Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-31 14:43:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,772 Commits 52 Branches 351 Tags
Commit Graph

2307 Commits

Author SHA1 Message Date
Spring Operator
4e61de0ef9 URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://www.apache.org/licenses/ with 1 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 1777 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 1 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.txt with 1 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.txt ([https](https://www.apache.org/licenses/LICENSE-2.0.txt) result 200).
 2019-03-14 20:21:48 -05:00
Rob Winch
c8e4ffb5b9 Polish URLs 
We have performed some polish on your URLs. We do not follow redirects to avoid expanding intentionally shorter URLs (i.e. URL shortened URLs)

# Fixed URLs

## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request, so we migrated them. Your review is recommended.

| HTTP URL | Result URL | HTTPS Result | HTTP Result | Count |
| --- | --- | --- | --- | --- |
| http://repo.terracotta.org/maven2/ | https://repo.terracotta.org/maven2/ | HttpResponse(httpStatus = 403 FORBIDDEN) | HttpResponse(httpStatus = 403 FORBIDDEN) | 1 |
| http://repository.springsource.com/maven/bundles/external | https://repository.springsource.com/maven/bundles/external | HttpResponse(httpStatus = 404 NOT_FOUND) | HttpResponse(httpStatus = 404 NOT_FOUND) | 1 |
| http://repository.springsource.com/maven/bundles/release | https://repository.springsource.com/maven/bundles/release | HttpResponse(httpStatus = 404 NOT_FOUND) | HttpResponse(httpStatus = 404 NOT_FOUND) | 1 |
## Fixed Success
These URLs were fixed successfully.

| HTTP URL | Result URL | HTTPS Result | HTTP Result | Count |
| --- | --- | --- | --- | --- |
| http://docs.spring.io/spring-ldap/docs/1.3.x/apidocs/ | https://docs.spring.io/spring-ldap/docs/1.3.x/apidocs/ | HttpResponse(httpStatus = 200 OK) | null | 2 |
| http://docs.spring.io/spring/docs/3.2.x/javadoc-api | https://docs.spring.io/spring/docs/3.2.x/javadoc-api | HttpResponse(httpStatus = 301 MOVED_PERMANENTLY redirectUrl = http://docs.spring.io/spring/docs/3.2.x/javadoc-api/) | null | 1 |
| http://docs.spring.io/spring/docs/3.2.x/javadoc-api/ | https://docs.spring.io/spring/docs/3.2.x/javadoc-api/ | HttpResponse(httpStatus = 200 OK) | null | 1 |
| http://download.oracle.com/javase/6/docs/api/ | https://download.oracle.com/javase/6/docs/api/ | HttpResponse(httpStatus = 302 FOUND redirectUrl = https://docs.oracle.com/javase/6/docs/api/) | null | 2 |
| http://spring.io/ | https://spring.io/ | HttpResponse(httpStatus = 200 OK) | null | 54 |
| http://spring.io/spring-security | https://spring.io/spring-security | HttpResponse(httpStatus = 302 FOUND redirectUrl = https://projects.spring.io/spring-security) | null | 54 |
| http://www.apache.org/licenses/LICENSE-2.0.txt | https://www.apache.org/licenses/LICENSE-2.0.txt | HttpResponse(httpStatus = 200 OK) | null | 54 |
| http://forums.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property | https://discuss.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property | HttpResponse(httpStatus = 404 NOT_FOUND) | HttpResponse(httpStatus = 301 MOVED_PERMANENTLY redirectUrl = https://discuss.gradle.org/gradle/topics/after_upgrade_gradle_to_2_0_version_the_maven_pom_not_support_build_property) | 1 |
| http://forums.gradle.org/gradle/topics/eclipse_wtp_deploys_testcode_to_server_example_provided | https://discuss.gradle.org/gradle/topics/eclipse_wtp_deploys_testcode_to_server_example_provided | HttpResponse(httpStatus = 404 NOT_FOUND) | HttpResponse(httpStatus = 301 MOVED_PERMANENTLY redirectUrl = https://discuss.gradle.org/gradle/topics/eclipse_wtp_deploys_testcode_to_server_example_provided) | 1 |

