Rob Winch
6eee256e12
Demonstrate include-code usage
...
Closes gh-17161
2025-05-22 14:59:35 -05:00
Josh Cummings
7d49c41e03
Merge branch '6.4.x' into 6.5.x
2025-05-21 14:44:03 -06:00
Josh Cummings
fbfb28456a
Merge branch '6.3.x' into 6.4.x
2025-05-21 14:43:44 -06:00
Gurunathan
a4cd6f4278
Advise Overriding equals() and hashCode() in UserDetails Implementations
...
This commit adds a documentation note explaining the importance of
overriding equals() and hashCode() in custom UserDetails implementations.
The default SessionRegistryImpl in Spring Security uses an in-memory
ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to
associate principals with sessions. If a custom UserDetails class does
not properly override equals() and hashCode(), user sessions may not
be tracked or matched correctly.
I believe this helps developers avoid subtle session management issues
when implementing custom authentication logic.
Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>
2025-05-21 12:41:44 -06:00
Josh Cummings
02a516d7f2
Merge branch '6.4.x' into 6.5.x
2025-05-15 18:16:53 -06:00
Josh Cummings
70c940fd4f
Merge branch '6.3.x' into 6.4.x
2025-05-15 18:16:44 -06:00
Josh Cummings
eb30fd7f59
Add Missing Header
...
Issue gh-11161
2025-05-15 18:16:36 -06:00
Josh Cummings
8548d8e18a
Merge branch '6.4.x' into 6.5.x
2025-05-15 17:20:08 -06:00
Josh Cummings
fbdf4a88a0
Merge branch '6.3.x' into 6.4.x
2025-05-15 17:19:55 -06:00
snowykte0426
260d298cc5
Add Migration Guide from Spring Security SAML Extension
...
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.
Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback
Closes gh-11161
Signed-off-by: snowykte0426 <snowykte0426@naver.com>
2025-05-15 17:17:43 -06:00
Josh Cummings
26f359a4db
Merge branch '6.4.x' into 6.5.x
2025-05-13 11:18:31 -06:00
Josh Cummings
5ba4ab5e11
Merge branch '6.3.x' into 6.4.x
2025-05-13 11:18:02 -06:00
Danilo Piazzalunga
27319e3f9b
Add missing registration property in YAML listing
...
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
2025-05-13 11:17:35 -06:00
Danilo Piazzalunga
ec462e8bc5
Update assertingparty property usage in YAML snippets
...
Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration.*.identityprovider.*
to spring.security.saml2.relyingparty.registration.*.assertingparty.*.
Closes gh-12810.
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
2025-05-13 11:17:35 -06:00
Joe Grandja
e3c39f02bc
Add documentation for DPoP support
...
Closes gh-17072
2025-05-09 16:02:14 -04:00
Rob Winch
9b79b99150
Merge branch '6.4.x'
...
- Correct method name in logout.adoc
Closes gh-17049
2025-05-06 10:24:14 -05:00
Rob Winch
63d79a97db
Merge branch '6.3.x' into 6.4.x
...
- Correct method name in logout.adoc
Closes gh-17048
2025-05-06 10:23:58 -05:00
Tran Ngoc Nhan
505fe3abed
Correct method name
...
Closes gh-17031
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-06 10:17:29 -05:00
Josh Cummings
df640f22dc
Merge branch '6.4.x'
2025-05-02 15:59:13 -06:00
Josh Cummings
92160fa26f
Merge branch '6.3.x' into 6.4.x
...
Closes gh-17034
2025-05-02 15:58:58 -06:00
Josh Cummings
51239359ed
Fix ClearSiteData Code Snippet
...
Closes gh-16948
2025-05-02 15:57:31 -06:00
Josh Cummings
28091c8563
Merge branch '6.4.x'
2025-05-01 12:03:19 -06:00
Josh Cummings
c4a0dfe838
Merge remote-tracking branch 'origin/6.3.x' into 6.4.x
2025-05-01 12:03:05 -06:00
Soumik Sarker
bcef6ed74f
Reformatted lines in x509 overview documentation
...
