spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-24 11:13:30 +00:00

Author	SHA1	Message	Date
Dávid Kováč	ca272e4267	Resolve Bearer token after subscribing to publisher Bearer token was resolved immediately after calling method convert. In situations when malformed token was provided or authorization header and access token query param were present in request exception was thrown instead of signalling error. After this change Bearer token is resolved on subscription and invalid states are handled by signaling error to subscriber. Closes gh-8865	2020-08-03 11:11:56 -05:00
Josh Cummings	7e7f85c18c	Polish Bearer Token Padding Issue gh-8502	2020-07-16 13:15:06 -06:00
kothasa	157498bf44	Bearer Token Padding Closes gh-8502	2020-07-16 13:13:04 -06:00
Rob Winch	aac854453e	ServerBearerTokenAuthenticationConverter Handles Empty Tokens Previously ServerBearerTokenAuthenticationConverter would throw an IllegalArgumentException when the access token in a URI was empty String. It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String access token in the headers. This changes ServerBearerTokenAuthenticationConverter to consistently throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED Fixes gh-7011	2019-06-28 06:48:46 -06:00
Spring Operator	7bd7843c65	URL Cleanup This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener). These URLs were unable to be fixed. Please review them to see if they can be manually resolved. * [ ] http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated: ([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html) result ClosedChannelException). * [ ] http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated: ([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html) result SSLHandshakeException). * [ ] http://cujojs.com/ (200) with 1 occurrences could not be migrated: ([https](https://cujojs.com/) result SSLHandshakeException). * [ ] http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated: ([https](https://erik.eae.net/archives/2007/07/27/18.54.15/) result SSLHandshakeException). * [ ] http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated: ([https](https://javascript.nwbox.com/IEContentLoaded/) result SSLHandshakeException). * [ ] http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated: ([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html) result SSLHandshakeException). * [ ] http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated: ([https](https://monkeymachine.co.uk/) result SSLHandshakeException). * [ ] http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated: ([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/) result SSLHandshakeException). * [ ] http://somesite.com/login (200) with 3 occurrences could not be migrated: ([https](https://somesite.com/login) result AnnotatedConnectException). * [ ] http://someurl.com/ (200) with 2 occurrences could not be migrated: ([https](https://someurl.com/) result SSLHandshakeException). * [ ] http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated: ([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf) result 404). * [ ] http://www.example.com:80/ (200) with 1 occurrences could not be migrated: ([https](https://www.example.com:80/) result NotSslRecordException). * [ ] http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated: ([https](https://www.faqs.org/qa/rfcc-1940.html) result AnnotatedConnectException). * [ ] http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated: ([https](https://www.faqs.org/rfcs/rfc1945.html) result AnnotatedConnectException). * [ ] http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated: ([https](https://www.faqs.org/rfcs/rfc3548.html) result AnnotatedConnectException). * [ ] http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated: ([https](https://www.zytrax.com/books/ldap/) result AnnotatedConnectException). * [ ] http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated: ([https](https://blindsignals.com/index.php/2009/07/jquery-delay/) result SSLHandshakeException). * [ ] http://www.faqs.org/ (301) with 1 occurrences could not be migrated: ([https](https://www.faqs.org/) result AnnotatedConnectException). * [ ] http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated: ([https](https://sam.zoy.org/wtfpl/) result SSLHandshakeException). * [ ] http://hey.openid.com/ (302) with 1 occurrences could not be migrated: ([https](https://hey.openid.com/) result SSLHandshakeException). * [ ] http://iharder.net/base64 (303) with 2 occurrences could not be migrated: ([https](https://iharder.net/base64) result AnnotatedConnectException). * [ ] http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated: ([https](https://jaspan.com/improved_persistent_login_cookie_best_practice) result AnnotatedConnectException). These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended. * [ ] http://www.relaxng.org/ (301) with 1 occurrences migrated to: https://relaxng.org/ ([https](https://www.relaxng.org/) result SSLHandshakeException). * [ ] http://www.relaxng.org (301) with 1 occurrences migrated to: https://relaxng.org/ ([https](https://www.relaxng.org) result SSLHandshakeException). * [ ] http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to: https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options) result ReadTimeoutException). * [ ] http://foo.test.com (302) with 2 occurrences migrated to: https://www.test.com ([https](https://foo.test.com) result SSLHandshakeException). * [ ] http://abc.test.com (302) with 2 occurrences migrated to: https://www.test.com ([https](https://abc.test.com) result SSLHandshakeException). * [ ] http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to: https://192.168.1:8080 ([https](https://192.168.1:8080) result ConnectTimeoutException). * [ ] http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to: https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html) result ConnectTimeoutException). * [ ] http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to: https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello) result ConnectTimeoutException). * [ ] http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to: https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true) result