Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-31 14:43:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,071 Commits 52 Branches 351 Tags
Commit Graph

3113 Commits

Author SHA1 Message Date
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch
79cd982341
Extract spring-security-webauthn 
Closes gh-17586
 2025-07-22 17:18:38 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
Rob Winch
85dc06bbdf
Merge branch '6.5.x' 
Closes gh-17581
 2025-07-21 09:30:11 -05:00
Rob Winch
80ccb9b3cf
Merge branch '6.4.x' into 6.5.x 
Closes gh-17580
 2025-07-21 09:29:20 -05:00
Rob Winch
829af961f0
Use Meaningful Configurer Names in Test 
This just renames the Configurer names used in
AbstractConfiguredSecurityBuilderTests to be more meaningful.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch
fca704e61f
Fix getConfigurersInInitializing Semantics 
A getter should not mutate state. This removes getConfigurersInInitializing
in favor of inline code since this is just used once.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch
ea9dd2728e
Support add nested security configurers during builder initialization 
Closes gh-17011

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-21 09:27:27 -05:00
Josh Cummings
63e0a56bee
Add setBasePath 
Originally, it was thought that this feature would be rather uncommon;
however, given some feedback from the Boot team, it makes sense to make
this easier to configure.

Of specific note is migrating from an earlier version were the
servlet path did not need to be specified in authorizeHttpRequests.
Since it does in 7, this will be a significant migration for those
who have a servlet path configured. This setter simplifies that a great
deal, including simplifying Boot's support of it.

Closes gh-17579
 2025-07-20 22:57:06 -06:00
Josh Cummings
15fc898804
Make DataTargetVisitor package-private 
Closes gh-17561
 2025-07-18 11:03:21 -06:00
Joe Grandja
a1f5b343ab Merge branch '6.5.x' 2025-07-18 09:01:01 -04:00
Joe Grandja
ecec7cb98f Merge branch '6.4.x' into 6.5.x 
Closes gh-17557
 2025-07-18 08:40:31 -04:00
Marcus Hert da Coregio
2a38de48b8 Fix securityContextRepository() initialization in oauth2Login() DSL 
Closes gh-17502

Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>
 2025-07-18 07:48:05 -04:00
Josh Cummings
25f69e92c7
Merge branch '6.5.x' 2025-07-17 18:04:52 -06:00
Josh Cummings
72eb3065de
Remove AuthorizationWebProxyConfiguration From Reactive 
Closes gh-17545
 2025-07-17 17:42:45 -06:00
DingHao
dadf4c0b8a Remove shouldFilterAllDispatcherTypes 
Closes gh-12139

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-14 12:34:16 -06:00
DingHao
5fefdd5bb3 Remove AbstractConfiguredSecurityBuilder apply 
Closes gh-13441

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-11 16:13:25 -06:00
Josh Cummings
4d3024cb49
Remove MessageSecurityMetadataSourceRegistry 
Issue gh-17295
 2025-07-10 14:38:03 -06:00
Josh Cummings
684775b46a
Use PathPatternMessageMatcher By Default 
Issue gh-17501
 2025-07-10 14:38:03 -06:00
Josh Cummings
ec16322000
Merge branch '6.5.x' 2025-07-10 13:19:14 -06:00
Josh Cummings
bc0d706275
Use PathPatternMessageMatcher.Builder in XML Config 
Closes gh-17508
 2025-07-10 13:16:14 -06:00
Josh Cummings
7f8b9c895f
Use with Instead of Apply 
Issue gh-13204
 2025-07-09 18:58:23 -06:00
Josh Cummings
728b5224cb
Add withDefaults Shortcut for Custom Configurers 
Issue gh-13204
 2025-07-09 18:58:23 -06:00
Josh Cummings
f1725b25a0
Remove authorizeRequests 
Closes gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings
2c87270dbc
Use authorizeHttpRequests 
Issue gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings
da182a2d7c
Remove Deprecated OpenSaml Components 
Closes gh-17306
 2025-07-09 14:06:51 -06:00
Rob Winch
e48fdd5ed4
Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Tran Ngoc Nhan
a439bc65d6 Remove EnableWebMvcSecurity 
Closes gh-17294

