Commit Graph

7966 Commits

Author SHA1 Message Date
Josh Cummings 052256db0a
Add WebSecurityConfigurerAdapter Doc Detail
Fixes gh-6809
2019-08-22 17:56:39 -06:00
Joe Grandja f0515a021c Polish #7116 2019-08-22 12:01:10 -04:00
Eleftheria Stein 2ddab8b23e Use UserDetailsService bean in sample app
Fixes: gh-7283
2019-08-22 10:06:56 -04:00
Joe Grandja 46756d2e6b Introduce Reactive OAuth2AuthorizedClient Manager/Provider
Fixes gh-7116
2019-08-21 14:12:38 -04:00
Rob Winch a377581951 Fix WebClient Memory Leaks
WebClient exchange requires that the body is consumed. Before this commit
there were places where an Exception was thrown without consuming the body
if the status was not successful. There was also the potential for the
statusCode invocation to throw an Exception of the status code was not
defined which would cause a leak.

This commit ensures that before the Exception is thrown the body is
consumed. It also uses the http status in a way that will ensure an
Exception is not thrown.

Fixes gh-7293
2019-08-21 12:46:11 -05:00
Angel Aguilera 11f423511d Add Catalan localization messages 2019-08-21 10:14:29 -05:00
Josh Cummings 0209fbad08 Multiple JWS Algorithms
Fixes: gh-6883
2019-08-20 14:19:59 -04:00
Daniel Wegener 1a233a58c7 Add OnCommittedResponseWrapper.setContentLengthLong
Add setContentLengthLong tracking to OnCommittedResponseWrapper in
order to detect commits on servlets that use setContentLengthLong to
announce the entity size they are about to write (as used in the
Apache Tomcat's DefaultServlet).

Fixes gh-7261
2019-08-19 21:14:41 -04:00
Andreas Falk 766c4434d4 Improve test coverage of JwtGrantedAuthoritiesConverter
Some negative test cases were missing. Added these to have
full test coverage for JwtGrantedAuthoritiesConverter.
2019-08-19 21:14:07 -04:00
Andreas Falk 0a058c973a Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes gh-7100
2019-08-19 21:14:07 -04:00
Josh Cummings 95caa4715f
Add Reactive Mock Jwt Sample Tests
Fixes gh-7278
2019-08-19 13:14:58 -06:00
Hideaki Matsunami 712dfbdabd Fix typo in docs 2019-08-19 12:53:54 -05:00
John Lin 9876b66f99
Polish GlobalMethodSecurityConfiguration
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
2019-08-17 16:35:30 -06:00
Josh Cummings aa026f8526
Nimbus JWK Set Builders Take SignatureAlgorithm
Fixes gh-7270
2019-08-17 01:10:12 -06:00
Josh Cummings 10a9207cd5
Pivot Resource Server Sample
Changed sample to manage its own JwtDecoder, allowing the Nimbus
Jwt Decoder Builder API to evolve during milestone development.
2019-08-17 00:26:39 -06:00
Josh Cummings 0ecffb0840
Multi-tenancy Sample AuthenticationManagers
Fixes gh-7272
2019-08-17 00:26:39 -06:00
Josh Cummings efe8205985
Revert "Nimbus JWK Set Configs Take SignatureAlgorithm"
This reverts commit 9617ff6054.
2019-08-16 17:33:09 -06:00
Josh Cummings 9617ff6054
Nimbus JWK Set Configs Take SignatureAlgorithm
Fixes gh-7270
2019-08-16 14:49:19 -06:00
Rob Winch 9d63c36f93 Fix JDK 10+
Issue gh-7265
2019-08-16 11:13:11 -05:00
Rob Winch 0c6bff4afb SecurityMockMvcConfigurer Honors Filter Order
Fixes gh-7265
2019-08-16 09:24:33 -05:00
Rob Winch 4166c6e493 Fix UserDetailsPasswordService Checkstyle
Issue gh-7266
2019-08-16 06:46:09 -05:00
Michael J. Simons 5903f2dd9b Fix UserDetailsPasswordService JavaDoc
* Fix typo
* Clarify that `newPassword` is already an encoded password
2019-08-16 06:45:28 -05:00
Eleftheria Stein 4bc231872f Expire as many sessions as exceed maximum allowed
Fixes: gh-7166
2019-08-15 09:48:42 -05:00
Rob Winch 71444ff5dc RequestCache ignores multipart requests
Fixes gh-7060
2019-08-15 09:21:41 -05:00
Rob Winch 08ea2348d6 Polish RequestCache ignores multipart requests 2019-08-15 09:20:45 -05:00
Ahmed Sayed 1ab05dae02 added test 2019-08-14 21:35:34 +02:00
Josh Cummings 9735a718cc
Remove MultiTenantAuthenticationManagerResolver
Fixes gh-7259
2019-08-14 11:14:47 -06:00
Andreas Falk b45e57cc40 Add setter for authority prefix in JwtGrantedAuthoritiesConverter
Prior to this change mapped authorities are always prefixed
with default value 'SCOPE_'. To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
authority prefix like e.g. 'ROLE_'. Without specifying a custom prefix
the default prefix still remains 'SCOPE_'.
This way existing authorization checks using the standard 'ROLE_'
prefix can be reused without lots of effort.

