Ben Alex
e08e66dec6
Refactor SecurityContextHolder to return a SecurityContext instead of Authentication.
2005-05-08 23:42:14 +00:00
Ben Alex
6a9abe5d90
Remove ContextHolder and introduce SecurityContext.
2005-05-07 09:11:37 +00:00
Ray Krueger
47989c11bd
HttpSessionEventPublisher now verifies that the ApplicationContext is not null
2005-05-02 20:31:18 +00:00
Ray Krueger
54ccbf5617
The SecurityEnforcementFilter was forced to catch Throwable by the FilterInvocation.invoke(...) method. Therefore it was wrapping the throwable in ServletException, which left it wrapping SevletException and IOException in ServletException.
2005-04-29 02:53:02 +00:00
Ray Krueger
2c23c75f91
SecureContextLoginModule as requested from list with Test
2005-04-27 04:47:41 +00:00
Ray Krueger
6f286e2054
AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name
2005-04-27 03:39:06 +00:00
Luke Taylor
c29a5731be
Moved credential expiry checking after password check. If the wrong password is presented, BadCredentialsException will now be thrown even if the password has expired.
2005-04-25 23:11:12 +00:00
Ben Alex
4e1649c2b7
Fix NullPointerException caused by unit tests.
2005-04-20 12:39:14 +00:00
Luke Taylor
ee32874308
Added X509 EhCache tests and fixed glaring bug in X509 EhCache implementation.
2005-04-17 22:18:01 +00:00
Ray Krueger
ec80ae22c1
Templated out event publishing. Added getApplicationContext(). Fixed javadoc formatting
2005-04-17 14:13:13 +00:00
Luke Taylor
3d4f8eed31
Refactoring to use Spring mock web classes.
2005-04-11 01:07:04 +00:00
Luke Taylor
d6f2b136ec
Refactored to use Spring mock classes.
2005-04-09 23:37:18 +00:00
Luke Taylor
458a2c9e39
Refactored to use Spring mock classes.
2005-04-09 23:24:22 +00:00
Luke Taylor
021abb7369
Added check for "path parameters" to ensure the filterProcessesUrl matches rewritten URLs with a jsessionid included. Refactored property checking to use Spring Assert class.
2005-04-09 22:50:06 +00:00
Luke Taylor
eaa5feb5f8
Refactored to use Spring mock objects for HttpRequest etc.
2005-04-09 21:48:47 +00:00
Ray Krueger
9649003d57
AbstractProcessingFilter no longer uses a set*FailureUrl approach for every exception, it now uses a properties object that maps authenticationExceptions to failure urls
2005-03-28 17:42:21 +00:00
Ben Alex
798ebb1a3d
Correct NullPointerException as fixture missing an ApplicationContext and attempting to publish an event.
2005-03-27 08:40:09 +00:00
Ray Krueger
10c1926385
Added the ConcurrentSessionViolationEvent that will be published by the ConcurrentSessionControllerImpl before throwing the ConcurrentSessionViolationException
2005-03-25 00:53:46 +00:00
Ben Alex
9f66c0eae9
Update to current Spring JAR dependencies.
2005-03-22 11:17:22 +00:00
Ben Alex
c936801842
DigestProcessingFilter now provides userCache getter and setter.
2005-03-21 08:03:11 +00:00
Ben Alex
0530351f0d
Provide toString() method on User.
2005-03-21 05:33:51 +00:00
Ben Alex
a2b9da7e22
StringSplitUtils.split() ignored delimiter argument.
2005-03-21 05:14:48 +00:00
Ben Alex
6f31ecb04b
UserDetails now indicates locked accounts.
2005-03-21 03:22:59 +00:00
Luke Taylor
918fc7c15a
License header added.
2005-03-18 01:00:36 +00:00
Luke Taylor
2a6c68deb6
Entry point tests
2005-03-18 00:52:23 +00:00
Luke Taylor
8592e3bcbf
Added tearDown method which resets the Context to null
2005-03-18 00:45:48 +00:00
Luke Taylor
04366d2b12
Corrected Javadoc
2005-03-18 00:33:30 +00:00
Ben Alex
748f427a80
Prove SecureContextImpl.equals works as we want it to, in light of HttpSessionContextIntegrationFilter's attempts to avoid unnecessary HttpSession creation.
