Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 15:55:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,760 Commits 34 Branches 337 Tags
Commit Graph

6760 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
c5e6ee4563 Update Dependencies 
Fixes: gh-4973
 2018-01-24 13:48:14 -06:00
Michael J. Simons
1517e9b222 Migrate xml-contacts groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons
4a3baad4f9 Migrate xml-ldap groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons
8c6f965973 Migrate javaconfig-ldap groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons
26f7b2f99f Migrate javaconfig-helloworld groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons
2e2b22f87e Migrate xml-insecure groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Rob Winch
6ba225b62d Polish userNotFoundEncodedPassword 
Ensure that if passwordEncoder is set that userNotFoundEncodedPassword
is encoded again if already set.

Issue: gh-4915
 2018-01-24 11:06:08 -06:00
Phillip Webb
fd78d055aa Lazily initialize userNotFoundEncodedPassword 
Update `DaoAuthenticationProvider` so that `userNotFoundEncodedPassword`
is lazily initialized on the first call to `retrieveUser`, rather than
in `doAfterPropertiesSet`.

Since some `PasswordEncoder` implementations can be slow, this change
can help to improve application startup times and the expense of some
delay with the first login.

Note that `userNotFoundEncodedPassword` creation occurs on the first
user retrieval, regardless of whether the user is ultimately found. This
ensures consistent processing times, regardless of the outcome.

First Call:
	Found      = encode(userNotFound) + decode(supplied)
	Not-Found  = encode(userNotFound) + decode(userNotFound)

Subsequent Call:
	Found      = decode(supplied)
	Not-Found  = decode(userNotFound)

Fixes gh-4915
 2018-01-24 11:06:08 -06:00
Rob Winch
0eef5b4b42 Add StrictHttpFirewall 2018-01-24 11:06:08 -06:00
Joe Grandja
900ab1df81 Add javadoc for the OAuth 2.0 Security Configurer's 
Fixes gh-4972
 2018-01-24 06:18:08 -05:00
Joe Grandja
6b24aaf6f5 Add javadoc for spring-security-oauth2-jose 
Fixes gh-4885
 2018-01-23 21:27:47 -05:00
Joe Grandja
fe2ac00deb Add javadoc for spring-security-oauth2-client 
Fixes gh-4884
 2018-01-23 17:07:21 -05:00
Joe Grandja
84679a5d64 Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login 2018-01-23 12:14:57 -05:00
Kazuki Shimizu
444e2dade3 Support GrantedAuthoritiesMapper @Bean for oauth2Login 
Fixes gh-4880
 2018-01-23 09:51:14 -05:00
Rob Winch
fe40952908 Revert "webflux-form sample uses Tomcat" 
This reverts commit 67bb91bb76beb6d1d6e5118770217f66b4074c86.

We can use Netty again now that reactor/reactor-netty#248 has
been resolved.

Fixes: gh-4923
 2018-01-23 08:31:41 -06:00
Rob Winch
6a0833165a AuthorizationWebFilter handles null Authentication 
If the AuthorizationManager used the Authentication and the Authentication
was null the AuthorizationWebFilter would produce a NullPointerException

This commit fixes the test to ensure that Authentication is subscribed to
and ensures that the Authentication is not null

Fixes: gh-4966
 2018-01-22 15:16:58 -06:00
Joe Grandja
e6cac604f3 Add javadoc for spring-security-oauth2-core 
Fixes gh-4883
 2018-01-18 16:00:26 -05:00
Rob Winch
91ef7ce1cf AuthenticationEventPublisher Bean used by Default 
Fixes: gh-4940
 2018-01-18 08:59:27 -06:00
Rob Winch
65c3862da9 Password Troubleshooting Reference Fix 
Correct the package to NoOpPasswordEncoder within the reference

