 Luke Taylor
|
681f1ee00c
Fix duplicate logging.
|
17 роки тому |
|
Luke Taylor
|
74fd5fe8a4
Finish refactoring JdbcDaoIml to remove MappingSqlQuery objects. Updated Javadoc to avoid user confusion.
|
17 роки тому |
|
Luke Taylor
|
b24cc17dea
SEC-1052: Added "disableUrlRewriting" parameter to HttpSessionSecurityContextRepository.
|
17 роки тому |
 Scott Battaglia
|
717fdcfec3
SEC-1046
|
17 роки тому |
|
Luke Taylor
|
bf409b5b25
Improvements to Javadoc.
|
17 роки тому |
|
Luke Taylor
|
55cc98ab54
SEC-1006: Fixed Javadoc.
|
17 роки тому |
|
Luke Taylor
|
f54d7ee6bc
SEC-535: Added "postOnly" flag to AuthenticationProcessingFilter, defaulting to "true" so that only POST requests are allowed by default.
|
17 роки тому |
|
Luke Taylor
|
224c86a0b3
Tidying.
|
17 роки тому |
|
Luke Taylor
|
898ef36d02
SEC-959: Converted SwitchUserFilter to use new Authentication success and failure strategies from SEC-745 for managing redirects.
|
17 роки тому |
|
Luke Taylor
|
c3181d9db0
SEC-1063: Moved the justUseSavedRequestOnGet property to ExceptionTranslationFilter. If set, it will not store the SavedRequest for unless the request is a GET.
|
17 роки тому |
|
Luke Taylor
|
c564a879d4
Some tests used for obtaining performance data.
|
17 роки тому |
|
Luke Taylor
|
40ccd3be11
SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument.
|
17 роки тому |
|
Luke Taylor
|
fcc68e636e
SEC-1062: Added authentication-success-handler-ref and authentication-failure-handler-ref to the namespace definition.
|
17 роки тому |
|
Luke Taylor
|
a0bcf7184c
SEC-1061: Renamed serverSideRedirect property.
|
17 роки тому |
|
Luke Taylor
|
cf3cac90ad
SEC-1058, SEC-745: Updating comments
|
17 роки тому |
|
Luke Taylor
|
3f38035057
SEC-1058: Renamed "forwardToDestination" to "useForward" for simplicity and consistency with the namespace.
|
17 роки тому |
|
Luke Taylor
|
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
|
17 роки тому |
|
Luke Taylor
|
839279161d
SEC-745: Added concrete failure handling strategies.
|
17 роки тому |
|
Luke Taylor
|
6664f57ff6
SEC-992: Removed the line setting returningObj to false.
|
17 роки тому |
|
Luke Taylor
|
10e4d1fe1a
SEC-1058: Partial refactoring of AbstractProcessingFilter. It now uses the injected SuccssfulAuthenticationHandler strategy instead of managing everything itself. The default implementation is SavedRequestAwareSuccessfulAuthenticationHandler which encapsulates most of the filter's success logic along with the code which was previously in TargetUrlResolver. Removed TargetUrlResolver.
|
17 роки тому |
|
Luke Taylor
|
6c7d15ee44
Removed unused logger and imports.
|
17 роки тому |
|
Luke Taylor
|
df771038b4
SEC-1051: Fixed class names in dms sample app context.
|
17 роки тому |
|
Luke Taylor
|
615194710e
SEC-745: Created AuthenticationFailureHandler and AuthenticationSuccessHandler strategy interfaces.
|
17 роки тому |
|
Luke Taylor
|
48dce501ce
SEC-942: Added createEmptyContext() method to SecurityContextHolderStrategy and SecurityContextHolder to encapsulate the context implemetentation in one place. HttpSessionSecurityContextRepository calls this method when it needs a new context to store in the session.
|
17 роки тому |
|
Luke Taylor
|
aec23749d7
SEC-1056: Remove deprecated FilterToBeanProxy: It's gone
|
17 роки тому |
|
Luke Taylor
|
3fcc7b5403
SEC-1051: Moved voter and afterinvocation packages into acl package. Also moved filterer classes fom core, as they are used in the acl after-invocation classes
|
17 роки тому |
|
Luke Taylor
|
a443e55832
SEC-1057: Refactored TargetUrlResolver to remove SavedRequest from determineTargetUrl method.
|
17 роки тому |
|
Luke Taylor
|
093365b2f4
Removed unnecessary cast.
|
17 роки тому |
|
Luke Taylor
|
30f9b3e72c
SEC-995: AbstractSecurityInterceptor exception message improvement. Added the secured object to the exception message to make it easier to track down the originating method which causes a problem with public invocations.
|
17 роки тому |
|
Luke Taylor
|
3f40604b82
SEC-1055: Converted interfaces and methods using ServletRequest/Response to HttpServletRequest/Response where appropriate.
|
17 роки тому |
