Andrey Litvitski
2fbe8dd8f6
Make Stricter IP Format Check
...
Closes gh-17499
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-31 10:30:57 -06:00
Josh Cummings
6873685fd0
Merge remote-tracking branch 'origin/6.5.x'
2025-07-31 10:12:39 -06:00
Tim Boeckstaens
f180a04b74
Use final values in equals and hashCode
...
Closes gh-17584
Signed-off-by: Tim Boeckstaens <boeckstaenstim@gmail.com>
2025-07-31 10:12:24 -06:00
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header
...
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
2025-07-29 10:52:42 -05:00
Rob Winch
2fdca16c1a
Merge branch '6.4.x' into 6.5.x
...
Closes gh-17634
2025-07-29 09:47:52 -05:00
Rob Winch
392129b616
Use 2004-present Copyright Header
...
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.
The commit updated etc/checkstyle/header.txt
It also updated the copyright headers using the following find/replace:
Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.
Closes gh-17633
2025-07-29 09:45:23 -05:00
Rob Winch
34742c9743
Reapply "Move webauthn runtimehints to spring-security-webauthn"
...
This reverts commit 9489ab48abcbd192d87e5535f2459804d9826a80.
2025-07-23 13:32:34 -05:00
Rob Winch
9489ab48ab
Revert "Move webauthn runtimehints to spring-security-webauthn"
...
This reverts commit fe411896af5ae5d5b50babfa292152335a3bf193.
2025-07-23 09:22:47 -05:00
Rob Winch
fe411896af
Move webauthn runtimehints to spring-security-webauthn
...
Issue gh-17586
2025-07-23 09:20:39 -05:00
Rob Winch
79cd982341
Extract spring-security-webauthn
...
Closes gh-17586
2025-07-22 17:18:38 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core
...
Closes gh-17534
2025-07-22 16:29:13 -05:00
DingHao
dadf4c0b8a
Remove shouldFilterAllDispatcherTypes
...
Closes gh-12139
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-07-14 12:34:16 -06:00
Josh Cummings
b7ae9910b5
Remove Deprecated CookieServerCsrfTokenRepository Methods
...
Closes gh-14132
2025-07-10 11:13:37 -06:00
Josh Cummings
ee2b826362
Use setCookieCustomizer
...
Issue gh-14132
2025-07-10 11:13:21 -06:00
Josh Cummings
dadf10899c
Add WebExpressionAuthorizationManager.Builder
...
Closes gh-17504
2025-07-09 17:33:10 -06:00
Josh Cummings
c06b1f4916
Remove LazyCsrfTokenRepository
...
Closes gh-13196
2025-07-09 13:47:06 -06:00
Rob Winch
e48fdd5ed4
Use UserWebTestClientConfigurer
...
Closes gh-17496
2025-07-07 15:15:51 -05:00
Josh Cummings
74771a3d42
Merge branch '6.5.x'
2025-07-07 11:43:25 -06:00
Josh Cummings
ea3ba62022
Correct Servlet Path JavaDoc
...
Initially PathPatternRequestMatcher was designed to match relative
to the servlet path. However, this was changed to be relative to
the context path. This commit updates the documentation and removes
references to the servlet path other than in the context of setting
a basePath to remove boilerplate.
Issue gh-16430
2025-07-07 11:34:29 -06:00
Andrey Litvitski
596d44757a
Remove RequestVariablesExtractor
...
Closes gh-17308
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-03 14:41:12 -06:00
Tran Ngoc Nhan
9312fb7004
Remove Deprecated AuthorizationDecision Elements
...
Closes gh-17299
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 14:32:49 -06:00
Josh Cummings
d3e9e3138d
Remove AntPath and MvcRequestMatcher
...
Closes gh-16886
Closes gh-16887
2025-07-03 13:37:50 -06:00
Josh Cummings
e8ed0f1b03
Use PathPatternRequestMatcher in web
...
Issue gh-16887
2025-07-03 13:37:48 -06:00
Josh Cummings
3e53cc2c4a
Use PathPatternRequestMatcher in config
...
This commit changes the config module to use
PathPatternRequestMatcher in favor of
MvcRequestMatcher and AntPathRequestMatcher.
This allows removing several HandlerMappingIntrospector
support classes as well which were in place to
support MvcRequestMatcher.
