Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
ist-unix
CAS-server
Commits
e99c39fd
Commit
e99c39fd
authored
Sep 30, 2015
by
Misagh Moayyed
Browse files
update security filter to 2.0.4
parent
6b8a6044
Changes
4
Hide whitespace changes
Inline
Side-by-side
cas-server-webapp/src/main/webapp/WEB-INF/cas.properties
View file @
e99c39fd
...
...
@@ -230,6 +230,15 @@ tgc.signing.key=szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dW
# applying it as default response encoding as well.
# httprequest.web.encoding.force=true
##
# Response Headers
#
# httpresponse.header.cache=false
# httpresponse.header.hsts=false
# httpresponse.header.xframe=false
# httpresponse.header.xcontent=false
# httpresponse.header.xss=false
##
# Reports
#
...
...
@@ -399,4 +408,4 @@ tgc.signing.key=szxK-5_eJjs-aUj-64MpUZ-GPPzGLhYPLGl0wrYjYNVAGva2P0lLe6UGKGM7k8dW
# cas.spnego.ntlm=false
# cas.spnego.supportedBrowsers=MSIE,Trident,Firefox,AppleWebKit
# cas.spnego.mixed.mode.authn=false
#
cas.spnego.send.401.authn.failure
=
false
\ No newline at end of file
# cas.spnego.send.401.authn.failure=false
cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/filters.xml
View file @
e99c39fd
...
...
@@ -30,6 +30,13 @@
p:encoding=
"${httprequest.web.encoding:UTF-8}"
p:forceEncoding=
"${httprequest.web.encoding.force:true}"
/>
<bean
id=
"responseHeadersSecurityFilter"
class=
"org.jasig.cas.security.ResponseHeadersEnforcementFilter"
p:enableCacheControl=
"${httpresponse.header.cache:false}"
p:enableStrictTransportSecurity=
"${httpresponse.header.hsts:false}"
p:enableXFrameOptions=
"${httpresponse.header.xframe:false}"
p:enableXContentTypeOptions=
"${httpresponse.header.xcontent:false}"
p:enableXSSProtection=
"${httpresponse.header.xss:false}"
/>
<bean
id=
"requestParameterSecurityFilter"
class=
"org.jasig.cas.security.RequestParameterPolicyEnforcementFilter"
p:allowMultiValueParameters=
"${cas.http.allow.multivalue.params:false}"
>
...
...
cas-server-webapp/src/main/webapp/WEB-INF/web.xml
View file @
e99c39fd
...
...
@@ -68,6 +68,15 @@
<url-pattern>
/*
</url-pattern>
</filter-mapping>
<filter>
<filter-name>
responseHeadersSecurityFilter
</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>
responseHeadersSecurityFilter
</filter-name>
<url-pattern>
/*
</url-pattern>
</filter-mapping>
<filter>
<filter-name>
springSecurityFilterChain
</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
...
...
pom.xml
View file @
e99c39fd
...
...
@@ -1561,7 +1561,7 @@
<xml.apis.version>
1.4.01
</xml.apis.version>
<jstl.version>
1.2
</jstl.version>
<openid4java.version>
0.9.8
</openid4java.version>
<cas-server-security-filter.version>
2.0.
3
</cas-server-security-filter.version>
<cas-server-security-filter.version>
2.0.
4-SNAPSHOT
</cas-server-security-filter.version>
<google.guava.version>
18.0
</google.guava.version>
<javax.el-api.version>
3.0.0
</javax.el-api.version>
<javax.el-impl.version>
2.2.6
</javax.el-impl.version>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment