6530777742
Merge branch '5.5.x' into 5.6.x
...
Closes gh-dry-run
2022-10-28 11:31:50 -05:00
1f481aafff
Fix AuthorizationFilter incorrectly extending OncePerRequestFilter
...
Closes gh-12102
2022-10-28 11:29:35 -05:00
ead587c597
Consistently handle RequestRejectedException if it is wrapped
...
Closes gh-11645
2022-08-09 08:32:42 -03:00
e97c5a533b
Reverse content type check
...
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.
closes gh-11204
Closes gh-11205
2022-06-06 15:47:35 -05:00
66d1cd592a
StrictHttpFirewall allows CJKV characters
...
Closes gh-11264
2022-05-18 09:04:46 -05:00
077c9e0b3e
StrictHttpFirewall allows CJKV characters
...
Closes gh-11264
2022-05-18 08:56:57 -05:00
c6461d61ba
AntRegexRequestMatcher Optimization
...
Closes gh-11234
2022-05-16 10:18:12 -05:00
4405cf18f3
Extract rejectNonPrintableAsciiCharactersInFieldName
...
Closes gh-11234
2022-05-16 10:18:11 -05:00
70863952ae
AntRegexRequestMatcher Optimization
...
Closes gh-11234
2022-05-16 10:17:44 -05:00
af95be34c6
Extract rejectNonPrintableAsciiCharactersInFieldName
...
Closes gh-11234
2022-05-16 10:17:44 -05:00
9792e2a0fa
Use ServletContext in AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10908
2022-03-28 10:21:15 -03:00
c67632225d
Use ServletContext in AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10908
2022-03-28 10:13:40 -03:00
44508df940
AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
...
Closes gh-10950
2022-03-09 15:38:11 -03:00
70b67cd2f1
AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
...
Closes gh-10950
2022-03-09 15:22:21 -03:00
f0c548cee7
Invert Log Messages
...
Closes gh-10909
2022-02-28 13:17:01 -07:00
a09f6e15ad
Polish ignoring() log messaging
...
- Public API remains unchanged
Issue gh-9334
2022-02-07 15:22:49 -07:00
7e0302be5c
Print ignore message DefaultSecurityFilterChain
...
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.
Closes gh-9334
2022-02-07 15:22:49 -07:00
f53c65b3a0
Polish ignoring() log messaging
...
- Public API remains unchanged
Issue gh-9334
2022-02-07 15:07:29 -07:00
0be772ff5b
Print ignore message DefaultSecurityFilterChain
...
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.
Closes gh-9334
2022-02-07 15:07:29 -07:00
893b651aea
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext
...
Closes gh-10779
2022-01-31 09:57:34 -03:00
a041e7c943
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext
...
Closes gh-10779
2022-01-31 09:50:17 -03:00
04f3bbcefa
javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
c67ee6f2a8
javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
ca353d6781
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:19:13 -07:00
6c5ac0d8ec
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:09:21 -07:00
60595f2801
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:22:58 -03:00
e7e3f06044
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:22:13 -03:00
994e93741b
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2022-01-05 14:06:47 -03:00
04e1a11e35
Add RequestMatcherEntry
2022-01-05 14:06:47 -03:00
547056d5cc
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2022-01-05 14:06:47 -03:00
ba810e468f
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2022-01-05 14:01:57 -03:00
40dfe8f259
Add RequestMatcherEntry
2022-01-05 14:00:47 -03:00
b448954f43
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2022-01-05 13:57:36 -03:00
47b8860681
Update copyright year
...
Issue gh-10557
2021-12-01 17:36:52 -06:00
c7ffd2513a
Update copyright year
...
Issue gh-10557
2021-12-01 17:36:19 -06:00
828cac8889
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:19:33 -06:00
b3e0f167ff
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:01:06 -06:00
2bf7a5ae80
Improve log message when no CSRF token found
...
Closes gh-10436
2021-11-19 08:37:25 -03:00
caad3d57e2
Improve log message when no CSRF token found
...
Closes gh-10436
2021-10-29 14:06:17 -03:00
00f4033b9b
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-22 13:22:12 -03:00
e4a76b0ec9
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-22 10:19:34 -05:00
04b47c5928
Fixed various broken links in Javadocs
2021-10-21 11:47:04 +02:00
a188138715
Javadocs author tag doesn't work in methods
2021-10-21 11:47:04 +02:00
f836897190
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-18 21:03:35 -05:00
e1f4ec1137
Fix Jackson
2021-10-18 21:03:12 -05:00
6e86fab19d
Restructure SwitchUserFilter Logs
...
Issue gh-6311
2021-10-18 13:02:42 -05:00
faec20bc69
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-14 09:27:02 -03:00
7b98c2ea95
Restructure SwitchUserFilter Logs
...
Issue gh-6311
2021-10-12 13:32:29 -06:00
02b2fcc6f0
Restore ManagementConfigurationPlugin
...
Issue gh-9615
2021-10-05 11:23:29 -03:00
d2e5f2ae0d
Update Gradle to 7.2
...
Closes gh-9615
2021-10-04 15:19:40 -03:00
Steve Riesenberg
Marcus Da Coregio
Zhivko Delchev
Rob Winch
Josh Cummings
Manuel Jordan
Emil Sierżęga