Josh Cummings
36f1de945f
Add OneTimeTokenAuthentication
...
Closes gh-17799
2025-08-22 15:46:54 -06:00
Josh Cummings
6663eea65f
Polish OTT Tests
...
Improve tests so that they do not rely on OneTimeTokenAuthenticationToken
as the concrete type.
Issue gh-17799
2025-08-22 15:46:53 -06:00
Rob Winch
f496ded4e5
AuthorizationManager allows null Authentication
...
It is possible to have a null Authentication and so the
AuthorizationManager APIs should allow for passing it in.
Closes gh-17795
2025-08-22 12:03:16 -05:00
Andrey Litvitski
47be93e694
Annotate AuthenticationTrustResolver methods with @Nullable
...
Since AuthenticationTrustResolver can handle null arguments (this is
also stated in the implementation of this interface), we should mark
these arguments as `@Nullable`.
Closes: gh-17764
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-08-19 22:02:59 -05:00
Josh Cummings
c45bc384da
Interpret Expression Templates by Default
...
Closes gh-17763
2025-08-18 15:45:57 -06:00
Tran Ngoc Nhan
dcd7490ddd
Polish javadoc
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-08-13 11:03:26 -06:00
Rob Winch
a5c38bdc94
Fix AuthorizationManager T Nullability
...
Previously AuthorizationManager declared the generic's Nullability
incorrectly. This commit marks it properly.
Closes gh-17667
2025-08-11 13:32:31 -05:00
Josh Cummings
eeb383ac46
Fix Checkstyle
...
Issue gh-17623
2025-08-07 14:32:18 -06:00
Josh Cummings
6d1a886f92
Deprecate SERIAL_VERSION_UID
...
Closes gh-17623
2025-08-07 11:09:35 -06:00
Josh Cummings
6f1232ce79
Address Checkstyle
...
Issue gh-17447
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
2025-08-05 09:15:56 -06:00
Mike Heath
93cb01612b
Add ExpressionTemplateValueProvider
...
Closes gh-17447
Signed-off-by: Mike Heath <michael.heath@familysearch.org>
2025-08-05 09:15:56 -06:00
Tran Ngoc Nhan
1a56023f7f
Use Spring Framework Nullability Annotations
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-31 10:18:51 -06:00
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header
...
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
2025-07-29 10:52:42 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core
...
Closes gh-17534
2025-07-22 16:29:13 -05:00
Josh Cummings
c312d18191
Add Publishing Predicate
...
Closes gh-17503
2025-07-09 17:33:10 -06:00
Tran Ngoc Nhan
242956a63c
Remove deprecated elements from DaoAuthenticationProvider
...
Closes gh-17298
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan
e52987d03c
Remove RoleHierarchyImpl Deprecations
...
Closes gh-17297
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:22:22 -06:00
Tran Ngoc Nhan
d8043dc8a7
Remove PrePostTemplateDefaults
...
Closes gh-17296
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan
9312fb7004
Remove Deprecated AuthorizationDecision Elements
...
Closes gh-17299
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 14:32:49 -06:00
Rob Winch
00ead7f24d
Update to Kotlin 2.2
2025-06-26 17:29:12 -05:00
Evgeniy Cheban
092bbfc8e7
ReactiveAuthorizationManager replace deprecated #check calls with #authorize
...
Closes gh-16936
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
Evgeniy Cheban
b0cecb37d2
Replace deprecated #check calls with #authorize
...
Closes gh-16936
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
dae won
9654e51bd4
Include UsernameNotFoundException in BadCredentialsException
...
Closes gh-16496
Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-06-02 16:12:47 -06:00
Josh Cummings
215547f8c8
Use UsernameNotFoundException Factory
...
Issue gh-17179
2025-05-28 14:13:02 -06:00
Josh Cummings
da2d9aa868
Add Username Property to Exception
...
Closes gh-17179
2025-05-28 14:12:27 -06:00
dae won
8612e952fe
Make AuthorizationProxyFactory#proxy Generic
...
Closes gh-16706
Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-05-23 14:48:11 -06:00
Tran Ngoc Nhan
8e2067bb3e
Remove deprecated MemberCategory#DECLARED_FIELDS
...