Issue gh-16886
Issue gh-16887
2025-07-03 13:37:47 -06:00
Josh Cummings
f709a9efef
Add pathPattern Factory Methods
...
Closes gh-17476
2025-07-03 13:37:47 -06:00
Josh Cummings
98686a5139
Standardize Mock Request Paths
...
Closes gh-17449
2025-07-03 13:37:47 -06:00
Josh Cummings
d869686d09
Add TestMockHttpServleRequests
...
Closes gh-17450
2025-07-03 13:37:46 -06:00
Deep Dhamala
081c92a9e5
Improve logging clarity in CsrfFilter
...
Update toString() method in DefaultRequiresCsrfMatcher to better reflect its logic during trace-level logging.
Closes gh-17250
Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
2025-07-03 13:00:55 -06:00
Josh Cummings
890049c6f7
Merge remote-tracking branch 'origin/6.5.x'
2025-07-02 13:19:00 -06:00
Andrey Litvitski
25d51a0d99
Include HTTP Method in equals and hashCode
...
Closes gh-17180
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-02 13:18:36 -06:00
Tran Ngoc Nhan
709f5db0e5
Polish Webauthn4JRelyingPartyOperations
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-17 13:35:52 -05:00
Evgeniy Cheban
092bbfc8e7
ReactiveAuthorizationManager replace deprecated #check calls with #authorize
...
Closes gh-16936
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
Evgeniy Cheban
b0cecb37d2
Replace deprecated #check calls with #authorize
...
Closes gh-16936
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
Rob Winch
2b740b7f1f
Update SubjectX500PrincipalExtractor Javadoc
...
- Provide more details on how the principalName is extracted
- Update to specify an OID is used for emailAddress
2025-06-12 12:09:20 -05:00
Rob Winch
f690a7f3df
Encapsulate extractPrincipalNameFromEmail property
...
This simplifies the logic when extracting the principal and allows
more flexibility in the future by allowing the format and regex to be
added as setters.
2025-06-12 12:09:20 -05:00
Rob Winch
5f2efbea6a
Remove unused statement
2025-06-12 12:09:20 -05:00
Max Batischev
aba437d469
Add Support SubjectX500PrincipalExtractor
...
Closes gh-16980
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-12 12:09:20 -05:00
Joe Grandja
98c3453aa4
Merge branch '6.5.x'
2025-06-06 07:19:08 -04:00
Joe Grandja
d622183e62
Merge branch '6.4.x' into 6.5.x
...
Closes gh-17216
2025-06-06 07:06:12 -04:00
Joe Grandja
a377175455
Merge branch '6.3.x' into 6.4.x
...
Closes gh-17215
2025-06-06 06:50:45 -04:00
Andrey Litvitski
b0f8aa5ea0
Fix to allow multiple AuthenticationFilter instances to process each request
...
Closes gh-17173
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-06-06 06:37:03 -04:00
Josh Cummings
215547f8c8
Use UsernameNotFoundException Factory
...
Issue gh-17179
2025-05-28 14:13:02 -06:00
Max Batischev
f4b8e2421a
Add Support Credentialless COEP Header
...
Closes gh-16991
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-05-23 14:45:59 -06:00
John Niang
9ba5c7b2ce
Add SwitchUserGrantedAuthority to Web Jackson Module
...
Closes gh-17041
Signed-off-by: John Niang <johnniang@foxmail.com>
2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan
8e2067bb3e
Remove deprecated MemberCategory#DECLARED_FIELDS
...
Issue gh-16889
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-23 14:36:54 -06:00
Josh Cummings
c9bbf3787b
Merge branch '6.5.x'
2025-05-23 11:36:22 -06:00
Josh Cummings
8aaa9c28fa
Merge branch '6.4.x' into 6.5.x
2025-05-23 11:36:01 -06:00
Josh Cummings
2989d12743
Merge branch '6.3.x' into 6.4.x
2025-05-23 11:35:25 -06:00
Joaquin Santana
c0568ea9b0
Log Request Mismatch Only When Mismatches
...
Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>
2025-05-23 11:34:48 -06:00
universe
50f8ad55a8
Remove Redundant Punctation in JavaDoc
...
Signed-off-by: universe <daofei8754@126.com>
2025-05-23 10:05:27 -05:00