github/spring-security

Author	SHA1 Message	Date
Luke Taylor	12561660b1 Add Javadoc groups to build.	14 years ago
Luke Taylor	b0df1bd1b0 SEC-1673: Use a map to store the range values use in the bundlor templates.	14 years ago
Luke Taylor	eb9482b33b Removal of some unused internal methods, plus additional tests for some areas lacking coverage.	14 years ago
Luke Taylor	20e65a93ea Minor test updates.	14 years ago
Luke Taylor	5f58108717 Typo.	14 years ago
Luke Taylor	83050f96cb SEC-1656: Document potential need for pre-emptive session creation if writing the security context manuall.	14 years ago
Luke Taylor	a790c7e192 SEC-1670: Take account of JNDI CompositeName escaping in value of SearchResult.getName() when performing a search for a user entry in SpringSecurityLdapTemplate.	14 years ago
Luke Taylor	4e349904e5 Add missing language attributes to programlisting tags for highlighting.	14 years ago
Luke Taylor	5caa41753a Add check for coverage data before trying to produce report.	14 years ago
Rob Winch	8c08eeb57b SEC-1666: Use constant time comparison for sensitive data.	14 years ago
Luke Taylor	6a62b51870 Fix typo in FAQ.	14 years ago
Rob Winch	2e822e9abe SEC-1659: Ensure that Digester is returning digest(digest(value)...) instead of digesting the same value multiple times.	14 years ago
Luke Taylor	347a2a91a9 SEC-1494: Document the use of system properties for disabling authorize tag functionality.	14 years ago
Luke Taylor	66e2a5246d SEC-1652: Use a URI for resolving the LDIF file for loading in ApacheDS container to allow for loading files which are contained in a jar.	14 years ago
Rob Winch	3f7f87e19f SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests.	14 years ago
Luke Taylor	077af5e187 SEC-1661: Use a DistinguishedName to wrap the search base to avoid the need for JNDI escaping.	14 years ago
Luke Taylor	866615ceaa SEC-1662: Cater for the case where a user uses two <http> elements without patterns and the RequestMatcher does not have two arguments.	14 years ago
Luke Taylor	d58dd79a52 SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled.	14 years ago
Luke Taylor	00200cecbc SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour).	14 years ago
Rob Winch	1b32babbf9 SEC-1545: Removed unused i18n keys, changed keys to follow naming conventions, found missing keys based upon old keys, sorted keys, any unknown keys are entered as a comment with the English value.	14 years ago
Luke Taylor	95b416b0e7 SEC-1660: Minor addition to FAQ text.	14 years ago
Luke Taylor	b542c73907 SEC-1660: Updated FAQ to explain that session-fixation protection may cause problems if switching between HTTP and HTTPS, and also updated information to advise against switching in the first place.	14 years ago
Luke Taylor	6b1b012e2c Added check for maximum AES key size in crypto.gradle to skip tests if limited strength crypto policy files are in place.	14 years ago
Luke Taylor	594f6694bb Add logging of jdk version to crypto build file	14 years ago
Luke Taylor	d686f64f26 Skip EncryptorsTests when using <JDK 1.6 as AES isn't available	14 years ago
Luke Taylor	60befb063a SEC-1659: Added crypto module to list of project modules in reference manual intro and to dependencies appendix.	14 years ago
Luke Taylor	162cb64baa SEC-1659: Label crypto utils package as only for internal use.	14 years ago
Keith Donald	38327d1b16 SEC-1659: crypto docs	14 years ago
Keith Donald	b646e44646 SEC-1659: fixed bundlor step of build	14 years ago
Keith Donald	ea76efdb2c SEC-1659: favor AES encryption instead of DES as standard symmetric encryption algorithm	14 years ago

Newer Older

Commit History Find

Commit History