Issue gh-16889
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-23 14:36:54 -06:00
Tran Ngoc Nhan
88369cd252
Polish
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-23 14:36:54 -06:00
Josh Cummings
33a0a12a20
Merge branch '6.5.x'
2025-05-19 09:26:37 -06:00
Josh Cummings
c972de5369
Use .equals to Compare Methods
...
Closes gh-17143
2025-05-19 09:26:30 -06:00
Junhyeok Lee
e30dc42d1e
Update JdbcUserDetailsManager Javadoc and author
...
Signed-off-by: Junhyeok Lee <jhl221123@naver.com>
2025-05-14 13:41:02 -05:00
Junhyeok Lee
0722c2dc41
Implement UserDetailsPasswordService in JdbcUserDetailsManager
...
Signed-off-by: Junhyeok Lee <jhl221123@naver.com>
2025-05-14 13:41:02 -05:00
huhdy32
817938fa49
Add NullReturningMethodAuthorizationDeniedHandler
...
This implementation of MethodAuthorizationDeniedHandler returns null
when authorization is denied.
Closes gh-16705
Signed-off-by: huhdy32 <mong3268@gmail.com>
2025-05-14 11:45:48 -05:00
Shenker93
de622d1082
Improve JdbcUserDetailsManager.userExists method
2025-05-07 10:50:03 -05:00
Josh Cummings
d04f7071c2
Add Missing Serialization Samples
...
Closes gh-17038
2025-05-05 15:34:24 -06:00
Josh Cummings
34a9f57aa6
Merge branch '6.4.x'
2025-05-05 15:29:44 -06:00
Josh Cummings
c3c2bcd6b7
Ignore Serialization in Test Components
...
Since we don't need to ensure the serializability of test components
across versions, we can ignore missing version UIDs when those
test components aren't about testing Java serialization.
Issue gh-17038
2025-05-05 15:09:50 -06:00
Josh Cummings
bc9ae1eed6
Improve NPE Handling
2025-04-23 12:11:09 -06:00
Josh Cummings
216680bb50
Update Deprecated Spring Jdbc Usage
2025-04-23 11:29:18 -06:00
Josh Cummings
2ad859a63c
Add Missing Deprecation Markers
2025-04-23 11:29:18 -06:00
Josh Cummings
5841e35cae
Invert AuthorizeReturnObjectMethodInterceptor Dependency
...
Closes gh-16922
2025-04-10 15:48:09 -06:00
minseok.park
88a38013bb
Add validation for auth checks in AbstractUserDetailsAuthenticationProvider
...
Add assertions to validate that preAuthenticationChecks and
postAuthenticationChecks are not null during initialization.
This allows errors to be detected earlier in the application lifecycle.
Closes PR-16710
Signed-off-by: minseok.park <minseok.park@hyosung.com>
2025-03-27 16:46:23 -06:00
Josh Cummings
349964620e
Merge branch '6.4.x'
2025-03-27 16:44:12 -06:00
Josh Cummings
1ad4323cec
Merge branch '6.3.x' into 6.4.x
2025-03-27 16:43:43 -06:00
DingHao
1e7db094d1
Use correct message prompt
...
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-03-27 16:42:52 -06:00
Josh Cummings
40b84d3e44
Merge branch '6.4.x'
2025-03-27 16:34:39 -06:00
Josh Cummings
6c5b6d1c51
Merge branch '6.3.x' into 6.4.x
...
Closes gh-16837
2025-03-27 16:32:12 -06:00
Josh Cummings
456604ab45
Sort Default Advisors and Added Advisors
...
This commit ensures that the default advisors and added advisors
are sorted in the event that this component is not being published
as a Spring bean.
Issue gh-16819
2025-03-27 16:18:00 -06:00
Tran Ngoc Nhan
fcc1bd598d
Sort Advisors AfterSingletonsInstantiated
...
In order to make so that authorization advisors are sorted
only one time and also as part of the configuration lifecycle,
AuthorizationAdvisorProxyFactory now implements
SmartInitializingBean.
Closes gh-16819
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-27 16:18:00 -06:00
Josh Cummings
56e757a2a1
Provide Authentication to AuthenticationExceptions
...
Issue gh-16444
2025-03-21 21:54:32 -06:00