a628384d20
Merge branch '6.2.x'
...
Closes gh-14368
2023-12-22 08:40:24 -03:00
737678c66e
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14367
2023-12-22 08:40:15 -03:00
8a93178da7
Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing
...
Closes gh-14362
2023-12-22 08:40:07 -03:00
ec02c22459
Add Request Path Extraction Support
...
Closes gh-13256
2023-12-19 18:15:49 -07:00
99218db84a
Add order offset to @EnableMethodSecurity
...
Closes gh-13214
2023-12-19 17:57:24 -07:00
c19f3d9d06
Merge branch '6.2.x'
2023-12-18 15:19:54 -07:00
74860c4aff
Merge branch '6.1.x' into 6.2.x
2023-12-18 15:19:48 -07:00
fbafe41991
Merge branch '5.8.x' into 6.1.x
2023-12-18 15:19:40 -07:00
b7f10cd50a
Merge branch '6.2.x'
2023-12-18 15:19:07 -07:00
b031a4c0f6
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14350
2023-12-18 15:18:48 -07:00
e058b559b8
Polish Method Security Eager-Loading
...
Issue gh-11596
2023-12-18 15:18:09 -07:00
9a5d991383
Address eager-loading of infrastructure beans
...
Closes gh-11596
2023-12-18 15:16:00 -07:00
33800c0124
Address eager-loading of infrastructure beans
...
Closes gh-11596
2023-12-18 14:25:48 -07:00
fc007aa373
Check OpenSAML Version in XML Support
...
Closes gh-12483
2023-12-18 11:51:15 -07:00
d7a9a19161
Merge branch '6.2.x'
2023-12-18 11:47:39 -07:00
03e48905c7
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14346
2023-12-18 11:47:23 -07:00
b855ccdb09
Merge branch '5.8.x' into 6.1.x
...
Closes gh-14345
2023-12-18 11:46:04 -07:00
eaaa813ede
Fix header value typo
...
Closes gh-11948
2023-12-18 10:42:50 -07:00
8a34e32a24
Polish IpAddressAuthorizationManager
...
Closes gh-10577
2023-12-15 16:54:58 -07:00
ea7c720ce7
Add hasIpAddress to Kotlin DSL
...
Closes gh-10577
2023-12-15 16:54:58 -07:00
9f33d43097
Merge branch '6.2.x'
...
Use CompositeFilterChainProxy
2023-12-15 01:17:14 -06:00
c7047add5d
Merge branch '6.1.x' into 6.2.x
...
Use CompositeFilterChainProxy
2023-12-15 01:16:21 -06:00
142b268a21
Use CompositeFilterChainProxy
...
By extending FilterChainProxy CompositeFilterChainProxy is more passive since
users often depend on the type of the springSecurityFilterChain Bean being
FilterChainProxy (even though it can already be other types - when debug is
enabled).
Issue gh-14128
2023-12-15 01:15:38 -06:00
465642828a
Merge branch '6.2.x'
...
Add HandlerMappingIntrospector Caching
Closes gh-14333
2023-12-14 16:11:08 -06:00
6dd29520b0
Merge branch '6.1.x' into 6.2.x
...
Add HandlerMappingIntrospector Caching
Closes gh-14332
2023-12-14 16:10:50 -06:00
70dfb3d391
Add HandlerMappingIntrospector Caching
...
Closes gh-14128
2023-12-14 16:08:36 -06:00
57ab15127a
Add Max Sessions on WebFlux
...
Closes gh-6192
2023-12-11 09:48:34 -03:00
e6bea1cfa1
Polish RoleHierarchy Bean Usage
...
Issue gh-12783
2023-12-07 16:27:14 -07:00
b76f7c029d
Use available RoleHierachy Bean for MethodSecurity Config
...
Closes gh-12783
2023-12-07 16:27:14 -07:00
bb6b55aca3
Add Not Support
...
Closes gh-14058
2023-12-07 16:24:19 -07:00
d50698a269
Prepare for Spring Security 6.3
...
Closes gh-14210
2023-12-05 15:49:42 -07:00
3ab235cd56
Merge branch '6.1.x'
2023-12-01 15:54:44 -07:00
641722823e
Merge branch '6.0.x' into 6.1.x
2023-12-01 15:45:32 -07:00
f536b2652f
Merge branch '5.8.x' into 6.0.x
2023-12-01 15:45:03 -07:00
c623303ca5
Add Logging
...
Now if the ServletRegistration API available message is shown, it will
also be accompanied with a startup warning in the logs.
Closes gh-14221
2023-12-01 12:57:46 -07:00
a98baa7522
Polish ServletRegistration API Deferral
...
Tomcat uses different ServletContext instances from startup- and request-time.
This commit ensures that if the programmatic API isn't available at startup-time,
then use the ServletContext attached to the HttpServletRequest at runtime.
Issue gh-13794
2023-12-01 12:57:45 -07:00
15d9b7824c
Merge branch '6.1.x'
2023-11-17 12:27:31 -07:00
d958787561
Merge branch '6.0.x' into 6.1.x
2023-11-17 12:27:04 -07:00
12f074b8ce
Merge branch '5.8.x' into 6.0.x
2023-11-17 12:25:13 -07:00
d961307044
Polish RequestMatcher Description
...
Issue gh-13794
2023-11-17 12:24:38 -07:00
4131a38f9e
Revert "Add forServletPattern"
...
This reverts commit 762319b6be
2023-11-17 12:02:14 -07:00
5958828113
Merge branch '6.1.x'
2023-11-17 12:01:57 -07:00
aa1a022605
Merge branch '6.0.x' into 6.1.x
...
Closes gh-14165
2023-11-17 11:46:20 -07:00
c6c6eb4d66
Merge branch '5.8.x' into 6.0.x
...
Closes gh-14164
2023-11-17 11:45:59 -07:00
4ca54683ae
Defer requestMatchers Validation to Runtime
...
Closes gh-13794
2023-11-17 11:23:21 -07:00
00da9c9092
Use assertj assertions
2023-11-17 09:05:38 -03:00
e3ab1c94d7
Use assertj assertions
2023-11-17 09:04:50 -03:00
a7da9491d9
Use assertj assertions
2023-11-17 09:03:36 -03:00
97516727a4
Add Coroutine Support
...
Closes gh-12080
2023-11-15 11:48:37 -07:00
77acaaa3b7
Use bean factory method
...
Closes gh-14094
2023-11-06 12:55:57 -06:00
624dcafcf2
Merge branch '6.0.x' into 6.1.x
...
Closes gh-14085
2023-11-01 12:12:02 -06:00
fa15c975ff
Merge branch '5.8.x' into 6.0.x
...
Closes gh-14084
2023-11-01 12:11:20 -06:00
ffd12ee3b9
Refine requestMatcher Validation Rules
...
Closes gh-14078
2023-10-31 17:08:24 -06:00
447f40949c
Revert unnecessary merges on 6.1.x
...
This commit removes unnecessary main-branch merges starting from
9f8db22b774d6ff49b9ded6ff670d1c823b0079444fad21363
2023-10-31 15:22:15 -05:00
9db33f33c7
Revert unnecessary merges on 6.0.x
...
This commit removes unnecessary main-branch merges starting from
8750608b5b5dce82c48b
2023-10-31 15:11:45 -05:00
96ebab324c
Remove Type Parameter
...
Closes gh-14012
2023-10-13 22:09:16 -06:00
8f829dd1d7
Refine requestMatcher Validation Rules
...
Closes gh-13850
2023-10-12 09:29:08 -06:00
762319b6be
Add forServletPattern
...
Closes gh-13562
2023-10-12 09:29:08 -06:00
07b6c451fd
Merge branch '6.1.x'
...
Closes gh-13884
2023-09-29 11:47:38 -03:00
8adfc9b463
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13883
2023-09-29 11:46:48 -03:00
92c82191c9
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13882
2023-09-29 11:46:00 -03:00
64e2a2ff8b
Apply updated Code Style
...
