spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-05 00:53:29 +00:00

Author	SHA1	Message	Date
Eddú Meléndez	39ed7d0eca	Propagate rolePrefix to LdapAuthoritiesPopulator Previous to this commit, custom rolePrefix was not propagated to LdapAuthoritiesPopulator populating a wrong authority. Now, rolePrefix is propagated and the authority is as expected. Fixes gh-3921	2016-06-20 12:44:02 -05:00
Eddú Meléndez	a2ead4cf7a	Polish Fixes gh-3892	2016-06-20 12:35:43 -05:00
Rob Winch	2d6051625f	Update pom.xml	2016-06-17 14:30:11 -05:00
Rob Winch	477573b3bc	Fix @EnableGlobalAuthentication & method seucrity on @Configuration class Fixes gh-3934	2016-06-17 14:05:11 -05:00
Rob Winch	fa1c484587	AuthenticationConfiguration.getAuthenticationManager() supports recursion AuthenticationConfiguration.getAuthenticationManager() now supports recursion. This is necessary in instances where something using @EnableGlobalAuthentication requires an object using method level security. Fixes gh-3935	2016-06-17 14:02:36 -05:00
Rob Winch	9e3d2e2d99	HTTP Basic default logout ignores text/html This fixes an issue where Chrome sends an accept header of application/xml which triggers an HTTP 204 to be returned Fixes gh-3902	2016-06-14 16:27:56 -05:00
Sola	d3b3f8e004	Fix WebSecurityConfigurerAdapter Javadoc The constructor's Javadoc was incorrect. This commit fixes it.	2016-05-23 08:12:50 -05:00
Spring Buildmaster	001b05569a	Release version 4.1.0.RELEASE	2016-05-05 04:25:46 +00:00
Joe Grandja	e68d8bfaea	Clarifies sessionAuthenticationStrategy setter Fixes gh-234	2016-05-02 13:21:58 -05:00
Joe Grandja	491abf2600	Revert "Fix test for SessionManagementConfigurer" This reverts commit 17b25d14779af5de9cb0f391f4dc0af7a620a646. Issue gh-234	2016-05-02 13:21:58 -05:00
Joe Grandja	0d2b797c2a	Revert "Fix sessionAuthenticationStrategy setter" This reverts commit 8f5d46ad68d3a28f6c118000a8fcfb9aab71c3a5. Issue gh-234	2016-05-02 13:21:58 -05:00
Joe Grandja	17b25d1477	Fix test for SessionManagementConfigurer Fixes gh-234	2016-04-21 16:50:03 -04:00
didiez	8f5d46ad68	Fix sessionAuthenticationStrategy setter sessionAuthenticationStrategy was setting sessionFixationAuthenticationStrategy instead Fixes gh-234	2016-04-21 16:21:54 -04:00
Spring Buildmaster	24d0069668	Release version 4.1.0.RC2	2016-04-21 01:47:25 +00:00
Rob Winch	7fe0a135ec	Default AntPathRequestMatcher to be case sensitive Issue gh-3831	2016-04-20 13:29:18 -05:00
Rob Winch	510cd59980	Default logout negotiation in Java Configuration This commit adds content negotiation for log out. Fixes gh-3282	2016-04-20 10:59:14 -05:00
Rob Winch	51995dc187	Add Java Configuration InvalidSessionStrategy (#3827 ) Allow configuring the InvalidSessionStrategy in Java Configuration. Fixes gh-3371	2016-04-20 09:59:27 -04:00
Rob Winch	a5a8aeb550	Message SecurityExpressionHandler is post processed (#3820 ) Previously the SecurityExpressionHandler for message based configuration did not have a beanResolver set. This commit post processes the default message SecurityExpressionHandler to ensure the beanResolver is set. Fixes gh-3797	2016-04-19 13:21:58 -04:00
Rob Winch	c872a77ad1	RoleHiearchy Bean used in GlobalMethodSecurity (#3394 ) Previously it required quite a bit of extra work to use RoleHiearchy within Java Based Spring Security configuration. Now if a single RoleHiearchy Bean is defined it will automatically be picked up and used by method security. Fixes gh-3394	2016-04-19 12:47:38 -04:00
Johnny Lim	933a7e8363	Remove duplicate words Fixes gh-3826	2016-04-18 23:21:20 -05:00
Rob Winch	fb5776cb5c	Support Camel case URI variables (#3814 ) Perviously there were issues with case insenstive patterns and URI variables that contained upper case characters. For example, the pattern "/user/{userId}" could not resolve the variable #userId Instead it was forced to lowercase and #userid was used. Now if the pattern is case insensitive then so is the variable. This means that #userId will work as will #userid. Fixes gh-3786	2016-04-18 17:54:48 -04:00
