mirror of
https://github.com/spring-projects/spring-security.git
synced 2026-01-17 20:07:00 +00:00
Fix typos
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
This commit is contained in:
Tran Ngoc Nhan
Rob Winch
parent
04bba36ee5
commit
79815e044e
@ -39,7 +39,7 @@ interface EvaluationContextPostProcessor<I> {
|
||||
* that was passed in.
|
||||
* @param context the original {@link EvaluationContext}
|
||||
* @param invocation the security invocation object (i.e. Message)
|
||||
* @return the upated context.
|
||||
* @return the updated context.
|
||||
*/
|
||||
EvaluationContext postProcess(EvaluationContext context, I invocation);
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ import org.springframework.security.acls.model.Acl;
|
||||
|
||||
/**
|
||||
* Strategy used by {@link AclImpl} to determine whether a principal is permitted to call
|
||||
* adminstrative methods on the <code>AclImpl</code>.
|
||||
* administrative methods on the <code>AclImpl</code>.
|
||||
*
|
||||
* @author Ben Alex
|
||||
*/
|
||||
|
||||
@ -42,7 +42,7 @@ public class GrantedAuthoritySid implements Sid {
|
||||
public GrantedAuthoritySid(GrantedAuthority grantedAuthority) {
|
||||
Assert.notNull(grantedAuthority, "GrantedAuthority required");
|
||||
Assert.notNull(grantedAuthority.getAuthority(),
|
||||
"This Sid is only compatible with GrantedAuthoritys that provide a non-null getAuthority()");
|
||||
"This Sid is only compatible with GrantedAuthority that provide a non-null getAuthority()");
|
||||
this.grantedAuthority = grantedAuthority.getAuthority();
|
||||
}
|
||||
|
||||
|
||||
@ -160,7 +160,7 @@ public class JdbcAclService implements AclService {
|
||||
this.findChildrenSql = DEFAULT_SELECT_ACL_WITH_PARENT_SQL_WITH_CLASS_ID_TYPE;
|
||||
}
|
||||
else {
|
||||
log.debug("Find children statement has already been overridden, so not overridding the default");
|
||||
log.debug("Find children statement has already been overridden, so not overriding the default");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -50,7 +50,7 @@ import org.springframework.util.Assert;
|
||||
* The default settings are for HSQLDB. If you are using a different database you will
|
||||
* probably need to set the {@link #setSidIdentityQuery(String) sidIdentityQuery} and
|
||||
* {@link #setClassIdentityQuery(String) classIdentityQuery} properties appropriately. The
|
||||
* other queries, SQL inserts and updates can also be customized to accomodate schema
|
||||
* other queries, SQL inserts and updates can also be customized to accommodate schema
|
||||
* variations, but must produce results consistent with those expected by the defaults.
|
||||
* <p>
|
||||
* See the appendix of the Spring Security reference manual for more information on the
|
||||
@ -471,7 +471,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
|
||||
this.insertClass = DEFAULT_INSERT_INTO_ACL_CLASS_WITH_ID;
|
||||
}
|
||||
else {
|
||||
log.debug("Insert class statement has already been overridden, so not overridding the default");
|
||||
log.debug("Insert class statement has already been overridden, so not overriding the default");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -326,7 +326,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
|
||||
/**
|
||||
* Use this {@code RequestMatcher} to match proxy receptor requests. Without setting
|
||||
* this matcher, {@link CasAuthenticationFilter} will not capture any proxy receptor
|
||||
* requets.
|
||||
* requests.
|
||||
* @param proxyReceptorMatcher the {@link RequestMatcher} to use
|
||||
* @since 6.5
|
||||
*/
|
||||
@ -383,7 +383,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
|
||||
}
|
||||
|
||||
/**
|
||||
* Indicates if the request is elgible to process a service ticket. This method exists
|
||||
* Indicates if the request is eligible to process a service ticket. This method exists
|
||||
* for readability.
|
||||
* @param request
|
||||
* @param response
|
||||
@ -396,7 +396,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
|
||||
}
|
||||
|
||||
/**
|
||||
* Indicates if the request is elgible to process a proxy ticket.
|
||||
* Indicates if the request is eligible to process a proxy ticket.
|
||||
* @param request
|
||||
* @return
|
||||
*/
|
||||
@ -419,7 +419,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
|
||||
}
|
||||
|
||||
/**
|
||||
* Indicates if the request is elgible to be processed as the proxy receptor.
