Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,566 Commits 34 Branches 337 Tags
Commit Graph

1129 Commits

Author SHA1 Message Date
Lars Grefer
25c06be1eb Java 7: Identical 'catch' branches in 'try' statement 2019-08-09 16:59:07 -05:00
Lars Grefer
578d628774 'Collection.toArray()' call style 2019-08-09 16:57:31 -05:00
Lars Grefer
b388976ac8 fix checkstyle 2019-08-09 02:46:20 +02:00
Lars Grefer
35bdf1f009 Unnecessary semicolon 2019-08-09 00:43:13 +02:00
Lars Grefer
d9c1f03b84 Unnecessary interface modifier 2019-08-09 00:42:35 +02:00
Lars Grefer
40bee457f9 Unnecessary enum modifier 2019-08-09 00:42:07 +02:00
Lars Grefer
8d0ca14e55 Unnecessary conversion to String 2019-08-09 00:41:46 +02:00
Lars Grefer
fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer
05f42a4995 Remove unused imports 2019-08-08 14:22:31 -04:00
Lars Grefer
2056834432 Cleanup unnecessary unboxing 
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
 2019-08-06 10:17:38 -04:00
Lars Grefer
2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00
Filip Hanik
2055466ad7 Add Javadoc 2019-08-05 19:43:00 -04:00
Filip Hanik
ddf68821cb Add RequestMatcher.matcher(HttpServletRequest) 
Step 3 - Usage of RequestVariablesExtractor or types that are assigned
to AntPathRequestMatcher should be replaced with the new method.

[closes #7148]
 2019-08-05 19:43:00 -04:00
Eddú Meléndez
496579dde2 Add match result for servlet requests 
Fixes gh-7148
 2019-08-05 19:43:00 -04:00
Josh Cummings
774a2e669c
Polish setAllowedHostnames 
Added JavaDoc to method, including @since attribute

Issue gh-4310
 2019-08-03 19:19:44 -06:00
Eddú Meléndez
f712c5598c Add support for allowedHostnames in StrictHttpFirewall 
Introduce a new method `setAllowedHostnames` which perform the validation
against untrusted hostnames.

Fixes gh-4310
 2019-08-03 21:16:45 -04:00
Khy
a5cfd9fdb9 Downgrade AuthenticationFilter modifier 
Fixes gh-7177
 2019-08-03 21:14:33 -04:00
Lars Grefer
776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Rob Winch
ad2f999c25 Polish BasicAuthenticationConverter 
This reverts to the old behavior from BasicAuthenticationFilter.
Specifically, if a token has an empty password, it still parses a username
and an empty String password.

Issue gh-7025
 2019-08-02 09:04:55 -05:00
Josh Cummings
d157125c8e
Polish AuthenticationFilter 
Updated member variable references to be prefixed with "this.".
Fixed typo in authentication manager resolver error message.

Issue: gh-6506
 2019-08-01 16:26:54 -06:00
Eddú Meléndez
50adb6abcb Fix javadoc 2019-07-31 15:36:30 -04:00
Eleftheria Stein
0b4502b2c5 Remove exceptions from lambda security configuration 
Fixes: gh-7128
 2019-07-30 08:31:37 -05:00
Eleftheria Stein
b55322b2cb Make basic authentication scheme case-insensitive 
Fixes: gh-7163
 2019-07-29 16:30:03 -04:00
sbespalov
f1187bdfc2 issue/6506: AuthenticationConverter implementation 2019-07-23 17:31:21 -05:00
Clement Ng
ab6440db10 Throws exception when passed IP address with too long mask 
Fixes gh-2790
 2019-07-19 06:25:58 -04:00
Rob Winch
ea54d9014d
DSL nested builder for HTTP security 
DSL nested builder for HTTP security

Fixes gh-5557
 2019-07-12 16:09:19 -05:00
Lars Grefer
3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer
c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Eleftheria Stein
758397f102 Allow configuration of headers through nested builder 
Issue: gh-5557
 2019-07-09 15:35:37 -04:00
Lars Grefer
43737a56bd Use foreach where possible 2019-07-09 06:11:45 -06:00
Bruno Studer
8016a193b9
Optimize IpAddressMatcher 
Get rid of byte array allocation in matcher and small optimizations
 2019-07-03 23:27:12 -06:00
Lars Grefer
4b0fb19fff Use MessageDigest.isEqual() where possible 
fixes #7058
 2019-07-03 05:40:20 -06:00
Lars Grefer
400e0c83b0 Add missing nullability annotation 2019-06-27 14:54:14 -05:00
Josh Cummings
f5da63118e Add MultiTenantAuthenticationManagerResolver 
A class with a number of handy request-based implementations of
AuthenticationManagerResolver targeted at common multi-tenancy
scenarios.

Fixes: gh-6976
 2019-06-25 17:21:38 -06:00
Bagyoni Attila
878d262a26 Reimplement some hashCodes according to the currently recommended pattern. 
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
 2019-06-18 12:44:57 -06:00
Rafiullah Hamedy
f6ed1db702 Introduced ReactiveAuthenticationManagerResolver 
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
 2019-06-13 08:52:19 -06:00
Clement Ng
e66369f6c6 Added null checks and tests to constructors 
RequestKey, JaasGrantedAuthority, and SwitchUserGrantedAuthority
assume certain final members are non-null.

Issue: gh-6892
 2019-05-29 16:10:36 -06:00
httpain
98a8467e4c Fix javadoc typo 2019-04-30 10:42:25 -06:00
Alexey Nesterov
9a67441507 Add x509 support for Reactive Security 
[gh #5038]
 2019-04-26 12:15:18 -05:00
MD Sayem Ahmed
2c136f7b6c Add Reactive Clear-Site-Data Support 
1. A new implementation of ServerHttpHeadersWriter has been created to
   add Clear-Site-Data header support.
2. A new implementation of ServerLogoutHandler has been created which
   can be configured to write response headers during logout.
3. Added unit tests for both implementations.

Fixes gh-6743
 2019-04-19 17:46:37 -06:00
Josh Cummings
20a7bc4785
Improved DigestAuthenticationFilter Test Coverage 
Issue: gh-5462
 2019-04-13 20:27:08 -06:00
Thomas Vitale
d88c2c19f0
Throw exception that was created but not thrown 
Fixes gh-5462
 2019-04-13 20:27:07 -06:00
Dan Zheng
22c8f63390 review phase2 2019-04-13 19:22:44 -06:00
Dan Zheng
570eb01733 review phase1 2019-04-13 19:22:44 -06:00
Dan Zheng
678e0b19e0 Introduce @CurrentSecurityContext for method arguments 2019-04-13 19:22:44 -06:00
Luke Butters
19de13bdc7 Issue 6731 improve performance of checking headers 
Improves the performance of checking headers for new lines.

Fixes: gh-6731
 2019-04-08 10:10:53 -06:00
Joe Grandja
4e9c37b1ae Manual URL Cleanup 2019-03-29 13:24:11 -04:00
Dan Zheng
a9a86cd826
Simplify MediaTypeRequestMatcher construction 
Fixes: gh-6612
 2019-03-28 22:02:12 -06:00
Josh Cummings
2daed8c003
Readability Polish 
Heavily nested parentheses and lots of indentation can get hard to
read, so we should simplify this where we can.

Issue: gh-6639
 2019-03-28 15:12:59 -06:00
Scheidter,Ryan
281ccff907
Fixed NPE in HttpsRedirectWebFilter 
A more descriptive IllegalStateException is now thrown instead
in the case that no such port mapping exists.

Fixes: gh-6639
 2019-03-28 15:12:47 -06:00