2005-03-17 23:35:29 +00:00
Ben Alex
52c42a7a40
Corrected Authz parsing of whitespace in GrantedAuthoritys. Contributed by Francois Beausoleil.
2005-03-14 06:09:33 +00:00
Ray Krueger
632617f693
Test that the ConcurrentSessioncontrollerImpl implements ApplicationListener. This is critical and was left out once.
2005-03-13 22:35:17 +00:00
Ray Krueger
169449bf24
In response to: http://forum.springframework.org/viewtopic.php?t=3874
...
JaasAuthenticationProvider now checks that the java.security.auth.login.config is null before attempting to use it.
Also, The loginConfig resource is attempted as a file first as spaces in the path name can cause FileNotFoundExceptions for URLs
2005-03-13 22:26:56 +00:00
Luke Taylor
f594fdf751
Tidying and tests to bring Dao populator up to full coverage.
2005-03-12 21:56:04 +00:00
Luke Taylor
76f868c777
More tests.
2005-03-12 21:27:22 +00:00
Luke Taylor
9f62da7d1c
Better test method names.
2005-03-12 21:20:43 +00:00
Luke Taylor
0a4fc1731a
Tests added to bring X509ProcessingFilter up to full coverage.
2005-03-12 20:47:58 +00:00
Luke Taylor
5d1cd29dfb
Added tearDown method which resets the context to null to prevent occasional breaking of other test classes.
2005-03-12 13:44:00 +00:00
Luke Taylor
f578915728
Test class for X509 filter.
2005-03-11 17:42:39 +00:00
Luke Taylor
29050b29b2
Dao populator tests for X.509. Tests matching of regexps in the certificate Subject to extract the user name.
2005-03-11 02:08:07 +00:00
Ben Alex
b898b87ffb
Enhance test coverage as part of diagnosis of reported bug at http://forum.springframework.org/viewtopic.php?p=15751 .
2005-03-10 11:39:32 +00:00
Luke Taylor
ae91b58685
First stab at X509 authentication provider
2005-03-09 02:14:30 +00:00
Ben Alex
f1e071b0f1
Added remember-me services.
2005-03-01 02:30:38 +00:00
Ben Alex
d47a2190f7
Correct test failure on high performance JREs.
2005-02-27 07:16:38 +00:00
Ray Krueger
44397bb05d
Committing ConcurrentSessionController feature and tests. Documentation is needed.
2005-02-26 21:48:07 +00:00
Ray Krueger
4125db5650
Added in a default constructor to use the original sessionid and a constructor for specifying the sessionId
2005-02-25 05:24:10 +00:00
Ben Alex
693ac5a24a
Anonymous principal support. As requested by the community at various times, including in http://forum.springframework.org/viewtopic.php?t=1925 .
2005-02-23 06:09:56 +00:00
Ray Krueger
3c4faf58c7
HttpSessionEventPublisher, HttpSessionCreatedEvent, HttpSessionDestroyedEvent
...
Used together to provide published events in the ApplicationContext about HttpSessions.
Useful for things like Single Session logins.
2005-02-23 02:54:41 +00:00
Ray Krueger
8b24b1cf7a
MockFilterChain extended TestCase but had no public constructor and no test methods.
...
The expectedToProceed test is internally handled by a static call to TestCase.assertTrue() and TestCase.fail()
2005-02-23 02:47:31 +00:00
Ben Alex
a3818184f4
Added Digest Authentication support (RFC 2617 and RFC 2069).
2005-02-22 06:14:44 +00:00
Ben Alex
dda66a0454
Significantly refactor "well-known location model" to authentication processing mechanism and HttpSessionContextIntegrationFilter model.
2005-02-21 06:48:31 +00:00
Ben Alex
ba02d45677
Clean up imports.
2005-02-21 06:34:16 +00:00