Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.7.x #536

Closed
wants to merge 100 commits into from
Closed

1.7.x #536

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
100 commits
Select commit Hold shift + click to select a range
5fe175d
Support service provider authorization
cubasuarez Dec 17, 2014
45432e8
Implementation to Authorize in SP
cubasuarez Dec 17, 2014
a3b5473
Added notes about future support and updated download link.
hazendaz Jan 3, 2015
228ab00
updated release date in release notes.
hazendaz Jan 3, 2015
fe7ad88
Update spring 3 and 4.
hazendaz Jan 3, 2015
7b66791
Exclude commons logging
hazendaz Jan 4, 2015
7ed45ad
Pom updates
hazendaz Jan 5, 2015
9ecdaf0
Added support for Spring security 3 and 4
Jan 9, 2015
0803b78
Updated changelog and referenced issue
Jan 9, 2015
b9cf447
first draft of documentation
Jan 9, 2015
c983f1b
[WIP] - documentation
Jan 9, 2015
d73ec87
[WIP] - documentation
Jan 9, 2015
f853951
Update dependencies and owasp report
hazendaz Jan 10, 2015
2de27c1
Add missing javadocs
hazendaz Jan 11, 2015
4c54314
Update copyright to 2015
hazendaz Jan 11, 2015
46a1d16
Slightly faster maven build - some cases and war update.
hazendaz Jan 16, 2015
b812f46
Remove duplicate managed plugin.
hazendaz Jan 16, 2015
0618ee3
Fix waffle-jna dependency in demo
hazendaz Jan 16, 2015
461ba6e
Updated tomcat 8
hazendaz Jan 16, 2015
6d36ac5
For the Tomcat 8 MixedAuthenticator, a dummy LoginConfig object was
rripley Jan 21, 2015
7710523
Update changelog for 1.7.4 release
hazendaz Jan 22, 2015
705d3ce
Merge pull request #212 from hazendaz/1.7.x
hazendaz May 13, 2015
d476eae
Fixed unit tests for class MixedAuthenticatorTests and module tomcat8
Jan 27, 2015
631c89d
Updated Jetty
hazendaz Jan 25, 2015
6e5b601
Updated site readme
hazendaz Feb 1, 2015
812cd9d
minor code cleanup
hazendaz Feb 1, 2015
ffbe11d
Update copywrite year in pom.
hazendaz Feb 1, 2015
dae1c8d
Replace catch-exception with fluent-exception-rule
hazendaz Feb 1, 2015
c5baf2a
Updated maven-dependency-plugin
hazendaz Feb 1, 2015
257996b
Update waffle-tests mockito to 1.10.19
hazendaz Feb 1, 2015
1852309
Updated maven-enforcer-plugin
hazendaz Feb 1, 2015
41f8432
Updated maven-gpg-plugin
hazendaz Feb 1, 2015
eee9c57
Updated license-maven-plugin
hazendaz Feb 1, 2015
e80227d
Updated org.eclipse.jgit
hazendaz Feb 1, 2015
897f91d
Update tomcat 8 to 8.0.18
hazendaz Feb 1, 2015
5e12428
update plugins
hazendaz Feb 8, 2015
bb6ce88
update to tomcat 7.0.59
hazendaz Feb 8, 2015
cb320e7
Format pom and move m2e setting into profile
hazendaz Feb 8, 2015
2d49eca
Fix copyright in pom
hazendaz Feb 15, 2015
04c8769
Updated tidy plugin
hazendaz Feb 20, 2015
80a60dc
Update plugins
hazendaz Mar 22, 2015
254a021
Update jmockit to 1.16
hazendaz Mar 22, 2015
8832030
Update jetty and ecj
hazendaz Mar 22, 2015
52e6729
Update spring security3 to 3.2.6
hazendaz Mar 22, 2015
5056433
Update spring 4
hazendaz Mar 22, 2015
c5fb897
Update tomcat 8
hazendaz Mar 22, 2015
9c68bd3
Updated jgit and jsch
hazendaz Mar 22, 2015
e846fa2
Enforce maven 3.2.3 as minimum version
hazendaz Mar 30, 2015
a2ff6bf
Oops - get all of maven 3.2.3 enforcement.
hazendaz Mar 30, 2015
0cc3821
Update slf4j to 1.7.11
hazendaz Mar 30, 2015
6890217
Update plugin items
hazendaz Mar 30, 2015
ff086dc
[issue #203] Catch Win32Exception and make 401
hazendaz Mar 31, 2015
