Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2022-04-19 | test(http): add second SSL client authentication test | Thomas | 1 | -24/+17 | |
INFO: SSL Client-Authentication with keys from HSM-Facade only works with BCJSSE Provider >= 1.70 and SystemD Parameter: -Dorg.bouncycastle.jsse.client.acceptRenegotiation=true if HTTP Server requires re-negotiation. Hint: do not enable SSL Debugging in BCJSSE Probider, because it throws a NullPointerException with HSM-Facade keys!!!! | |||||
2022-04-19 | chore(core): update IAIK JCE to v5.63 | Thomas | 1 | -1/+1 | |
2022-04-19 | chore(http): add missing parameter into log message | Thomas | 1 | -1/+1 | |
2022-04-19 | feat(http): add request interceptor configuration into Apache HTTP Client ↵ | Thomas | 2 | -1/+17 | |
factory | |||||
2022-04-19 | refact(http): reorder keyStore configuration-builder to optimize log messages | Thomas | 1 | -1/+1 | |
2022-04-12 | refact(config): split IConfigurationWithSP into two interfaces | Thomas | 6 | -195/+228 | |
2022-04-12 | chore(core): update third-party lib to remove double declaration of APIs | Thomas | 3 | -1/+10 | |
2022-03-31 | chore(core): update some more third-party libs | Thomas | 3 | -12/+19 | |
2022-03-31 | fix(core): switch to Spring-Core 5.3.18 and Spring-Boot 2.6.5 to fix ↵ | Thomas | 1 | -2/+2 | |
cve-2022-22965 | |||||
2022-03-31 | chore(core): add log message to DataBinderControllerAdvice -> ↵ | Thomas | 1 | -3/+9 | |
setDisallowedFields | |||||
2022-03-31 | build(core): switch to next snapshot version | Thomas | 12 | -12/+12 | |
2022-03-31 | build(core): switch to next release version1.3.1 | Thomas | 12 | -12/+12 | |
2022-03-31 | feature(spring): add Spring controller advice to set default set of ↵ | Thomas | 1 | -0/+27 | |
disallowed files for DataBinder This code protects Spring Core from a "Remote Code Execution" attack (dubbed "Spring4Shell").This is a midigation for For more details, see this post: https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/ | |||||
2022-03-01 | chore: switch to next snapshot version | Thomas | 12 | -12/+12 | |
2022-03-01 | build: switch to next release version1.3.0 | Thomas | 12 | -12/+12 | |
2022-03-01 | chore(core): update third-party libs | Thomas | 1 | -6/+6 | |
2022-03-01 | refactor(ux): provide method to extract Locale from HTTP request by using ↵ | Thomas | 1 | -5/+12 | |
Spring locale-resolver | |||||
2022-02-11 | chore(core): remove old HttpServlet implementation, because we only use Java ↵ | Thomas | 1 | -148/+0 | |
Spring now | |||||
2022-01-27 | build(test): fix wrong scope of jUnit dependencies | Thomas | 1 | -1/+2 | |
2022-01-19 | test(core): add extension of ↵ | Thomas | 4 | -59/+115 | |
'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens | |||||
2022-01-19 | build(CI): optimize source-code analysing and dependency scanning | Thomas | 1 | -0/+10 | |
2022-01-19 | refactor(core): change API parameters from 'Date' to 'Instant' | Thomas | 7 | -36/+43 | |
2022-01-19 | build: switch to new snapshot version | Thomas | 12 | -12/+12 | |
2022-01-09 | chore(SAML2): update implementation to remove usage of deprecated ↵ | Thomas | 8 | -37/+37 | |
openSAML4.x API | |||||
2022-01-09 | test(core): fix invalid test for TransactionId attribute-builder | Thomas | 1 | -1/+8 | |
2022-01-09 | fix(core): change validation of loaded process-definitions to fix problem of ↵ | Thomas | 5 | -23/+116 | |
circular-dependencies loading | |||||
2022-01-09 | feature(core): add synch. and asynch. GUI builder implementation that use ↵ | Thomas | 6 | -1/+405 | |
Spring MVC architecture | |||||
2022-01-09 | refactor(core): update to latest version of Velocity engine | Thomas | 5 | -119/+10 | |
2022-01-08 | Merge branch 'opensaml_4.x' into nightlyBuild | Thomas | 39 | -307/+351 | |
# Conflicts: # eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/PvpMetadataResolverAdapter.java # eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java # eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/binding/SoapBindingTest.java # eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyMetadataProvider.java # eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java # eaaf_modules/eaaf_module_pvp2_sp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/sp/impl/PvpAuthnRequestBuilder.java # pom.xml | |||||
2022-01-08 | chore(core): update third-party libs | Thomas | 1 | -8/+8 | |
2022-01-08 | fix(core): remove test code from method on production level | Thomas | 1 | -5/+1 | |
2022-01-08 | refactor(core): update logger libs. to latest version | Thomas | 1 | -2/+2 | |
2022-01-08 | [fix] solve circular dependencies between 'AuthenticationManager', ↵ | Thomas | 4 | -36/+30 | |
'ModuleRegistration', and 'AuthModule' implementations | |||||
2021-12-20 | update log4j to fix CVE-2021-45105 and CVE-2021-45046: | Thomas | 1 | -1/+1 | |
2021-12-20 | update logback to latest version | Thomas | 1 | -1/+2 | |
2021-12-12 | update some more third-party libs | Thomas | 4 | -2/+51 | |
2021-12-11 | add more security checks to GitLab CI | Thomas | 1 | -0/+5 | |
2021-12-09 | switch to next snapshot version | Thomas | 12 | -12/+12 | |
2021-12-09 | switch to next release version1.2.0 | Thomas | 12 | -12/+12 | |
2021-12-07 | change IGuiFormBuilder interface to enable pre-evaluation of response ↵ | Thomas | 3 | -8/+33 | |
contentType without rendering | |||||
2021-12-06 | update IGuiBuilderConfiguration to indicate asynchronous GUI rendering | Thomas | 3 | -0/+28 | |
2021-11-29 | switch to next snapshot version | Thomas | 12 | -12/+12 | |
2021-11-29 | switch to next release version1.1.20 | Thomas | 12 | -12/+12 | |
2021-11-26 | update to HSM-Facade-Provider v0.8.0 to fix problem with RSA-OAEP | Thomas | 2 | -5/+4 | |
2021-11-25 | fix bug in GUI rendering that apply if messages contains a single quote | Thomas | 1 | -3/+10 | |
2021-11-19 | switch to next snapshot version | Thomas | 12 | -12/+12 | |
2021-11-19 | switch to next release version1.1.19 | Thomas | 12 | -12/+12 | |
2021-11-18 | add method to inject http headers into Apache HTTP-Client requests | Thomas | 1 | -0/+19 | |
2021-11-03 | switch to next snapshot version | Thomas | 12 | -12/+12 | |
2021-11-03 | switch to next release version1.1.18 | Thomas | 12 | -12/+12 | |