Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-20 00:07:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,233 Commits 45 Branches 354 Tags
Commit Graph

3133 Commits

Author SHA1 Message Date
Josh Cummings
3396890d8b
Propagate AccessDeniedException Only to ExceptionTranslationFilter 
Closes gh-17761
 2025-08-18 17:04:19 -06:00
Josh Cummings
714781df78 Isolate AOT Test to Security Components 
PR gh-17724
 2025-08-18 09:05:03 -05:00
Josh Cummings
a04b026000 Disable Test 
Issue gh-17747
PR gh-17724
 2025-08-18 09:05:03 -05:00
Josh Cummings
aeb2dbc2b6
Move PathPatternRequestMatcher.Builder to Shared Object 
This commit changes the DSL to look for a shared object
instead of publishing a bean for PathPatternRequestMatcher.Builder.

Closes gh-17746
 2025-08-18 06:31:31 -06:00
Josh Cummings
890c11d428
Polish SecurityNamespaceHandler Version Checking 
PR gh-17689
 2025-08-15 17:26:57 -06:00
seongm1n
01401f1c67 Replace "shameless coverage code" in SecurityNamespaceHandlerTests 
Signed-off-by: seongm1n <0411tjdals34@gmail.com>
 2025-08-15 16:26:31 -06:00
Josh Cummings
5506c487de
Remove OpenSaml4 Components 
Issue gh-17707
 2025-08-14 18:01:02 -06:00
Josh Cummings
057b7c68fb
Add Serializable Sample 
Closes gh-17728
 2025-08-14 16:39:49 -06:00
Josh Cummings
7b1c917593
Merge branch '6.5.x' 2025-08-14 16:34:48 -06:00
Josh Cummings
9b7e0e10fc
Add Serializable Sample 
Closes gh-17727
 2025-08-14 16:20:06 -06:00
Josh Cummings
4fab90b2b8
Merge branch '6.4.x' into 6.5.x 2025-08-14 15:54:16 -06:00
Josh Cummings
10948b5b7a
Make OpenSamlAssertingPartyDetails Serializable 
Closes gh-17622
 2025-08-14 15:52:58 -06:00
Joe Grandja
df3080b0e2 Merge branch '6.5.x' 2025-08-12 14:45:23 -04:00
Joe Grandja
518ae27105 Fix JwtDecoderFactory ClassNotFoundException with DPoP authentication 
Closes gh-17249
 2025-08-12 14:28:30 -04:00
Josh Cummings
6d1a886f92 Deprecate SERIAL_VERSION_UID 
Closes gh-17623
 2025-08-07 11:09:35 -06:00
Tran Ngoc Nhan
d6e378e9bb Apply Diamond Operator 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-31 10:59:55 -06:00
Deep Dhamala
ca557a9880 Simplify Error Message for Unsupported Security XSD Versions 
Closes gh-17153

Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
 2025-07-31 10:40:54 -06:00
Tran Ngoc Nhan
1a56023f7f Use Spring Framework Nullability Annotations 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-31 10:18:51 -06:00
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch
2fdca16c1a
Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch
392129b616
Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Rob Winch
79cd982341
Extract spring-security-webauthn 
Closes gh-17586
 2025-07-22 17:18:38 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
Rob Winch
85dc06bbdf
Merge branch '6.5.x' 
Closes gh-17581
 2025-07-21 09:30:11 -05:00
Rob Winch
80ccb9b3cf
Merge branch '6.4.x' into 6.5.x 
Closes gh-17580
 2025-07-21 09:29:20 -05:00
Rob Winch
829af961f0
Use Meaningful Configurer Names in Test 
This just renames the Configurer names used in
AbstractConfiguredSecurityBuilderTests to be more meaningful.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch
fca704e61f
Fix getConfigurersInInitializing Semantics 
A getter should not mutate state. This removes getConfigurersInInitializing
in favor of inline code since this is just used once.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch
ea9dd2728e
Support add nested security configurers during builder initialization 
Closes gh-17011

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-21 09:27:27 -05:00
Josh Cummings
63e0a56bee
Add setBasePath 
Originally, it was thought that this feature would be rather uncommon;
however, given some feedback from the Boot team, it makes sense to make
this easier to configure.

Of specific note is migrating from an earlier version were the
servlet path did not need to be specified in authorizeHttpRequests.
Since it does in 7, this will be a significant migration for those
who have a servlet path configured. This setter simplifies that a great
deal, including simplifying Boot's support of it.

Closes gh-17579
 2025-07-20 22:57:06 -06:00
Josh Cummings
15fc898804
Make DataTargetVisitor package-private 
Closes gh-17561
 2025-07-18 11:03:21 -06:00
Joe Grandja
a1f5b343ab Merge branch '6.5.x' 2025-07-18 09:01:01 -04:00
Joe Grandja
ecec7cb98f Merge branch '6.4.x' into 6.5.x 
Closes gh-17557
 2025-07-18 08:40:31 -04:00
Marcus Hert da Coregio
2a38de48b8 Fix securityContextRepository() initialization in oauth2Login() DSL 
Closes gh-17502

Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>
 2025-07-18 07:48:05 -04:00
Josh Cummings
25f69e92c7
Merge branch '6.5.x' 2025-07-17 18:04:52 -06:00
Josh Cummings
72eb3065de
Remove AuthorizationWebProxyConfiguration From Reactive 
Closes gh-17545
 2025-07-17 17:42:45 -06:00
DingHao
dadf4c0b8a Remove shouldFilterAllDispatcherTypes 
Closes gh-12139

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-14 12:34:16 -06:00
DingHao
5fefdd5bb3 Remove AbstractConfiguredSecurityBuilder apply 
Closes gh-13441

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-11 16:13:25 -06:00
Josh Cummings
4d3024cb49
Remove MessageSecurityMetadataSourceRegistry 
Issue gh-17295
 2025-07-10 14:38:03 -06:00
Josh Cummings
684775b46a
Use PathPatternMessageMatcher By Default 
Issue gh-17501
 2025-07-10 14:38:03 -06:00
Josh Cummings
ec16322000
Merge branch '6.5.x' 2025-07-10 13:19:14 -06:00
Josh Cummings
bc0d706275
Use PathPatternMessageMatcher.Builder in XML Config 
Closes gh-17508
 2025-07-10 13:16:14 -06:00
Josh Cummings
7f8b9c895f
Use with Instead of Apply 
Issue gh-13204
 2025-07-09 18:58:23 -06:00
Josh Cummings
728b5224cb
Add withDefaults Shortcut for Custom Configurers 
Issue gh-13204
 2025-07-09 18:58:23 -06:00
Josh Cummings
f1725b25a0
Remove authorizeRequests 
Closes gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings
2c87270dbc
Use authorizeHttpRequests 
Issue gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings
da182a2d7c
Remove Deprecated OpenSaml Components 
Closes gh-17306
 2025-07-09 14:06:51 -06:00
Rob Winch
e48fdd5ed4
Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Tran Ngoc Nhan
a439bc65d6 Remove EnableWebMvcSecurity 
Closes gh-17294

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:46:03 -06:00
Josh Cummings
19e88f5e35 Polish Tests 
Issue gh-17298
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan
242956a63c Remove deprecated elements from DaoAuthenticationProvider 
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:38:34 -06:00