|
||||
* Indicates if the request is eligible to be processed as the proxy receptor.
|
||||
* @param request
|
||||
* @return
|
||||
*/
|
||||
|
||||
@ -177,7 +177,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets a shared Object. Note that object heirarchies are not considered.
|
||||
* Gets a shared Object. Note that object hierarchies are not considered.
|
||||
* @param sharedType the type of the shared Object
|
||||
* @return the shared Object or null if it is not found
|
||||
*/
|
||||
@ -360,7 +360,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
|
||||
/**
|
||||
* Subclasses must implement this method to build the object that is being returned.
|
||||
* @return the Object to be buit or null if the implementation allows it
|
||||
* @return the Object to be built or null if the implementation allows it
|
||||
*/
|
||||
protected abstract O performBuild();
|
||||
|
||||
@ -414,12 +414,12 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
private enum BuildState {
|
||||
|
||||
/**
|
||||
* This is the state before the {@link Builder#build()} is invoked
|
||||
* This is the state before the {@link SecurityBuilder#build()} is invoked
|
||||
*/
|
||||
UNBUILT(0),
|
||||
|
||||
/**
|
||||
* The state from when {@link Builder#build()} is first invoked until all the
|
||||
* The state from when {@link SecurityBuilder#build()} is first invoked until all the
|
||||
* {@link SecurityConfigurer#init(SecurityBuilder)} methods have been invoked.
|
||||
*/
|
||||
INITIALIZING(1),
|
||||
|
||||
@ -82,7 +82,7 @@ public interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>
|
||||
<C> void setSharedObject(Class<C> sharedType, C object);
|
||||
|
||||
/**
|
||||
* Gets a shared Object. Note that object heirarchies are not considered.
|
||||
* Gets a shared Object. Note that object hierarchies are not considered.
|
||||
* @param sharedType the type of the shared Object
|
||||
* @return the shared Object or null if it is not found
|
||||
*/
|
||||
|
||||
@ -133,7 +133,7 @@ final class FilterOrderRegistration {
|
||||
/**
|
||||
* Register a {@link Filter} with its specific position. If the {@link Filter} was
|
||||
* already registered before, the position previously defined is not going to be
|
||||
* overriden
|
||||
* overridden
|
||||
* @param filter the {@link Filter} to register
|
||||
* @param position the position to associate with the {@link Filter}
|
||||
*/
|
||||
|
||||
@ -305,7 +305,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the logoutSuccesUrl or null if a
|
||||
* Gets the logoutSuccessUrl or null if a
|
||||
* {@link #logoutSuccessHandler(LogoutSuccessHandler)} was configured.
|
||||
* @return the logoutSuccessUrl
|
||||
*/
|
||||
|
||||
@ -146,7 +146,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
|
||||
|
||||
/**
|
||||
* This should not use RequestAttributeSecurityContextRepository since that is
|
||||
* stateless and sesison management is about state management.
|
||||
* stateless and session management is about state management.
|
||||
*/
|
||||
private SecurityContextRepository sessionManagementSecurityContextRepository = new HttpSessionSecurityContextRepository();
|
||||
|
||||
|
||||
@ -95,7 +95,7 @@ public class Saml2MetadataConfigurer<H extends HttpSecurityBuilder<H>>
|
||||
* If there is no {@code registrationId} and your
|
||||
* {@link RelyingPartyRegistrationRepository} is {code Iterable}, the metadata
|
||||
* endpoint will try and show all relying parties' metadata in a single
|
||||
* {@code <md:EntitiesDecriptor} element.
|
||||
* {@code <md:EntitiesDescriptor} element.
|
||||
*
|
||||
* <p>
|
||||
* If you need a more sophisticated lookup strategy than these, use
|
||||
|
||||
@ -167,7 +167,7 @@ class ServerHttpSecurityConfiguration {
|
||||
}
|
||||
|
||||
/**
|
||||
* Applies all {@code Custmizer<ServerHttpSecurity>} Beans to
|
||||
* Applies all {@code Customizer<ServerHttpSecurity>} Beans to
|
||||
* {@link ServerHttpSecurity}.
