7f464c496b
changed copyright to new consortium name
9 years ago
be9d8948ef
added UMA classes to logger configuration
9 years ago
d120e8fb20
return ID of resource set in Location URL by calling the right object
9 years ago
1596b6b9e7
Updated UMA server to use new multi-part messages structure
9 years ago
ea77bf2a19
quieted approved site cleanup
9 years ago
9ffe877766
added getId to address interface, closes #958
9 years ago
1ed3e2c47a
quieted logging on database cleanup tasks when no expired elements are found
9 years ago
fcfc620d51
updated client API with more useful errors, removed unused service reference
9 years ago
c59f722cc2
enforce pairwise identifier consistency in UI, closes #969
9 years ago
2496dc114c
allow language system to be loaded from multiple files. closes #817 closes #876
9 years ago
e255fc1a10
change default behavior of message source, closes #964
9 years ago
70751a3d4a
updated configuration to comment out optional property value in example
9 years ago
7b34a666d9
Make the dual client support configurable
9 years ago
a80953a2d4
Allow both flows authorization code and client credentials. This scenario might be found when the same client supports user authentication as well as service to service authentication. Such a client is trusted (whitelisted).
9 years ago
dce80d488b
Clean up ScopeClaimTranslationService
...
`getFieldNameForClaim` method is never used.
9 years ago
f27673a5f5
Align user profile claims
...
Especially helps when `<dd>` collapses due to an empty claim value.
9 years ago
4f9ea0b474
Improve state handling in handleAuthorizationCodeResponse
...
Fail fast when there is no state in session, e.g. because the session
cookie was removed.
Resolves #949
9 years ago
6d2b73a7ef
added JSPs to filter
9 years ago
4c1e6866ce
Filter only `*.tag` files
...
Instead of excluding all binary files, just filter `*.tag` files.
http://maven.apache.org/plugins/maven-resources-plugin/examples/filter.html
9 years ago
a3d01727f9
Make FILTER_PROCESSES_URL public
...
Currently hardcoded in the filter and the client's Spring Security config; would be nicer to reference the value instead.
c5e70ebd5c/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml (L54)
9 years ago
abff7421c1
Upgrade to Spring Framework 4.1.8
...
http://spring.io/blog/2015/10/15/spring-framework-4-2-2-4-1-8-and-3-2-15-available-now
9 years ago
5f24685f17
removed problematic (and not very useful) unit test, closes #742
9 years ago
f04face41e
updated to nimbus 4.3, check JCE policy and algorithm availability before running unit tests, closes #938
9 years ago
2deec98b58
[maven-release-plugin] prepare for next development iteration
9 years ago
d96b2dc130
[maven-release-plugin] prepare release mitreid-connect-1.2.2
9 years ago
6129cfa61a
added scope-based authorities granter for introspections services, closes #835
9 years ago
96f4d5e8a8
fixed use of wrong constant, closes #940
9 years ago
a5701f4ea3
limit client pagination to 10 pages at a time, closes #886
9 years ago
8cc89e4e85
made token fetching lazy-loaded
9 years ago
c9358f348a
added transactional annotations, finally closes #926 addresses #862
9 years ago
e1e892377f
added cleaner for duplicate refresh tokens
9 years ago
542afca459
cleans duplicate access tokens from DB before other cleanup happens
9 years ago
9599642f3a
upgraded nimbus in uma module`
9 years ago
149e93e970
Disabled broken crypto tests, pending #938
9 years ago
ebb4f2c3d4
Upgraded to nimbus 4.2, closes #934
9 years ago
c67611e975
added qualifier name to persistence unit and transaction manager, closes #883
9 years ago
d337e14de3
Remove transitive commons-logging dependencies
...
We use slf4j instead; jcl-over-slf4j needs to be a compile-time dependency because we use it in several classes.
Unfortunately Maven does not have a way to exclude commons-logging globally, so we need to figure out which dependencies include it through `mvn dependency:tree` and specify an `<exclusion>` for each of them.
Finally, we upgrade to slf4j 1.7.12: http://www.slf4j.org/news.html .
9 years ago
b89fa7028d
Use Maven BOM dependency for Spring
...
The Maven "bill of materials" dependency ensures that all Spring dependencies use the same version, without having to specify them all.
http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/#overview-maven-bom
9 years ago
d280ca40a4
login hints now handled in a slightly smarter (and more pluggable) manner, closes #851
9 years ago
98e1d26134
limited when login_hint is sent to the server, closes #963
9 years ago
301802abd3
Speed up servlet start
...
- Set metadata-complete="true" attribute on the <web-app> element.
- Add an empty <absolute-ordering /> element.
See:
https://wiki.apache.org/tomcat/HowTo/FasterStartUp#Configure_your_web_ap
plication
On my (old) machine, this reduces startup time with Jetty from 137580ms
to 20166ms.
9 years ago
90e4cb97ff
Upgrade jetty-maven-plugin and configure war path
...
Configuring war path enables `mvn jetty:run-war`.
9 years ago
8b7fc5de68
Update HikariCP to 2.4.1
...
https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES
9 years ago
9117e7fe31
Add SQL indexes for PostgreSQL and HSQLDB
9 years ago
0269c24263
Travis build on JDK 7+8
...
Configures Travis to build on Oracle JDK 7+8 and OpenJDK 7.
Also enables migration to Travis' container-based infrastructure: http://docs.travis-ci.com/user/migrating-from-legacy/
9 years ago
7871ee0f26
Improve error message
9 years ago
58543ac9c4
Fix ID token icon description
9 years ago
b5c298e0ca
Remove legacy CSRF protection for approve page
...
Instead, we rely on the Spring Security CSRF protection, like we already do for the login page. Additionally, we remove the authentication check in`isApproved`, because this is already done by Spring Security (and if not, we have bigger problems to worry about).
9 years ago
8b362f23f3
[maven-release-plugin] prepare for next development iteration
9 years ago
e384a6257b
[maven-release-plugin] prepare release mitreid-connect-1.2.1
9 years ago
Justin Richer