Closes gh-13881
2023-09-29 11:44:32 -03:00
ff374935fb
Verify ReactorContext when using Virtual Threads
...
Closes gh-12791
2023-09-25 12:01:31 -05:00
d48b8697bd
Fix mockito usage
...
Issue gh-13810
2023-09-19 10:39:04 -05:00
d6ff58bb7f
Update Mockito to 5.5.0
...
Closes gh-13810
2023-09-19 10:39:03 -05:00
0e8d04ab40
Merge branch '6.1.x'
2023-09-19 14:20:25 +01:00
94bba79834
Merge branch '6.0.x' into 6.1.x
2023-09-19 14:20:17 +01:00
0c3f154f38
Merge branch '5.8.x' into 6.0.x
2023-09-19 14:20:01 +01:00
ac04c2e675
Add dependency between rncToXsd and sourcesJar
...
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
sourcesJar must be defined.
Issue gh-13845
2023-09-19 14:19:45 +01:00
e63d7fd9e9
Add dependency between rncToXsd and versionlessXsd
...
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
versionlessXsd must be defined.
Issue gh-13845
2023-09-19 14:19:33 +01:00
718c470910
Prevent creating duplicate .xsd entries
...
This change removes .xsd entries that would appear in the top level of
the assembled artifacts. This occurred because the output of the
rncToXsd task does not consider the path beneath the resources
directory. To fix this, the processResources task is directly
configured with a copy spec so the required path can be set.
Issue gh-13845
2023-09-19 14:19:19 +01:00
cb33fd7850
Add OIDC Back-Channel Logout Support
...
Closes gh-12570
2023-09-16 15:12:21 -06:00
91c89451e7
Merge branch '6.1.x'
...
Automate spring-security.xsd
Closes gh-13826
2023-09-14 23:44:34 -05:00
7627c2df46
Merge branch '6.0.x' into 6.1.x
...
Automate spring-security.xsd
Closes gh-13825
2023-09-14 23:43:27 -05:00
342735043d
Merge branch '5.8.x' into 6.0.x
...
Automate spring-security.xsd
Closes gh-13824
2023-09-14 23:42:31 -05:00
779541b340
Merge branch '5.7.x' into 5.8.x
...
Automate spring-security.xsd
Closes gh-13823
2023-09-14 23:37:53 -05:00
5b293d2116
Automate spring-security.xsd
...
Closes gh-13819
2023-09-14 16:01:50 -05:00
9a06885247
Merge branch '6.1.x'
...
Closes gh-13815
2023-09-14 14:50:11 +01:00
59a9aa3268
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13814
2023-09-14 14:49:29 +01:00
aeafcc1377
Defer MethodSecurityExpressionHandler Resolution
...
When using Spring Security ACL and compiling to Native, in order to create the '*AuthorizationMethodInterceptor' Proxy beans during build time, Spring tries to resolve the DataSource bean since the DataSource can be a dependency of some AclService implementations, and fails because some required data source properties are not available during build time.
This commit defers the initialization of the MethodSecurityExpressionHandler to the runtime.
Closes gh-12653
2023-09-14 14:48:24 +01:00
f5942aac73
Merge branch '6.1.x'
2023-09-13 14:23:51 +01:00
b4ce77c028
Merge branch '6.0.x' into 6.1.x
2023-09-13 14:23:28 +01:00
48babb7efa
Merge branch '5.8.x' into 6.0.x
2023-09-13 14:23:01 +01:00
620e6e0c34
Add rncToXsd task to resources set
...
This addresses a deprecation warning causing build caching to be
disabled for some tasks. With this change, we tell Gradle that the
rncToXsd task produces output that should be considered a resource.
This clears up ambiguities when computing the task graph.
2023-09-13 13:58:42 +01:00
4ebfa2c804
Use lazy API to configure rncToXsd task
...
This avoids configuring the task eagerly.
2023-09-13 13:58:05 +01:00
9df9cb5aed
refactor: AssertJ best practices
...
Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D
Co-authored-by: Moderne <team@moderne.io>
2023-09-12 16:18:14 -06:00
92256f0522
Support nested suspend calls for Kotlin coroutines
...
Closes gh-13764
2023-09-05 00:23:30 -05:00
1a45602dbb
Fix mockito usage
2023-09-01 15:27:54 -05:00
ea1ec646b2
Fix test failures related to response headers
...
These tests began failing on snapshots after changes in
Spring Framework's `DispatcherServlet` to reset the response
on an error.
For now, we can have these tests operate with a 200 OK response.
An issue was opened in the spring-framework issuer tracker to
discuss this and address `CorsFilter` (and any other filter) that
writes headers that would be cleared on an error.
See spring-projects/spring-framework#31154
2023-09-01 15:27:54 -05:00
fe5a55fc13
Merge branch '6.1.x'
...
Closes gh-13723
2023-08-20 23:15:57 -06:00
0df1884372
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13722
2023-08-20 23:10:00 -06:00
5fb6f5768c
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13666 in 6.0.x
Closes gh-13721
2023-08-20 23:07:36 -06:00
28f98b3351
Improve Error Message
...
Closes gh-13667
2023-08-20 22:53:57 -06:00
ed96e2cddf
Ignore Unmappable Servlets
...
Closes gh-13666
2023-08-20 22:53:55 -06:00
8d58113b61
Merge branch '6.1.x'
...
Closes gh-13656
2023-08-16 17:54:55 -06:00
d2d1f19133
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13655
2023-08-16 17:54:37 -06:00
ca0140c586
saml2Login Honors AuthenticationProvider bean
...
Closes gh-13654
2023-08-16 17:54:14 -06:00
3ba5cc0e40
Add CSRF Exception
...
Issue gh-13653
2023-08-16 16:54:50 -06:00
87ae2d41b3
Update Mockito Usage
...
Issue gh-13542
2023-08-16 16:30:43 -06:00
985e569685
Polish gh-13608
2023-08-10 17:30:54 -05:00
6353d90047
Add integrity attribute for signin.css
...
Closes gh-13486
2023-08-10 17:30:52 -05:00
5828e4e65c
Simplify OAuth2 Client configuration
...
Issue gh-11783
2023-08-09 14:14:09 -05:00
f3d90b38e2
Add OAuth2AuthorizedClientManager Registrar
2023-08-09 14:14:09 -05:00
75e0068925
Merge branch '6.1.x'
2023-08-07 16:03:55 -06:00
8d4a024809
Update Copyright
...
PR gh-13472
2023-08-07 16:00:56 -06:00
cd6f33c03e
Using putIfAbsent instead of put
2023-08-07 16:00:18 -06:00
12c64a9b1d
Merge branch '6.1.x'
...
Dependencies are resolved from appropriate repositories
Closes gh-13624
2023-08-07 09:55:18 -05:00
d4d715d8e1
Merge branch '6.0.x' into 6.1.x
...
Dependencies are resolved from appropriate repositories
Closes gh-13623
2023-08-07 09:54:27 -05:00
4257a97504
Merge branch '5.8.x' into 6.0.x
...
Dependencies are resolved from appropriate repositories
Closes gh-13622
2023-08-07 09:51:55 -05:00
30bc2634d7
Optimize configuration of project repositories
...
This change applies repository content filtering to configured
repositories, reducing the time spent during dependency resolution.
This fixes an issue where requests for 'org.opensaml',
'net.shibboleth.utilities' and 'net.minidev' dependencies were being
made in the Spring releases repositories, resulting in many failed
requests during dependency resolution and increased resolution times.
Closes gh-13582
2023-08-07 09:51:42 -05:00
33d904d708
Merge branch '6.1.x'
...
Closes gh-13581
2023-07-24 11:32:23 -06:00
442d3fb99d
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13580
2023-07-24 11:31:52 -06:00
ee13216882
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13579
2023-07-24 11:31:29 -06:00
c4f061c63d
Do Not Re-register Method Security Advisors
...