|
||||
* @param context the {@link ApplicationContext}
|
||||
* @param http the {@link ServerHttpSecurity}
|
||||
|
||||
@ -538,7 +538,7 @@ final class AuthenticationConfigBuilder {
|
||||
}
|
||||
injectAuthenticationDetailsSource(x509Elt, filterBuilder);
|
||||
filter = (RootBeanDefinition) filterBuilder.getBeanDefinition();
|
||||
createPrauthEntryPoint(x509Elt);
|
||||
createPreauthEntryPoint(x509Elt);
|
||||
createX509Provider();
|
||||
}
|
||||
this.x509Filter = filter;
|
||||
@ -562,7 +562,7 @@ final class AuthenticationConfigBuilder {
|
||||
this.x509ProviderRef = new RuntimeBeanReference(this.pc.getReaderContext().registerWithGeneratedName(provider));
|
||||
}
|
||||
|
||||
private void createPrauthEntryPoint(Element source) {
|
||||
private void createPreauthEntryPoint(Element source) {
|
||||
if (this.preAuthEntryPoint == null) {
|
||||
this.preAuthEntryPoint = new RootBeanDefinition(Http403ForbiddenEntryPoint.class);
|
||||
this.preAuthEntryPoint.setSource(this.pc.extractSource(source));
|
||||
@ -595,7 +595,7 @@ final class AuthenticationConfigBuilder {
|
||||
adsBldr.addPropertyValue("mappableRolesRetriever", mappableRolesRetriever);
|
||||
filterBuilder.addPropertyValue("authenticationDetailsSource", adsBldr.getBeanDefinition());
|
||||
filter = (RootBeanDefinition) filterBuilder.getBeanDefinition();
|
||||
createPrauthEntryPoint(jeeElt);
|
||||
createPreauthEntryPoint(jeeElt);
|
||||
createJeeProvider();
|
||||
}
|
||||
this.jeeFilter = filter;
|
||||
|
||||
@ -165,20 +165,20 @@ public class LdapServerBeanDefinitionParser implements BeanDefinitionParser {
|
||||
}
|
||||
|
||||
private RootBeanDefinition getRootBeanDefinition(String mode) {
|
||||
if (isUnboundidEnabled(mode)) {
|
||||
if (isUnboundIdEnabled(mode)) {
|
||||
return new RootBeanDefinition(UNBOUNDID_CONTAINER_CLASSNAME, null, null);
|
||||
}
|
||||
throw new IllegalStateException("Embedded LDAP server is not provided");
|
||||
}
|
||||
|
||||
private String resolveBeanId(String mode) {
|
||||
if (isUnboundidEnabled(mode)) {
|
||||
if (isUnboundIdEnabled(mode)) {
|
||||
return BeanIds.EMBEDDED_UNBOUNDID;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
private boolean isUnboundidEnabled(String mode) {
|
||||
private boolean isUnboundIdEnabled(String mode) {
|
||||
return "unboundid".equals(mode) || unboundIdPresent;
|
||||
}
|
||||
|
||||
|
||||
@ -1340,7 +1340,7 @@ public class AuthorizeHttpRequestsConfigurerTests {
|
||||
static class ServletPathConfig {
|
||||
|
||||
@Bean
|
||||
PathPatternRequestMatcherBuilderFactoryBean requesMatcherBuilder() {
|
||||
PathPatternRequestMatcherBuilderFactoryBean requestMatcherBuilder() {
|
||||
PathPatternRequestMatcherBuilderFactoryBean bean = new PathPatternRequestMatcherBuilderFactoryBean();
|
||||
bean.setBasePath("/spring");
|
||||
return bean;
|
||||
|
||||
@ -100,7 +100,7 @@ public interface SecurityExpressionOperations {
|
||||
boolean isAnonymous();
|
||||
|
||||
/**
|
||||
* Determines ifthe {@link #getAuthentication()} is authenticated
|
||||
* Determines if the {@link #getAuthentication()} is authenticated
|
||||
* @return true if the {@link #getAuthentication()} is authenticated, else false
|
||||
*/
|
||||
boolean isAuthenticated();
|
||||
|
||||
@ -414,7 +414,7 @@ If you build your project with Maven, adding the appropriate Spring Security mod
|
||||
Any that are marked as "`optional`" in the Spring Security `pom.xml` files have to be added to your own `pom.xml` file if you need them.
|
||||
|
||||
[[appendix-faq-unboundid-deps]]
|
||||
=== What dependences are needed to run an embedded UnboundID LDAP server?