8a85f23
Cleanup change log
hazendaz Apr 1, 2015
dc104b0
Update 3rd parties including official spring-security 4
hazendaz Apr 11, 2015
fca7b6c
Remove fluent exception rule for native assertj
hazendaz Apr 11, 2015
63d6c9f
Remove spring from third party
hazendaz Apr 11, 2015
a98bb62
Added change log about break
hazendaz Apr 11, 2015
fe6780f
Updated yml file without jdk 6 or spring
hazendaz Apr 11, 2015
4555b58
Update wix to 3.9 R2
hazendaz Apr 12, 2015
1337c75
Update dependencies
hazendaz Apr 13, 2015
57ba68e
Use ${project.version} throughout.
hazendaz May 2, 2015
68bb1aa
Update to spring security 4.0.1
hazendaz May 2, 2015
03f8479
Update to tomcat 7.0.61
hazendaz May 2, 2015
4553e33
:train: Maven train continues
hazendaz May 2, 2015
3d4e41a
Remove gpg useAgent
hazendaz May 10, 2015
81b66ed
Update fluido skin to 1.4
hazendaz May 10, 2015
e2a4fec
Update tomcat 8 to 8.0.22
hazendaz May 10, 2015
c10dd6c
WaffleINfoServlet cleanup.
hazendaz May 12, 2015
8057cd2
Fix javadoc.
hazendaz May 13, 2015
f58a3ff
Apply tomcat 5 fixes for 401 issues.
hazendaz May 13, 2015
31fe0dd
Update copyright year for spring 2.
hazendaz May 13, 2015
d5e99c0
Add missing import.
hazendaz May 13, 2015
64a0650
Update copyright year for tomcat5.
hazendaz May 13, 2015
5fe528e
Merge pull request #214 from hazendaz/1.7.x
hazendaz May 13, 2015
3f17f92
[maven-release-plugin] prepare release waffle-parent-1.7.4
hazendaz May 14, 2015
303f8cc
[maven-release-plugin] prepare for next development iteration
hazendaz May 14, 2015
edef1bb
[maven-release-plugin] prepare release waffle-parent-1.7.5
hazendaz May 14, 2015
10a273f
[maven-release-plugin] prepare for next development iteration
hazendaz May 14, 2015
a641fa4
Revert "Use ${project.version} throughout."
hazendaz May 14, 2015
ee55e1f
Merge pull request #215 from hazendaz/1.7.x
hazendaz May 14, 2015
cbe68c0
[maven-release-plugin] prepare release waffle-parent-1.7.4
hazendaz May 14, 2015
8a89d37
Resetting me to 1.7.4
hazendaz May 14, 2015
b16d6ac
Merge pull request #216 from hazendaz/1.7.x
hazendaz May 14, 2015
08868e0
fix scm tag to HEAD.
hazendaz May 14, 2015
06f18fa
Merge pull request #217 from hazendaz/1.7.x
hazendaz May 14, 2015
b099472
Fix all the tags to HEAD.
hazendaz May 14, 2015
14a7ef4
Merge pull request #218 from hazendaz/1.7.x
hazendaz May 14, 2015
4caca1a
Fix snapshots.
hazendaz May 14, 2015
2c35135
Merge pull request #219 from hazendaz/1.7.x
hazendaz May 14, 2015
d19dd56
[maven-release-plugin] prepare release waffle-parent-1.7.4
hazendaz May 14, 2015
0233fb2
Merge pull request #239 from Coveo/fix-lsass-handle-leak
hazendaz Sep 10, 2015
fc7d29f
Sonatype parent is deprecated - replace with local items per sonatype
hazendaz Sep 13, 2015
8c21b4d
Apply handle leak fix to tomcat 5
hazendaz Oct 4, 2015
72719f0
Merge pull request #251 from hazendaz/1.7.x
hazendaz Oct 4, 2015
77c19e4
[gitignore] Update gitignore
hazendaz Nov 7, 2015
8bc8590
Merge pull request #288 from hazendaz/1.7.x
hazendaz Nov 7, 2015
a7864b5
Fix build for 1.7.5-SNAPSHOT and update all dependencies/plugins
hazendaz Nov 7, 2015
6f55799
Merge pull request #289 from hazendaz/1.7.x
hazendaz Nov 7, 2015
9031c58
[forced] Prepare for next release 1.7.6-SNAPSHOT
hazendaz Nov 7, 2015
4d51ac0
Merge pull request #290 from hazendaz/1.7.x
hazendaz Nov 7, 2015
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
.idea

