spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-30 08:42:13 +00:00

Author	SHA1	Message	Date
Josh Cummings	215547f8c8	Use UsernameNotFoundException Factory Issue gh-17179	2025-05-28 14:13:02 -06:00
Max Batischev	f4b8e2421a	Add Support Credentialless COEP Header Closes gh-16991 Signed-off-by: Max Batischev <mblancer@mail.ru>	2025-05-23 14:45:59 -06:00
John Niang	9ba5c7b2ce	Add SwitchUserGrantedAuthority to Web Jackson Module Closes gh-17041 Signed-off-by: John Niang <johnniang@foxmail.com>	2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan	8e2067bb3e	Remove deprecated `MemberCategory#DECLARED_FIELDS` Issue gh-16889 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-05-23 14:36:54 -06:00
Josh Cummings	c9bbf3787b	Merge branch '6.5.x'	2025-05-23 11:36:22 -06:00
Josh Cummings	8aaa9c28fa	Merge branch '6.4.x' into 6.5.x	2025-05-23 11:36:01 -06:00
Josh Cummings	2989d12743	Merge branch '6.3.x' into 6.4.x	2025-05-23 11:35:25 -06:00
Joaquin Santana	c0568ea9b0	Log Request Mismatch Only When Mismatches Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>	2025-05-23 11:34:48 -06:00
universe	50f8ad55a8	Remove Redundant Punctation in JavaDoc Signed-off-by: universe <daofei8754@126.com>	2025-05-23 10:05:27 -05:00
Josh Cummings	e19c9995ae	Merge branch '6.5.x'	2025-05-19 09:46:36 -06:00
Josh Cummings	78dd02a4c1	Merge branch '6.4.x' into 6.5.x Closes gh-17147	2025-05-19 09:46:24 -06:00
Josh Cummings	edc8735eb8	Merge branch '6.3.x' into 6.4.x Closes gh-17146	2025-05-19 09:46:10 -06:00
Mark Putsiata	cae3467a8d	Improve AbstractPreAuthenticatedProcessingFilter docs Clarify misleading SecurityContextRepository setter documentation. Note that AbstractPreAuthenticatedProcessingFilter saves the SecurityContext upon successful authentication, and this behavior can be customized via the setSecurityContextRepository setter. Closes gh-14137 Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>	2025-05-19 09:45:53 -06:00
Tran Ngoc Nhan	86550fb84b	Cleanup code Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-05-13 12:40:18 -06:00
yybmion	d48c463c03	Add logging to CsrfTokenRequestHandler implementations Add trace-level logging to show the logical path of CSRF token processing - Log token source (header or parameter) in resolveCsrfTokenValue - Log request attribute names in handle methods - Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding) - Add similar logging to XorServerCsrfTokenRequestAttributeHandler Improves debugging capabilities without changing functionality. Closes gh-13626 Signed-off-by: yybmion <yunyubin54@gmail.com>	2025-05-12 18:49:40 -06:00
yybmion	a90ce5142c	Add logging to CsrfTokenRequestHandler implementations Add trace-level logging to show the logical path of CSRF token processing - Log token source (header or parameter) in resolveCsrfTokenValue - Log request attribute names in handle methods - Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding) - Add similar logging to XorServerCsrfTokenRequestAttributeHandler Improves debugging capabilities without changing functionality. Closes gh-13626 Signed-off-by: yybmion <yunyubin54@gmail.com>	2025-05-12 18:48:45 -06:00
Tran Ngoc Nhan	1e4dd713c5	Remove APPLICATION_JSON_UTF8 usage Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-05-07 14:59:14 -05:00
Rob Winch	6118587ff8	SavedCookieMixinTests uses readValue(String,Object.class) The test should not provide SavedCookie.class to the ObjectMapper since this is not done in production. In particular, it provides the type that it should be deserialized, but this must be provided in the JSON since the type is unknown at the time of deserialization. Issue gh-17006	2025-05-07 14:55:54 -05:00
M-Faheem-Khan	241c3cd35a	Remove deprecated Cookie usage Remove usage of comment and verison usage Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>	2025-05-07 14:55:54 -05:00
Rob Winch	5f833fa236	Fix Checkstyle Errors	2025-05-07 10:50:41 -05:00