|
||||
=== What dependencies are needed to run an embedded UnboundID LDAP server?
|
||||
|
||||
You need to add the following dependency to your project:
|
||||
|
||||
|
||||
@ -399,7 +399,7 @@ Second, each xref:#httpsecuritydsl-bean[HttpSecurityDsl.() -> Unit Beans] is app
|
||||
This means that if there are multiple `HttpSecurity.() -> Unit` Beans, the https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/core/annotation/Order.html[@Order] annotation can be added to the Bean definitions to control the ordering.
|
||||
|
||||
Next, every xref:#top-level-dsl-bean[Top Level Security Dsl Beans] type is looked up and each is is applied using `ObjectProvider#orderedStream()`.
|
||||
If there is are differt types of top level security Beans (.e.g. `HeadersDsl.() -> Unit` and `HttpsRedirectDsl.() -> Unit`), then the order that each Dsl type is invoked is undefined.
|
||||
If there is are different types of top level security Beans (.e.g. `HeadersDsl.() -> Unit` and `HttpsRedirectDsl.() -> Unit`), then the order that each Dsl type is invoked is undefined.
|
||||
However, the order that each instance of of the same top level security Bean type is defined by `ObjectProvider#orderedStream()` and can be controlled using `@Order` on the Bean the definitions.
|
||||
|
||||
Finally, the `HttpSecurityDsl` Bean is injected as a Bean.
|
||||
|
||||
@ -39,7 +39,7 @@ import org.springframework.util.Assert;
|
||||
* It needs a <code>KerberosTicketValidator</code>, which contains the code to validate
|
||||
* the ticket, as this code is different between SUN and IBM JRE.<br>
|
||||
* It also needs an <code>UserDetailsService</code> to load the user properties and the
|
||||
* <code>GrantedAuthorities</code>, as we only get back the username from Kerbeos
|
||||
* <code>GrantedAuthorities</code>, as we only get back the username from Kerberos
|
||||
* </p>
|
||||
*
|
||||
* You can see an example configuration in
|
||||
|
||||
@ -31,7 +31,7 @@ public interface KerberosTicketValidator {
|
||||
|
||||
/**
|
||||
* Validates a Kerberos/SPNEGO ticket.
|
||||
* @param token Kerbeos/SPNEGO ticket
|
||||
* @param token Kerberos/SPNEGO ticket
|
||||
* @return authenticated kerberos principal
|
||||
* @throws BadCredentialsException if the ticket is not valid
|
||||
*/
|
||||
|
||||
@ -76,7 +76,7 @@ import org.springframework.web.filter.OncePerRequestFilter;
|
||||
* </sec:authentication-manager>
|
||||
*
|
||||
* <bean id="kerberosServiceAuthenticationProvider"
|
||||
* class="org.springframework.security.kerberos.authenitcation.KerberosServiceAuthenticationProvider">
|
||||
* class="org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider">
|
||||
* <property name="ticketValidator">
|
||||
* <bean class="org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator">
|
||||
* <property name="servicePrincipal" value="HTTP/web.springsource.com" />
|
||||
@ -103,7 +103,7 @@ import org.springframework.web.filter.OncePerRequestFilter;
|
||||
* <a href="https://bugs.sun.com/view_bug.do?bug_id=6851973">bug</a>.
