Luke Taylor
|
eb9482b33b
Removal of some unused internal methods, plus additional tests for some areas lacking coverage.
|
14 سال پیش |
Luke Taylor
|
20e65a93ea
Minor test updates.
|
14 سال پیش |
Luke Taylor
|
5f58108717
Typo.
|
14 سال پیش |
Luke Taylor
|
83050f96cb
SEC-1656: Document potential need for pre-emptive session creation if writing the security context manuall.
|
14 سال پیش |
Luke Taylor
|
a790c7e192
SEC-1670: Take account of JNDI CompositeName escaping in value of SearchResult.getName() when performing a search for a user entry in SpringSecurityLdapTemplate.
|
14 سال پیش |
Luke Taylor
|
4e349904e5
Add missing language attributes to programlisting tags for highlighting.
|
14 سال پیش |
Luke Taylor
|
5caa41753a
Add check for coverage data before trying to produce report.
|
14 سال پیش |
Rob Winch
|
8c08eeb57b
SEC-1666: Use constant time comparison for sensitive data.
|
14 سال پیش |
Luke Taylor
|
6a62b51870
Fix typo in FAQ.
|
14 سال پیش |
Rob Winch
|
2e822e9abe
SEC-1659: Ensure that Digester is returning digest(digest(value)...) instead of digesting the same value multiple times.
|
14 سال پیش |
Luke Taylor
|
347a2a91a9
SEC-1494: Document the use of system properties for disabling authorize tag functionality.
|
14 سال پیش |
Luke Taylor
|
66e2a5246d
SEC-1652: Use a URI for resolving the LDIF file for loading in ApacheDS container to allow for loading files which are contained in a jar.
|
14 سال پیش |
Rob Winch
|
3f7f87e19f
SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests.
|
14 سال پیش |
Luke Taylor
|
077af5e187
SEC-1661: Use a DistinguishedName to wrap the search base to avoid the need for JNDI escaping.
|
14 سال پیش |
Luke Taylor
|
866615ceaa
SEC-1662: Cater for the case where a user uses two <http> elements without patterns and the RequestMatcher does not have two arguments.
|
14 سال پیش |
Luke Taylor
|
d58dd79a52
SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled.
|
14 سال پیش |
Luke Taylor
|
00200cecbc
SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour).
|
14 سال پیش |
Rob Winch
|
1b32babbf9
SEC-1545: Removed unused i18n keys, changed keys to follow naming conventions, found missing keys based upon old keys, sorted keys, any unknown keys are entered as a comment with the English value.
|
14 سال پیش |
Luke Taylor
|
95b416b0e7
SEC-1660: Minor addition to FAQ text.
|
14 سال پیش |
Luke Taylor
|
b542c73907
SEC-1660: Updated FAQ to explain that session-fixation protection may cause problems if switching between HTTP and HTTPS, and also updated information to advise against switching in the first place.
|
14 سال پیش |
Luke Taylor
|
6b1b012e2c
Added check for maximum AES key size in crypto.gradle to skip tests if limited strength crypto policy files are in place.
|
14 سال پیش |
Luke Taylor
|
594f6694bb
Add logging of jdk version to crypto build file
|
14 سال پیش |
Luke Taylor
|
d686f64f26
Skip EncryptorsTests when using <JDK 1.6 as AES isn't available
|
14 سال پیش |
Luke Taylor
|
60befb063a
SEC-1659: Added crypto module to list of project modules in reference manual intro and to dependencies appendix.
|
14 سال پیش |
Luke Taylor
|
162cb64baa
SEC-1659: Label crypto utils package as only for internal use.
|
14 سال پیش |
Keith Donald
|
38327d1b16
SEC-1659: crypto docs
|
14 سال پیش |
Keith Donald
|
b646e44646
SEC-1659: fixed bundlor step of build
|
14 سال پیش |
Keith Donald
|
ea76efdb2c
SEC-1659: favor AES encryption instead of DES as standard symmetric encryption algorithm
|
14 سال پیش |
Keith Donald
|
ffa7301e7f
SEC-1569: initial commit of spring-security-crypto module, consisting of encrypt, keygen, password, and util packages
|
14 سال پیش |
Luke Taylor
|
afd586c96e
Re-instate the CAS integration sequence description in the CAS chapter, with corrections (and minus proxying).
|
14 سال پیش |