1468 Commits

Author SHA1 Message Date
Josh Cummings
9244989b2e
Fix allOf/anyOf Abstain Logic
Closes gh-13069
2023-04-24 15:36:17 -06:00
Josh Cummings
072feb2fb8
Merge branch '6.0.x' 2023-04-24 12:52:36 -06:00
Josh Cummings
599ed3e96b
Polish Format
Issue gh-13079
2023-04-24 12:52:26 -06:00
Josh Cummings
57294be795
Merge branch '6.0.x'
Closes gh-13083
2023-04-24 12:49:56 -06:00
Josh Cummings
73a543d318
Handle Empty Role
Closes gh-13079
2023-04-24 12:49:30 -06:00
Marcus Da Coregio
1a4a2a9055 Merge branch '5.8.x' into 6.0.x 2023-04-14 13:32:10 -03:00
Marcus Da Coregio
54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Marcus Da Coregio
5e2dd0351d Merge branch '6.0.x'
Closes gh-12964
2023-04-04 10:21:52 -03:00
Petr Svoboda
44c4a4ae86 Add new DaoAuthenticationProvider constructor
Add a new constructor to the DaoAuthenticationProvider, which allows
providing a custom PasswordEncoder to prevent instantiation of the
default delegating PasswordEncoder in the default constructor.

This provides a way to instantiate the DaoAuthenticationProvider on JDKs
where the default delegating PasswordEncoder cannot be instantiated due
to limited JCE providers for compliance reasons (e.g., FIPS).

Closes gh-12874
2023-04-04 10:21:22 -03:00
Josh Cummings
607e40d366 Polish ObservationConvention Configuration
Change to setObservationConvention so that it reads more clearly
when used, for example `authenticationManager.setObservationConvention`
is clearer than `authenticationManager.setConvention`.

Change unit test names to follow team conventions.

Issue gh-12534
2023-03-28 15:01:26 -06:00
Josh Cummings
f1b14de3ba Format ObservationConvention Configuration
Issue gh-12534
2023-03-28 15:01:26 -06:00
Braunson
8d933fcb03 Support Customizing Observation Conventions
Closes gh-12534
2023-03-28 15:01:26 -06:00
Josh Cummings
a7562ad950
Update io.spring.javaformat to 0.0.38
Closes gh-12891
2023-03-20 10:44:35 -06:00
Josh Cummings
f588f9fa9a
Merge branch '6.0.x' 2023-03-03 15:02:51 -07:00
Josh Cummings
acf48721cd
Merge branch '5.8.x' into 6.0.x 2023-03-03 15:02:34 -07:00
Josh Cummings
ebabcaa51a
Merge branch '5.7.x' into 5.8.x 2023-03-03 15:02:07 -07:00
bist
094bf1b527 Validate hasRole Input
There are no check for role prefix in AuthorizeHttpRequestsConfigurer#XXXrole
methods. This PR adds check for the same. Now the configuration
will fail if role/s start with prefix for hasRole and hasAnyRole methods.

