github/spring-security

Autor	SHA1 Wiadomość	Data
Luke Taylor	cea1f4499f SEC-1686: Upgrade to Spring 3.0.6	14 lat temu
Luke Taylor	c19a5ffd73 SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.	14 lat temu
Luke Taylor	594ee9515e Taglib test fixes to take latest SFW changes into account.	14 lat temu
Luke Taylor	a087e828a6 SEC-1790: Disable use of spring-security-redirect by default for SimpleUrlLogoutSuccesshandler.	14 lat temu
Luke Taylor	5238ba0e26 SEC-1790: Reject redirect locations containing CR or LF.	14 lat temu
Luke Taylor	887e3361d2 SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread.	14 lat temu
Luke Taylor	a24570ae06 SEC-1744: Do not trust authorities contained in the authentication request in JaasAuthenticationProvider.	14 lat temu
Luke Taylor	ba719dc0e1 SEC-1741: Modify ContextPropagatingRemoteInvocation to pass a simple combination of principal/credentials as Strings, rather than serializing the whole SecurityContext object from the client.	14 lat temu
Luke Taylor	28e70db8f2 SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it.	14 lat temu
Rob Winch	84031c6001 SEC-1792: Fixed NullPointerException in RunAsUserToken#toString()	14 lat temu
Luke Taylor	ca2af8bc59 SEC-1770: Call refreshLastRequest on the session registry rather than the SessionInformation object to make sure it works with alternative SessionRegistry implementations.	14 lat temu
Luke Taylor	6f59805ef3 SEC-1782: Javadoc correction for LdapAuthenticationProvider.	14 lat temu
Rob Winch	f359bed596 SEC-1777: Corrected log in HttpSessionSecurityContextRepository to reference itself instead of HttpSessionContextIntegrationFilter	14 lat temu
Florian Fankhauser	0f1ae574ab SEC-1776: Corrected typo in manual	14 lat temu
Luke Taylor	cb7a94af88 SEC-1768: Use AopProxyUtils.ultimateTargetClass to cater for situation where security interceptor is applied to a proxy.	14 lat temu
Luke Taylor	9b8d2719a6 SEC-1686: Up required minimum version to 3.0.6 in version check.	14 lat temu
Luke Taylor	73b67da3a8 SEC-1762: Fix input value assertion check for targetUrlParameter.	14 lat temu
Luke Taylor	b5546d1d29 SEC-1764: Remove use of Java 6 method Arrays.copyOfRange.	14 lat temu
Luke Taylor	70ca0d1a39 SEC-1764: Ensure password encoders use UTF-8 charset when creating strings from byte arrays.	14 lat temu
Luke Taylor	7a5a062cd0 SEC-1764: Backport Utf8 encoder to 3.0.x	14 lat temu
Luke Taylor	977da0da1f SEC-1733: Support explicit zero netmask correctly.	14 lat temu
Luke Taylor	dfbc938e99 Added note in namespace docs on mismatch between using filters="none" and other attributes.	14 lat temu
Rob Winch	d5f1f6cbff SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts	14 lat temu
Luke Taylor	a2cdbab50c SEC-1747: Upgrade to Spring LDAP 1.3.1	14 lat temu
Luke Taylor	1833b234a5 SEC-1722: Correct javadoc	14 lat temu
Luke Taylor	6c97fccc91 SEC-1700: Allow for case where JAAS config is not a simple file, but may be a jar resource, for example.	14 lat temu
Luke Taylor	2888f2b86f SEC-1720: Avoid bean-creation side-effects in ContextSourceSettingPostProcessor.	14 lat temu
Luke Taylor	04d42211b1 SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter.	14 lat temu
Rob Winch	6a87a5f1a1 SEC-1703: Updated namespace for intercept-url	14 lat temu
Rob Winch	f6b21880a2 SEC-1703: Updated cas custom-filter@ref to match example bean id and custom-filter@position to be CAS_FILTER	14 lat temu

Nowsze Starsze

Historia zmian Szukaj

Historia zmian