|
||||
* </p>
|
||||
* <p>
|
||||
* A workaround unti this is fixed in the JVM is to change
|
||||
* A workaround until this is fixed in the JVM is to change
|
||||
* </p>
|
||||
* HKEY_LOCAL_MACHINE\System \CurrentControlSet\Control\LSA\SuppressExtendedProtection to
|
||||
* 0x02
|
||||
|
||||
@ -134,9 +134,9 @@ public final class PathPatternMessageMatcher implements MessageMatcher<Object> {
|
||||
* The following are valid patterns and their meaning
|
||||
* <ul>
|
||||
* <li>{@code /path} - match exactly and only `/path`</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendents</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendants</li>
|
||||
* <li>{@code /path/{value}/**} - match `/path/subdirectory` and any of its
|
||||
* descendents, capturing the value of the subdirectory in
|
||||
* descendants, capturing the value of the subdirectory in
|
||||
* {@link MessageAuthorizationContext#getVariables()}</li>
|
||||
* </ul>
|
||||
*
|
||||
@ -169,9 +169,9 @@ public final class PathPatternMessageMatcher implements MessageMatcher<Object> {
|
||||
* The following are valid patterns and their meaning
|
||||
* <ul>
|
||||
* <li>{@code /path} - match exactly and only `/path`</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendents</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendants</li>
|
||||
* <li>{@code /path/{value}/**} - match `/path/subdirectory` and any of its
|
||||
* descendents, capturing the value of the subdirectory in
|
||||
* descendants, capturing the value of the subdirectory in
|
||||
* {@link MessageAuthorizationContext#getVariables()}</li>
|
||||
* </ul>
|
||||
*
|
||||
|
||||
@ -48,7 +48,7 @@ public final class Saml2X509Credential implements Serializable {
|
||||
|
||||
/**
|
||||
* Creates a {@link Saml2X509Credential} using the provided parameters
|
||||
* @param certificate the credential's public certificiate
|
||||
* @param certificate the credential's public certificate
|
||||
* @param types the credential's intended usages, must be one of
|
||||
* {@link Saml2X509CredentialType#VERIFICATION} or
|
||||
* {@link Saml2X509CredentialType#ENCRYPTION} or both.
|
||||
|
||||
@ -148,7 +148,7 @@ public final class SecurityMockMvcRequestPostProcessors {
|
||||
|
||||
/**
|
||||
* Populates the provided X509Certificate instances on the request.
|
||||
* @param certificates the X509Certificate instances to pouplate
|
||||
* @param certificates the X509Certificate instances to populate
|
||||
* @return the
|
||||
* {@link org.springframework.test.web.servlet.request.RequestPostProcessor} to use.
|
||||
*/
|
||||
@ -157,7 +157,7 @@ public final class SecurityMockMvcRequestPostProcessors {
|
||||
}
|
||||
|
||||
/**
|
||||
* Finds an X509Cetificate using a resoureName and populates it on the request.
|
||||
* Finds an X509Certificate using a resourceName and populates it on the request.
|
||||
* @param resourceName the name of the X509Certificate resource
|
||||
* @return the
|
||||
* {@link org.springframework.test.web.servlet.request.RequestPostProcessor} to use.
|
||||
|
||||
@ -38,7 +38,7 @@ interface EvaluationContextPostProcessor<I> {
|
||||
* that was passed in.
|
||||
* @param context the original {@link EvaluationContext}
|
||||
* @param invocation the security invocation object (i.e. FilterInvocation)
|
||||
* @return the upated context.
|
||||
* @return the updated context.
|
||||
*/
|
||||
EvaluationContext postProcess(EvaluationContext context, I invocation);
|
||||
|
||||
|
||||
@ -133,8 +133,8 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||
return new ArrayList<>(groups);
|
||||
}
|
||||
catch (Exception ex) {
|
||||
logger.error("Exception occured while looking up groups for user", ex);
|
||||
throw new RuntimeException("Exception occured while looking up groups for user", ex);
|
||||
logger.error("Exception occurred while looking up groups for user", ex);
|
||||
throw new RuntimeException("Exception occurred while looking up groups for user", ex);
|
||||
}
|
||||
finally {
|
||||
closeContext(context);
|
||||
@ -148,7 +148,7 @@ final class DefaultWASUsernameAndGroupsExtractor implements WASUsernameAndGroups
|
||||
}
|
||||
}
|
||||
catch (NamingException ex) {
|
||||
logger.debug("Exception occured while closing context", ex);
|
||||
logger.debug("Exception occurred while closing context", ex);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -164,7 +164,7 @@ public class RememberMeAuthenticationFilter extends GenericFilterBean implements
|
||||
* Called if the {@code AuthenticationManager} rejects the authentication object
|
||||
* returned from the {@code RememberMeServices} {@code autoLogin} method. This method
|
||||
* will not be called when no remember-me token is present in the request and
|
||||
* {@code autoLogin} reurns null.
|
||||
* {@code autoLogin} returns {@code null}.
|
||||
*/
|
||||
protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response,
|
||||
AuthenticationException failed) {
|
||||
@ -184,7 +184,7 @@ public class RememberMeAuthenticationFilter extends GenericFilterBean implements
|
||||
* successfully authenticated. By default, the filter will just allow the current
|
||||
* request to proceed, but if an {@code AuthenticationSuccessHandler} is set, it will
|
||||
* be invoked and the {@code doFilter()} method will return immediately, thus allowing
|
||||
* the application to redirect the user to a specific URL, regardless of whatthe
|
||||
* the application to redirect the user to a specific URL, regardless of what the
|
||||
* original request was for.