Source/Common/GlobalAssemblyInfo.cs
Source/Version/Version.properties
Source/Version/Version.wxi
Expand All @@ -10,8 +12,9 @@ TestResult.xml
Source/JNA/**/.classpath
Source/JNA/**/.settings
Source/JNA/**/.project
Tools
Thumbs.db
Waffle.sln.cache
Waffle.suo
*.csproj.user
.tern-project
.tern-project
4 changes: 1 addition & 3 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ jdk:
- oraclejdk8
- oraclejdk7
- openjdk7
- openjdk6

env:
global:
Expand All @@ -24,11 +23,10 @@ addons:

before_script:
- cd Source/ThirdParty
# sample - mvn install:install-file -Dfile=spring-security/spring-security-core-4.0.0.M2.jar -DgroupId=org.springframework.security -DartifactId=spring-security-core -Dversion=4.0.0.M2 -Dpackaging=jar
- mvn install:install-file -Dfile=tomcat/5.5.36/catalina-5.5.36.jar -DgroupId=tomcat -DartifactId=catalina -Dversion=5.5.36 -Dpackaging=jar
- mvn install:install-file -Dfile=tomcat/5.5.36/servlet-api-5.5.36.jar -DgroupId=tomcat -DartifactId=servlet-api -Dversion=5.5.36 -Dpackaging=jar
- mvn install:install-file -Dfile=tomcat/5.5.36/tomcat-util-5.5.36.jar -DgroupId=tomcat -DartifactId=tomcat-util -Dversion=5.5.36 -Dpackaging=jar
- mvn install:install-file -Dfile=spring-security/spring-security-core-4.0.0.M2.jar -DgroupId=org.springframework.security -DartifactId=spring-security-core -Dversion=4.0.0.M2 -Dpackaging=jar
- mvn install:install-file -Dfile=spring-security/spring-security-web-4.0.0.M2.jar -DgroupId=org.springframework.security -DartifactId=spring-security-web -Dversion=4.0.0.M2 -Dpackaging=jar
- cd ../JNA

script: if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then mvn clean install -DskipTests=true; fi
Expand Down
23 changes: 18 additions & 5 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,21 @@
1.8-SNAPSHOT (in-progress)
==========================
1.7.5 (10/3/2015 - pending)
* [#239](https://github.com/dblock/waffle/pull/239): Fix handle leak in LSASS.exe process.

* In progress release

1.7.3 (in-progress)
1.7.4 (05/12/15)
================
* [#188](https://github.com/dblock/waffle/issues/188): Added support for service provider to authorize the principal.
* [#192](https://github.com/dblock/waffle/pull/192): Fix: Tomcat 8 MixedAuthenticator uses LoginConfig out of context.
* [#206](https://github.com/dblock/waffle/pull/206): Fix issue [#203](https://github.com/dblock/waffle/issues/203)
** Tomcat negotiate filters reporting Win32Error 500 status error instead of 401.
** Related to issue [#107](https://github.com/dblock/waffle/issues/107)
* [#207](https://github.com/dblock/waffle/pull/207): Further refinement of test dependencies and now requires java 7 to compile library.
** At this point, still supports java 6 runtimes.

* Created 1.7.x branch for spring 2 and tomcat 5 continued support for one year. Only complete show stoppers to be addressed there.
* Github gh-pages now built via mvn site plugin.
* We use sfl4j, so use jcl-over-slf4j instead of allowing spring to bring in commons-logging.

1.7.3 (12/21/2014)
===================
* Corrected javadoc issues in shiro package to ensure javadocs build
* Make some package methods private in shiro package
Expand All @@ -18,6 +30,7 @@
Developer note
--------------
* [#164](https://github.com/dblock/waffle/issues/164): Added unit test in waffle-tests using catch-exception test library to verify the condition caught is actually expected.
* [#188](https://github.com/dblock/waffle/issues/188): Added support for service provider to authorize the principal

1.7.1 (11/30/2014 - waffle-jna only)
====================================
Expand Down
3 changes: 1 addition & 2 deletions Docs/SettingUpDevelopmentEnvironment.md
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,7 @@ Download and install MSBuild Community Tasks from [here](https://github.com/lore

### Wix Toolset 3.9

Download and install the Wix toolset, specifically version 3.9 from [here](https://wix.codeplex.com/releases/view/136891).

Download and install the Wix toolset, specifically version 3.9 R2 from [here](https://wix.codeplex.com/releases/view/610859).

