Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-17 10:41:06 +01:00
Code Issues Packages Projects Releases Activity
9,267 Commits 32 Branches 207 Tags
e8074e7f7eb79b09d2bdd39b63404e51a7a7f88a
Commit Graph

244 Commits

Author SHA1 Message Date
René Pfeuffer
1cc5368db4 Use generated string for shiro permission 2018-10-01 16:16:44 +02:00
René Pfeuffer
e28f30fbea Change correct filter for security 2018-09-28 15:55:42 +02:00
René Pfeuffer
ed9b10b86f Permit unathenticated index access 2018-09-28 14:40:26 +02:00
René Pfeuffer
357ccc7ddb Introduce index resource with first links 2018-09-26 17:00:13 +02:00
René Pfeuffer
9aa9b77922 Use constant for rest api path 2018-09-12 12:24:57 +02:00
Sebastian Sdorra
c1123810fc merge with feature/ui-extensions branch 2018-08-30 12:15:17 +02:00
Sebastian Sdorra
53ff215330 merge with 2.0.0-m3 branch 2018-08-30 11:28:26 +02:00
René Pfeuffer
f5600f60fb Merge with 2.0.0-m3 2018-08-30 10:04:06 +02:00
Sebastian Sdorra
9e8bd299f0 fix cookie path, if scm-manager runs with context path / 2018-08-23 08:24:19 +02:00
Mohamed Karray
8c128127de #8771 implement integration tests 2018-08-22 09:18:17 +02:00
René Pfeuffer
a0f74e3329 Replace model object exception with generic ones and migrate guice 2018-08-21 07:53:33 +02:00
Sebastian Sdorra
0b03372ff9 merge with 2.0.0-m3 to have jenkins and sonarqube 2018-07-23 15:36:10 +02:00
Sebastian Sdorra
1e37dfb3a7 use subscribe annotation of legman instead of guava eventbus 2018-07-16 11:26:00 +02:00
Maren Süwer
3cc87ede73 add restentpoint for login/logout, restructuring of modules and components, add flow usage 2018-07-04 16:43:46 +02:00
Eduard Heimbuch
2ec98c2763 remove repository public flag 2019-11-19 14:04:47 +01:00
Sebastian Sdorra
aec3d5d65d merge with branch 1.x 2017-06-25 19:01:33 +02:00
Sebastian Sdorra
a6120f0b16 rename SessionStore to CredentialsStore 2017-02-26 14:54:01 +01:00
Sebastian Sdorra
402d2cfdb7 #781 added missing unit tests for authentication related classes 2017-02-26 14:28:00 +01:00
Sebastian Sdorra
acc3ff791b #781 process all kinds authorization relevant event and produce AuthorizationChangedEvent 2017-02-26 13:19:35 +01:00
Sebastian Sdorra
b6a49570cf refactor AuthenticationInfoCollector 2017-02-17 23:06:05 +01:00
Sebastian Sdorra
e0e765eaa3 start refactoring of ScmRealm to simplify shiro cache integration 2017-02-17 21:36:52 +01:00
Sebastian Sdorra
731337f2ab created adapter between scm and shiro caches, see issue #781 2017-02-16 22:15:36 +01:00
Sebastian Sdorra
dcf62ae991 added resolver to simplify parsing and validating of access tokens 2017-01-17 17:22:55 +01:00
Sebastian Sdorra
5738fa2d66 redesign bearer tokens 2017-01-17 15:54:32 +01:00
Sebastian Sdorra
70d5942250 token enricher should use new access token api 2017-01-17 15:33:19 +01:00
Sebastian Sdorra
2388cfd35d create a more flexible interface for the creation of access tokens 
Provide a AccessTokenBuilderFactory to simplify the creation of access tokens and a default implementation which is based on JWT. Added also an AccessTokenCookieIssuer to unify the creation of access token cookies. Removed old BearerTokenGenerator.
 2017-01-17 14:40:50 +01:00
Sebastian Sdorra
e7d6f50fd9 implement token scopes, scopes can be used to issue a token which is only suitable for a single or set explicit actions 2017-01-16 15:04:44 +01:00
Sebastian Sdorra
df6d9dacf8 implement LoginAttemptHandler for scm-manager 2 2017-01-15 20:27:06 +01:00
Sebastian Sdorra
3536c29908 added DAORealmHelperFactory to simplify the creation of dao based realms 2017-01-15 12:50:29 +01:00
Sebastian Sdorra
76384de26f enabled xsrf be default and remove claim prefix to reduce size 2017-01-14 18:26:11 +01:00
Sebastian Sdorra
ba11ed1a0f added missing unit tests for xsrf related classes 2017-01-13 06:59:44 +01:00
Sebastian Sdorra
4e62f9552a re implement xsrf protection for scm-manager 2.0.0 2017-01-12 22:16:14 +01:00
Sebastian Sdorra
46d8b58810 introduce TokenClaimsEnricher and TokenClaimsValidator api 2017-01-12 22:04:19 +01:00
Sebastian Sdorra
bad99919f4 merge with branch 1.x 2017-01-12 19:50:39 +01:00
Sebastian Sdorra
7ef8e1ebd5 removed unnecessary log level check 2016-06-28 12:06:02 +02:00
Sebastian Sdorra
f8133f4c6b improve logging 2016-06-28 11:32:30 +02:00
Sebastian Sdorra
1529ef99d7 log authorization summary to trace level 2016-06-28 10:54:14 +02:00
Sebastian Sdorra
5433317692 improve logging of AuthorizationCollector 2016-06-28 10:26:01 +02:00
Sebastian Sdorra
353e4c4f7b removed duplicate clear cache log message 2016-06-28 10:15:59 +02:00
Sebastian Sdorra
9dc1c6fd8e improve cache invalidation on group events 2016-06-26 15:03:28 +02:00
Sebastian Sdorra
89660e8ac3 improve cache invalidation on permission change events 2016-06-26 12:53:41 +02:00
Sebastian Sdorra
7bc793ecd5 improve javadoc 2016-06-26 12:44:13 +02:00
Sebastian Sdorra
a592484f0f improve cache invalidation on repository events 2016-06-26 12:41:00 +02:00
Sebastian Sdorra
6428245506 improve cache invalidation on user events 2016-06-26 12:20:32 +02:00
Sebastian Sdorra
7873cd556d improve trace logging of AuthorizationCollector 2016-06-24 19:32:45 +02:00
Sebastian Sdorra
f5e4f4ae71 fix typo in log message 2016-06-23 14:07:12 +02:00
Sebastian Sdorra
652b98f53c #793 added configuration parameter to enable/disable xsrf protection. The protection is disabled by default until it is battle tested. 2016-05-24 21:12:09 +02:00
Sebastian Sdorra
488d4e3323 implemented xsrf protection, see issue #793 2016-01-23 22:02:25 +01:00
Sebastian Sdorra
6dd765e3be start implementation of repository permissions 2015-07-09 20:29:07 +02:00
Sebastian Sdorra
ab1b91e1c5 fix authentication on api requests 2015-03-26 21:07:28 +01:00