this is a fix for something discovered in plxredback-66
the security setup on continuum stems from the ContinuumActionSupport
class which is the parent to most actions in continuum. it is also where
all of the authz goop is abstracted away too, and it uses the prepare
interceptor to put the securitySession of the user into action. Well
the xwork interceptor stack was setup so that this happened _before_ the
autologin interceptors were calls, which in effect made the first
page on the autologin path fail the authorizations of that action...
this was masked because once that other interceptor ran it was all setup to
go so jsp's rendering on the page actually had the relevant information
available.
moral of the story, get your interceptor stack in order...
4 lines of code changed in:
update to jpox 1.1.7 and jpox-maven-plugin 1.1.7-snap
17 lines of code changed in:
use of jpox.column and jpox.table to clean up the model of potential reserved key words for a wide array of databases, this is due to joakim's addition of strict model validation with modello
11 lines of code changed in:
added continuum-group-project-administrator to the rename chunk for responding correctly to project group renaming
1 lines of code changed in:
sped up the pg user bean a little bit and verified the use of the correct cache in the members page
52 lines of code changed in:
commenting out jpox option that is causing intermittent problems all over the place
4 lines of code changed in:
align fix to poorly named global result to newest redback snapshots
1 lines of code changed in:
adding a jpox param to allow support of postgres and its case sensitive schemas
8 lines of code changed in:
changed the flow of the initialization of the system configuration to make sure that it tries to load the system config from the database if it is not initialized, this should cover instances where the back end database has been restored.
27 lines of code changed in:
added restrictive role granting functionality and the Project Group Administrator role. If you are a PGA for a project then you have the ability to assign those roles associated with that project group to other users
136 lines of code changed in:
update to jpox 1.1.6 and associated toolchain bits
5 lines of code changed in:
CONTINUUM-1088 added policy enforcement interceptor to validate/enforce conditions like this
3 lines of code changed in:
changed the username and password to scmUsername and scmPassword so that browsers will not attempt to prefill these with the users authentication information, its also more desciptive and matchs the db better
14 lines of code changed in:
updated the p-sec version to latest snapshots
1 lines of code changed in:
Continuum-787 fix for site xml oddness in rendering, thanks Philippe!
2 lines of code changed in:
CONTINUUM-1033 some jsp fixes for the release jsps, thanks edwin
6 lines of code changed in:
secure a few actions to reprevent authorized usage
90 lines of code changed in:
removing unused action
0 lines of code changed in:
removed the exclusion of artifact 2.0 from release manager since that broke the build..detailed the issue in a comment above the dependency I added to maven-artifact 2.0.4
11 lines of code changed in:
added exclusion to maven-artifact-manager to fix builds for maven-2.0.5-snapshot users
10 lines of code changed in:
(76 more)