spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2026-03-01 00:24:46 +00:00

Author	SHA1	Message	Date
Josh Cummings	bd51ecd691	Merge branch '7.0.x'	2026-02-26 17:10:28 -07:00
Josh Cummings	c29af014f4	Merge remote-tracking branch 'origin/6.5.x' into 7.0.x	2026-02-26 17:10:16 -07:00
Josh Cummings	4501ae7d1c	Update Reactive Resource Server startup exceptations Issue gh-16708 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2026-02-26 16:56:22 -07:00
Josh Cummings	48112d3d74	Polish Resource Server startup expectations Issue gh-16708 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2026-02-26 16:56:22 -07:00
[CLOUD4] 한현	b8735abb63	Clarify Resource Server startup expectations Clarify that Spring Boot defers OIDC discovery by default. Closes gh-16708 Signed-off-by: [CLOUD4] 한현 <gusgus1467@naver.com>	2026-02-26 16:56:22 -07:00
Josh Cummings	50caf0cb28	Merge branch '7.0.x'	2026-02-26 15:57:27 -07:00
Tran Ngoc Nhan	7c3c8bbdcb	Update Remember-Me example Closes gh-18639 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2026-02-26 15:28:32 -07:00
Josh Cummings	b7dbb12c66	Merge branch '7.0.x'	2026-02-26 15:10:18 -07:00
Josh Cummings	731848d5d3	Merge branch '6.5.x' into 7.0.x	2026-02-26 15:09:45 -07:00
Guillaume Husta	68a02ff176	Update Link to CRSF Docs in FAQ Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>	2026-02-26 14:47:21 -07:00
Josh Cummings	e30d9240c9	Add Docs for Custom Jwt Principal Converters Issue gh-6237 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2026-02-26 12:28:50 -07:00
Josh Cummings	4b0be84a0e	Merge branch '7.0.x'	2026-02-24 17:10:26 -07:00
Josh Cummings	73ee893d98	Merge remote-tracking branch 'origin/6.5.x' into 7.0.x	2026-02-24 17:10:14 -07:00
Josh Cummings	4d43edfb20	Polish Documentation - Combined explanation of method attribute with usage recommendations - Used one sentence per line format Issue gh-16530 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2026-02-24 14:24:11 -07:00
onhann	9f9699f8a5	Clarify need for method attribute in JSP authorize tag Closes gh-16530 This aligns the JSP documentation with the changes made in gh-16529. Added a NOTE to clarify that the method attribute is required when the underlying RequestMatcher is method-specific. Signed-off-by: onhann <gusgus1467@naver.com>	2026-02-24 14:24:11 -07:00
Robert Winch	0c394696ce	Fix servlet/architecture.adoc disable Sample - Switch `include-java` (does not exist) to `include-code` - Update kotlin to have the `disable` tag - Update to suppress deprecation use for User builder (allowed for samples) Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>	2026-02-23 17:03:17 -06:00
Joe Kuhel	62d1bc86e3	Update servlet architecture docs to use include-code Also update antora.xml to include-xml in docs/src/test/resources Signed-off-by: Joe Kuhel <4983938+jkuhel@users.noreply.github.com>	2026-02-23 16:37:16 -06:00
Rob Winch	3106f2be7b	Merge pull request #18757 from wonderfulrosemari/gh-4265-csrf-multipart-header Document multipart CSRF header option	2026-02-23 11:51:54 -06:00
Robert Winch	e1436c39f0	Merge Document Keberose Dependency Coordinates	2026-02-23 11:33:25 -06:00
Robert Winch	fec988c82d	Add Kerberos Migration Section This links to the updated dependency coordinates Issue gh-18773 Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>	2026-02-23 11:29:50 -06:00
busoco-sjb	17b434c1c1	Document the change in dependency coordinates with Spring Security 7 Signed-off-by: busoco-sjb <169069865+busoco-sjb@users.noreply.github.com>	2026-02-23 11:21:59 -06:00
Chen He	d65625e399	Update BCryptPasswordEncoder example in password-storage.adoc Replaces the usage of BCryptPasswordEncoder with BcryptPassword4jPasswordEncoder in documentation samples. Signed-off-by: Chen He <nidhogg55555@gmail.com>	2026-02-19 14:29:53 -06:00
Tran Ngoc Nhan	a539f056f7	Add `javadoc-warnings-error` Closes gh-18452 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2026-02-19 13:48:28 -06:00
Robert Winch	cc6a005aa5	Add InetAddressMatcher Co-authored-by: Gábor Vaspöri <gabor.vaspori@gmail.com> Co-authored-by: Kian Jamali <kianjamali123@gmail.com> Co-authored-by: Rossen Stoyanchev <rstoyanchev@users.noreply.github.com>	2026-02-19 11:44:19 -06:00
wonderfulrosemari	8d76ae0844	Document multipart CSRF header option Closes gh-4265 Signed-off-by: wonderfulrosemari <whwlsgur1419@naver.com>	2026-02-19 02:07:25 +09:00
Josh Cummings	705fa60a01	Document Method Security hasScope Support Issue gh-18013 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2026-02-10 15:23:32 -07:00
Josh Cummings	688b6ca733	Add Documentation for ExpressionJwtGrantedAuthoritiesConverter Closes gh-18300	2026-02-10 09:11:26 -07:00
