Sebastian Sdorra
42ab81cf50
implement ui client session id
...
This changeset introduces a client side session id, which is generated
once by the client (ui: apiClient) and is send with each request to server.
The server makes the session id available by the PrincipalCollection of the
subject.
2019-11-13 14:03:48 +01:00
Eduard Heimbuch
442aacbcdb
remove GroupNames and ExternalGroupNames in favor of GroupCollector
2019-08-02 09:32:44 +02:00
Sebastian Sdorra
7c6bfdaaac
removes admin role
2019-03-21 10:46:11 +01:00
Sebastian Sdorra
4ffdde6417
fixes AdministrationContext with user admin flag
2019-03-13 12:12:06 +01:00
Sebastian Sdorra
4fa8e6e88a
replace scm-manager 1.x security api with apache shiro and use PasswordService for stronger password hashes
2014-12-14 12:26:03 +01:00
Sebastian Sdorra
ded786209d
do not use subject run as for administration context, because it could affect other threads
2014-04-24 08:58:59 +02:00
Sebastian Sdorra
2e7e4c457a
improve remember me
2013-04-24 08:33:32 +02:00
Sebastian Sdorra
a90cd565f3
use version 1.2.1-scm1 of apache shiro to fix issue #331
2013-02-08 17:23:17 +01:00
Sebastian Sdorra
b66ae705c2
fix privileged action is not executed, if the user is already an admin
2013-01-12 13:14:11 +01:00
Sebastian Sdorra
a299183ba1
fix IllegalArgumentException with nested privileged actions
2012-12-17 15:54:16 +01:00
Sebastian Sdorra
50ce50ca1b
allow execution of administration tasks without an active http session
2012-10-06 18:56:30 +02:00
Sebastian Sdorra
e89195f6db
improve security of administration context
2012-10-06 18:35:09 +02:00
Sebastian Sdorra
65826e749e
implement administration context with apache shiro
2012-08-30 16:49:46 +02:00
Sebastian Sdorra
b8d5abdd45
added missing license headers for scm-webapp
2011-10-07 09:28:41 +02:00
Sebastian Sdorra
9d29df882b
added runAsAdmin api
2011-07-30 11:25:57 +02:00
