Luke Taylor
|
31afb9c76d
Deleted superseded dao-auth-provider.xml chapter.
|
hace 15 años |
Luke Taylor
|
07b9ded126
SEC-1599: Corrected docbook source.
|
hace 15 años |
Luke Taylor
|
091a6d26f1
SEC-1548: Added extra logging to Dao-authentication classes to clarify reasons for authentication failure (missing user vs wrong password etc.).
|
hace 15 años |
Luke Taylor
|
883ca2a55d
Import cleaning.
|
hace 15 años |
Luke Taylor
|
1724d1eac6
SEC-1561: HttpSessionSecurityContextRepository should check whether the session contains the context attribute in case a new session has been created during the request. If the attribute is empty, then the context should be stored regardless of whether a change is detected or not.
|
hace 15 años |
Luke Taylor
|
54694d5ab7
SEC-1583: Added hasAuthority and hasAnyAuthority imlementations to SecurityExpressionRoot.
|
hace 15 años |
Luke Taylor
|
f70942c6f5
SEC-1589: Add support for property placeholder in intercept-methods access attribute.
|
hace 15 años |
Luke Taylor
|
173537f4f2
SEC-1584: Added namespace support for injecting custom HttpFirewall instance into FilterChainProxy.
|
hace 15 años |
Luke Taylor
|
0961671772
Reinstated missing 3.0.3 schema file
|
hace 15 años |
Luke Taylor
|
a6d47203db
FilterInvocation should set queryString on dummy request.
|
hace 15 años |
Luke Taylor
|
f455e9a5a4
SEC-1584: Documentation of request-checking and matching process. Logging of servletPath and and pathInfo in DebugFilter for comparison.
|
hace 15 años |
Luke Taylor
|
0fd2c48dfb
SEC-1584: Additional integration tests.
|
hace 15 años |
Luke Taylor
|
7d97adc687
SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/".
|
hace 15 años |
Luke Taylor
|
695c8f4ad6
Import cleaning and suppression of deprecation warnings.
|
hace 15 años |
Rossen Stoyanchev
|
bd84a2bfa1
SWC-1552 Update .tld in integration test to match change in taglib.
|
hace 15 años |
Rossen Stoyanchev
|
70600a0277
SEC-1552 Refactor AuthorizeTag and LegacyAuthorize tag to make them independent of JSP tag rendering.
|
hace 15 años |
Rob Winch
|
7258abbbf4
SEC-1585: changed spring-beans-3.1.xsd to spring-beans-3.0.xsd
|
hace 15 años |
Rob Winch
|
ee12d54bec
SEC-1536: moved web.authentication.jaas to web.jaasapi
|
hace 15 años |
Rob Winch
|
8249492ce9
SEC-1578: Use ThreadLocal.remove() instead of ThreadLocal.set(null)
|
hace 15 años |
Luke Taylor
|
e69b981c72
Make method in MatcherType public for use in OAuth.
|
hace 15 años |
Luke Taylor
|
f978814bb1
Improve entry of username and password for scp upload.
|
hace 15 años |
Luke Taylor
|
685e0417a7
SEC-1544: Update the tutorial sample to attempt to delete the JSESSIONID cookie on logout.
|
hace 15 años |
Luke Taylor
|
11a87d1fa0
Switch to using xsd:boolean in schema file.
|
hace 15 años |
Luke Taylor
|
1b2b371970
SEC-1544: Added CookieClearingLogoutHandler and 'delete-cookies' attribute to the 'logout' namespace element.
|
hace 15 años |
Luke Taylor
|
383211561c
Moved LDAP placeholder config test into LDAP tests to prevent issues with parallel tests. Converted LdapProviderBDP tests to groovy/spock. Other misc tidying of config tests.
|
hace 15 años |
Luke Taylor
|
7dd8cd2fb9
Make sure ApacheDS work directory is set correctly for separate LDAP test task in config module.
|
hace 15 años |
Luke Taylor
|
551166a577
ApacheDS workDir property should be passed to the test process, not set as a system property in the main build process.
|
hace 15 años |
rwinch
|
a128e3b4fe
http://forum.springsource.org/showthread.php?p=318755 Added PlaceHolderAndELConfigTests.ldapAuthenticationProviderWorksWithPlaceholders
|
hace 15 años |
rwinch
|
de819378fc
SEC-1536: added JAAS API Integration, updated doc, updated jaas sample
|
hace 15 años |
Luke Taylor
|
0217e98bdb
Added an AppListener to collect events for use in tests
|
hace 15 años |