ConnectTimeoutException). * [ ] http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to: https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator) result ConnectTimeoutException). * [ ] http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to: https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page) result ConnectTimeoutException). * [ ] http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to: https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd) result ReadTimeoutException). * [ ] http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to: https://axschema.org/ ([https](https://axschema.org/) result UnknownHostException). * [ ] http://axschema.org/contact/email (UnknownHostException) with 21 occurrences migrated to: https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException). * [ ] http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to: https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException). * [ ] http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to: https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException). * [ ] http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to: https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException). * [ ] http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to: https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder) result UnknownHostException). * [ ] http://example.com&param1=value1&param2=value2 (UnknownHostException) with 1 occurrences migrated to: https://example.com&param1=value1&param2=value2 ([https](https://example.com&param1=value1&param2=value2) result UnknownHostException). * [ ] http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to: https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah) result UnknownHostException). * [ ] http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to: https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder) result UnknownHostException). * [ ] http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to: https://id.openid.zz ([https](https://id.openid.zz) result UnknownHostException). * [ ] http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to: https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token) result UnknownHostException). * [ ] http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to: https://invalid-provider.com/user ([https](https://invalid-provider.com/user) result UnknownHostException). * [ ] http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to: https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/) result UnknownHostException). * [ ] http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to: https://joe.myopenid.com/ ([https](https://joe.myopenid.com/) result UnknownHostException). * [ ] http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to: https://openid.aol.com/ ([https](https://openid.aol.com/) result UnknownHostException). * [ ] http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to: https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server) result UnknownHostException). * [ ] http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to: https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException). * [ ] http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to: https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException). * [ ] http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to: https://some.site.org/index.html ([https](https://some.site.org/index.html) result UnknownHostException). * [ ] http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to: https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0) result UnknownHostException). * [ ] http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to: https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select) result UnknownHostException). * [ ] http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to: https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules) result UnknownHostException). * [ ] http://www.faqs (UnknownHostException) with 1 occurrences migrated to: https://www.faqs ([https](https://www.faqs) result UnknownHostException). * [ ] http://www.test123.com (UnknownHostException) with 1 occurrences migrated to: https://www.test123.com ([https](https://www.test123.com) result UnknownHostException). * [ ] http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29) result 400). * [ ] http://book.git-scm.com/4_interactive_rebasing.html (301) with 1 occurrences migrated to: https://book.git-scm.com/4_interactive_rebasing.html ([https](https://book.git-scm.com/4_interactive_rebasing.html) result 404). * [ ] http://docs.spring.io/spring-security/site/docs/current/apidocs/ (301) with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/current/apidocs/ ([https](https://docs.spring.io/spring-security/site/docs/current/apidocs/) result 404). * [ ] http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to: https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html) result 404). * [ ] http://example.com/auth (404) with 2 occurrences migrated to: https://example.com/auth ([https](https://example.com/auth) result 404). * [ ] http://example.com/info (404) with 2 occurrences migrated to: https://example.com/info ([https](https://example.com/info) result 404). * [ ] http://example.com/jwkset (404) with 2 occurrences migrated to: https://example.com/jwkset ([https](https://example.com/jwkset) result 404). * [ ] http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to: https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id) result 404). * [ ] http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to: https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2) result 404). * [ ] http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to: https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d) result 404). * [ ] http://example.com/pkp-report (404) with 5 occurrences migrated to: https://example.com/pkp-report ([https](https://example.com/pkp-report) result 404). * [ ] http://example.com/token (404) with 2 occurrences migrated to: https://example.com/token ([https](https://example.com/token) result 404). * [ ] http://example.net/pkp-report (404) with 8 occurrences migrated to: