github/spring-security

Author	SHA1 Message	Date
Luke Taylor	b1af3d00ee SEC-1857: Use Principal.getName() in ContextPropagatingRemoteInvocation	14 years ago
Luke Taylor	daa7f3f64e SEC-1848: LDAP encode name when using user DN patterns in AbstractLdapAuthenticator.	14 years ago
Rob Winch	7a3135f0f9 SEC-1839: Updated preauth example to use </security:authentication-manager> instead of </security-authentication-manager>	14 years ago
Luke Taylor	82163e2546 Remove ancient code formatter artifacts.	14 years ago
Luke Taylor	2d27b28199 Set version to 3.0.8.CI-SNAPSHOT.	14 years ago
Luke Taylor	714ee3e960 Set version to 3.0.7.RELEASE.	14 years ago
Luke Taylor	ee74c4ced2 SEC-1803: Add check in AbstractAuthenticationTargetUrlRequestHandler for null targetUrlParameter before attempting to read it from the request. Prevents NPE when targetUrlParameter is not set.	14 years ago
Luke Taylor	102027a44c SEC-1804: Updated Javadoc wrt immutability of User class.	14 years ago
Luke Taylor	799a43d72e SEC-1804: Update InMemoryDaoImpl to use User class directly and create a copy. Otherwise credentials are cleared on cached user instances.	14 years ago
Luke Taylor	3dc4158f7d Set version to 3.0.7.CI-SNAPSHOT	14 years ago
Luke Taylor	62f70f17ff Set project release version to 3.0.6.RELEASE	14 years ago
Luke Taylor	4b0fbe1606 Remove session timeout check in tutorial sample.	14 years ago
Luke Taylor	a8bce41876 SEC-1795: Fix possible NPEs in AclImpl.equals()	14 years ago
Luke Taylor	cea1f4499f SEC-1686: Upgrade to Spring 3.0.6	14 years ago
Luke Taylor	c19a5ffd73 SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.	14 years ago
Luke Taylor	594ee9515e Taglib test fixes to take latest SFW changes into account.	14 years ago
Luke Taylor	a087e828a6 SEC-1790: Disable use of spring-security-redirect by default for SimpleUrlLogoutSuccesshandler.	14 years ago
Luke Taylor	5238ba0e26 SEC-1790: Reject redirect locations containing CR or LF.	14 years ago
Luke Taylor	887e3361d2 SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread.	14 years ago
Luke Taylor	a24570ae06 SEC-1744: Do not trust authorities contained in the authentication request in JaasAuthenticationProvider.	14 years ago
Luke Taylor	ba719dc0e1 SEC-1741: Modify ContextPropagatingRemoteInvocation to pass a simple combination of principal/credentials as Strings, rather than serializing the whole SecurityContext object from the client.	14 years ago
Luke Taylor	28e70db8f2 SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it.	14 years ago
Rob Winch	84031c6001 SEC-1792: Fixed NullPointerException in RunAsUserToken#toString()	14 years ago
Luke Taylor	ca2af8bc59 SEC-1770: Call refreshLastRequest on the session registry rather than the SessionInformation object to make sure it works with alternative SessionRegistry implementations.	14 years ago
Luke Taylor	6f59805ef3 SEC-1782: Javadoc correction for LdapAuthenticationProvider.	14 years ago
Rob Winch	f359bed596 SEC-1777: Corrected log in HttpSessionSecurityContextRepository to reference itself instead of HttpSessionContextIntegrationFilter	14 years ago
Florian Fankhauser	0f1ae574ab SEC-1776: Corrected typo in manual	14 years ago
Luke Taylor	cb7a94af88 SEC-1768: Use AopProxyUtils.ultimateTargetClass to cater for situation where security interceptor is applied to a proxy.	14 years ago
Luke Taylor	9b8d2719a6 SEC-1686: Up required minimum version to 3.0.6 in version check.	14 years ago
Luke Taylor	73b67da3a8 SEC-1762: Fix input value assertion check for targetUrlParameter.	14 years ago

Newer Older

Commit History Find

Commit History