Commit Graph

199 Commits

Author SHA1 Message Date
Ben Alex
e08e66dec6 Refactor SecurityContextHolder to return a SecurityContext instead of Authentication. 2005-05-08 23:42:14 +00:00
Ben Alex
6a9abe5d90 Remove ContextHolder and introduce SecurityContext. 2005-05-07 09:11:37 +00:00
Ray Krueger
47989c11bd HttpSessionEventPublisher now verifies that the ApplicationContext is not null 2005-05-02 20:31:18 +00:00
Ray Krueger
54ccbf5617 The SecurityEnforcementFilter was forced to catch Throwable by the FilterInvocation.invoke(...) method. Therefore it was wrapping the throwable in ServletException, which left it wrapping SevletException and IOException in ServletException. 2005-04-29 02:53:02 +00:00
Ray Krueger
2c23c75f91 SecureContextLoginModule as requested from list with Test 2005-04-27 04:47:41 +00:00
Ray Krueger
6f286e2054 AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name 2005-04-27 03:39:06 +00:00
Luke Taylor
c29a5731be Moved credential expiry checking after password check. If the wrong password is presented, BadCredentialsException will now be thrown even if the password has expired. 2005-04-25 23:11:12 +00:00
Ben Alex
4e1649c2b7 Fix NullPointerException caused by unit tests. 2005-04-20 12:39:14 +00:00
Luke Taylor
ee32874308 Added X509 EhCache tests and fixed glaring bug in X509 EhCache implementation. 2005-04-17 22:18:01 +00:00
Ray Krueger
ec80ae22c1 Templated out event publishing. Added getApplicationContext(). Fixed javadoc formatting 2005-04-17 14:13:13 +00:00
Luke Taylor
3d4f8eed31 Refactoring to use Spring mock web classes. 2005-04-11 01:07:04 +00:00
Luke Taylor
d6f2b136ec Refactored to use Spring mock classes. 2005-04-09 23:37:18 +00:00
Luke Taylor
458a2c9e39 Refactored to use Spring mock classes. 2005-04-09 23:24:22 +00:00
Luke Taylor
021abb7369 Added check for "path parameters" to ensure the filterProcessesUrl matches rewritten URLs with a jsessionid included. Refactored property checking to use Spring Assert class. 2005-04-09 22:50:06 +00:00
Luke Taylor
eaa5feb5f8 Refactored to use Spring mock objects for HttpRequest etc. 2005-04-09 21:48:47 +00:00
Ray Krueger
9649003d57 AbstractProcessingFilter no longer uses a set*FailureUrl approach for every exception, it now uses a properties object that maps authenticationExceptions to failure urls 2005-03-28 17:42:21 +00:00
Ben Alex
798ebb1a3d Correct NullPointerException as fixture missing an ApplicationContext and attempting to publish an event. 2005-03-27 08:40:09 +00:00
Ray Krueger
10c1926385 Added the ConcurrentSessionViolationEvent that will be published by the ConcurrentSessionControllerImpl before throwing the ConcurrentSessionViolationException 2005-03-25 00:53:46 +00:00
Ben Alex
9f66c0eae9 Update to current Spring JAR dependencies. 2005-03-22 11:17:22 +00:00
Ben Alex
c936801842 DigestProcessingFilter now provides userCache getter and setter. 2005-03-21 08:03:11 +00:00
Ben Alex
0530351f0d Provide toString() method on User. 2005-03-21 05:33:51 +00:00
Ben Alex
a2b9da7e22 StringSplitUtils.split() ignored delimiter argument. 2005-03-21 05:14:48 +00:00
Ben Alex
6f31ecb04b UserDetails now indicates locked accounts. 2005-03-21 03:22:59 +00:00
Luke Taylor
918fc7c15a License header added. 2005-03-18 01:00:36 +00:00
Luke Taylor
2a6c68deb6 Entry point tests 2005-03-18 00:52:23 +00:00
Luke Taylor
8592e3bcbf Added tearDown method which resets the Context to null 2005-03-18 00:45:48 +00:00
Luke Taylor
04366d2b12 Corrected Javadoc 2005-03-18 00:33:30 +00:00
Ben Alex
748f427a80 Prove SecureContextImpl.equals works as we want it to, in light of HttpSessionContextIntegrationFilter's attempts to avoid unnecessary HttpSession creation. 2005-03-17 23:35:29 +00:00
Ben Alex
52c42a7a40 Corrected Authz parsing of whitespace in GrantedAuthoritys. Contributed by Francois Beausoleil. 2005-03-14 06:09:33 +00:00
Ray Krueger
632617f693 Test that the ConcurrentSessioncontrollerImpl implements ApplicationListener. This is critical and was left out once. 2005-03-13 22:35:17 +00:00
Ray Krueger
169449bf24 In response to: http://forum.springframework.org/viewtopic.php?t=3874
JaasAuthenticationProvider now checks that the java.security.auth.login.config is null before attempting to use it.