https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404). * [ ] http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to: https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/) result 404). * [ ] http://help.github.com/send-pull-requests (404) with 1 occurrences migrated to: https://help.github.com/send-pull-requests ([https](https://help.github.com/send-pull-requests) result 404). * [ ] http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to: https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js) result 404). * [ ] http://json.org/json2.js (404) with 1 occurrences migrated to: https://json.org/json2.js ([https](https://json.org/json2.js) result 404). * [ ] http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to: https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/) result 404). * [ ] http://provider.com/user (302) with 2 occurrences migrated to: https://provider.com/user ([https](https://provider.com/user) result 404). * [ ] http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 7 occurrences migrated to: https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0) result 404). * [ ] http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to: https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello) result 404). * [ ] http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to: https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true) result 404). * [ ] http://www.example.com/identity (404) with 1 occurrences migrated to: https://www.example.com/identity ([https](https://www.example.com/identity) result 404). * [ ] http://www.example.com/login/openid (404) with 2 occurrences migrated to: https://www.example.com/login/openid ([https](https://www.example.com/login/openid) result 404). * [ ] http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to: https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld) result 404). * [ ] http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to: https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html) result 404). * [ ] http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to: https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar) result 404). * [ ] http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to: https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html) result 404). * [ ] http://www.example.com/realm (404) with 1 occurrences migrated to: https://www.example.com/realm ([https](https://www.example.com/realm) result 404). * [ ] http://www.example.com/redirect (404) with 1 occurrences migrated to: https://www.example.com/redirect ([https](https://www.example.com/redirect) result 404). * [ ] http://www.example.org/do/something (404) with 4 occurrences migrated to: https://www.example.org/do/something ([https](https://www.example.org/do/something) result 404). * [ ] http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to: https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/) result 404). * [ ] http://www.json.org/json2.js (404) with 1 occurrences migrated to: https://www.json.org/json2.js ([https](https://www.json.org/json2.js) result 404). * [ ] http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to: https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5) result 404). These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended. * [ ] http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to: https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html) result 200). * [ ] http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to: https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282) result 200). * [ ] http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to: https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359) result 200). * [ ] http://claimid.com/ with 2 occurrences migrated to: https://claimid.com/ ([https](https://claimid.com/) result 200). * [ ] http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to: https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/) result 200). * [ ] http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to: https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html) result 200). * [ ] http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to: https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html) result 200). * [ ] http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to: https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html) result 200). * [ ] http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to: https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html) result 200). * [ ] http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to: https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html) result 200). * [ ] http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to: https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html) result 200). * [ ] http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to: https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/) result 200). * [ ] http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html) result 200). * [ ] http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html) result 200). * [ ] http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/) result 200). * [ ] http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/) result 200). * [ ] http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/) result 200). * [ ] http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html) result 200). * [ ] http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html) result 200). * [ ] http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html) result 200). * [ ] http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to: https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html) result 200). * [ ] http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html) result 200). * [ ] http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to: https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking) result 200). * [ ] http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to: https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing) result 200). * [ ] http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to: https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery) result 200). * [ ] http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to: https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting) result 200). * [ ] http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep) result 200). * [ ] http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) result 200). * [ ] http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) result 200). * [ ] http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to: https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) result 200). * [ ] http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern) result 200). * [ ] http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to: https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record) result 200). * [ ] http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy) result 200). * [ ] http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to: https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation) result 200). * [ ] http://example.com with 17 occurrences migrated to: https://example.com ([https](https://example.com) result 200). * [ ] http://example.com/ with 1 occurrences migrated to: https://example.com/ ([https](https://example.com/) result 200). * [ ] http://example.com?rparam1%3Drvalue1%26rparam2%3Drvalue2&param1=value1 with 1 occurrences migrated to: https://example.com?rparam1%3Drvalue1%26rparam2%3Drvalue2&param1=value1 ([https](https://example.com?rparam1%3Drvalue1%26rparam2%3Drvalue2&param1=value1) result 200). * [ ] http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to: https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice) result 200). * [ ] http://flywaydb.org/ with 1 occurrences migrated to: https://flywaydb.org/ ([https](https://flywaydb.org/) result 200). * [ ] http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to: https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css) result 200). * [ ] http://gradle.org with 1 occurrences migrated to: https://gradle.org ([https](https://gradle.org) result 200). * [ ] http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to: https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/) result 200). * [ ] http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to: https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html) result 200). * [ ] http://jquery.com/ with 1 occurrences migrated to: https://jquery.com/ ([https](https://jquery.com/) result 200). * [ ] http://knockoutjs.com/ with 1 occurrences migrated to: https://knockoutjs.com/ ([https](https://knockoutjs.com/) result 200). * [ ] http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to: https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools) result 200). * [ ] http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to: https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html) result 200). * [ ] http://openid.net with 1 occurrences migrated to: https://openid.net ([https](https://openid.net) result 200). * [ ] http://openid.net/ with 1 occurrences migrated to: https://openid.net/ ([https](https://openid.net/) result 200). * [ ] http://openid.net/certification/ with 4 occurrences migrated to: https://openid.net/certification/ ([https](https://openid.net/certification/) result 200). * [ ] http://openid.net/connect/ with 4 occurrences migrated to: https://openid.net/connect/ ([https](https://openid.net/connect/) result 200). * [ ] http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to: https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html) result 200). * [ ] http://openid.net/specs/openid-connect-core-1_0.html with 47 occurrences migrated to: https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html) result 200). * [ ] http://sizzlejs.com/ with 2 occurrences migrated to: https://sizzlejs.com/ ([https](https://sizzlejs.com/) result 200). * [ ] http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to: https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time) result 200). * [ ] http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to: https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/) result 200). * [ ] http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to: https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/) result 200). * [ ] http://spring.io/projects with 1 occurrences migrated to: https://spring.io/projects ([https](https://spring.io/projects) result 200). * [ ] http://spring.io/services with 1 occurrences migrated to: https://spring.io/services ([https](https://spring.io/services) result 200). * [ ] http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to: https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security) result 200). * [ ] http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to: https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html) result 200). * [ ] http://tools.ietf.org/html/rfc6797 with 14 occurrences migrated to: https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797) result 200). * [ ] http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to: https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469) result 200). * [ ] http://vimeo.com/34436402 with 1 occurrences migrated to: https://vimeo.com/34436402 ([https](https://vimeo.com/34436402) result 200). * [ ] http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to: https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/) result 200). * [ ] http://www.ja-sig.org/cas (301) with 1 occurrences migrated to: https://www.apereo.org ([https](https://www.ja-sig.org/cas) result 200). * [ ] http://ehcache.sourceforge.net (301) with 2 occurrences migrated to: https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net) result 200). * [ ] http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to: https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/) result 200). * [ ] http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to: https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt) result 200). * [ ] http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to: https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt) result 200). * [ ] http://www.liquibase.org/ with 1 occurrences migrated to: https://www.liquibase.org/ ([https](https://www.liquibase.org/) result 200). * [ ] http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to: https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps) result 200). * [ ] http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200). * [ ] http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200). * [ ] http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd) result 200). * [ ] http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200). * [ ] http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to: https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200). * [ ] http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200). * [ ] http://www.test.com with 9 occurrences migrated to: https://www.test.com ([https](https://www.test.com) result 200). * [ ] http://www.thymeleaf.org with 25 occurrences migrated to: https://www.thymeleaf.org ([https](https://www.thymeleaf.org) result 200). * [ ] http://www.thymeleaf.org/ with 3 occurrences migrated to: https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/) result 200). * [ ] http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to: https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd) result 200). * [ ] http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to: https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html) result 200). * [ ] http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to: https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html) result 200). * [ ] http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to: https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html) result 200). * [ ] http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to: https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html) result 200). * [ ] http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to: https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/) result 200). * [ ] http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to: https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html) result 200). * [ ] http://www.w3.org/TR/selectors/ with 3 occurrences migrated to: https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/) result 200). * [ ] http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to: https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU) result 200). * [ ] http://api.jquery.com/jQuery.browser with 1 occurrences migrated to: https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser) result 301). * [ ] http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to: https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx) result 301). * [ ] http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to: https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx) result 301). * [ ] http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to: https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx) result 301). * [ ] http://code.google.com/p/openid-selector/ with 3 occurrences migrated to: https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/) result 301). * [ ] http://contributor-covenant.org with 1 occurrences migrated to: https://contributor-covenant.org ([https](https://contributor-covenant.org) result 301). * [ ] http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to: https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/) result 301). * [ ] http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to: https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/) result 301). * [ ] http://docs.spring.io with 1 occurrences migrated to: https://docs.spring.io ([https](https://docs.spring.io) result 301). * [ ] http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html) result 301). * [ ] http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to: https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html) result 301). * [ ] http://example1.com with 1 occurrences migrated to: https://example1.com ([https](https://example1.com) result 301). * [ ] http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to: https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971) result 301). * [ ] http://help.github.com/set-up-git-redirect with 1 occurrences migrated to: https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect) result 301). * [ ] http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to: https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_) result 301). * [ ] http://jquery.org/license with 1 occurrences migrated to: https://jquery.org/license ([https](https://jquery.org/license) result 301). * [ ] http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to: https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647) result 301). * [ ] http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to: https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941) result 301). * [ ] http://openid.net/get/ with 2 occurrences migrated to: https://openid.net/get/ ([https](https://openid.net/get/) result 301). * [ ] http://openid.net/what/ with 2 occurrences migrated to: https://openid.net/what/ ([https](https://openid.net/what/) result 301). * [ ] http://technorati.com/people/technorati/ with 2 occurrences migrated to: https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/) result 301). * [ ] http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to: https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html) result 301). * [ ] http://www.jasig.org/cas with 1 occurrences migrated to: https://www.jasig.org/cas ([https](https://www.jasig.org/cas) result 301). * [ ] http://www.modernizr.com/ with 1 occurrences migrated to: https://www.modernizr.com/ ([https](https://www.modernizr.com/) result 301). * [ ] http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to: https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php) result 301). * [ ] http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to: https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads) result 301). * [ ] http://www.springframework.org/security with 1 occurrences migrated to: https://www.springframework.org/security ([https](https://www.springframework.org/security) result 