# Ignored
These URLs were intentionally ignored so we didn't migrate them.

| HTTP URL |
| --- |
| http://maven.apache.org/POM/4.0.0 |
| http://maven.apache.org/xsd/maven-4.0.0.xsd |
| http://www.w3.org/2001/XMLSchema-instance |
 2019-03-01 17:35:15 -06:00
Spring Buildmaster
45421d63ac Release version 4.1.5.RELEASE 2018-01-25 18:32:00 +00:00
Rob Winch
976ce05373 DelegatingApplicationListener uses CopyOnWriteArrayList 
Fixes: gh-4979
 2018-01-25 11:28:01 -06:00
Rob Winch
17238707b7 Update to Spring 4.3.14 
Fixes: gh-4977
 2018-01-25 11:26:40 -06:00
Craig Andrews
bf075a2cae Configure permissionEvaluator and roleHierarchy by default 
Implementations of AbstractSecurityExpressionHandler (such as the very commonly used DefaultWebSecurityExpressionHandler) get PermissionEvaluator and RoleHierarchy from the application context (if the application context is provided, and exactly one of such a bean exists in it). This approach matches that used in GlobalMethodSecurityConfiguration, making everything in Spring Security work the same way (including WebSecurity).

Issue gh-4077
 2017-10-30 00:57:37 -05:00
Spring Buildmaster
57ed7ddf3c Release version 4.1.4.RELEASE 2016-12-21 16:50:16 +00:00
Rob Winch
5574fd2029 Update to Spring 4.3.5.RELEASE 
Fixes gh-4168
 2016-12-21 10:14:33 -06:00
Spring Buildmaster
325b814d49 Release version 4.1.3.RELEASE 2016-08-23 01:05:48 +00:00
Rob Winch
8f1c977c0d Update Dependency Versions (#4035) 2016-08-19 16:09:10 -05:00
Spring Buildmaster
e412fb7ac0 Release version 4.1.2.RELEASE 2016-08-11 19:14:32 +00:00
Spring Buildmaster
919f000c80 Release version 4.1.1.RELEASE 2016-07-07 00:57:35 +00:00
Johnny Lim
310bb39a0d Fix typo 2016-07-06 16:22:33 -05:00
Rob Winch
5f6312c5be Update to Spring 4.3.1 
Fixes gh-3963
 2016-07-06 15:47:44 -05:00
Rob Winch
843ed3e437 Update to Spring 4.3.1.BUILD-SNAPSHOT 2016-07-01 22:04:55 -05:00
Eddú Meléndez
a2ead4cf7a Polish 
Fixes gh-3892
 2016-06-20 12:35:43 -05:00
Rob Winch
d2b909e7c5 Doc InteractiveAuthenticationEvent doesn't extend AuthentcationEvent 
Document why InteractiveAuthenticationEvent doesn't extend
AuthentcationEvent. This is to avoid multiple AuthenticationSuccessEvent
from being sent to any listeners.

Fixes gh-3857
 2016-06-17 17:16:54 -05:00
Rob Winch
2d6051625f Update pom.xml 2016-06-17 14:30:11 -05:00
Spring Buildmaster
001b05569a Release version 4.1.0.RELEASE 2016-05-05 04:25:46 +00:00
Rob Winch
9745de9510 Add @AuthenticationPrincipal expression 
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.

