 Luke Taylor
|
d7cef1ba31
SEC-539: Moved SecurityContextHolder.setContext() call into the try {} block to emphasize that it is only set for the duration of chain.doFilter() and immediately cleared afterwards. Changed the debug messages about setting the context, since it has not strictly taken place when they are logged.
|
18 年之前 |
|
Luke Taylor
|
47c5a6d43f
SEC-539: Renamed extractSecurityContextFromSession to readSecurityContextFromSession to emphasize that it doesn't actually modify anything (the context is still stored in the session).
|
18 年之前 |
|
Luke Taylor
|
f7a6129657
SEC-539: Removed unnecessary check for a null request object. Removed unnecessary catch/rethrow of IOException and ServletException from try/finally around chain.doFilter.
|
18 年之前 |
|
Luke Taylor
|
d1be9f9980
SEC-539: Refactored so that SecurityContextHolder.setContext() is called in exactly one place. Moved setting of httpSession = null to point immediately after its last use.
|
18 年之前 |
|
Luke Taylor
|
3dd0716611
SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter().
|
18 年之前 |
|
Luke Taylor
|
fa63d8ecfb
SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession()
|
18 年之前 |
|
Luke Taylor
|
ce3eb599ed
SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter().
|
18 年之前 |
|
Luke Taylor
|
ba88214d1d
SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic.
|
18 年之前 |
|
Luke Taylor
|
27ef2caf45
SEC-539: Removed filterApplied boolean.
|
18 年之前 |
|
Luke Taylor
|
e8d11f28f2
SEC-539: Extracted storeSecurityContextInSession() method.
|
18 年之前 |
|
Luke Taylor
|
bcf69cbe3d
SEC-539: Extracted populateSecurityContextFromSession() method.
|
18 年之前 |
|
Luke Taylor
|
6651a240de
Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not.
|
18 年之前 |
|
Luke Taylor
|
6fe00b3433
SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true.
|
18 年之前 |
|
Luke Taylor
|
036ea034ac
SEC-521: Updated svn URLs to match recent repository restructuring.
|
18 年之前 |
|
Luke Taylor
|
4ba77fa736
SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected.
|
18 年之前 |
|
Luke Taylor
|
e189bc685f
SEC-408: Fix. Provide getter for filterProcessesUrl.
|
18 年之前 |
|
Luke Taylor
|
c8077c5e87
SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes.
|
18 年之前 |
|
Luke Taylor
|
3f123e1478
SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache).
|
18 年之前 |
|
Luke Taylor
|
87d6b8dedd
SEC-412: Fix. Added extra constructor to UsernameNotFoundException allow use of extraInformation property of parent class.
|
18 年之前 |
|
Luke Taylor
|
f47ccd81a6
SEC-487: Added documentation on use of #NONE# in FilterChainProxy. Also changed doc version to 1.0.5.
|
18 年之前 |
|
Luke Taylor
|
dda88e3931
SEC-502: Fix. Use a Map instead of HashMap in the API. Also some minor tidying of test class.
|
18 年之前 |
|
Luke Taylor
|
57f3d268a1
SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys.
|
18 年之前 |
|
Luke Taylor
|
1c72b7989e
Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl.
|
18 年之前 |
|
Luke Taylor
|
82599a72ba
Reformatted LogoutFilter.
|
18 年之前 |
|
Luke Taylor
|
f8689b18b2
SEC-526: Fixed. Support for different case prefixes ({SHA}, {sha} etc).
|
18 年之前 |
|
Luke Taylor
|
0425d3b638
Rolled back unnecessary changes (whitespace, imports etc) for SEC-398 to make actual change from revision 1858 clearer.
|
18 年之前 |
|
Luke Taylor
|
ed944fa537
SEC-514: Re-enable contact sample in maven build.
|
18 年之前 |
|
Luke Taylor
|
6a36ae7a0d
SEC-509: removed clirr plugin declaration from maven build.
|
18 年之前 |
|
Luke Taylor
|
c682a79e46
SEC-505: Fixed. Minor corrections to docbook source.
|
18 年之前 |
|
Luke Taylor
|
709dba101c
SEC-498: Correct name of AfterInvocationProviderManager
|
18 年之前 |