301). * [ ] http://www.springsource.com/ with 2 occurrences migrated to: https://www.springsource.com/ ([https](https://www.springsource.com/) result 301). * [ ] http://www.springsource.org with 1 occurrences migrated to: https://www.springsource.org ([https](https://www.springsource.org) result 301). * [ ] http://www.springsource.org/sts with 1 occurrences migrated to: https://www.springsource.org/sts ([https](https://www.springsource.org/sts) result 301). * [ ] http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to: https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/) result 301). * [ ] http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to: https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/) result 301). * [ ] http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to: https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/) result 301). * [ ] http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to: https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/) result 302). * [ ] http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to: https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html) result 302). * [ ] http://example2.com with 3 occurrences migrated to: https://example2.com ([https](https://example2.com) result 302). * [ ] http://flickr.com/ with 2 occurrences migrated to: https://flickr.com/ ([https](https://flickr.com/) result 302). * [ ] http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to: https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html) result 302). * [ ] http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to: https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd) result 302). * [ ] http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html) result 302). * [ ] http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html) result 302). * [ ] http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302). * [ ] http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html) result 302). * [ ] http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html) result 302). * [ ] http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html) result 302). * [ ] http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302). * [ ] http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html) result 302). * [ ] http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html) result 302). * [ ] http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html) result 302). * [ ] http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to: https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd) result 302). * [ ] http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to: https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302). * [ ] http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to: https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302). * [ ] http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to: https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx) result 302). * [ ] http://spring.io/spring-security with 1 occurrences migrated to: https://spring.io/spring-security ([https](https://spring.io/spring-security) result 302). * [ ] http://spring.io/spring-security/ with 2 occurrences migrated to: https://spring.io/spring-security/ ([https](https://spring.io/spring-security/) result 302). * [ ] http://spring.io/tools/sts with 1 occurrences migrated to: https://spring.io/tools/sts ([https](https://spring.io/tools/sts) result 302). * [ ] http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to: https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt) result 302). * [ ] http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to: https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html) result 302). * [ ] http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to: https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context) result 302). * [ ] http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to: https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt) result 302). These URLs were intentionally ignored. * http://java.sun.com/JSP/Page with 14 occurrences * http://java.sun.com/jsp/jstl/core with 31 occurrences * http://java.sun.com/jsp/jstl/fmt with 6 occurrences * http://java.sun.com/jsp/jstl/functions with 1 occurrences * http://java.sun.com/jstl/core with 1 occurrences * http://java.sun.com/xml/ns/j2ee with 2 occurrences * http://java.sun.com/xml/ns/javaee with 6 occurrences * http://localhost with 20 occurrences * http://localhost/ with 6 occurrences * http://localhost/Test</value></property&gt with 1 occurrences * http://localhost/appcontext/page with 1 occurrences * http://localhost/authenticated with 1 occurrences * http://localhost/authentication/login with 2 occurrences * http://localhost/authorize/oauth2/code/registration-id with 3 occurrences * http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences * http://localhost/callback/client-1 with 1 occurrences * http://localhost/callback/client-1?error=invalid_grant with 1 occurrences * http://localhost/client-1 with 9 occurrences * http://localhost/cookie with 1 occurrences * http://localhost/cookie/delete with 1 occurrences * http://localhost/custom-login with 1 occurrences * http://localhost/custom-logout with 1 occurrences * http://localhost/form-page with 1 occurrences * http://localhost/iss with 1 occurrences * http://localhost/login with 36 occurrences * http://localhost/login/oauth2/code/ with 3 occurrences * http://localhost/login/oauth2/code/registration-id with 3 occurrences * http://localhost/login/oauth2/code/registration-id& with 2 occurrences * http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences * http://localhost/login/openid with 1 occurrences * http://localhost/login2 with 1 occurrences * http://localhost/loginPage with 2 occurrences * http://localhost/logout with 1 occurrences * http://localhost/messages with 4 occurrences * http://localhost/oauth2/authorization/google with 1 occurrences * http://localhost/openid-page with 1 occurrences * http://localhost/saved-request with 1 occurrences * http://localhost/secured with 2 occurrences * http://localhost/signin with 1 occurrences * http://localhost/some-url