Rob Winch
|
7714c5cd02
.gitignore bin and */src/*/java/META-INF
|
13 rokov pred |
Rob Winch
|
5ed5590268
SEC-1970: Cleanup of pre authentication documentation
|
13 rokov pred |
Rob Winch
|
5dd6b4a77a
SEC-1865: Remove invalid OWASP link in TextEscapeUtils
|
13 rokov pred |
Rob Winch
|
5118e0b86e
SEC-1943: Corrected namespace doc to state SecurityContextHolderAwareRequestFilter instead of SecurityContextHolderAwareFilter
|
13 rokov pred |
Rob Winch
|
21f2991ab4
Call SecurityContextHolder.clearContext() in tear down of HttpSessionSecurityContextRepositoryTests
|
14 rokov pred |
Rob Winch
|
3679227b11
SEC-1735: Do not remove SecurityContext from HttpSession when anonymous Authentication is saved if original SecurityContext was anonymous
|
14 rokov pred |
Rob Winch
|
25e17c1568
SEC-1881: Configure surefire to include **/*Test.class to avoid accidentally not running new tests that end in Test
|
14 rokov pred |
Rob Winch
|
9847366d5e
SEC-1881: Renamed **/*Test.java to **/*Tests.java since **/*Test.java are not included in surefire configuration
|
14 rokov pred |
Rob Winch
|
7cb472f105
SEC-1880: Corrected error message when using both logout-success-url and success-handler-ref
|
14 rokov pred |
Rob Winch
|
863b36962b
SEC-1878: Added test to ensure that DefaultFilterChainValidator can handle web expressions
|
14 rokov pred |
Rob Winch
|
bbfb3da9c7
Updated to maven-resources-plugin 2.4
|
14 rokov pred |
Luke Taylor
|
b1af3d00ee
SEC-1857: Use Principal.getName() in ContextPropagatingRemoteInvocation
|
14 rokov pred |
Luke Taylor
|
daa7f3f64e
SEC-1848: LDAP encode name when using user DN patterns in AbstractLdapAuthenticator.
|
14 rokov pred |
Rob Winch
|
7a3135f0f9
SEC-1839: Updated preauth example to use </security:authentication-manager> instead of </security-authentication-manager>
|
14 rokov pred |
Luke Taylor
|
82163e2546
Remove ancient code formatter artifacts.
|
14 rokov pred |
Luke Taylor
|
2d27b28199
Set version to 3.0.8.CI-SNAPSHOT.
|
14 rokov pred |
Luke Taylor
|
714ee3e960
Set version to 3.0.7.RELEASE.
|
14 rokov pred |
Luke Taylor
|
ee74c4ced2
SEC-1803: Add check in AbstractAuthenticationTargetUrlRequestHandler for null targetUrlParameter before attempting to read it from the request. Prevents NPE when targetUrlParameter is not set.
|
14 rokov pred |
Luke Taylor
|
102027a44c
SEC-1804: Updated Javadoc wrt immutability of User class.
|
14 rokov pred |
Luke Taylor
|
799a43d72e
SEC-1804: Update InMemoryDaoImpl to use User class directly and create a copy. Otherwise credentials are cleared on cached user instances.
|
14 rokov pred |
Luke Taylor
|
3dc4158f7d
Set version to 3.0.7.CI-SNAPSHOT
|
14 rokov pred |
Luke Taylor
|
62f70f17ff
Set project release version to 3.0.6.RELEASE
|
14 rokov pred |
Luke Taylor
|
4b0fbe1606
Remove session timeout check in tutorial sample.
|
14 rokov pred |
Luke Taylor
|
a8bce41876
SEC-1795: Fix possible NPEs in AclImpl.equals()
|
14 rokov pred |
Luke Taylor
|
cea1f4499f
SEC-1686: Upgrade to Spring 3.0.6
|
14 rokov pred |
Luke Taylor
|
c19a5ffd73
SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.
|
14 rokov pred |
Luke Taylor
|
594ee9515e
Taglib test fixes to take latest SFW changes into account.
|
14 rokov pred |
Luke Taylor
|
a087e828a6
SEC-1790: Disable use of spring-security-redirect by default for SimpleUrlLogoutSuccesshandler.
|
14 rokov pred |
Luke Taylor
|
5238ba0e26
SEC-1790: Reject redirect locations containing CR or LF.
|
14 rokov pred |
Luke Taylor
|
887e3361d2
SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread.
|
14 rokov pred |