Fixes gh-3859
 2016-05-03 18:08:52 -04:00
Spring Buildmaster
24d0069668 Release version 4.1.0.RC2 2016-04-21 01:47:25 +00:00
Johnny Lim
933a7e8363 Remove duplicate words 
Fixes gh-3826
 2016-04-18 23:21:20 -05:00
Joe Grandja
2ef3da1b47 Documents the new @AuthenticationPrincipal in more detail. 
Fixes gh-3771
 2016-04-13 12:27:23 -04:00
Joe Grandja
b90242f2fa Updates all POM versions to 4.1.0 snapshot build. 
Fixes gh-3804
 2016-04-12 10:35:43 -04:00
Spring Buildmaster
044acf7e27 Release version 4.1.0.RC1 2016-03-23 07:15:15 -07:00
Rob Winch
36c381a06a Update to Java 1.6 
Fixes gh-3756
 2016-03-15 08:37:00 -05:00
Rob Winch
ec4e6c7453 Update pom.xml to 4.1.0.BUILD-SNAPSHOT 2016-03-14 00:51:35 -05:00
Rob Winch
f221920a19 Clean up code to conform to basic checkstyle 
Issue gh-3746
 2016-03-14 00:15:12 -05:00
Billy Korando
71d4ce96ad Convert to assertj 
Fixes gh-3175
 2016-03-09 14:30:17 -06:00
Rob Winch
bb600a473e Start AssertJ Migration 
Issue gh-3175
 2016-03-09 14:26:30 -06:00
Karol Lewandowski
a1df8e5379 Fix keys in messages bundle 
Fixes gh-2971
 2016-03-09 10:43:37 -06:00
hmolsen
b248eae416 Javadoc on ProviderManager.authenticate clarification 
Fixes gh-3722
 2016-03-03 15:32:03 -06:00
Rob Winch
65a00751a7 Update to Spring 4.2.5 
Fixes gh-3715
 2016-02-25 11:35:17 -06:00
petaure
cf76e3c65e SEC-3150: Escape ' character in messages_fr.properties 
Escape ' character, if not format doesn't work fine.
 2015-11-12 15:42:52 -06:00
Rob Winch
be303b15d1 SEC-3128: RoleVoter supports null Authentication 2015-10-29 14:03:18 -05:00
Rob Winch
bd221739c7 SEC-3109: DelegatingSecurityContextExecutor fails with same Thread 
Previously DelegatingSecurityContextRunnable and DelegatingSecurityContextCallable
would not setup the SecurityContext if it was on the same thread as it was created.
This was intended to fix SEC-3031 but simply caused more problems.

This commit changes the strategy to keep track of the previous SecurityContext
and restore it (or clear it out if it was originally empty).
 2015-10-26 17:16:54 -05:00
zhanhb
29f2cc0ab1 snasphot -> snapshot 2015-09-25 15:28:39 -05:00
/usr/local/ΕΨΗΕΛΩΝ
e6ed4441c4 Update messages_it.properties 2015-09-17 17:31:32 +02:00
David Avenante
a9a5377e4a Unused import 
An import unsued
 2015-09-02 00:21:39 -05:00
David Avenante
5edfeb4091 Unused import 
And import is unused
 2015-09-02 00:21:39 -05:00
Rob Winch
adfeb96e2f Update to Spring 4.2.1 2015-09-01 09:53:26 -05:00
Rob Winch
c79bceab03 SEC-2956: Improve AnnotationParameterNameDiscoverer Performance 2015-08-19 16:07:03 -05:00
Rob Winch
55dd247660 SEC-3078: Update Spring 4.2 2015-08-19 16:05:40 -05:00
Rob Winch
26ab012b57 Start 4.1.0 2015-08-18 13:58:01 -05:00
Rob Winch
969f3a7d1b Update pom.xml to latest snapshots 2015-08-03 09:46:01 -05:00
Thomas Darimont
ad1d858e2b SEC-3056 - Fix JavaDoc errors. 
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
 2015-08-03 08:02:24 -05:00
Rob Winch
117f892c91 SEC-3031: DelegatingSecurityContext(Runnable|Callable) only modify SecurityContext on new Thread 
Modifying the SecurityContext on the same Thread can cause issues. For example, with a
RejectedExecutionHandler the SecurityContext may be cleared out on the original Thread.

This change modifies both the DelegatingSecurityContextRunnable and DelegatingSecurityContextCallable to,
by default, only modify the SecurityContext if they are invoked on a new Thread. The behavior can be changed
by setting the property enableOnOrigionalThread to true.
 2015-07-22 16:07:21 -05:00
Rob Winch
e8c9f75f9c Update pom.xml to latest versions 2015-07-22 12:51:04 -05:00
Rob Winch
821333434d SEC-3013: Add messages_en.properties 2015-07-13 23:18:45 -05:00
Rob Winch
197ddb3cd1 SEC-3029: Fix Compatibility with Spring 4.2.x 2015-07-07 22:46:31 -05:00