github/spring-security

Author	SHA1 Message	Date
Luke Taylor	171456a26c SEC-1018: Changes to allow external reference to SaltSource bean from the namespace.	17 years ago
Luke Taylor	00125cddee SEC-1016: Moved the MapBasedDefinitionSource to the top of the list of delegates (before expressions), but changed the code to only add it if there are pointcuts defined, so there should be no unnecessary overhead.	17 years ago
Luke Taylor	585e5f393a Added warning suppression for deprecation.	17 years ago
Luke Taylor	d8b5f770e9 Added warning suppression for deprecation.	17 years ago
Luke Taylor	e86c76f555 Updated Spring version.	17 years ago
Luke Taylor	db5f1e69f1 SEC-949: Added the option of specifying -1 as the token-validity-seconds value in order to set the cookie maxAge to expire when the browser closes.	17 years ago
Luke Taylor	c2e688610c SEC-1011: Introduced methods for extracting the remember-me cookie and for creating the returned token.	17 years ago
Luke Taylor	7fa9a959b5 Added webAppRootKey context-param to samples to prevent conflicts when run together in Tomcat.	17 years ago
Luke Taylor	998f0b3ea1 SEC-993: Updated retrievePassword method to return null if an Authentication object with null credentials is presented (e.g. with OpenID). Prevents NPE when toString() is called.	17 years ago
Luke Taylor	d0fcbd9baf Tidying up Javadoc.	17 years ago
Luke Taylor	a1bd48733a Minor Javadoc correction.	17 years ago
Luke Taylor	681f1ee00c Fix duplicate logging.	17 years ago
Luke Taylor	74fd5fe8a4 Finish refactoring JdbcDaoIml to remove MappingSqlQuery objects. Updated Javadoc to avoid user confusion.	17 years ago
Luke Taylor	b24cc17dea SEC-1052: Added "disableUrlRewriting" parameter to HttpSessionSecurityContextRepository.	17 years ago
Scott Battaglia	717fdcfec3 SEC-1046	17 years ago
Luke Taylor	bf409b5b25 Improvements to Javadoc.	17 years ago
Luke Taylor	55cc98ab54 SEC-1006: Fixed Javadoc.	17 years ago
Luke Taylor	f54d7ee6bc SEC-535: Added "postOnly" flag to AuthenticationProcessingFilter, defaulting to "true" so that only POST requests are allowed by default.	17 years ago
Luke Taylor	224c86a0b3 Tidying.	17 years ago
Luke Taylor	898ef36d02 SEC-959: Converted SwitchUserFilter to use new Authentication success and failure strategies from SEC-745 for managing redirects.	17 years ago
Luke Taylor	c3181d9db0 SEC-1063: Moved the justUseSavedRequestOnGet property to ExceptionTranslationFilter. If set, it will not store the SavedRequest for unless the request is a GET.	17 years ago
Luke Taylor	c564a879d4 Some tests used for obtaining performance data.	17 years ago
Luke Taylor	40ccd3be11 SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument.	17 years ago
Luke Taylor	fcc68e636e SEC-1062: Added authentication-success-handler-ref and authentication-failure-handler-ref to the namespace definition.	17 years ago
Luke Taylor	a0bcf7184c SEC-1061: Renamed serverSideRedirect property.	17 years ago
Luke Taylor	cf3cac90ad SEC-1058, SEC-745: Updating comments	17 years ago
Luke Taylor	3f38035057 SEC-1058: Renamed "forwardToDestination" to "useForward" for simplicity and consistency with the namespace.	17 years ago
Luke Taylor	2927b8464f SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.	17 years ago
Luke Taylor	839279161d SEC-745: Added concrete failure handling strategies.	17 years ago
Luke Taylor	6664f57ff6 SEC-992: Removed the line setting returningObj to false.	17 years ago

Newer Older

Commit History Find

Commit History