |
