EAAF-Components - EAAF-Components

Age	Commit message (Collapse)	Author	Files	Lines
2022-05-09	test(http): fix possible false-positive test results	Thomas	2	-5/+12

2022-05-03	feature(core): add simple implementation of a Spring based message source	Thomas	1	-0/+115

2022-04-19	test(http): add second SSL client authentication test	Thomas	1	-24/+17
	INFO: SSL Client-Authentication with keys from HSM-Facade only works with BCJSSE Provider >= 1.70 and SystemD Parameter: -Dorg.bouncycastle.jsse.client.acceptRenegotiation=true if HTTP Server requires re-negotiation. Hint: do not enable SSL Debugging in BCJSSE Probider, because it throws a NullPointerException with HSM-Facade keys!!!!
2022-04-19	chore(core): update IAIK JCE to v5.63	Thomas	1	-1/+1

2022-04-19	chore(http): add missing parameter into log message	Thomas	1	-1/+1

2022-04-19	feat(http): add request interceptor configuration into Apache HTTP Client ↵	Thomas	2	-1/+17
	factory
2022-04-19	refact(http): reorder keyStore configuration-builder to optimize log messages	Thomas	1	-1/+1

2022-04-12	refact(config): split IConfigurationWithSP into two interfaces	Thomas	6	-195/+228

2022-04-12	chore(core): update third-party lib to remove double declaration of APIs	Thomas	3	-1/+10

2022-03-31	chore(core): update some more third-party libs	Thomas	3	-12/+19

2022-03-31	fix(core): switch to Spring-Core 5.3.18 and Spring-Boot 2.6.5 to fix ↵	Thomas	1	-2/+2
	cve-2022-22965
2022-03-31	chore(core): add log message to DataBinderControllerAdvice -> ↵	Thomas	1	-3/+9
	setDisallowedFields
2022-03-31	build(core): switch to next snapshot version	Thomas	12	-12/+12

2022-03-31	build(core): switch to next release version1.3.1	Thomas	12	-12/+12

2022-03-31	feature(spring): add Spring controller advice to set default set of ↵	Thomas	1	-0/+27
	disallowed files for DataBinder This code protects Spring Core from a "Remote Code Execution" attack (dubbed "Spring4Shell").This is a midigation for For more details, see this post: https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/
2022-03-01	chore: switch to next snapshot version	Thomas	12	-12/+12

2022-03-01	build: switch to next release version1.3.0	Thomas	12	-12/+12

2022-03-01	chore(core): update third-party libs	Thomas	1	-6/+6

2022-03-01	refactor(ux): provide method to extract Locale from HTTP request by using ↵	Thomas	1	-5/+12
	Spring locale-resolver
2022-02-11	chore(core): remove old HttpServlet implementation, because we only use Java ↵	Thomas	1	-148/+0
	Spring now
2022-01-27	build(test): fix wrong scope of jUnit dependencies	Thomas	1	-1/+2

2022-01-19	test(core): add extension of ↵	Thomas	4	-59/+115
	'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens
2022-01-19	build(CI): optimize source-code analysing and dependency scanning	Thomas	1	-0/+10

2022-01-19	refactor(core): change API parameters from 'Date' to 'Instant'	Thomas	7	-36/+43

2022-01-19	build: switch to new snapshot version	Thomas	12	-12/+12

2022-01-09	chore(SAML2): update implementation to remove usage of deprecated ↵	Thomas	8	-37/+37
	openSAML4.x API
2022-01-09	test(core): fix invalid test for TransactionId attribute-builder	Thomas	1	-1/+8

2022-01-09	fix(core): change validation of loaded process-definitions to fix problem of ↵	Thomas	5	-23/+116
	circular-dependencies loading
2022-01-09	feature(core): add synch. and asynch. GUI builder implementation that use ↵	Thomas	6	-1/+405
	Spring MVC architecture
2022-01-09	refactor(core): update to latest version of Velocity engine	Thomas	5	-119/+10

2022-01-08	Merge branch 'opensaml_4.x' into nightlyBuild	Thomas	39	-307/+351
	# Conflicts: # eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java # eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java # eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java # eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java # eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java # eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java # pom.xml
2022-01-08	chore(core): update third-party libs	Thomas	1	-8/+8

2022-01-08	fix(core): remove test code from method on production level	Thomas	1	-5/+1

2022-01-08	refactor(core): update logger libs. to latest version	Thomas	1	-2/+2

2022-01-08	[fix] solve circular dependencies between 'AuthenticationManager', ↵	Thomas	4	-36/+30
	'ModuleRegistration', and 'AuthModule' implementations
2021-12-20	update log4j to fix CVE-2021-45105 and CVE-2021-45046:	Thomas	1	-1/+1

2021-12-20	update logback to latest version	Thomas	1	-1/+2

2021-12-12	update some more third-party libs	Thomas	4	-2/+51

2021-12-11	add more security checks to GitLab CI	Thomas	1	-0/+5

2021-12-09	switch to next snapshot version	Thomas	12	-12/+12

2021-12-09	switch to next release version1.2.0	Thomas	12	-12/+12

2021-12-07	change IGuiFormBuilder interface to enable pre-evaluation of response ↵	Thomas	3	-8/+33
	contentType without rendering
2021-12-06	update IGuiBuilderConfiguration to indicate asynchronous GUI rendering	Thomas	3	-0/+28

2021-11-29	switch to next snapshot version	Thomas	12	-12/+12

2021-11-29	switch to next release version1.1.20	Thomas	12	-12/+12

2021-11-26	update to HSM-Facade-Provider v0.8.0 to fix problem with RSA-OAEP	Thomas	2	-5/+4

2021-11-25	fix bug in GUI rendering that apply if messages contains a single quote	Thomas	1	-3/+10

2021-11-19	switch to next snapshot version	Thomas	12	-12/+12

2021-11-19	switch to next release version1.1.19	Thomas	12	-12/+12

2021-11-18	add method to inject http headers into Apache HTTP-Client requests	Thomas	1	-0/+19