with 1 occurrences * http://localhost/tosave with 1 occurrences * http://localhost/user with 1 occurrences * http://localhost:123456 with 2 occurrences * http://localhost:1280/certs with 1 occurrences * http://localhost:314 with 1 occurrences * http://localhost:4080 with 1 occurrences * http://localhost:543 with 1 occurrences * http://localhost:8080 with 16 occurrences * http://localhost:8080/ with 4 occurrences * http://localhost:8080/SomeService with 1 occurrences * http://localhost:8080/contacts with 1 occurrences * http://localhost:8080/login/oauth2/code with 1 occurrences * http://localhost:8080/login/oauth2/code/client-id with 2 occurrences * http://localhost:8080/login/oauth2/code/facebook with 2 occurrences * http://localhost:8080/login/oauth2/code/github with 2 occurrences * http://localhost:8080/login/oauth2/code/google with 4 occurrences * http://localhost:8080/login/oauth2/code/okta with 2 occurrences * http://localhost:8080/path/page.html?query=string with 1 occurrences * http://localhost:8080/sample/ with 15 occurrences * http://localhost:8080/secure with 1 occurrences * http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences * http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences * http://localhost:9080/secured with 1 occurrences * http://localhost:9080/unsecured with 1 occurrences * http://localhost:9080/user with 1 occurrences * http://something/ with 1 occurrences * http://test.com with 1 occurrences * http://test.foobar.com with 1 occurrences * http://testopenid.com?openid.return_to= with 1 occurrences * http://www.springframework.org/schema/aop with 2 occurrences * http://www.springframework.org/schema/beans with 8 occurrences * http://www.springframework.org/schema/context with 2 occurrences * http://www.springframework.org/schema/mvc with 2 occurrences * http://www.springframework.org/schema/security with 42 occurrences * http://www.springframework.org/schema/security/spring-security- with 1 occurrences * http://www.springframework.org/schema/websocket with 2 occurrences * http://www.springframework.org/security/tags with 17 occurrences * http://www.springframework.org/tags with 12 occurrences * http://www.springframework.org/tags/form with 14 occurrences * http://www.w3.org/1999/XSL/Transform with 1 occurrences * http://www.w3.org/1999/xhtml with 26 occurrences * http://www.w3.org/2001/XMLSchema with 14 occurrences * http://www.w3.org/2001/XMLSchema-datatypes with 7 occurrences * http://www.w3.org/2001/XMLSchema-instance with 9 occurrences Fixes gh-6660	2019-03-26 21:14:36 -04:00
Spring Operator	97e549a27a	URL Cleanup This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener). # Fixed URLs ## Fixed Success These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended. * http://www.apache.org/licenses/ with 1 occurrences migrated to: https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200). * http://www.apache.org/licenses/LICENSE-2.0 with 2596 occurrences migrated to: https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200). * http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to: https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).	2019-03-14 20:23:53 -05:00
Josh Cummings	22bd8f1c1f	Reactive Jwt Authentication Converter Support Fixes: gh-5092	2018-10-15 11:55:12 -05:00
Josh Cummings	65c81ce952	Make JwtReactiveAuthenticationManager final	2018-09-06 13:46:18 -06:00
Josh Cummings	8510e9a285	Reactive Resource Server insufficient_scope This introduces an implementation of ServerAccessDeniedHandler that is compliant with the OAuth 2.0 spec for insufficent_scope errors. Fixes: gh-5705	2018-08-31 10:33:11 -05:00
Rob Winch	713e1e3356	BearerTokenServerAuthenticationEntryPoint waits for subscriber Fixes: gh-5742	2018-08-27 14:26:45 -05:00
Rob Winch	e3eaa99ad0	Polish ServerAuthenticationConverter Update changes for ServerAuthenticationConverter to be passive. Issue: gh-5338	2018-08-18 19:55:39 -05:00
Eric Deandrea	b6afe66d32	Add ServerAuthenticationConverter interface - Adding an ServerAuthenticationConverter interface - Retro-fitting ServerOAuth2LoginAuthenticationTokenConverter, ServerBearerTokenAuthentivationConverter, ServerFormLoginAuthenticationConverter, and ServerHttpBasicAuthenticationConverter to implement ServerAuthenticationConverter - Deprecate existing AuthenticationWebFilter.setAuthenticationConverter and add overloaded one which takes ServerAuthenticationConverter Fixes gh-5338	2018-08-18 19:55:39 -05:00
Josh Cummings	d610f31425	Jwt -> Authentication Conversion Exposes ability to specify a strategy for converting Jwt into an Authentication, specifically in JwtAuthenticationProvider. Fixes: gh-5629	2018-08-17 11:04:27 -05:00
Josh Cummings	7c524aa0c8	Jwt Claim Validation This introduces OAuth2TokenValidator which allows the customization of validation steps that need to be performing when decoding a string token to a Jwt. At this point, two validators, JwtTimestampValidator and JwtIssuerValidator, are available for use. Fixes: gh-5133	2018-08-16 13:19:26 -05:00
Rob Winch	2056b3440f	Add ServerBearerTokenAuthenticationConverter Issue: gh-5605	2018-07-30 11:39:40 -05:00
Rob Winch	4f417f01a7	BearerTokenServerAuthenticationEntryPoint Issue: gh-5605	2018-07-30 11:39:34 -05:00
Rob Winch	da73242d60	Add JwtReactiveAuthenticationManager Issue: gh-5605	2018-07-30 11:39:28 -05:00
Rob Winch	b8308c9ae0	Extract JwtConverter Issue: gh-5605	2018-07-30 11:37:56 -05:00
Rob Winch	d595098823	Rename @TransientAuthentication to @Transient It is quite likely we will need to prevent certain Exceptions from being saved or from triggering a saved request. When we add support for this, we can now leverage @Transient vs creating a new annotation. Issue: gh-5481	2018-07-16 11:31:10 -05:00
Josh Cummings	40ccdb93f7	Resource Server Jwt Support Introducing initial support for Jwt-Encoded Bearer Token authorization with remote JWK set signature verification. High-level features include: - Accepting bearer tokens as headers and form or query parameters - Verifying signatures from a remote Jwk set And: - A DSL for easy configuration - A sample to demonstrate usage Fixes: gh-5128 Fixes: gh-5125 Fixes: gh-5121 Fixes: gh-5130 Fixes: gh-5226 Fixes: gh-5237	2018-07-16 10:40:46 -05:00

20 Commits