Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-02 16:52:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,478 Commits 37 Branches 348 Tags
Commit Graph

816 Commits

Author SHA1 Message Date
Rob Winch
6eee256e12
Demonstrate include-code usage 
Closes gh-17161
 2025-05-22 14:59:35 -05:00
Josh Cummings
7d49c41e03
Merge branch '6.4.x' into 6.5.x 2025-05-21 14:44:03 -06:00
Josh Cummings
fbfb28456a
Merge branch '6.3.x' into 6.4.x 2025-05-21 14:43:44 -06:00
Gurunathan
a4cd6f4278
Advise Overriding equals() and hashCode() in UserDetails Implementations 
This commit adds a documentation note explaining the importance of
overriding equals() and hashCode() in custom UserDetails implementations.

The default SessionRegistryImpl in Spring Security uses an in-memory
ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to
associate principals with sessions. If a custom UserDetails class does
not properly override equals() and hashCode(), user sessions may not
be tracked or matched correctly.

I believe this helps developers avoid subtle session management issues
when implementing custom authentication logic.

Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>
 2025-05-21 12:41:44 -06:00
Josh Cummings
02a516d7f2
Merge branch '6.4.x' into 6.5.x 2025-05-15 18:16:53 -06:00
Josh Cummings
70c940fd4f
Merge branch '6.3.x' into 6.4.x 2025-05-15 18:16:44 -06:00
Josh Cummings
eb30fd7f59
Add Missing Header 
Issue gh-11161
 2025-05-15 18:16:36 -06:00
Josh Cummings
8548d8e18a
Merge branch '6.4.x' into 6.5.x 2025-05-15 17:20:08 -06:00
Josh Cummings
fbdf4a88a0
Merge branch '6.3.x' into 6.4.x 2025-05-15 17:19:55 -06:00
snowykte0426
260d298cc5 Add Migration Guide from Spring Security SAML Extension 
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.

Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback

Closes gh-11161

Signed-off-by: snowykte0426 <snowykte0426@naver.com>
 2025-05-15 17:17:43 -06:00
Josh Cummings
26f359a4db
Merge branch '6.4.x' into 6.5.x 2025-05-13 11:18:31 -06:00
Josh Cummings
5ba4ab5e11
Merge branch '6.3.x' into 6.4.x 2025-05-13 11:18:02 -06:00
Danilo Piazzalunga
27319e3f9b Add missing registration property in YAML listing 
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
 2025-05-13 11:17:35 -06:00
Danilo Piazzalunga
ec462e8bc5 Update assertingparty property usage in YAML snippets 
Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration.*.identityprovider.*
to spring.security.saml2.relyingparty.registration.*.assertingparty.*.

Closes gh-12810.

Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
 2025-05-13 11:17:35 -06:00
Joe Grandja
e3c39f02bc Add documentation for DPoP support 
Closes gh-17072
 2025-05-09 16:02:14 -04:00
Rob Winch
9b79b99150
Merge branch '6.4.x' 
- Correct method name in logout.adoc

Closes gh-17049
 2025-05-06 10:24:14 -05:00
Rob Winch
63d79a97db
Merge branch '6.3.x' into 6.4.x 
- Correct method name in logout.adoc

Closes gh-17048
 2025-05-06 10:23:58 -05:00
Tran Ngoc Nhan
505fe3abed
Correct method name 
Closes gh-17031

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-06 10:17:29 -05:00
Josh Cummings
df640f22dc
Merge branch '6.4.x' 2025-05-02 15:59:13 -06:00
Josh Cummings
92160fa26f
Merge branch '6.3.x' into 6.4.x 
Closes gh-17034
 2025-05-02 15:58:58 -06:00
Josh Cummings
51239359ed
Fix ClearSiteData Code Snippet 
Closes gh-16948
 2025-05-02 15:57:31 -06:00
Josh Cummings
28091c8563 Merge branch '6.4.x' 2025-05-01 12:03:19 -06:00
Josh Cummings
c4a0dfe838 Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-05-01 12:03:05 -06:00
Soumik Sarker
bcef6ed74f Reformatted lines in x509 overview documentation 
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-05-01 12:02:45 -06:00
Josh Cummings
d0a97917ad
Merge branch '6.4.x' 2025-04-29 13:39:00 -06:00
Josh Cummings
d76ccc6856
Merge branch '6.3.x' into 6.4.x 2025-04-29 13:38:41 -06:00
Yanming Zhou
9c76ab69f0 Use proper configuration key 
the getter method is `getOpaquetoken()` not `getOpaqueToken()`

