github/spring-security

Author	SHA1 Message	Date
Luke Taylor	a45d2a4fb2 SEC-1462: Only apply session fixation protection strategy if request.isRequestedSessionIdValid() returns true. We don't need to create a new session if the current one already has a different Id from the client.	15 years ago
Luke Taylor	93deec8d40 SEC-1458: Remove logger field in HttpSessionEventPublisher in favour of direct lookup. Prevents early initialization of logging system when listener is initialized.	15 years ago
Luke Taylor	0521d10069 SEC-1294: Enable access to beans from ApplicationContext in EL expressions.	15 years ago
Luke Taylor	12a6ae2ffa SEC-1232: Add config dependency to maven build for aspectj sample.	15 years ago
Luke Taylor	a5a95a8ebc Upgrade jython and disable cachedir.	15 years ago
Luke Taylor	a3ef8255d8 SEC-1232: GlobalMethodSecurityBeanDefinitionParser support for mode='aspectj'	15 years ago
Luke Taylor	020e0aa49a SEC-1448: Fixed failure to resolve generic method argument names in MethodSecurityEvaluationContext.	15 years ago
Luke Taylor	d334f6fa09 Latest gradle syntax updates.	15 years ago
Luke Taylor	2b9beffd08 SEC-1444: Fix JNDI escaping problems in LDAP authentication.	15 years ago
Luke Taylor	977bc2b164 SEC-1433: Reduce the number of direct dependencies on DataAccessException from spring-tx.	15 years ago
Luke Taylor	57150a6717 SEC-1440: Add entry-point-ref to http-basic element to allow setting a separate AuthenticationEntryPoint for the BasicAuthenticationFilter.	15 years ago
Luke Taylor	2a0aae1904 SEC-524: Document addition of "var" attribute in authorization tags.	15 years ago
Luke Taylor	0849dd93e9 Minor correction to namespace appendix	15 years ago
Luke Taylor	472c1fac84 SEC-1450: Replace use of ClassUtils.getMostSpecificMethod() in AbstractFallbackMethodDefinitionSource with AopUtils.getMostSpecificMethod() equivalent.	15 years ago
Luke Taylor	bf91f2ca67 SEC-524: Added "var" attribute to authorize and accesscontrollist JSP tags.	15 years ago
Luke Taylor	2e2625873c SEC-1446: Modified BasicAuthenticationFilter to treat invalid base64 and invalid Basic authentication tokens as a failed authentication (raising a BadCredentialsException, without calling the AuthenticationManager).	15 years ago
Luke Taylor	e60108ca8c SEC-1443: Modify Jsr250Voter to handle multiple "RolesAllowed" roles.	15 years ago
Luke Taylor	d5df53f1db SEC-1439: Make getters and setters public on HttpRequestResponseHolder.	15 years ago
Luke Taylor	111d49d68a Added build file for itest-context.	15 years ago
Luke Taylor	9e049dfef4 SEC-1438: Removed JoinPoint support from AbstractMethodSecurityMetadataSource	15 years ago
Luke Taylor	1be44ecd18 SEC-1262: Added extra test for PostFilter with AspectJ interceptor.	15 years ago
Luke Taylor	c09cd3a9cb Remove unused inner class in MethodSecurityMetadataSourceAdvisor	15 years ago
Luke Taylor	55de2cfcb1 SEC-1262: Added new (replacement) AspectJ interceptor which wraps the JoinPoint in a MethodInvocation adapter to provide compatibility with classes which only support MethodInvocation instances.	15 years ago
Luke Taylor	2b8b8819e4 Added gradle support for aspects project.	15 years ago
Luke Taylor	6fcaba2c46 Moved setting of 'provided' scope mapping on pom out of whenConfigured() so that the mapping is in place when the pom dependencies are assembled. Added 'skipTests' option.	15 years ago
Luke Taylor	f3264ba9ab Addition of commons-logging exclusions and adjustments to pom generation.	15 years ago
Hans Dockter	b64a3fa725 Hans Dockter's refactoring of gradle build, plus simplification of docbook plugin.	15 years ago
Luke Taylor	d66ff32a1d Added taglib dependency to itest-web project. Needed by additional test for SEC-1420.	15 years ago
Luke Taylor	b7aaa3447c Updated aws-maven to 3.0.0.RELEASE	15 years ago
Luke Taylor	b38b8e55ac SEC-1432: Convert map keys to lower-case in UserMap.setUsers().	15 years ago

Newer Older

Commit History Find

Commit History