Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: eaa0dc4fce
Branches Tags

Commit History

Author SHA1 Message Date
  Luke Taylor eaa0dc4fce typo 16 years ago
  Luke Taylor e40b9fbc75 SEC-1196: Introduce AuthenticationManagerDelegator is MethodSecurityInterceptor which is configured by global-method-security. Prevents regression of SEC-933 caused by eager init of AuthenitcationManager and dependent beans 16 years ago
  Luke Taylor 997faabe1e SEC-1196: Removed ConfigUtils (no longer used). 16 years ago
  Luke Taylor 5953af0f6b SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements). 16 years ago
  Luke Taylor c5d6484b54 SEC-1210: RememberMe filter misses UserDetailsService in default <http /> tag config when it is declared in parent app context. Fixed by getting the UserDetailsServiceInjectionPostProcessor to check ancestor bean factories for a UserDetailsService if one isn't found in the current bean factory. 16 years ago
  Luke Taylor 160aa512a1 Remove "infrastructure" type from authentication provider bean. 16 years ago
  Luke Taylor 6ae61f95db Minor updates to test XML context implementation. 16 years ago
  Luke Taylor a4a0aab66f SEC-1164: Add additional component definitions so that Spring IDE picks them up and doesn;t report missing bean definitions 16 years ago
  Luke Taylor 06e393a171 Update bundlor to M5 16 years ago
  Luke Taylor ecbacddc7c SEC-1146: Add some information on using authority groups 16 years ago
  Luke Taylor 5d5df0c63d Added extra 'manual' security interceptor config 16 years ago
  Luke Taylor 68364f06a2 Minor itest updates 16 years ago
  Luke Taylor 3e6054b69f SEC-1211: Rename SessionFixationProtectionFilter to SessionManagementFilter, since it no longer performs session-fixation protection directly, but just executes the AuthenticatedSessionStrategy. 16 years ago
  Luke Taylor 5e285b3692 SEC-1211: Set the default AuthenticatedSessionStrategy to a null implementation to preserve existing behaviour. 16 years ago
  Luke Taylor 609a68b12a SEC-1077: Added DefaultAuthenticatedSessionStrategy test to check that saved request attribute is retained when migrateAttributes is false. 16 years ago
  Luke Taylor db90122179 SEC-1211: Create strategy for session handling on successful authentication. Added AuthenticatedSessionStrategy interface and default implementation which encapsulates the functionality that was previously in SessionFixationProtectionFilter and AbstractAuthentictationProcessingFilter. Updated the namespace to make use of these. 16 years ago
  Luke Taylor 4a12b80470 Minor updates to x509 doc and update of remember-me doc (no longer part of auto-config) 16 years ago
  Luke Taylor fdb7325cbc Javadoc update 16 years ago
  Luke Taylor 9c27bced5b Corrected typo 16 years ago
  Luke Taylor 40efe6db57 Minor doc updates 16 years ago
  Luke Taylor 0a37aed4b9 SEC-1207. Fixed class name in jsp 16 years ago
  Luke Taylor 719a5e09d8 SEC-1205: Added comment to Javadoc for PasswordComparisonAuthenticator to indicate that it won't work with SSHA passwords 16 years ago
  Luke Taylor 931cf90dbb SEC-1203: Allow configuration of X509 subject-dn-regex attribute using PropertyPlaceholderConfigurer. Modified parser to use a BeanDefinition for the SubjectPrincipalDnExtractor to allow property subsititution. 16 years ago
  Luke Taylor 8b115e2a21 SEC-1167: Added setRequestCache to SavedRequestAwareAuthenticationSuccessHandler and updated namespace parsing to set PortResolver on created HttpRequestCache. 16 years ago
  Luke Taylor f404bb3d74 SEC-1167: Introduce more flexible SavedRequest handling. Separated the concept of SavedRequest from SecurityContextHolderAwareFilter since the two are orthogonal requirements. This no longer takes a wrapper class property or uses reflection. SavedRequest functionality is accessed through the RequestCache interface, with the default implementation being HttpSessionRequestCache. A separate filter RequestCacheAwareFilter is now responsible for reconstituting the SavedRequest if it matches the current request. The functionality for matching and returning the wrapper is contained in the RequestCache method though. 16 years ago
  Luke Taylor efd1dbf54a Removed public modifier from getSessionController() method on ProviderManager. 16 years ago
  Luke Taylor 491837ae34 SEC-1197: Moved support from session-controller-ref from authentication-manager to concurrent-session-control element. Plus refactoring of config classes into separate packages. 16 years ago
  Luke Taylor 83da7be2ea Remove (ticket) cache package from CAS module. Unnecesary and has a circular reference. 16 years ago
  Luke Taylor 1afa67c954 SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block. 16 years ago
  Luke Taylor 6346e31517 SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance. Implemented "parent" AuthenticationManager in ProviderManager which is delegated to when no authentication is returned by the instances list of authentication providers. Extracted the Authentication success/failure publishing into a separate strategy. 16 years ago

Newer Older