Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-18 23:10:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,073 Commits 49 Branches 376 Tags
Commit Graph

639 Commits

Author SHA1 Message Date
Onur Kagan Ozcan
034b5e9e93 Introduce LogoutSuccessEvent 
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
 2019-09-18 10:57:16 -05:00
Josh Cummings
05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings
1176d0cfdb
Polish DefaultFilters,Issue55Tests 
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code

Issue gh-4939
 2019-09-16 13:56:17 -06:00
kostya05983
950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java 
Issue gh-4939
 2019-09-16 13:37:22 -06:00
Josh Cummings
101e0a21a8 Bearer WebClient Filter Authentication Propagation 
Fixes: gh-7418
 2019-09-11 16:27:21 +01:00
Rob Winch
96d44cd4b7 Add Default RSocketSecurity 
Fixes gh-7361
 2019-09-09 16:10:55 -05:00
Rob Winch
5d0815bc76 Allow RSocketMessageHandlerITests to timeout 
Fixes gh-7415
 2019-09-09 16:10:50 -05:00
Rob Winch
6296e6e896 RSocketSecurity delegates to correct matcher 
Fixes gh-7414
 2019-09-09 16:09:23 -05:00
Rob Winch
1b699a49fb Polish RSocket packaging 
Fixes gh-7413
 2019-09-09 16:07:14 -05:00
Rob Winch
9639962e27 Fix RSocket Package Tangle 
Issue gh-7360
 2019-09-05 16:27:57 -05:00
Rob Winch
7ad641d106 RSocket Tests use Available Port 
Issue gh-7360
 2019-09-05 09:16:07 -05:00
Josh Cummings
26a65249f9
Remove invalid characters 2019-09-05 04:32:34 -06:00
Rob Winch
5a4eded696 Add RSocket Support 
Fixes gh-7360
 2019-09-04 19:24:01 -05:00
Josh Cummings
de672e3ae9
Polish oauth2ResourceServer() Error Messaging 
Fixes: gh-6876
 2019-09-04 11:49:22 -06:00
Josh Cummings
1fc5b27fa2
Update LogoutConfigurerClearSiteData Tests 
Issue gh-7347
 2019-09-04 03:30:37 -06:00
Josh Cummings
068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Eddú Meléndez
8773c7994f Allow to set default securityContextRepository for each authentication mechanisms 
Fixes gh-7249
 2019-09-03 07:46:59 -06:00
Josh Cummings
d6d0d89ff8
NamespaceRememberMeTests groovy->java 
Issue gh-4939
 2019-09-02 13:08:21 -06:00
Josh Cummings
bf5b693549
NamespaceHttpOpenIDLoginTests groovy->java 
Issue gh-4939
 2019-08-30 15:54:43 -06:00
Rob Winch
71444ff5dc RequestCache ignores multipart requests 
Fixes gh-7060
 2019-08-15 09:21:41 -05:00
Ahmed Sayed
1ab05dae02 added test 2019-08-14 21:35:34 +02:00
Rob Winch
abc90280e0
Add unbounid support in xml 
Add unbounid support in xml

Fixes gh-6011
 2019-08-14 10:05:49 -05:00
Lars Grefer
cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Eddú Meléndez
2e63def05b Add tests 2019-08-14 00:56:26 -05:00
Eddú Meléndez
c03fb701ce Improve logic to pick embedded server 2019-08-13 20:36:46 -05:00
Josh Cummings
4ed197e515 Rename OAuth2TokenIntrospectionClient 
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
 2019-08-12 18:05:28 -04:00
Rob Winch
c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Eddú Meléndez
9b2af944fa Add unbounid support in xml 
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.

Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.

Fixes gh-6011
 2019-08-10 19:07:45 -05:00
Francesco Chicchiriccò
0410bac559 Add support for oauth2Login().securityContextRepository(...) 
Fixes gh-7222
 2019-08-10 15:56:20 -04:00
Lars Grefer
ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer
05f42a4995 Remove unused imports 2019-08-08 14:22:31 -04:00
Josh Cummings
a00ad37168
OAuth2LoginConfigurer UserService Beans 
Fixes gh-7232
 2019-08-07 10:58:23 -06:00
Eddú Meléndez
2c836a171a Add authenticationFailureHandler method in OAuth2LoginSpec 
Allow to customize the failure handler.

Fixes gh-7051
 2019-08-05 14:09:11 -05:00
Lars Grefer
776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Eleftheria Stein
0b4502b2c5 Remove exceptions from lambda security configuration 
Fixes: gh-7128
 2019-07-30 08:31:37 -05:00
Joe Grandja
c05b0765c1 Introduce OAuth2AuthorizedClient Manager/Provider 
Fixes gh-6845
 2019-07-25 11:12:54 -04:00
Eleftheria Stein
a288ce4b00 Support nested builder in DSL for reactive apps 
Fixes: gh-7107
 2019-07-23 15:57:10 -05:00
Édouard Hue
e8dd1325fd Fixed misleading OAuth2 error messages 
Error messages sent by BearerTokenAccessDeniedHandler included
information about the scopes of the rejected token instead of
the scopes required by the resource.
* Removal of token scopes from error_description attribute.
* Removal of scope attribute from WWW-Authenticate response header.

Fixes gh-7089
 2019-07-18 07:01:33 -04:00
Michael Vitz
09e8ae42ed Allow configuration of SessionAuthenticationStrategy for CSRF 
Closes gh-5300
 2019-07-16 07:47:13 -05:00
Rob Winch
ea54d9014d
DSL nested builder for HTTP security 
DSL nested builder for HTTP security

Fixes gh-5557
 2019-07-12 16:09:19 -05:00
Eleftheria Stein
7961b819aa Allow configuration of session fixation and concurrency through nested builder 
Issue: gh-5557
 2019-07-12 13:53:55 -04:00
Lars Grefer
3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer
c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Eleftheria Stein
4b2539df10 Allow configuration of oauth2 resource server through nested builder 
Issue: gh-5557
 2019-07-09 16:11:26 -04:00
Eleftheria Stein
415760838f Allow configuration of oauth2 client through nested builder 
Issue: gh-5557
 2019-07-09 16:03:46 -04:00
Eleftheria Stein
e47389e60b Allow configuration of oauth2 login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
bf1bbd14e9 Allow configuration of openid login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
c3dad06ea6 Allow configuration of request matchers through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
1ad9f15e19 Allow configuration of requires channel through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
ae8e12f049 Allow configuration of anonymous through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00