Inicio Explorar Axuda
Rexistro Iniciar sesión
github
/
spring-security
réplica de https://github.com/spring-projects/spring-security
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Árbore: 8e68fa1334
Ramas Etiquetas

Commit History

Autor SHA1 Mensaxe Data
  Luke Taylor 8e68fa1334 SEC-1584: Added namespace support for injecting custom HttpFirewall instance into FilterChainProxy. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 82cd72768d doc updates to be merged with orgininal sec-1584 doc changes %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 161710cc87 SEC-1584: Doc updates to explain request matching process. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor dc1b652512 SEC-1584: Additional integration tests. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor ed9411c660 SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/". %!s(int64=15) %!d(string=hai) anos
  Luke Taylor e58f982351 Updating gitignore and removing unnecessary casts from FilterChainProxyConfigTests. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 072b73354f Update namespace handler message to account for later schema versions being used by mistake. %!s(int64=15) %!d(string=hai) anos
  Rob Winch 443231d1e8 SEC-1578: Use ThreadLocal.remove() instead of ThreadLocal.set(null) %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 45674a16ea SEC-1540: Apply patch to support HTTP method matching for requires-channel namespace attribute. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor a1b124def5 SEC-1532: Add cache of previously matched beans to ProtectPointcutPostProcessor to ensure that it doesn't perform pointcut matching every time a new prototype bean is created. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor f6abc24ed6 SEC-1529: More user-friendly expression @PreAuthorize expression in EL chapter. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 1a9b7e1b6f SEC-1520: Close NamingEnumeration in LDAP compare implementation. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 8b5c70951d SEC-1518: Fix element ordering in security.tld %!s(int64=15) %!d(string=hai) anos
  Luke Taylor c891ab45ec Remove optional qualifier from apacheds dependencies in LDAP sample. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 657a69b906 Minor doc/javadoc updates to clarify use of UserDetailsContextapper. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 3b8fbe8bee Minor doc updates. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 4ad85cdfdf SEC-1508: Update docbook processing to use Docbook 5 namespaces. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 845c50a1c3 SEC-1507: Applied patch to return empty authority list rather than null from RoleHierarchyImpl. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 25d222208d Switch version to 3.0.4-CI-SNAPSHOT. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 9b0c21dfef 3.0.3 release. Update version in build files. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 8301bd6276 Added that config jar is required to use the namespace. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 1872d94aa1 Porting gradle changes from master %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 46611872db Updated version in manual for 3.0.3 release %!s(int64=15) %!d(string=hai) anos
  Luke Taylor b6cbdde0cb Minor doc xref link corrections. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 71e1702224 SEC-1493: Documentation of support for erasing credentials. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 80ccd2b285 SEC-1501: Fix bean classname in Javadoc for SwitchUserFilter. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 02c1f02f2a SEC-1493: Fix broken tests in 3.0.x branch %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 21a664b2eb Deprecation warning suppression for UserMap. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 9a2d0c2cb5 SEC-1493: Added namespace support. %!s(int64=15) %!d(string=hai) anos
  Luke Taylor 73b62497a3 SEC-1493: Added CredentialsContainer interface and implemented it in User, AbstractAuthenticationToken and UsernamePasswordAuthenticationToken. ProviderManager makes use of this to erase the credentials of the returned Authentication object (and its contents) if configured to do so by setting the 'eraseCredentialsAfterAuthentication' property. %!s(int64=15) %!d(string=hai) anos

Posterior Anterior