See c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-29 13:37:51 -06:00
Yanming Zhou
ce5a12b2f7 Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector 
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-23 14:10:02 -06:00
Josh Cummings
61d6fbc2a9
Update Documentation for PathPatternRequestMatcher 
Issue gh-16765
 2025-04-23 12:11:09 -06:00
Steve Riesenberg
15c2b156f1
Update Client Authentication examples 
Closes gh-16925

987d9c9788ba0343f543083c87613fb5
 2025-04-11 15:10:05 -05:00
Josh Cummings
6438603cb6
Pick Up TargetVisitor Beans 
Closes gh-16923
 2025-04-10 15:48:09 -06:00
Josh Cummings
3869b13e68
Add ResponseAuthenticationConverter 
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.

Closes gh-12136
 2025-04-09 17:38:24 -06:00
Josh Cummings
3e686abf50
Add ResponseValidator 
Issue gh-14264
Closes gh-16915
 2025-04-09 17:32:40 -06:00
Michael Samborski
bfb4878e29 Update kotlin.adoc to add required spread operator(*) 
Signed-off-by: Michael Samborski <msamborski@orbiscommunications.com>
 2025-04-08 14:12:09 -05:00
Josh Cummings
a283700ef8
Add CacheSaml2AuthenticationRequestRepository 
Closes gh-14793
 2025-04-03 17:43:48 -06:00
Josh Cummings
91b0936189
Add AssertionValidator 
- Ships with support for customizing the OpenSAML validators to use
- Or, you can supply your own instance of SAML20AssertionValidator

Closes gh-15578
 2025-04-02 17:44:40 -06:00
Tran Ngoc Nhan
ee84d37435 Use SpringCacheBasedTicketCache 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-31 13:54:48 -06:00
Hao
6159e089d4 Fix inline code formatting in documentation 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
Hao
8c7d2e8922 Fix typo in multitenancy documentation 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
Josh Cummings
3aec6c2f6e
Deprecate Access API in ACL 
Issue gh-11302
 2025-03-25 12:21:13 -06:00
Josh Cummings
05fdcd6a08
Deprecate MvcRequestMatcher 
Closes gh-16631
 2025-03-24 22:03:22 -06:00
Josh Cummings
f910d47c67
Merge branch '6.4.x' 2025-03-21 14:47:33 -06:00
Josh Cummings
db8b6322e2
Merge branch '6.3.x' into 6.4.x 2025-03-21 14:47:24 -06:00
Bragolgirith
72554f7f36 Update authorize-http-requests.adoc 
Fix patterns in the Security Matchers documentation

Signed-off-by: Bragolgirith <6455473+Bragolgirith@users.noreply.github.com>
 2025-03-21 14:46:53 -06:00
Steve Riesenberg
6745576186 Polish basic.adoc 
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
 2025-03-21 15:05:22 -05:00
Steve Riesenberg
eb510ab59d Polish gh-16280 2025-03-21 15:05:22 -05:00
Martin Emrich
21fb5f92cf Explain behaviour with XMLHttpRequest on 401 response 
Relates to / Closes gh-16103
 2025-03-21 15:05:22 -05:00
nobletrout
555fe1f147 Update anonymous.adoc 
make the example code return the same thing for the do and don't do.

Signed-off-by: nobletrout <nobletrout@gmail.com>
 2025-03-20 15:17:35 -05:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x' 
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
 2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00