Accueil Explorer Aide
S'inscrire Connexion
github
/
spring-security
miroir de https://github.com/spring-projects/spring-security
2
0
Fork 0
Fichiers Tickets 0 Wiki
Aborescence: 178765cf83
Branches Tags

Historique des commits

Auteur SHA1 Message Date
  Luke Taylor 59a07175a6 SEC-1744: Do not trust authorities contained in the authentication request in JaasAuthenticationProvider. il y a 14 ans
  Luke Taylor c618f4ab52 Add missing package to remoting bundlor template. il y a 14 ans
  Luke Taylor 5fce0a58bd SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread. il y a 14 ans
  Luke Taylor b48fc53fa2 SEC-1741: Modify ContextPropagatingRemoteInvocation to pass a simple combination of principal/credentials as Strings, rather than serializing the whole SecurityContext object from the client. il y a 14 ans
  Luke Taylor 249610c7ed SEC-1742: Remove deprecated "includeDetailsObject" field from DaoAuthenticationProvider. il y a 14 ans
  Luke Taylor 1976cb1bf7 SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it. il y a 14 ans
  Luke Taylor 824464516c SEC-1790: Reject redirect locations containing CR or LF. il y a 14 ans
  Luke Taylor 6333909107 SEC-1797: Create a new session in AbstractPreAuthenticatedProcessingFilter when the existing session is invalidated on detecting a principal change. il y a 14 ans
  Luke Taylor 74daa68691 SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected. il y a 14 ans
  Luke Taylor 8ce4d326f5 Update HttpClient to 4.1.2 and removed incorrect bundlor references to commons version. il y a 14 ans
  Luke Taylor 0120643721 SEC-1794: Convert OpenIDAuthenticationStatus to an enum. il y a 14 ans
  Luke Taylor 0c2a950fa0 SEC-1788: Avoid unnecessary call to getPreAuthenticatedPrincipal() in AbstractPreAuthenticatedProcessingFilter when not checking for principal changes is not enabled. il y a 14 ans
  Rob Winch 7399c9a7a5 SEC-1792: Fixed NullPointerException in RunAsUserToken#toString() il y a 14 ans
  Rob Winch dfd467f26e cleaned imports in RunAsUserToken il y a 14 ans
  Luke Taylor 7e44580c75 Minor refactoring of aspects tests. il y a 14 ans
  Luke Taylor 8740efc0f5 Added constructor injection options to ConcurrentSessionFilter il y a 14 ans
  Luke Taylor a1c714cff4 SEC-1754: Added an InvalidSessionStrategy to allow SessionManagementFilter to delegate out the behaviour when an invalid session identifier is submitted. il y a 14 ans
  Luke Taylor ac3d8b25f2 Expand LDAP authentication FAQ with information about bind authentication and unreadable password attributes. il y a 14 ans
  Luke Taylor 8440743108 Remove Sql query objects from JdbcTokenRepositoryImpl in favour of direct JdbcTemplate use. il y a 14 ans
  Luke Taylor 89fa771093 SEC-1753: Cater for missing DiscoveryInformation object in OpenID4JavaConsumer.endConsumption. il y a 14 ans
  Luke Taylor 700fa9e0b6 SEC-1772: remote URL decoding of targetUrlParameter in AbstractAuthenticationTargetUrlRequestHandler. il y a 14 ans
  Luke Taylor de97bac85b SEC-1763: Prevent nested switches in SwitchUserFilter by calling attemptExitUser() before doing the switch. il y a 14 ans
  Luke Taylor a504cfae1a SEC-1770: Call refreshLastRequest on the session registry rather than the SessionInformation object to make sure it works with alternative SessionRegistry implementations. il y a 14 ans
  Luke Taylor d5946b81b4 Added FAQ on how to add ApacheDS entries to pom. il y a 14 ans
  Luke Taylor c117c643df SEC-1782: Javadoc correction for LdapAuthenticationProvider. il y a 14 ans
  Rob Winch 330f82f562 SEC-1777: Corrected log in HttpSessionSecurityContextRepository to reference itself instead of HttpSessionContextIntegrationFilter il y a 14 ans
  Florian Fankhauser 2e83d98c8f SEC-1776: Corrected typo in manual il y a 14 ans
  Rob Winch 825f0061fb SEC-1761: Support HttpOnly Flag for Cookies when using Servlet 3.0 il y a 14 ans
  Luke Taylor 56e86dd36f Adding assertions on constructor arg values. il y a 14 ans
  Luke Taylor f92589f051 Extract a SecurityFilterChain interface and create a default implementation to facilitate other configuration options. il y a 14 ans

Récemment Précédemment