|
||||
* @param successHandler the strategy to invoke immediately before returning from
|
||||
* {@code doFilter()}.
|
||||
|
||||
@ -100,7 +100,7 @@ public final class HttpSessionCsrfTokenRepository implements CsrfTokenRepository
|
||||
* @param sessionAttributeName the new attribute name to use
|
||||
*/
|
||||
public void setSessionAttributeName(String sessionAttributeName) {
|
||||
Assert.hasLength(sessionAttributeName, "sessionAttributename cannot be null or empty");
|
||||
Assert.hasLength(sessionAttributeName, "sessionAttributeName cannot be null or empty");
|
||||
this.sessionAttributeName = sessionAttributeName;
|
||||
}
|
||||
|
||||
|
||||
@ -799,17 +799,17 @@ public class StrictHttpFirewall implements HttpFirewall {
|
||||
|
||||
@Override
|
||||
public Enumeration<String> getParameterNames() {
|
||||
Enumeration<String> paramaterNames = super.getParameterNames();
|
||||
Enumeration<String> parameterNames = super.getParameterNames();
|
||||
return new Enumeration<>() {
|
||||
|
||||
@Override
|
||||
public boolean hasMoreElements() {
|
||||
return paramaterNames.hasMoreElements();
|
||||
return parameterNames.hasMoreElements();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String nextElement() {
|
||||
String name = paramaterNames.nextElement();
|
||||
String name = parameterNames.nextElement();
|
||||
validateAllowedParameterName(name);
|
||||
return name;
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* Provides support for
|
||||
* <a href="https://w3c.github.io/webappsec-permissions-policy//">Permisisons Policy</a>.
|
||||
* <a href="https://w3c.github.io/webappsec-permissions-policy//">Permissions Policy</a>.
|
||||
* <p>
|
||||
* Permissions Policy allows web developers to selectively enable, disable, and modify the
|
||||
* behavior of certain APIs and web features in the browser.
|
||||
|
||||
@ -23,7 +23,7 @@ import org.springframework.util.Assert;
|
||||
/**
|
||||
* Implementation which uses a regular expression to validate the supplied origin. If the
|
||||
* value of the HTTP parameter matches the pattern, then the result will be ALLOW-FROM
|
||||
* <paramter-value>.
|
||||
* <parameter-value>.
|
||||
*
|
||||
* @author Marten Deinum
|
||||
* @since 3.2
|
||||
|
||||
@ -141,7 +141,7 @@ public final class FastHttpDateFormat {
|
||||
* Parses date with given formatters.
|
||||
* @param value The string to parse
|
||||
* @param formats Array of formats to use
|
||||
* @return Parsed date (or <code>null</code> if no formatter mached)
|
||||
* @return Parsed date (or <code>null</code> if no formatter matched)
|
||||
*/
|
||||
private static @Nullable Long internalParseDate(String value, DateFormat[] formats) {
|
||||
Date date = null;
|
||||
|
||||
@ -268,9 +268,9 @@ public final class PathPatternRequestMatcher implements RequestMatcher {
|
||||
* The following are valid patterns and their meaning
|
||||
* <ul>
|
||||
* <li>{@code /path} - match exactly and only `/path`</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendents</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendants</li>
|
||||
* <li>{@code /path/{value}/**} - match `/path/subdirectory` and any of its
|
||||
* descendents, capturing the value of the subdirectory in
|
||||
* descendants, capturing the value of the subdirectory in
|
||||
* {@link RequestAuthorizationContext#getVariables()}</li>
|
||||
* </ul>
|
||||
*
|
||||
@ -303,9 +303,9 @@ public final class PathPatternRequestMatcher implements RequestMatcher {
|
||||
* The following are valid patterns and their meaning
|
||||
* <ul>
|
||||
* <li>{@code /path} - match exactly and only `/path`</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendents</li>
|
||||
* <li>{@code /path/**} - match `/path` and any of its descendants</li>
|
||||
* <li>{@code /path/{value}/**} - match `/path/subdirectory` and any of its
|
||||
* descendents, capturing the value of the subdirectory in
|
||||
* descendants, capturing the value of the subdirectory in
|
||||
* {@link RequestAuthorizationContext#getVariables()}</li>
|
||||
* </ul>
|
||||
*
|
||||
|
||||
@ -72,8 +72,7 @@ public class ThrowableAnalyzer {
|
||||
};
|
||||
|
||||
/**
|
||||
* Map of registered cause extractors. key: Class<Throwable>; value:
|
||||
* ThrowableCauseExctractor
|
||||
* Map of registered cause extractors. key: Class<Throwable>; value: ThrowableCauseExtractor
|
||||
*/
|
||||
private final Map<Class<? extends Throwable>, ThrowableCauseExtractor> extractorMap;
|
||||
|
||||
|
||||
@ -87,7 +87,7 @@ public final class UrlUtils {
|
||||
* (SEC-1255). This method is typically used to return a URL for matching against
|
||||
* secured paths, hence the decoded form is used in preference to the requestURI for
|
||||
* building the returned value. But this method may also be called using dummy request
|
||||
* objects which just have the requestURI and contextPatth set, for example, so it
|
||||
* objects which just have the requestURI and contextPath set, for example, so it
|
||||
* will fall back to using those.