Fixes gh-7101
2019-08-14 11:25:42 -04:00
Rob Winch abc90280e0
Add unbounid support in xml
Add unbounid support in xml

Fixes gh-6011
2019-08-14 10:05:49 -05:00
Eleftheria Stein f396e0197e Fix websocket configuration documentation
Fixes: gh-4845
2019-08-14 10:24:59 -04:00
Lars Grefer cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Lars Grefer 1048601f3d Use correct encoding for compilation 2019-08-14 08:47:00 -05:00
Eddú Meléndez 2e63def05b Add tests 2019-08-14 00:56:26 -05:00
Eddú Meléndez 93142f3e30 Remove unboundid dependency 2019-08-13 20:39:25 -05:00
Eddú Meléndez c03fb701ce Improve logic to pick embedded server 2019-08-13 20:36:46 -05:00
Eddú Meléndez 3511c0ea4f Update xsd 2019-08-13 20:17:51 -05:00
Lars Grefer ee9a3a2fa8 Prevent IntelliJ IDEA from generating spaces for indentation 2019-08-13 13:43:44 -05:00
Josh Cummings 4ed197e515 Rename OAuth2TokenIntrospectionClient
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
2019-08-12 18:05:28 -04:00
Rob Winch cfef52f50c Revert OpenJDK for Jenkinsfile
Unable to download the openjdk installations that are setup
2019-08-12 14:28:57 -05:00
Rob Winch 39d2b32603 Polish io.freefair.aspectj Usage
Consistent aspectj version throughout
2019-08-12 14:19:50 -05:00
Rob Winch caeae6aa5b Jenkinsfile use jdk8
Jenkins does not have openjdk8 defined
2019-08-12 13:48:00 -05:00
Rob Winch cd79818454 Jenkins use openjdk 2019-08-12 13:37:43 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
Lars Grefer a51318eb95 Use the 'io.freefair.aspectj' gradle plugin 2019-08-12 11:46:28 -05:00
Lars Grefer ec6ca97226 Fix tests 2019-08-11 21:09:10 +02:00
Eddú Meléndez 9b2af944fa Add unbounid support in xml
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.

Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.

Fixes gh-6011
2019-08-10 19:07:45 -05:00
Francesco Chicchiriccò 0410bac559 Add support for oauth2Login().securityContextRepository(...)
Fixes gh-7222
2019-08-10 15:56:20 -04:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer bbefc491b2 unused imports 2019-08-09 16:59:07 -05:00
Lars Grefer 38de737663 Java 8: Statement lambda can be replaced with expression lambda 2019-08-09 16:59:07 -05:00