Luke Taylor
|
d6f408e8bf
SEC-1583: Added hasAuthority and hasAnyAuthority imlementations to SecurityExpressionRoot.
|
15 years ago |
Luke Taylor
|
1739628e6a
SEC-1589: Add support for property placeholder in intercept-methods access attribute.
|
15 years ago |
Luke Taylor
|
8e68fa1334
SEC-1584: Added namespace support for injecting custom HttpFirewall instance into FilterChainProxy.
|
15 years ago |
Luke Taylor
|
82cd72768d
doc updates to be merged with orgininal sec-1584 doc changes
|
15 years ago |
Luke Taylor
|
161710cc87
SEC-1584: Doc updates to explain request matching process.
|
15 years ago |
Luke Taylor
|
dc1b652512
SEC-1584: Additional integration tests.
|
15 years ago |
Luke Taylor
|
ed9411c660
SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/".
|
15 years ago |
Luke Taylor
|
e58f982351
Updating gitignore and removing unnecessary casts from FilterChainProxyConfigTests.
|
15 years ago |
Luke Taylor
|
072b73354f
Update namespace handler message to account for later schema versions being used by mistake.
|
15 years ago |
Rob Winch
|
443231d1e8
SEC-1578: Use ThreadLocal.remove() instead of ThreadLocal.set(null)
|
15 years ago |
Luke Taylor
|
45674a16ea
SEC-1540: Apply patch to support HTTP method matching for requires-channel namespace attribute.
|
15 years ago |
Luke Taylor
|
a1b124def5
SEC-1532: Add cache of previously matched beans to ProtectPointcutPostProcessor to ensure that it doesn't perform pointcut matching every time a new prototype bean is created.
|
15 years ago |
Luke Taylor
|
f6abc24ed6
SEC-1529: More user-friendly expression @PreAuthorize expression in EL chapter.
|
15 years ago |
Luke Taylor
|
1a9b7e1b6f
SEC-1520: Close NamingEnumeration in LDAP compare implementation.
|
15 years ago |
Luke Taylor
|
8b5c70951d
SEC-1518: Fix element ordering in security.tld
|
15 years ago |
Luke Taylor
|
c891ab45ec
Remove optional qualifier from apacheds dependencies in LDAP sample.
|
15 years ago |
Luke Taylor
|
657a69b906
Minor doc/javadoc updates to clarify use of UserDetailsContextapper.
|
15 years ago |
Luke Taylor
|
3b8fbe8bee
Minor doc updates.
|
15 years ago |
Luke Taylor
|
4ad85cdfdf
SEC-1508: Update docbook processing to use Docbook 5 namespaces.
|
15 years ago |
Luke Taylor
|
845c50a1c3
SEC-1507: Applied patch to return empty authority list rather than null from RoleHierarchyImpl.
|
15 years ago |
Luke Taylor
|
25d222208d
Switch version to 3.0.4-CI-SNAPSHOT.
|
15 years ago |
Luke Taylor
|
9b0c21dfef
3.0.3 release. Update version in build files.
|
15 years ago |
Luke Taylor
|
8301bd6276
Added that config jar is required to use the namespace.
|
15 years ago |
Luke Taylor
|
1872d94aa1
Porting gradle changes from master
|
15 years ago |
Luke Taylor
|
46611872db
Updated version in manual for 3.0.3 release
|
15 years ago |
Luke Taylor
|
b6cbdde0cb
Minor doc xref link corrections.
|
15 years ago |
Luke Taylor
|
71e1702224
SEC-1493: Documentation of support for erasing credentials.
|
15 years ago |
Luke Taylor
|
80ccd2b285
SEC-1501: Fix bean classname in Javadoc for SwitchUserFilter.
|
15 years ago |
Luke Taylor
|
02c1f02f2a
SEC-1493: Fix broken tests in 3.0.x branch
|
15 years ago |
Luke Taylor
|
21a664b2eb
Deprecation warning suppression for UserMap.
|
15 years ago |