Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: 7bde24af6c
Branches Tags

Commit History

Author SHA1 Message Date
  Luke Taylor 7bde24af6c Reset version to 3.1.0.CI-SNAPSHOT. 14 years ago
  Luke Taylor 9e619611ae Set release version to 3.1.0.RC3 14 years ago
  Luke Taylor 8ce6c73802 Add check for empty attributes list as well as null, in DelegatingMethodSecurityMetadataSource 14 years ago
  Luke Taylor d6b7b52a79 Update to Spring 3.0.6. 14 years ago
  Luke Taylor 3e4fc0b948 SEC-1795: Fix possible NPEs in AclImpl.equals() 14 years ago
  Luke Taylor a4c05239e5 SEC-1719: Lithuanian messages translation. 14 years ago
  Luke Taylor 503ac9ae7c SEC-1798: Remove internal evaluation of EL in JSP tag implementations. 14 years ago
  Luke Taylor 45d938566c Some tests for Base64 encoding. 14 years ago
  Luke Taylor 59a07175a6 SEC-1744: Do not trust authorities contained in the authentication request in JaasAuthenticationProvider. 14 years ago
  Luke Taylor c618f4ab52 Add missing package to remoting bundlor template. 14 years ago
  Luke Taylor 5fce0a58bd SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread. 14 years ago
  Luke Taylor b48fc53fa2 SEC-1741: Modify ContextPropagatingRemoteInvocation to pass a simple combination of principal/credentials as Strings, rather than serializing the whole SecurityContext object from the client. 14 years ago
  Luke Taylor 249610c7ed SEC-1742: Remove deprecated "includeDetailsObject" field from DaoAuthenticationProvider. 14 years ago
  Luke Taylor 1976cb1bf7 SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it. 14 years ago
  Luke Taylor 824464516c SEC-1790: Reject redirect locations containing CR or LF. 14 years ago
  Luke Taylor 6333909107 SEC-1797: Create a new session in AbstractPreAuthenticatedProcessingFilter when the existing session is invalidated on detecting a principal change. 14 years ago
  Luke Taylor 74daa68691 SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected. 14 years ago
  Luke Taylor 8ce4d326f5 Update HttpClient to 4.1.2 and removed incorrect bundlor references to commons version. 14 years ago
  Luke Taylor 0120643721 SEC-1794: Convert OpenIDAuthenticationStatus to an enum. 14 years ago
  Luke Taylor 0c2a950fa0 SEC-1788: Avoid unnecessary call to getPreAuthenticatedPrincipal() in AbstractPreAuthenticatedProcessingFilter when not checking for principal changes is not enabled. 14 years ago
  Rob Winch 7399c9a7a5 SEC-1792: Fixed NullPointerException in RunAsUserToken#toString() 14 years ago
  Rob Winch dfd467f26e cleaned imports in RunAsUserToken 14 years ago
  Luke Taylor 7e44580c75 Minor refactoring of aspects tests. 14 years ago
  Luke Taylor 8740efc0f5 Added constructor injection options to ConcurrentSessionFilter 14 years ago
  Luke Taylor a1c714cff4 SEC-1754: Added an InvalidSessionStrategy to allow SessionManagementFilter to delegate out the behaviour when an invalid session identifier is submitted. 14 years ago
  Luke Taylor ac3d8b25f2 Expand LDAP authentication FAQ with information about bind authentication and unreadable password attributes. 14 years ago
  Luke Taylor 8440743108 Remove Sql query objects from JdbcTokenRepositoryImpl in favour of direct JdbcTemplate use. 14 years ago
  Luke Taylor 89fa771093 SEC-1753: Cater for missing DiscoveryInformation object in OpenID4JavaConsumer.endConsumption. 14 years ago
  Luke Taylor 700fa9e0b6 SEC-1772: remote URL decoding of targetUrlParameter in AbstractAuthenticationTargetUrlRequestHandler. 14 years ago
  Luke Taylor de97bac85b SEC-1763: Prevent nested switches in SwitchUserFilter by calling attemptExitUser() before doing the switch. 14 years ago

Newer Older