Fixes: gh-4965
 2018-01-18 08:25:52 -06:00
Rob Winch
450600cbb8 Polish reference 2018-01-12 09:17:05 -06:00
Rob Winch
0991f31613 Document exchange password for short term credential 
Fixes gh-4959
 2018-01-12 09:15:35 -06:00
Joe Grandja
aa900065b8 Document OAuth2UserService delegation-based strategy for authorities mapping 
Fixes gh-4909
 2018-01-11 10:07:58 -05:00
Michael J. Simons
6c0b510c98 Remove hardcoded Spring versions from namespaces 
This fixes #4945.
 2018-01-10 16:47:20 -06:00
Michael J. Simons
b634b49f9f Migrate xml-jaas groovy->java 2018-01-10 16:44:59 -06:00
Michael J. Simons
cd3449b312 Migrate javaconfig-form groovy->java 
See #4939
 2018-01-10 16:41:36 -06:00
Adolfo Eloy
196f02748d Migrate UserDetailsManagerConfigurerTests groovy->java 2018-01-10 16:13:08 -06:00
Johnny Lim
f3830eec7d Rename userDetailsRepository to userDetailsService 2018-01-10 16:04:48 -06:00
Michael J. Simons
a4701bcd52 Migrate javaconfig-jdbc groovy->java 
See #4939.
 2018-01-10 16:03:39 -06:00
Joe Grandja
1d32fffc1d Make OAuth2Error Serializable 
Fixes gh-4944
 2018-01-10 10:40:54 -05:00
Rob Winch
4d310b7bf3 spring-build-conventions 0.0.9.RELEASE 
Issue gh-4954
 2018-01-09 12:51:57 -06:00
Rob Winch
e49e430538 Use spring-build-conventions Bom plugin 
Fixes gh-4954
 2018-01-09 11:27:34 -06:00
Rob Winch
803cdcf01e Test Jackson HashMap in Whitelist 
Issue: gh-4889
 2018-01-03 16:17:23 -06:00
Chris Burrell
cf97e16379 Add HashMap to Jackson whitelist 
Issue: gh-4889
 2018-01-03 16:17:23 -06:00
Adolfo Eloy
1d862c3836 Add tip to install Groovy Eclipse plugin on newer STS versions 2018-01-03 12:55:08 -06:00
Rob Winch
22737dce7e Polish 
DelegatingPasswordEncoder copies the provided Map. This ensures that
references to the Map do not update the state of DelegatingPasswordEncoder
and NullPointerException is avoided for implementations that do not allow
a null key.

Issue: gh-4936
 2018-01-03 10:11:04 -06:00
Michael J. Simons
2b66793535 Catch possible NullPointerException 
Some maps may throw a NullPointerException when get is called with null. This commit catches the exceptions and just leaves the delegate null.

Fixes gh-4936
 2018-01-03 09:46:58 -06:00
Michael J. Simons
718052932a Migrate xml-helloworld groovy->java 
This is a suggestion how to migrate the GebSpec based tests to Java / Selenium based tests.

Issue: gh-4939
 2018-01-03 09:35:28 -06:00
Michael J. Simons
f9083614be Remove duplicate dependency 2018-01-03 09:35:28 -06:00
Rob Winch
b9152701a6 Javadoc Polish 2017-12-21 16:43:11 -06:00
Rob Winch
df3dd23772 Update to hibernate-validator 6.0.5.Final 2017-12-21 15:30:39 -06:00
Johnny Lim
e9f3cfe814 Update to hibernate-validator 6.0.4.Final 2017-12-21 15:27:11 -06:00
Johnny Lim
921157cdcd Remove explicit super() calls 2017-12-21 15:11:51 -06:00
Johnny Lim
57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Aygiz Shaymardanov
cfe40358bd typo in java doc 2017-12-21 14:18:41 -06:00
Johnny Lim
316fd0572f Remove @Nullable annotations in UserDetailsMapFactoryBean 2017-12-21 14:08:05 -06:00
Eddú Meléndez
c16456623f Remove unused imports 2017-12-20 16:05:38 -06:00
Eddú Meléndez
9b84204e10 Remove spring-security-bom in dependencyManagement 
spring-security-bom it provides dependency management for itself. This
commit avoids adding it to the dependency management section.

Fixes gh-4878
 2017-12-20 16:02:53 -06:00
Rob Winch
c856c376df Fix UTF-8 in JdbcDaoImplTests 2017-12-20 15:50:23 -06:00
Rob Winch
b011076d2b .travis continue on failure 
Fixes gh-4925
 2017-12-20 15:38:22 -06:00
Rob Winch
2ba8c8bf02 Fix Travis build URL in README 
Fixes gh-4924
 2017-12-20 15:36:10 -06:00