Closes #12581
2023-03-03 15:00:34 -07:00
stillya
3229bfa40f Add empty authorities by default
Closes gh-12533
2023-01-30 15:37:10 -06:00
Evgeniy Cheban
782b792e7b SecuredAuthorizationManager should allow customizing underlying authorization manager
Closes gh-12233
2023-01-10 17:48:48 -07:00
Evgeniy Cheban
1bbbd046c3 Polish gh-12231
- Update copyright header
- Use Set.of instead of HashSet in AuthorityAuthorizationManager
- Align roleHierarchy test name with other tests in AuthoritiesAuthorizationManagerTests
2023-01-05 10:50:52 -07:00
Evgeniy Cheban
855282ac3b Add Authority String AuthorizationManager
Closes gh-12231
2022-12-02 14:12:02 -07:00
Josh Cummings
88e64bac0c Polish Tests
Issue gh-11992
2022-11-17 15:09:52 -07:00
Marcus Da Coregio
db7f52db4e Add hints to invoke SecurityContextImpl#getAuthentication
Closes gh-11987
2022-10-13 09:06:16 -03:00
Josh Cummings
d3d8f7d60f
Mark Observations with Security Context Events
Closes gh-11992
2022-10-12 20:32:23 -06:00
Josh Cummings
8c610684f3
Instrument Authentication and Authorization
Closes gh-11989
Closes gh-11990
2022-10-12 20:32:21 -06:00
Josh Cummings
8f10deb602
Merge remote-tracking branch 'origin/5.8.x' 2022-09-30 17:01:22 -06:00
Josh Cummings
f054505d6d
Support Deferred Contexts
Closes gh-11817
Issue gh-10913
2022-09-30 16:49:47 -06:00
Emil Sierżęga
fc7f87feac Removed unused test classes SomeDomainObject/Manager 2022-09-30 10:55:36 -05:00
Marcus Da Coregio
ef879aadd6 Add native hint for the users JDBC schema
Closes gh-11907
2022-09-29 09:42:37 -03:00
Josh Cummings
e071c28e8a
Merge remote-tracking branch 'origin/5.8.x' 2022-09-20 16:25:45 -06:00
Evgeniy Cheban
c1d27612af Simplify AuthorizationManager composition
Closes gh-11625
2022-09-20 16:24:45 -06:00
Josh Cummings
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main 2022-08-25 14:46:48 -06:00
Josh Cummings
e990174c89
Polish ReactiveMethodSecurity Support
- Changed annotation property to useAuthorizationManager
to match related XML support
- Moved support found in bean post-processors back into
interceptors directly. This reduces the number of components to
maintain and simplifies ongoing support
- Added @Deprecated annotation to indicate that applications
should use AuthorizationManagerBeforeReactiveMethodInterceptor and
AuthorizationManagerAfterReactiveMethodInterceptor instead. While
true that the new support does not support coroutines, the existing
coroutine support is problematic since it cannot be reliably paired
with other method interceptors
- Moved expression handler configuration to the constructors
- Constrain all method security interceptors to require publisher types
- Use ReactiveAdapter to check for single-value types as well

Issue gh-9401

Polish
2022-08-25 14:36:03 -06:00
Josh Cummings
6fd23d2567
Add MockMethodInvocation Constructor
Issue gh-9401
2022-08-25 14:36:02 -06:00
Evgeniy Cheban
cbb4f40f0c ReactiveAuthorizationManager + Reactive Method Security
Closes gh-9401
2022-08-25 14:35:04 -06:00
Rob Winch
670b71363d Merge branch '5.8.x'
Closes gh-11749
2022-08-23 16:03:50 -05:00
Rob Winch
2fb625db84 Remove mockito deprecations
Issue gh-11748
2022-08-23 15:59:52 -05:00
Marcus Da Coregio
38c05ad31c Add native hints for basic @PostAuthorize usage
Closes gh-11737
2022-08-23 15:17:14 -03:00
Evgeniy Cheban
c4b0e9bd74
Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
2022-07-14 13:00:07 -06:00
Evgeniy Cheban
400cd60368 Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
2022-07-14 12:48:39 -06:00
Josh Cummings
8d0084842b
Add MethodExpressionAuthorizationManager
Closes gh-11493
2022-07-14 09:25:16 -06:00
Josh Cummings
281814a955
Add MethodExpressionAuthorizationManager
Closes gh-11493
2022-07-13 17:58:16 -06:00
Marcus Da Coregio
7abea4a964 Add RuntimeHints suffix for RuntimeHintsRegistrar
Closes gh-11497
2022-07-13 10:14:43 -03:00
Joe Grandja
177baba8c9 RuntimeHintsPredicates moved to predicate package 2022-07-12 16:00:50 -04:00
Rob Winch
4a5c0ac904 Fix Formatting
Issue gh-11474
2022-07-08 12:35:40 -05:00
Marcus Da Coregio
a87f7aa2e1 Polish CoreSecurityHintsTests
Use ParameterizedTest to simplify repetitive test setup

Issue gh-11431
2022-07-06 15:21:45 -03:00
Josh Cummings
459003e1b3
Use SecurityContextHolderStrategy for Context Propagation
Issue gh-11060
2022-06-30 11:19:33 -06:00
Josh Cummings
38cb6c3172
Use SecurityContextHolderStrategy for Context Propagation
Issue gh-11060
2022-06-30 11:18:07 -06:00
Josh Cummings
b316a3217b
Add SecurityContextHolderStrategy for Jaas
Issue gh-11060
Issue gh-11061
2022-06-28 09:35:54 -06:00
Josh Cummings
ee66850aed
Add SecurityContextHolderStrategy for Jaas
Issue gh-11060
Issue gh-11061
2022-06-28 09:26:05 -06:00