This is an automated email from the ASF dual-hosted git repository.
rombert pushed a change to annotated tag org.apache.sling.auth.form-1.0.8
in repository
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-form.git.
at cc93726 (tag)
tagging d0817206e8dbb9bda2cfe04ac7d1078955c8ac89 (commit)
by Carsten Ziegeler
on Wed Oct 7 06:23:25 2015 +0000
- Log -----------------------------------------------------------------
org.apache.sling.auth.form-1.0.8
-----------------------------------------------------------------------
This annotated tag includes the following new commits:
new f467e0e SLING-1116 Initial Version based on Eric Norman's patch
(thanks alot)
new 8b679bf SLING-1116 cleanup dependencies
new a0fcd1a SLING-1116 Implement support for the j_validate login form
parameter and add support to convey a reason to render the login form using the
j_reason request parameter for the login form request
new 44c5ccd SLING-1116 Fix service description
new a812358 SLING-1116 Ensure the FormLoginModulePlugin is actually
registered as a service (otherwise authenticaiton may fail). Also the resource
attribute is set in the extractRequestParameterAuthentication method to ensure
a redirect takes place after successful login
new 0a41f41 SLING-1380 Do not return anything from getPrincipal to allow
DefaultLoginModule.getPrincipal to kick in and validate the user name against
the existing users (and also to provide the correct principal for the user)
new a25ef67 SLING-1116 make sure the login form action is an absolute path
new 33e89b6 SLING-1419 : Remove dependency to JCR
new 64b2394 SLING-1498 - saving resource being requested
new 0a8abcc SLING-1497 - adding tentative configuration for configuring
service.ranking via ConfigAdmin/Metatype
new 1cb242e forgot that maven 3 dropped support for latest. oh well, new
scr plugin should be released rsn
new 6b812d8 Use released parent pom.
new 4e10552 SLING-1116 Improve FormReason to convey the human-readable
message by toString()
new 217e197 SLING-1565 Move private implementation classes to the impl
package and export the o.a.s.formauth package for login forms to be able to
interpret the j_reason value with the FormReason enum.
new a606003 SLING-1565 - need to move the login form as well to be in the
same package as the servlet
new d5ecfb9 SLING-1564 - adding support for form inclusion as well as
custom form pages via fragments
new 196a11f SLING-1587 - file name wasn't being logged
new d3222a7 SLING-1575 Adapt Form and OpenID authentication handler to
use new abstract form servlet and authentication handler
new 531e943 SLING-1575 Add @scr.service tag for login form servlets and
fully qualify path property definition in the authentication handler
new 03ed695 Remove unneeded (and commented out) version element
new 99b1053 SLING-1588 Fixed, cookie needs to be removed when found to be
invalid.
new d24ad09 SLING-1614 Added config settings that allow a login form to
be re-displayed when the login token expires, by default the login form is not
displayed on expiry, on the basis that it was not displayed by default when the
anon user first came to the site.
new e561eda SLING-1614 Added missing property name and metatype text.
new 008d39d SLING-1647 Set handler specific properties in the
AuthenticationInfo instead of the credentials. The properties will be
transferred to the session by the ResourceResolverFactory implementation
new bdb9503 SLING-1650 Consolidate authentication stuff in a new auth
component; * rename commons/auth to auth/core * rename extensions/formauth to
auth/form * rename extensions/openidauth to auth/openid
new f4f4bfc SLING-1650 Refactor auth/core, auth/form, auth/openid for the
new packages identifying the auth component and refer to the new auth/core for
the authentication handlers.
new 5ba6c25 SLING-1650 Remove old packages; make sure the login.html form
source is in the correct (new) location
new 9946c7c Set JIRA version id and fix JavaDoc exclusions
new dc98910 Update to Sling API 2.1.0
new af26b77 use Auth Core 1.0.0 to prepare the release
new 9e52b4e [maven-release-plugin] prepare release
org.apache.sling.auth.form-1.0.0
new 00fad8b [maven-release-plugin] prepare for next development iteration
new f045f34 Use previous Auth Core SNAPSHOT until after release
new 11448fa SLING-1695 - set the cookie domain either by a config admin
property or using a key within the AuthenticationInfo object
new aee24d0 SLING-1714 Convert @scr JavaDoc tags to SCR annotations
new acc1f6b SLING-1714 Metatype descriptor generation is not enabled by
default for annotations
new 2574aa6 SLING-1722 Do not embed StringUtils class but import the
Commons Lang package
new 1bf2250 SLING-1721 Use no cookie domain if the configured (or
requested) cookie domain is an empty string
new 18d11b7 SLING-1729 Provide a simple and faster alternative to the
default SecureRandom seeding. This might be of interest mostly for the Linux
and Solaris platforms which seed SecureRandom from the blocking /dev/random by
default.
new 4d1d59e SLING-1729 Emit a log message if regular SecureRandom seeding
is used
new ebdcfd7 Use released version of auth/core dependency
new 93fe53e SLING-1744 Split the authentication data into exactly three
fields leaving any excess field separators in the user name field thus
supporting user names with @ signs such as email addresses.
