github/spring-security

Аутор	SHA1 Порука	Датум
Luke Taylor	249610c7ed SEC-1742: Remove deprecated "includeDetailsObject" field from DaoAuthenticationProvider.	пре 14 година
Luke Taylor	1976cb1bf7 SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it.	пре 14 година
Luke Taylor	824464516c SEC-1790: Reject redirect locations containing CR or LF.	пре 14 година
Luke Taylor	6333909107 SEC-1797: Create a new session in AbstractPreAuthenticatedProcessingFilter when the existing session is invalidated on detecting a principal change.	пре 14 година
Luke Taylor	74daa68691 SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.	пре 14 година
Luke Taylor	8ce4d326f5 Update HttpClient to 4.1.2 and removed incorrect bundlor references to commons version.	пре 14 година
Luke Taylor	0120643721 SEC-1794: Convert OpenIDAuthenticationStatus to an enum.	пре 14 година
Luke Taylor	0c2a950fa0 SEC-1788: Avoid unnecessary call to getPreAuthenticatedPrincipal() in AbstractPreAuthenticatedProcessingFilter when not checking for principal changes is not enabled.	пре 14 година
Rob Winch	7399c9a7a5 SEC-1792: Fixed NullPointerException in RunAsUserToken#toString()	пре 14 година
Rob Winch	dfd467f26e cleaned imports in RunAsUserToken	пре 14 година
Luke Taylor	7e44580c75 Minor refactoring of aspects tests.	пре 14 година
Luke Taylor	8740efc0f5 Added constructor injection options to ConcurrentSessionFilter	пре 14 година
Luke Taylor	a1c714cff4 SEC-1754: Added an InvalidSessionStrategy to allow SessionManagementFilter to delegate out the behaviour when an invalid session identifier is submitted.	пре 14 година
Luke Taylor	ac3d8b25f2 Expand LDAP authentication FAQ with information about bind authentication and unreadable password attributes.	пре 14 година
Luke Taylor	8440743108 Remove Sql query objects from JdbcTokenRepositoryImpl in favour of direct JdbcTemplate use.	пре 14 година
Luke Taylor	89fa771093 SEC-1753: Cater for missing DiscoveryInformation object in OpenID4JavaConsumer.endConsumption.	пре 14 година
Luke Taylor	700fa9e0b6 SEC-1772: remote URL decoding of targetUrlParameter in AbstractAuthenticationTargetUrlRequestHandler.	пре 14 година
Luke Taylor	de97bac85b SEC-1763: Prevent nested switches in SwitchUserFilter by calling attemptExitUser() before doing the switch.	пре 14 година
Luke Taylor	a504cfae1a SEC-1770: Call refreshLastRequest on the session registry rather than the SessionInformation object to make sure it works with alternative SessionRegistry implementations.	пре 14 година
Luke Taylor	d5946b81b4 Added FAQ on how to add ApacheDS entries to pom.	пре 14 година
Luke Taylor	c117c643df SEC-1782: Javadoc correction for LdapAuthenticationProvider.	пре 14 година
Rob Winch	330f82f562 SEC-1777: Corrected log in HttpSessionSecurityContextRepository to reference itself instead of HttpSessionContextIntegrationFilter	пре 14 година
Florian Fankhauser	2e83d98c8f SEC-1776: Corrected typo in manual	пре 14 година
Rob Winch	825f0061fb SEC-1761: Support HttpOnly Flag for Cookies when using Servlet 3.0	пре 14 година
Luke Taylor	56e86dd36f Adding assertions on constructor arg values.	пре 14 година
Luke Taylor	f92589f051 Extract a SecurityFilterChain interface and create a default implementation to facilitate other configuration options.	пре 14 година
Luke Taylor	2d271666a4 Add constructors to facilitate constructor-based injection for required/shared bean properties.	пре 14 година
Luke Taylor	73442125de SEC-1775: Removed internal use of UserAttribute class in AnonymousAuthenticationFilter.	пре 14 година
Luke Taylor	5d20f57fa8 Import cleaning.	пре 14 година
Luke Taylor	b15475ab3d SEC-1771: Change TokenBasedRememberMeServices to obtain password from UserDetailsService if necessary.	пре 14 година

Новије Старије

Историја ревизија Пронађи

Историја ревизија