Matthias Merdes	b6800bdb4d	Update ExpressionUrlAuthorizationConfigurer Error Message Update error message	2016-04-14 15:33:48 -05:00
Rob Winch	59db9413aa	Add SpEL Bean reference test (#3815 ) Issue gh-3797	2016-04-14 12:11:40 -05:00
Rob Winch	6f169267c4	HttpSecurity comparitor->comparator Rename HttpSecurity's comparitor to comparator Fixes gh-3810	2016-04-13 15:04:22 -05:00
Rob Winch	a7fb6d2e58	Add HttpSecurity.addFilterAt (#3809 ) Fixes gh-3784	2016-04-13 16:01:25 -04:00
Rob Winch	d3a9cc6eae	Add CsrfTokenRepository (#3805 ) * Create LazyCsrfTokenRepository Fixes gh-3790 * Add CookieCsrfTokenRepository Fixes gh-3009	2016-04-12 17:26:53 -04:00
Leon Radley	b82df4ecf3	Add alwaysRemember to RememberMe Java Config Allow setting alwaysRemember from RememberMeConfigurer Fixes gh-180	2016-04-12 13:37:44 -05:00
Jeffrey Walraven	bd0c8a7baa	Fix HttpSecurity logout JavaDoc Removed error provoking extra logout() from example code	2016-04-12 13:24:40 -05:00
Johnny Lim	fe94d654ed	Fix typos (#228 )	2016-04-12 11:11:51 -05:00
Nicolai Ehemann	c57dba6b77	Fix typo in setMessageExpessionHandler (#3803 )	2016-04-12 11:08:52 -05:00
Joe Grandja	b90242f2fa	Updates all POM versions to 4.1.0 snapshot build. Fixes gh-3804	2016-04-12 10:35:43 -04:00
Quinten De Swaef	d05fe8ec07	Fix typo in xsd Fixes gh-3229	2016-04-05 09:47:48 -05:00
Spring Buildmaster	044acf7e27	Release version 4.1.0.RC1	2016-03-23 07:15:15 -07:00
Joe Grandja	2f7f2ff589	Adds support for Content Security Policy Fixes gh-2342	2016-03-22 21:59:13 -05:00
Rob Winch	4b650dc58d	Allow AuthenticationProvider Bean in Java Config This commit adds support for defaulting java configuration's authentication by providing an AuthenticationProvider Bean. Fixes gh-3091	2016-03-22 16:17:25 -05:00
Rob Winch	533a5f0905	Fix <password-encoder> when authentication-manager@id specified When <authentication-manager> specifies an id, the <password-encoder> is not used because the parser changes the bean id without aliasing it to BeanIds.AUTHENTICATION_MANAGER which is used by AuthenticationManagerBeanDefinitionParser to look up the AuthenticationManager bean. This commit updates AuthenticationManagerBeanDefinitionParser to ensure there is an alias to BeanIds.AUTHENTICATION_MANAGER when the id is specified. Fixes gh-3296	2016-03-21 22:48:49 -05:00
Rob Winch	7bf014f678	Path Variables fail with different case Fixes gh-3329	2016-03-21 10:09:50 -05:00
Rob Winch	cf66487d3a	Add Java Configuration Test Issue SEC-2256	2016-03-18 14:03:47 -05:00
Eddú Meléndez	41c6a797c3	Add RememberMeConfigurer set domain Fixes gh-3408	2016-03-17 08:30:18 -05:00
Rob Winch	ec4e6c7453	Update pom.xml to 4.1.0.BUILD-SNAPSHOT	2016-03-14 00:51:35 -05:00
Rob Winch	f221920a19	Clean up code to conform to basic checkstyle Issue gh-3746	2016-03-14 00:15:12 -05:00
Rob Winch	35eff94e3d	Add Both Config names to duplicate WebSecurityConfigurer order Previously the error message when multiple WebSecurityConfigurer with the same Order did not include both WebSecurityConfigurer classes that were involved in the duplicate Order. This made resolving errors difficult. This commit ensures both WebSecurityConfigurers are include in the error message. Fixes gh-3380	2016-03-11 12:12:55 -06:00
Shazin Sadakath	e33e21fe6b	Add Forward after authentication attempt config support Fixes gh-3728	2016-03-11 10:49:30 -06:00
Rob Winch	5d6e8bc3c8	Remove SPR-11251 workaround from WebSecurityConfiguration Fixes gh-3348	2016-03-09 16:48:24 -06:00
Rob Winch	be36ddb614	Some formatting fixes for HttpSecurity Javadoc	2016-03-09 16:45:43 -06:00
Rob Winch	2f4610e8b7	Update HttpSecurity.requestMatcher() Javadoc Fixes gh-3365	2016-03-09 16:45:29 -06:00
Billy Korando	71d4ce96ad	Convert to assertj Fixes gh-3175	2016-03-09 14:30:17 -06:00
Rob Winch	bb600a473e	Start AssertJ Migration Issue gh-3175	2016-03-09 14:26:30 -06:00
Rob Winch	3164bd6f8d	Polish Sorting ObjectPostProcessor * Add Test * Only sort on adding new entry Issue gh-3572	2016-03-08 15:51:13 -06:00
Wallace Wadge	a366489c3c	Sort ObjectPostProcessors prior to invoking them Fixes gh-3572	2016-03-08 10:39:56 -06:00

... 47 48 49 50 51 ...

3058 Commits