Marcus Da Coregio
1c10c10f73
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext
...
Closes gh-10779
2022-01-31 09:43:18 -03:00
Josh Cummings
9baf1134c7
Add Request-based AuthenticationManagerResolvers
...
Closes gh-6762
2022-01-26 09:09:02 -07:00
Rob Winch
04f3bbcefa
javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
Rob Winch
c67ee6f2a8
javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
Rob Winch
0e8c03401b
javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api
...
Issue gh-10501
2022-01-19 14:34:16 -06:00
Rob Winch
8f64bb6c8c
javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
...
Issue gh-10501
2022-01-19 14:33:53 -06:00
Juan Carlos
7435da6bbf
Add serialVersionUID to DefaultSavedRequest and SavedCookie
...
Closes gh-10594
2022-01-18 09:26:56 -03:00
Josh Cummings
75f25bff82
Polish multiple RequestRejectedHandlers support
...
Issue gh-10603
2022-01-14 16:49:38 -07:00
Adam Ostrožlík
4ea57f3e3f
Support multiple RequestRejectedHandler beans
...
Closes gh-10603
2022-01-14 16:46:15 -07:00
Josh Cummings
ca353d6781
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:19:13 -07:00
Josh Cummings
6c5ac0d8ec
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:09:21 -07:00
Josh Cummings
aaaf7d3523
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:08:38 -07:00
heowc
1ab0705b47
Fix typo
2022-01-10 16:17:42 +01:00
Marcus Da Coregio
60595f2801
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:22:58 -03:00
Marcus Da Coregio
e7e3f06044
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:22:13 -03:00
Marcus Da Coregio
f04cd641b0
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:18:25 -03:00
Marcus Da Coregio
994e93741b
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2022-01-05 14:06:47 -03:00
Marcus Da Coregio
04e1a11e35
Add RequestMatcherEntry
2022-01-05 14:06:47 -03:00
Marcus Da Coregio
547056d5cc
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2022-01-05 14:06:47 -03:00
Marcus Da Coregio
ba810e468f
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2022-01-05 14:01:57 -03:00
Marcus Da Coregio
40dfe8f259
Add RequestMatcherEntry
2022-01-05 14:00:47 -03:00
Marcus Da Coregio
b448954f43
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2022-01-05 13:57:36 -03:00
Marcus Da Coregio
18427b6411
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2021-12-13 08:57:30 -03:00
Marcus Da Coregio
7e17a00197
Add RequestMatcherEntry
2021-12-13 08:57:30 -03:00
Marcus Da Coregio
53b8cff26f
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2021-12-13 08:57:30 -03:00
Marcus Da Coregio
65426a40ec
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-07 17:23:06 +01:00
Steve Riesenberg
62e8799a8d
Use BDD in tests
2021-12-02 17:44:47 -06:00
Steve Riesenberg
df0f6f83af
Polish gh-9597
2021-12-02 17:44:47 -06:00
Karl Tinawi
925d531cbe
Set details on authentication token created by HttpServlet3RequestFactory
...
Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated.
This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource.
Closes gh-9579
2021-12-02 17:44:46 -06:00
Steve Riesenberg
47b8860681
Update copyright year
...
Issue gh-10557
2021-12-01 17:36:52 -06:00
Steve Riesenberg
c7ffd2513a
Update copyright year
...
Issue gh-10557
2021-12-01 17:36:19 -06:00
Steve Riesenberg
bb2d80fea3
Update copyright year
...
Issue gh-10557
2021-12-01 17:35:43 -06:00
Steve Riesenberg
828cac8889
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:19:33 -06:00
Steve Riesenberg
f49c286050
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:05:13 -06:00
Steve Riesenberg
b3e0f167ff
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:01:06 -06:00
Josh Cummings
1251cde04c
Add Missing Since
...
Issue gh-10482
2021-11-30 15:17:48 -07:00
Igor Pelesic
a3a9de1b9b
PermitAllSupport supports AuthorizeHttpRequestsConfigurer
...
PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown.
Closes gh-10482
2021-11-30 15:17:22 -07:00
Steve Riesenberg
204f0b4599
Polish gh-10007
2021-11-30 15:27:58 -06:00
Guirong Hu
43317c5a61
Support IP whitelist for Spring Security Webflux
...
Closes gh-7765
2021-11-30 15:27:58 -06:00
Marcus Da Coregio
2bf7a5ae80
Improve log message when no CSRF token found
...
Closes gh-10436
2021-11-19 08:37:25 -03:00
Rob Winch
96a6fef820
Prevent Save @Transient Authentication with existing HttpSession
...
Previously, @Transient Authentication would get saved if an existing
HttpSession existed but it shouldn't.
This commit always prevents @Transient Authentication from being saved.
Closes gh-9992
2021-11-16 14:44:49 -06:00
Marcus Da Coregio
caad3d57e2
Improve log message when no CSRF token found
...
Closes gh-10436
2021-10-29 14:06:17 -03:00
Marcus Da Coregio
00f4033b9b
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-22 13:22:12 -03:00
Rob Winch
e4a76b0ec9
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-22 10:19:34 -05:00
Emil Sierżęga
04b47c5928
Fixed various broken links in Javadocs
2021-10-21 11:47:04 +02:00
Emil Sierżęga
a188138715
Javadocs author tag doesn't work in methods
2021-10-21 11:47:04 +02:00
Rob Winch
f836897190
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-18 21:03:35 -05:00
Rob Winch
e1f4ec1137
Fix Jackson
2021-10-18 21:03:12 -05:00
Josh Cummings
6e86fab19d
Restructure SwitchUserFilter Logs
...
Issue gh-6311
2021-10-18 13:02:42 -05:00
Marcus Da Coregio
faec20bc69
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-14 09:27:02 -03:00