Building the Project the First Time
-----------------------------------
Expand Down
61 changes: 61 additions & 0 deletions Docs/spring/DelegatingSpringSecuritySingleSignOnFilter.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
Delegating Spring Security Single-SignOn Filter
====================================

The Waffle Delegating Spring-Security Filter extends the [Spring Security Single-SignOn Filter](https://github.com/dblock/waffle/blob/master/Docs/spring/SpringSecuritySingleSignOnFilter.md) by allowing the application using the filter to inject an additional authenticationmanager to provide authorization to a principal
that is authenticated in towards the active directory in the single sign-on process.

Configuring Spring Security
---------------------------
Configure spring security as is done for [Spring Security Single-SignOn Filter](https://github.com/dblock/waffle/blob/master/Docs/spring/SpringSecuritySingleSignOnFilter.md)

Security Filter Options
-----------------------

The `DelegatingNegotiateSecurityFilter` bean can be configured with the following options in addition to the ones provided by [NegotiateSecurityFilter] (https://github.com/dblock/waffle/blob/master/Docs/spring/SpringSecuritySingleSignOnFilter.md):

* AuthenticationManager: Allows for the service provider to authorize the principal.
* AuthenticationSuccessHandler: Allows for the service provider to further populate the org.springframework.security.core.Authentication object.
* AuthenticationFailureHandler: Called if the AuthenticationManager throws an org.springframework.security.core.AuthenticationException.
* AccessDeniedHandler; Called if the AuthenticationManager throws an org.springframework.security.access.AccessDeniedException.
``` xml

<bean id="waffleNegotiateSecurityFilter"
class="waffle.spring.DelegatingNegotiateSecurityFilter"
scope="tenant">
<property name="allowGuestLogin" value="false" />
<property name="Provider" ref="waffleSecurityFilterProviderCollection" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" />
<property name="authenticationFailureHandler" ref="authenticationFailureHandler" />
<property name="accessDeniedHandler" ref="accessDeniedHandler" />
<property name="defaultGrantedAuthority">
<null />
</property>
</bean>

<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="authenticationProvider" />
</security:authentication-manager>

<bean id="authenticationProvider" class="org.springframework.security.config.authentication.AuthenticationManagerBeanDefinitionParser.NullAuthenticationProvider">

<bean id="authenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/errors/403" />
<property name="useForward" value="true" />
</bean>

<bean id="accessDeniedHandler"
class="org.springframework.security.web.access.AccessDeniedHandlerImpl">
<property name="errorPage" value="/errors/403" />
</bean>

```



Waffle Spring-Security Demo
---------------------------

A demo application can be found in the Waffle distribution in the `Samples\waffle-spring-filter` directory. Copy the entire directory into Tomcat's or Jetty's webapps directory and navigate to http://localhost:8080/waffle-spring-filter/.
2 changes: 1 addition & 1 deletion Docs/spring/SpringSecuritySingleSignOnFilter.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ Spring Security Single-SignOn Filter
====================================

The Waffle Spring-Security Filter implements the Negotiate and Basic protocols with Kerberos and NTLM single sign-on support for web applications that utilize Spring-Security. This allows users to browse to a Windows intranet site without having to re-enter credentials for browsers that support Kerberos or NTLM and to fall back to Basic authentication for those that do not. For more information about Spring-Security see [http://static.springsource.org/spring-security/site/](http://static.springsource.org/spring-security/site/).

NOTE: Also available with delegation to support authentication for the service provider [here] (https://github.com/dblock/waffle/blob/master/Docs/spring/DelegatingSpringSecuritySingleSignOnFilter.md)
Configuring Spring Security
---------------------------

Expand Down
17 changes: 17 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,23 @@ Essentials
* [Older Versions on CodePlex](http://waffle.codeplex.com/).
* [PlatformSDK Security Group](https://groups.google.com/group/microsoft.public.platformsdk.security)

Legacy 1.7.x Branch
-------------------
Waffle will soon see legacy support for various integrations removed. From 1/3/2015 through 1/1/2016 we will continue to support the 1.7.x branch for any bug fixes to
legacy items.

Legacy is defined as...

* Spring 2
* Tomcat 5

and possiblity of...

* Servlet 2.5
* Java 6

More to come on this in the near future. Stay tuned...

Documentation
-------------

Expand Down
2 changes: 1 addition & 1 deletion Source/JNA/license.txt
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
Waffle (https://github.com/dblock/waffle)

Copyright (c) 2010 - 2014 Application Security, Inc.
Copyright (c) 2010 - 2015 Application Security, Inc.

All rights reserved. This program and the accompanying materials
are made available under the terms of the Eclipse Public License v1.0
Expand Down
Loading