new dc0a50e SLING-1752 Unify resource attribute/parameter setting and
default value handling
new e633f47 Revert changes from commit 996477 which are not intended to
go into that commit (relative to handling auth failures for XHR requests and
handling the cookie)
new bfe05c2 SLING-1762 Add the HttpOnly attribute to setting the
authentication cookie to make sure the cookie is not available to client side
JavaScript. Also, when extracting the authentication data from the cookie
ignore empty values.
new 1e178f5 SLING-1783 Make the use of the j_reason request attribute to
inform about failures for authentication official
new b087302 Don't quote cookie value and attributes
new 8a77e54 SLING-1785 Use new redirect helper method of tha
AbstractAuthenticationHandler
new e4d4eff SLING-1428 Reimplement full j_validate functionality: Send a
403 response if either the provided cookie value is invalid or if the provided
user name and password cannot be used to login. Created methods to actually
send back the success or failure responses for validation requests.
new 888cdb3 SLING-1428 Implement generalized support for validating
credentials supplied by a request using the j_validate request parameter.
new 64b8cf5 updating all modules to parent 10-SNAPSHOT in anticipation of
emma additions to parent
new 8972039 SLING-1869 - upgrading to latest SCR plugin and putting
scr.annotations in parent
new ad83c4f Update to recent snapshots
new 09f89ed Use latest releases.
new ef7843d Prepare releases
new 17bfd16 [maven-release-plugin] prepare release
org.apache.sling.auth.form-1.0.2
new b472e70 [maven-release-plugin] prepare for next development iteration
new 2275900 Update to current snapshots
new 1f794a9 Update to releases
new 32d454e SLING-1847 Redirect after logout does not work with form
authentication (+unit test)
new ac004cf SLING-2150 : Update plugins to use the latest available
versions
new 2cda4c9 Update to recent snapshot
new 4ea6441 Using latest released parent pom
new 300e154 SLING-2187 - adding new module to contain our custom notice
file; adding remote-resources plugin configuration to parent pom and removing
all existing appended-resources NOTICE files
new 5a0790c temporarily using snapshots during release vote
new 30504c1 using latest releases
new e42a6f4 SLING-2080 Apply patch by Angela Schreiber (thank you very
much)
new e145fd0 SLING-2080 Fix wrong JavaDoc references (Thanks Angela for
reporting)
new eccd8eb SLING-2165 Form based login failure should stay on the same
login page to show the login error
new c09ad3f SLING-2299 The checkReferer method has actually been moved to
AuthUtil because it was not contained in a released version of Auth Core bundle
yet.
new 87f291f SLING-2382 - having form auth handler set the login event
triggering auth info property
new 56310ef SLING-2480 : Add config for maven-sling-plugin to m2e
configuration
new 741517c SLING-2483 Update jackrabbit.server and jcr.base dependencies
and add JCR API dependency to prevent the new bundle plugin to generate a too
restrictive import for the JCR API (2.0 is backwards compatible with 1.0)
new 50a319e Update to latest parent pom
new 09818f4 Use released versions
new 9548090 Use latest releases and update to new parent pom
new 0ee728f Update to latest parent pom and use latest releases in
launchpad
new 21cc027 Use released versions after release.
new ac9477f Correct reactor pom and update to parent pom 16
new 3ec65e6 SLING-2858 - Maven build fails after upgrading to parent 16:
No annotation processors found in classpath
new 866ec35 [maven-release-plugin] prepare release
org.apache.sling.auth.form-1.0.4
new a21621c [maven-release-plugin] prepare for next development iteration
new 9c06cb2 remove duplicate dependency
new 7f5c31b Update to latest parent pom
new 61e2397 Update to parent pom 18
new e80937a SLING-3443 : Parameter based redirection in
FormAuthenticationHandler should not handle absolute urls. Apply modified patch
from Ravi Teja
new 98d550a Update to parent pom v19
new ca4e850 SLING-3795 : Fields for dynamic references must be volatile
new 6333a87 Updated to parent version 20
new 2926575 [maven-release-plugin] prepare release
org.apache.sling.auth.form-1.0.6
new c29928e [maven-release-plugin] prepare for next development iteration
new c56ec99 Remove duplicate properties for service vendor
new a195ad9 Update to Sling Parent POM 22 with baselining enabled
new 12e637b SLING-3227 - FormLoginModulePlugin does not work with Oak
new 9368c3a SLING-4698 - Set parent.relativePath to empty for all modules
new 5b2c3c5 Update to Sling Parent 23
new afe69a3 set parent version to 24 and add empty relativePath where
missing
new a0b5e99 Update the main reactor to parent 25
new e45939d [maven-release-plugin] prepare release
org.apache.sling.auth.form-1.0.8
new d081720 [maven-release-plugin] copy for tag
org.apache.sling.auth.form-1.0.8
The 100 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
--
To stop receiving notification emails like this one, please contact
['"[email protected]" <[email protected]>'].