Also, The loginConfig resource is attempted as a file first as spaces in the path name can cause FileNotFoundExceptions for URLs
2005-03-13 22:26:56 +00:00
Luke Taylor
f594fdf751 Tidying and tests to bring Dao populator up to full coverage. 2005-03-12 21:56:04 +00:00
Luke Taylor
76f868c777 More tests. 2005-03-12 21:27:22 +00:00
Luke Taylor
9f62da7d1c Better test method names. 2005-03-12 21:20:43 +00:00
Luke Taylor
0a4fc1731a Tests added to bring X509ProcessingFilter up to full coverage. 2005-03-12 20:47:58 +00:00
Luke Taylor
5d1cd29dfb Added tearDown method which resets the context to null to prevent occasional breaking of other test classes. 2005-03-12 13:44:00 +00:00
Luke Taylor
f578915728 Test class for X509 filter. 2005-03-11 17:42:39 +00:00
Luke Taylor
29050b29b2 Dao populator tests for X.509. Tests matching of regexps in the certificate Subject to extract the user name. 2005-03-11 02:08:07 +00:00
Ben Alex
b898b87ffb Enhance test coverage as part of diagnosis of reported bug at http://forum.springframework.org/viewtopic.php?p=15751. 2005-03-10 11:39:32 +00:00
Luke Taylor
ae91b58685 First stab at X509 authentication provider 2005-03-09 02:14:30 +00:00
Ben Alex
f1e071b0f1 Added remember-me services. 2005-03-01 02:30:38 +00:00
Ben Alex
d47a2190f7 Correct test failure on high performance JREs. 2005-02-27 07:16:38 +00:00
Ray Krueger
44397bb05d Committing ConcurrentSessionController feature and tests. Documentation is needed. 2005-02-26 21:48:07 +00:00
Ray Krueger
4125db5650 Added in a default constructor to use the original sessionid and a constructor for specifying the sessionId 2005-02-25 05:24:10 +00:00
Ben Alex
693ac5a24a Anonymous principal support. As requested by the community at various times, including in http://forum.springframework.org/viewtopic.php?t=1925. 2005-02-23 06:09:56 +00:00
Ray Krueger
3c4faf58c7 HttpSessionEventPublisher, HttpSessionCreatedEvent, HttpSessionDestroyedEvent
Used together to provide published events in the ApplicationContext about HttpSessions.

Useful for things like Single Session logins.
2005-02-23 02:54:41 +00:00
Ray Krueger
8b24b1cf7a MockFilterChain extended TestCase but had no public constructor and no test methods.
The expectedToProceed test is internally handled by a static call to TestCase.assertTrue() and TestCase.fail()
2005-02-23 02:47:31 +00:00
Ben Alex
a3818184f4 Added Digest Authentication support (RFC 2617 and RFC 2069). 2005-02-22 06:14:44 +00:00
Ben Alex
dda66a0454 Significantly refactor "well-known location model" to authentication processing mechanism and HttpSessionContextIntegrationFilter model. 2005-02-21 06:48:31 +00:00
Ben Alex
ba02d45677 Clean up imports. 2005-02-21 06:34:16 +00:00