|
||||
* @return the decoded URL, excluding any server name, context path or servlet path
|
||||
*
|
||||
|
||||
@ -38,7 +38,7 @@ public class HttpSessionEventPublisherTests {
|
||||
* It's not that complicated so we'll just run it straight through here.
|
||||
*/
|
||||
@Test
|
||||
public void publishedEventIsReceivedbyListener() {
|
||||
public void publishedEventIsReceivedByListener() {
|
||||
HttpSessionEventPublisher publisher = new HttpSessionEventPublisher();
|
||||
StaticWebApplicationContext context = new StaticWebApplicationContext();
|
||||
MockServletContext servletContext = new MockServletContext();
|
||||
@ -66,7 +66,7 @@ public class HttpSessionEventPublisherTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishedEventIsReceivedbyListenerChildContext() {
|
||||
public void publishedEventIsReceivedByListenerChildContext() {
|
||||
HttpSessionEventPublisher publisher = new HttpSessionEventPublisher();
|
||||
StaticWebApplicationContext context = new StaticWebApplicationContext();
|
||||
MockServletContext servletContext = new MockServletContext();
|
||||
|
||||
@ -71,7 +71,7 @@ public interface CredentialRecord {
|
||||
|
||||
/**
|
||||
* The <a href=
|
||||
* "https://www.w3.org/TR/webauthn-3/#abstract-opdef-credential-record-transports">transpots</a>
|
||||
* "https://www.w3.org/TR/webauthn-3/#abstract-opdef-credential-record-transports">transports</a>
|
||||
* is the value returned from {@code response.getTransports()}.
|
||||
* @return
|
||||
*/
|
||||
|
||||
@ -203,7 +203,7 @@ public final class PublicKeyCredential<R extends AuthenticatorResponse> implemen
|
||||
|
||||
/**
|
||||
* Sets the {@link #getAuthenticatorAttachment()} property.
|
||||
* @param authenticatorAttachment the authenticator attachement
|
||||
* @param authenticatorAttachment the authenticator attachment
|
||||
* @return the PublicKeyCredentialBuilder
|
||||
*/
|
||||
public PublicKeyCredentialBuilder authenticatorAttachment(AuthenticatorAttachment authenticatorAttachment) {
|
||||
|
||||
@ -105,7 +105,7 @@ public final class PublicKeyCredentialCreationOptions {
|
||||
/**
|
||||
* The <a href=
|
||||
* "https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-pubkeycredparams">publicKeyCredParams</a>
|
||||
* params lisst the key types and signature algorithms the Relying Party Supports,
|
||||
* params list the key types and signature algorithms the Relying Party Supports,
|
||||
* ordered from most preferred to least preferred.
|
||||
* @return the public key credential parameters
|
||||
*/
|
||||
|
||||
@ -19,7 +19,7 @@ package org.springframework.security.web.webauthn.api;
|
||||
/**
|
||||
* The <a href=
|
||||
* "https://www.w3.org/TR/webauthn-3/#enumdef-residentkeyrequirement">ResidentKeyRequirement</a>
|
||||
* describes the Relying Partys requirements for client-side discoverable credentials.
|
||||
* describes the Relying Party requirements for client-side discoverable credentials.
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @since 6.4
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user