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:46:03 -06:00
Josh Cummings
19e88f5e35 Polish Tests 
Issue gh-17298
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan
242956a63c Remove deprecated elements from DaoAuthenticationProvider 
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan
e52987d03c Remove RoleHierarchyImpl Deprecations 
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:22:22 -06:00
Matt Magoffin
62252c1232
Default to XorCsrfChannelInterceptor in XML 
Change WebSocketMessageBrokerSecurityBeanDefinitionParser to use
XorCsrfChannelInterceptor by default, so WebSocket XML configuration
matches the default Xor-based configuration already in
WebSocketMessageBrokerSecurityConfiguration.

Closes gh-17260

Signed-off-by: Matt Magoffin <matt@solarnetwork.net>
 2025-07-07 13:02:15 -06:00
Josh Cummings
a9636c72d1
Merge branch '6.5.x' 2025-07-07 12:54:26 -06:00
Josh Cummings
bc20bd6340
Merge branch '6.4.x' into 6.5.x 
Closes gh-17495
 2025-07-07 12:53:59 -06:00
Josh Cummings
8461feb028
Merge branch '6.3.x' into 6.4.x 
Closes gh-17494
 2025-07-07 12:53:47 -06:00
Josh Cummings
4f5b17334e
Pick Up csrfChannelInterceptor in XML 
Closes gh-17493
 2025-07-07 12:53:27 -06:00
Josh Cummings
42283a5c1d
Add Missing File 
Issue gh-17484
 2025-07-07 11:18:57 -06:00
Josh Cummings
5ae1b73bae
Fix Cyclic Bean Dependency 
Closes gh-17484
 2025-07-07 10:32:56 -06:00
Tran Ngoc Nhan
d8043dc8a7 Remove PrePostTemplateDefaults 
Closes gh-17296

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan
21036c94b4 Remove Nimbus(Reactive)OpaqueTokenIntrospector 
Closes gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan
519ae241f4 Fix Mock for Spring(Reactive)OpaqueTokenIntrospector 
Issue gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan
9312fb7004 Remove Deprecated AuthorizationDecision Elements 
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 14:32:49 -06:00
Josh Cummings
d3e9e3138d
Remove AntPath and MvcRequestMatcher 
Closes gh-16886
Closes gh-16887
 2025-07-03 13:37:50 -06:00
Josh Cummings
919ae1d636
Use PathPatternRequestMatcher in oauth2 
Issue gh-16887
 2025-07-03 13:37:49 -06:00
Josh Cummings
7da352129c
Use PathPatternRequestMatcher in saml2 
Issue gh-16887
 2025-07-03 13:37:48 -06:00
Josh Cummings
3e53cc2c4a
Use PathPatternRequestMatcher in config 
This commit changes the config module to use
PathPatternRequestMatcher in favor of
MvcRequestMatcher and AntPathRequestMatcher.

This allows removing several HandlerMappingIntrospector
support classes as well which were in place to
support MvcRequestMatcher.

Issue gh-16886
Issue gh-16887
 2025-07-03 13:37:47 -06:00
Josh Cummings
98686a5139
Standardize Mock Request Paths 
Closes gh-17449
 2025-07-03 13:37:47 -06:00
Josh Cummings
d5f986f733
Deprecate createMvcMatchers 
Issue gh-16631
 2025-07-03 13:37:46 -06:00
Tran Ngoc Nhan
4d524b1fe1 Remove RelyingPartyRegistration Deprecations 
Closes gh-17309

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 13:15:44 -06:00
Soumik Sarker
526f8a6200 Removed deprecated class BearerTokenAuthenticationToken 
Issue gh-17309

Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-07-03 12:44:06 -06:00