milaneuh	7fda87aecd	Remove deprecated methods from CookieServerCsrfTokenRepository	2025-05-07 10:50:41 -05:00
Rob Winch	b453840c0a	HttpHeaders no longer a MultiValueMap Closes gh-17060	2025-05-06 13:27:13 -05:00
Rob Winch	e5e962ef90	Jakarta Cookie HttpOnly Serialization The new specification represents Cookie attribute using HttpOnly: "" vs HttpOnly: "true". This updates the test to correspond to the new Servlet specification and is a breaking change related to jakarta updates.	2025-05-06 13:27:13 -05:00
Rob Winch	607705347c	MediaType.sortBySpecificityAndQuality->sortBySpecificity Closes gh-17059	2025-05-06 13:26:17 -05:00
Rob Winch	66319fc3bc	MockServerHttpRequest.method(String,String)->method(HttpMethod,String) Closes gh-17058	2025-05-06 13:26:16 -05:00
Rob Winch	cb0fdef236	Remove MediaType.APPLICATION_JSON_UTF Closes gh-17050	2025-05-06 13:26:14 -05:00
Zhoudong	6624e302ac	Favor Spring Framework NonNull over Reactor NonNull Signed-off-by: Zhoudong <jearton@users.noreply.github.com>	2025-05-06 10:52:05 -06:00
Josh Cummings	aa338e9b0d	Merge branch '6.4.x'	2025-05-02 10:58:22 -06:00
Josh Cummings	57fc29e614	Merge branch '6.3.x' into 6.4.x Closes gh-17032	2025-05-02 10:57:55 -06:00
Josh Cummings	e48f26e51e	Propagate StrictFirewallRequest Wrapper Closes gh-16978	2025-05-02 10:57:07 -06:00
Max Batischev	c855453e40	Fix Typo In SubjectDnX509PrincipalExtractorTests Signed-off-by: Max Batischev <mblancer@mail.ru>	2025-04-29 12:25:41 -06:00
Tran Ngoc Nhan	29380a87a0	Polish javadoc Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-04-23 14:36:45 -06:00
Max Batischev	8525f0e3fd	Add FunctionalInterface To X509PrincipalExtractor Closes gh-16949 Signed-off-by: Max Batischev <mblancer@mail.ru>	2025-04-23 14:27:42 -06:00
Josh Cummings	7d6bdfedc8	Add Null Guard for Authorization Result	2025-04-23 12:11:10 -06:00
Josh Cummings	0ab01eac14	Update Deprecated Security Usage	2025-04-23 12:11:08 -06:00
Josh Cummings	216680bb50	Update Deprecated Spring Jdbc Usage	2025-04-23 11:29:18 -06:00
Josh Cummings	2ad859a63c	Add Missing Deprecation Markers	2025-04-23 11:29:18 -06:00
Josh Cummings	3f7f3dabe7	Correct JavaDoc Class Reference	2025-04-23 11:29:18 -06:00
Daeho Kwon	9908d96644	DeferredCsrfToken Implements Supplier Closes gh-16870 Signed-off-by: Daeho Kwon <trewq231@naver.com>	2025-04-09 14:24:11 -06:00
Josh Cummings	f93a7a2f85	Deprecate HandlerMappingIntrospectorRequestTransformer Closes gh-16536	2025-04-07 13:56:18 -06:00
chu3la	8cbe02e3aa	Update WebAuthn Test Objects Class Names Closes gh-16604 Signed-off-by: chu3la <elmansouri.houssam@gmail.com>	2025-04-03 16:33:34 -06:00
Josh Cummings	4cdc6dab21	Fix Formatting Issue gh-16604	2025-04-03 12:55:51 -06:00
Vasanth	04d7130975	Update WebAuthn Test Objects Class Names Renamed the WebAuthn test object class names Closes gh-16604 Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>	2025-04-03 12:55:50 -06:00
Josh Cummings	b7d399ab89	Merge branch '6.4.x'	2025-04-01 12:02:53 -06:00
Josh Cummings	0954638d57	Merge branch '6.3.x' into 6.4.x Closes gh-16862	2025-04-01 12:02:25 -06:00
DingHao	857ef6fe08	WithHttpOnlyCookie defaults to false Closes gh-16820 Signed-off-by: DingHao <dh.hiekn@gmail.com>	2025-04-01 11:59:51 -06:00
Max Batischev	9a897d0b62	Add Support Postgres To JdbcUserCredentialRepository Closes gh-16832 Signed-off-by: Max Batischev <mblancer@mail.ru>	2025-03-31 16:43:36 -06:00
wtigerhyunsu	bdbf6a2be3	Add toString() to IpAddressMatcher.java Closes gh-16795 Signed-off-by: wtigerhyunsu <jack951@naver.com>	2025-03-27 16:38:53 -06:00
Josh Cummings	99345537d6	Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter Issue gh-16417	2025-03-26 16:38:39 -06:00
Josh Cummings	15d9c13984	Add RequestMatcher MigrationPath for SwitchUserFilter To simplify migration, the filter's setter methods still use AntPathRequestMatcher. Users can call the equivalent RequestMatcher setter methods to opt-in to the change early. Issue gh-16417	2025-03-26 16:38:38 -06:00

1 2 3 4 5 ...

1972 Commits