Robert Winch	50fad46df6	Bump @antora/atlas-extension in /docs --- updated-dependencies: - dependency-name: "@antora/atlas-extension" dependency-version: 1.0.0-alpha.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-06 12:12:48 -06:00
dependabot[bot]	e28eea208b	Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.4 to 1.14.7. - [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc) - [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.4...v1.14.7) --- updated-dependencies: - dependency-name: "@springio/antora-extensions" dependency-version: 1.14.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-06 12:11:58 -06:00
dependabot[bot]	f646392542	Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs --- updated-dependencies: - dependency-name: "@antora/collector-extension" dependency-version: 1.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-06 12:11:57 -06:00
dependabot[bot]	52ca16fa4b	Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs Bumps [antora](https://gitlab.com/antora/antora) from 3.2.0-alpha.8 to 3.2.0-alpha.11. - [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc) - [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.8...v3.2.0-alpha.11) --- updated-dependencies: - dependency-name: antora dependency-version: 3.2.0-alpha.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-06 17:52:25 +00:00
arianna	3386e077e6	Fix typos in SAML 2.0 Documentation - Fix wrong docs link in Servlet - SAML2 Log In Overview - Fix examples in Servlet - SAML2 Authentication Responses - Fix examples in Servlet - SAML2 Logout Signed-off-by: arianna <arianna.comi03@gmail.com>	2026-02-05 17:35:25 -07:00
arianna	10490a7b92	Fix typos in OAuth 2.0 Resource Server Signed-off-by: arianna <arianna.comi03@gmail.com>	2026-02-05 17:35:25 -07:00
arianna	f1e742dfc5	Fix typos in Authorization Documentation Signed-off-by: arianna <arianna.comi03@gmail.com>	2026-02-05 17:35:25 -07:00
arianna	8e9480545e	Fix issue reports Closes gh-18376 Signed-off-by: arianna <arianna.comi03@gmail.com>	2026-02-05 17:35:25 -07:00
Josh Cummings	fc2fd63793	Merge branch '7.0.x'	2026-02-05 17:23:08 -07:00
Vincent Stradiot	075c48c0d8	Fix typo in documentation Signed-off-by: Vincent Stradiot <vincentstradiot@hotmail.com>	2026-02-05 17:22:43 -07:00
Joe Grandja	517bc7cb65	Polish gh-18614	2026-02-05 15:32:47 -05:00
Elayne Bloom	a2d407518c	Document ClientSettings Added documentation to describe the possible client configuration options when setting up an Oauth2 Authorization Server. Closes gh-18614 Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>	2026-02-05 15:32:46 -05:00
Joe Grandja	8f22fd4407	Merge branch '7.0.x'	2026-02-02 16:38:29 -05:00
Elayne Bloom	2c97b3376b	Document Client PKCE settings Updated the documentation to reflect recent changes to enable PKCE by default for `authorization_code` flows in the documentation for the client. Closes gh-18304 Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>	2026-02-02 16:30:27 -05:00
Vyacheslav	e029b3ac6f	Update authorize-http-requests.adoc Comma added for java configuration Signed-off-by: Vyacheslav <43342280+cmmttd@users.noreply.github.com>	2026-02-02 11:48:07 -06:00
Tran Ngoc Nhan	8bafd94b1f	Add `compile-warnings-error` Closes gh-18424 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2026-02-02 11:37:39 -06:00
Robert Winch	74b93a19f6	Externalize java-toolchain configuration We should not use subprojects to perform configuration becaause it does not allow for lazy loading and it can cause ordering problems. In this case, the toolchain was not being used but instead it was using the JAVA_HOME. By splitting the configuration into a plugin and applying it to each project it fixes the toolchain configuration	2026-01-26 22:06:36 -06:00
Robert Winch	35d103843b	Externalize java-toolchain configuration We should not use subprojects to perform configuration becaause it does not allow for lazy loading and it can cause ordering problems. In this case, the toolchain was not being used but instead it was using the JAVA_HOME. By splitting the configuration into a plugin and applying it to each project it fixes the toolchain configuration	2026-01-16 16:54:00 -06:00
Josh Cummings	30d6b3a02b	Merge branch '7.0.x'	2026-01-15 12:41:29 -07:00
Josh Cummings	1f39a3dd3e	Merge branch '6.5.x' into 7.0.x	2026-01-15 12:41:22 -07:00
Josh Cummings	84b124d29d	Merge branch '6.4.x' into 6.5.x	2026-01-15 12:41:16 -07:00
songhee	fee6a9bb0e	docs: add CurrentSecurityContext section and link references Signed-off-by: songhee <songhee9327@gmail.com>	2026-01-15 12:31:58 -07:00
Tran Ngoc Nhan	cfe13c7c76	Fix typos Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2026-01-15 10:52:01 -07:00

1 2 3 4 5 ...

2778 Commits