Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: a087e828a6
Branches Tags

Commit History

Author SHA1 Message Date
  Luke Taylor a087e828a6 SEC-1790: Disable use of spring-security-redirect by default for SimpleUrlLogoutSuccesshandler. 14 years ago
  Luke Taylor 5238ba0e26 SEC-1790: Reject redirect locations containing CR or LF. 14 years ago
  Luke Taylor 887e3361d2 SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread. 14 years ago
  Luke Taylor a24570ae06 SEC-1744: Do not trust authorities contained in the authentication request in JaasAuthenticationProvider. 14 years ago
  Luke Taylor ba719dc0e1 SEC-1741: Modify ContextPropagatingRemoteInvocation to pass a simple combination of principal/credentials as Strings, rather than serializing the whole SecurityContext object from the client. 14 years ago
  Luke Taylor 28e70db8f2 SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it. 14 years ago
  Rob Winch 84031c6001 SEC-1792: Fixed NullPointerException in RunAsUserToken#toString() 14 years ago
  Luke Taylor ca2af8bc59 SEC-1770: Call refreshLastRequest on the session registry rather than the SessionInformation object to make sure it works with alternative SessionRegistry implementations. 14 years ago
  Luke Taylor 6f59805ef3 SEC-1782: Javadoc correction for LdapAuthenticationProvider. 14 years ago
  Rob Winch f359bed596 SEC-1777: Corrected log in HttpSessionSecurityContextRepository to reference itself instead of HttpSessionContextIntegrationFilter 14 years ago
  Florian Fankhauser 0f1ae574ab SEC-1776: Corrected typo in manual 14 years ago
  Luke Taylor cb7a94af88 SEC-1768: Use AopProxyUtils.ultimateTargetClass to cater for situation where security interceptor is applied to a proxy. 14 years ago
  Luke Taylor 9b8d2719a6 SEC-1686: Up required minimum version to 3.0.6 in version check. 14 years ago
  Luke Taylor 73b67da3a8 SEC-1762: Fix input value assertion check for targetUrlParameter. 14 years ago
  Luke Taylor b5546d1d29 SEC-1764: Remove use of Java 6 method Arrays.copyOfRange. 14 years ago
  Luke Taylor 70ca0d1a39 SEC-1764: Ensure password encoders use UTF-8 charset when creating strings from byte arrays. 14 years ago
  Luke Taylor 7a5a062cd0 SEC-1764: Backport Utf8 encoder to 3.0.x 14 years ago
  Luke Taylor 977da0da1f SEC-1733: Support explicit zero netmask correctly. 14 years ago
  Luke Taylor dfbc938e99 Added note in namespace docs on mismatch between using filters="none" and other attributes. 14 years ago
  Rob Winch d5f1f6cbff SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts 14 years ago
  Luke Taylor a2cdbab50c SEC-1747: Upgrade to Spring LDAP 1.3.1 14 years ago
  Luke Taylor 1833b234a5 SEC-1722: Correct javadoc 14 years ago
  Luke Taylor 6c97fccc91 SEC-1700: Allow for case where JAAS config is not a simple file, but may be a jar resource, for example. 14 years ago
  Luke Taylor 2888f2b86f SEC-1720: Avoid bean-creation side-effects in ContextSourceSettingPostProcessor. 14 years ago
  Luke Taylor 04d42211b1 SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter. 14 years ago
  Rob Winch 6a87a5f1a1 SEC-1703: Updated namespace for intercept-url 14 years ago
  Rob Winch f6b21880a2 SEC-1703: Updated cas custom-filter@ref to match example bean id and custom-filter@position to be CAS_FILTER 14 years ago
  Luke Taylor 198d5d0482 SEC-1701: Trim claimed identity parameter value before submitting to OpenID4Java. 14 years ago
  Rob Winch acee3e2593 SEC-1698: Update documentation to use correct package for RequestHeaderAuthenticationFilter 14 years ago
  Luke Taylor b87dabe1ac SEC-1683: Corrected typo 14 years ago

Newer Older