Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-15 09:46:16 +01:00
Code Issues Packages Projects Releases Activity
4,777 Commits 32 Branches 207 Tags
35231fb20201eecf70fba1f2c7c90eace65eb2e1
Commit Graph

132 Commits

Author SHA1 Message Date
Sebastian Sdorra
0b03372ff9 merge with 2.0.0-m3 to have jenkins and sonarqube 2018-07-23 15:36:10 +02:00
Sebastian Sdorra
1e37dfb3a7 use subscribe annotation of legman instead of guava eventbus 2018-07-16 11:26:00 +02:00
Maren Süwer
3cc87ede73 add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00
Sebastian Sdorra
aec3d5d65d merge with branch 1.x 2017-06-25 19:01:33 +02:00
Sebastian Sdorra
a6120f0b16 rename SessionStore to CredentialsStore 2017-02-26 14:54:01 +01:00
Sebastian Sdorra
402d2cfdb7 #781 added missing unit tests for authentication related classes 2017-02-26 14:28:00 +01:00
Sebastian Sdorra
acc3ff791b #781 process all kinds authorization relevant event and produce AuthorizationChangedEvent 2017-02-26 13:19:35 +01:00
Sebastian Sdorra
b6a49570cf refactor AuthenticationInfoCollector 2017-02-17 23:06:05 +01:00
Sebastian Sdorra
e0e765eaa3 start refactoring of ScmRealm to simplify shiro cache integration 2017-02-17 21:36:52 +01:00
Sebastian Sdorra
731337f2ab created adapter between scm and shiro caches, see issue #781 2017-02-16 22:15:36 +01:00
Sebastian Sdorra
dcf62ae991 added resolver to simplify parsing and validating of access tokens 2017-01-17 17:22:55 +01:00
Sebastian Sdorra
5738fa2d66 redesign bearer tokens 2017-01-17 15:54:32 +01:00
Sebastian Sdorra
70d5942250 token enricher should use new access token api 2017-01-17 15:33:19 +01:00
Sebastian Sdorra
2388cfd35d create a more flexible interface for the creation of access tokens 
Provide a AccessTokenBuilderFactory to simplify the creation of access tokens and a default implementation which is based on JWT. Added also an AccessTokenCookieIssuer to unify the creation of access token cookies. Removed old BearerTokenGenerator.
 2017-01-17 14:40:50 +01:00
Sebastian Sdorra
e7d6f50fd9 implement token scopes, scopes can be used to issue a token which is only suitable for a single or set explicit actions 2017-01-16 15:04:44 +01:00
Sebastian Sdorra
df6d9dacf8 implement LoginAttemptHandler for scm-manager 2 2017-01-15 20:27:06 +01:00
Sebastian Sdorra
3536c29908 added DAORealmHelperFactory to simplify the creation of dao based realms 2017-01-15 12:50:29 +01:00
Sebastian Sdorra
76384de26f enabled xsrf be default and remove claim prefix to reduce size 2017-01-14 18:26:11 +01:00
Sebastian Sdorra
ba11ed1a0f added missing unit tests for xsrf related classes 2017-01-13 06:59:44 +01:00
Sebastian Sdorra
4e62f9552a re implement xsrf protection for scm-manager 2.0.0 2017-01-12 22:16:14 +01:00
Sebastian Sdorra
46d8b58810 introduce TokenClaimsEnricher and TokenClaimsValidator api 2017-01-12 22:04:19 +01:00
Sebastian Sdorra
bad99919f4 merge with branch 1.x 2017-01-12 19:50:39 +01:00
Sebastian Sdorra
7ef8e1ebd5 removed unnecessary log level check 2016-06-28 12:06:02 +02:00
Sebastian Sdorra
f8133f4c6b improve logging 2016-06-28 11:32:30 +02:00
Sebastian Sdorra
1529ef99d7 log authorization summary to trace level 2016-06-28 10:54:14 +02:00
Sebastian Sdorra
5433317692 improve logging of AuthorizationCollector 2016-06-28 10:26:01 +02:00
Sebastian Sdorra
353e4c4f7b removed duplicate clear cache log message 2016-06-28 10:15:59 +02:00
Sebastian Sdorra
9dc1c6fd8e improve cache invalidation on group events 2016-06-26 15:03:28 +02:00
Sebastian Sdorra
89660e8ac3 improve cache invalidation on permission change events 2016-06-26 12:53:41 +02:00
Sebastian Sdorra
7bc793ecd5 improve javadoc 2016-06-26 12:44:13 +02:00
Sebastian Sdorra
a592484f0f improve cache invalidation on repository events 2016-06-26 12:41:00 +02:00
Sebastian Sdorra
6428245506 improve cache invalidation on user events 2016-06-26 12:20:32 +02:00
Sebastian Sdorra
7873cd556d improve trace logging of AuthorizationCollector 2016-06-24 19:32:45 +02:00
Sebastian Sdorra
f5e4f4ae71 fix typo in log message 2016-06-23 14:07:12 +02:00
Sebastian Sdorra
652b98f53c #793 added configuration parameter to enable/disable xsrf protection. The protection is disabled by default until it is battle tested. 2016-05-24 21:12:09 +02:00
Sebastian Sdorra
488d4e3323 implemented xsrf protection, see issue #793 2016-01-23 22:02:25 +01:00
Sebastian Sdorra
6dd765e3be start implementation of repository permissions 2015-07-09 20:29:07 +02:00
Sebastian Sdorra
ab1b91e1c5 fix authentication on api requests 2015-03-26 21:07:28 +01:00
Sebastian Sdorra
9add730143 fix UnsupportedOperationException on logout 2015-03-21 17:19:06 +01:00
Sebastian Sdorra
fd683dd6b4 disable apache shiro remember me function 2015-03-21 17:03:23 +01:00
Sebastian Sdorra
3525346adb set 10 hours for token max age 2015-03-21 15:58:31 +01:00
Sebastian Sdorra
325ca0c795 added restful endpoint for jwt authentication 2015-03-15 11:40:29 +01:00
Sebastian Sdorra
2029166b03 start implementation of jwt based authentication 2015-02-21 15:58:13 +01:00
Sebastian Sdorra
ccbecbff34 use classloaders util class 2014-12-20 14:24:49 +01:00
Sebastian Sdorra
28aa1137f0 added legacy plugin to support scm-manager 1.x password hashes 2014-12-20 11:33:03 +01:00
Sebastian Sdorra
866ce1e836 added extension point for shiro realms 2014-12-19 17:52:44 +01:00
Sebastian Sdorra
4fa8e6e88a replace scm-manager 1.x security api with apache shiro and use PasswordService for stronger password hashes 2014-12-14 12:26:03 +01:00
Sebastian Sdorra
f1a0435014 merge with branch 1.x 2014-08-15 23:53:31 +02:00
Sebastian Sdorra
75a539367e improve error handling of permission system 2014-06-07 15:11:48 +02:00
Sebastian Sdorra
ffc12f2fa1 merge changes from branch 1.x 2014-02-18 21:25:29 +01:00