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-05-01 12:02:45 -06:00
Josh Cummings
d0a97917ad
Merge branch '6.4.x'
2025-04-29 13:39:00 -06:00
Josh Cummings
d76ccc6856
Merge branch '6.3.x' into 6.4.x
2025-04-29 13:38:41 -06:00
Yanming Zhou
9c76ab69f0
Use proper configuration key
...
the getter method is `getOpaquetoken()` not `getOpaqueToken()`
See c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-04-29 13:37:51 -06:00
Yanming Zhou
ce5a12b2f7
Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector
...
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-04-23 14:10:02 -06:00
Josh Cummings
61d6fbc2a9
Update Documentation for PathPatternRequestMatcher
...
Issue gh-16765
2025-04-23 12:11:09 -06:00
Steve Riesenberg
15c2b156f1
Update Client Authentication examples
...
Closes gh-16925
987d9c9788ba0343f543083c87613fb5
2025-04-11 15:10:05 -05:00
Josh Cummings
6438603cb6
Pick Up TargetVisitor Beans
...
Closes gh-16923
2025-04-10 15:48:09 -06:00
Josh Cummings
3869b13e68
Add ResponseAuthenticationConverter
...
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.
Closes gh-12136
2025-04-09 17:38:24 -06:00
Josh Cummings
3e686abf50
Add ResponseValidator
...
Issue gh-14264
Closes gh-16915
2025-04-09 17:32:40 -06:00
Michael Samborski
bfb4878e29
Update kotlin.adoc to add required spread operator(*)
...
Signed-off-by: Michael Samborski <msamborski@orbiscommunications.com>
2025-04-08 14:12:09 -05:00
Josh Cummings
a283700ef8
Add CacheSaml2AuthenticationRequestRepository
...
Closes gh-14793
2025-04-03 17:43:48 -06:00
Josh Cummings
91b0936189
Add AssertionValidator
...
- Ships with support for customizing the OpenSAML validators to use
- Or, you can supply your own instance of SAML20AssertionValidator
Closes gh-15578
2025-04-02 17:44:40 -06:00
Tran Ngoc Nhan
ee84d37435
Use SpringCacheBasedTicketCache
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-31 13:54:48 -06:00
Hao
6159e089d4
Fix inline code formatting in documentation
...
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-26 21:51:52 -06:00
Hao
8c7d2e8922
Fix typo in multitenancy documentation
...
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-26 21:51:52 -06:00
Josh Cummings
3aec6c2f6e
Deprecate Access API in ACL
...
Issue gh-11302
2025-03-25 12:21:13 -06:00
Josh Cummings
05fdcd6a08
Deprecate MvcRequestMatcher
...
Closes gh-16631
2025-03-24 22:03:22 -06:00
Josh Cummings
f910d47c67
Merge branch '6.4.x'
2025-03-21 14:47:33 -06:00
Josh Cummings
db8b6322e2
Merge branch '6.3.x' into 6.4.x
2025-03-21 14:47:24 -06:00
Bragolgirith
72554f7f36
Update authorize-http-requests.adoc
...
Fix patterns in the Security Matchers documentation
Signed-off-by: Bragolgirith <6455473+Bragolgirith@users.noreply.github.com>
2025-03-21 14:46:53 -06:00
Steve Riesenberg
6745576186
Polish basic.adoc
...
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
2025-03-21 15:05:22 -05:00
Steve Riesenberg
eb510ab59d
Polish gh-16280
2025-03-21 15:05:22 -05:00
Martin Emrich
21fb5f92cf
Explain behaviour with XMLHttpRequest on 401 response
...
Relates to / Closes gh-16103
2025-03-21 15:05:22 -05:00
nobletrout
555fe1f147
Update anonymous.adoc
...
make the example code return the same thing for the do and don't do.
Signed-off-by: nobletrout <nobletrout@gmail.com>
2025-03-20 15:17:35 -05:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x'
...
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x
...
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
2025-03-20 14:46:18 -05:00