Closes gh-13572
2023-07-24 11:24:03 -06:00
9dc7bdd329
Merge branch '6.1.x'
2023-07-17 11:21:06 -06:00
cf2c8da3d5
Merge branch '6.0.x' into 6.1.x
2023-07-17 11:10:04 -06:00
fe7bee9236
Merge branch '5.8.x' into 6.0.x
2023-07-17 11:09:38 -06:00
bb46a54270
Add DispatcherServlet to Tests
...
Issue gh-13551
2023-07-17 10:58:30 -06:00
df239b6448
Improve RequestMatcher Validation
...
Closes gh-13551
2023-07-17 08:41:30 -06:00
8f5793afb1
Merge branch '6.1.x'
2023-07-17 09:17:10 -03:00
aaa31312bd
Merge branch '6.0.x' into 6.1.x
2023-07-17 09:16:45 -03:00
cbef118026
Merge branch '5.8.x' into 6.0.x
2023-07-17 09:16:20 -03:00
a939f17890
Merge branch '5.7.x' into 5.8.x
2023-07-17 09:15:56 -03:00
fe9bc26bdc
Merge branch '5.6.x' into 5.7.x
2023-07-17 09:13:28 -03:00
7813a9ba26
Use default PathPatternParser instance
2023-07-17 09:12:28 -03:00
b3ad2b0dc5
Don't Mock OAuth2AuthorizedClientRepository
...
Issue gh-13542
Issue gh-13546
2023-07-14 18:44:35 -06:00
b0022a0ae8
Update Mockito Usage
...
Issue gh-13542
2023-07-14 18:44:34 -06:00
cf79af2386
Update Kotlin Test Usage
...
Issue gh-13539
2023-07-14 18:38:58 -06:00
6c3636d780
Update Removed Usages
...
Issue gh-13544
2023-07-14 18:38:58 -06:00
30d09c5192
Merge branch '6.1.x'
...
Closes gh-13495
2023-07-12 14:31:56 -03:00
f62c9d3be6
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13494
2023-07-12 14:31:45 -03:00
933b302979
Fix once-per-request="true" not taking any effect
...
Closes gh-13491
2023-07-12 14:30:18 -03:00
8d0e426654
Generate Shared Test SAML Response
...
Issue gh-13433
2023-07-11 10:36:06 -06:00
f2f19270da
Update to OpenSAML 4.3.0
...
Closes gh-13433
2023-07-10 17:56:42 -06:00
a0540f5c65
Deprecate AbstractConfiguredSecurityBuilder#apply
...
Closes gh-13436
2023-06-30 11:53:47 -03:00
1ff5eb6b57
Add with() method to apply SecurityConfigurerAdapter
...
This method is intended to replace .apply() because it will not be possible to chain configurations when .and() gets removed
Closes gh-13204
2023-06-29 14:52:30 -03:00
4855290a76
Merge branch '6.1.x'
2023-06-29 10:31:25 -06:00
87e07d59da
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13199
2023-06-29 10:08:10 -06:00
1abfd2c801
Only Register as Advisor in Proxy Mode
...
Now that https://github.com/spring-projects/spring-framework/issues/30689
is addressed.
Closes gh-13198
2023-06-29 10:07:11 -06:00
618847418f
Automatically enable .cors() if CorsConfigurationSource bean is present
...
Closes gh-5011
2023-06-23 09:51:46 -03:00
52e12ad64b
Replace deprecated methods
2023-06-22 13:19:55 -06:00
8efdc5c926
Polish Contribution
...
Issue gh-13215
2023-06-22 16:00:47 -03:00
401058d5ff
Implemented AuthorizeHttpRequestsConfigurer to consider GrantedAuthorityDefaults for custom rolePrefix
...
Closes gh-13215
2023-06-22 16:00:46 -03:00
c5461b17de
EnableMethodSecurity annotation does not get imported when defined as a meta-annotation
...
Closes gh-12870
2023-06-22 15:15:25 -03:00
208fb62db9
Update Deprecated Usage
...
Issue gh-12629
2023-06-22 11:24:25 -06:00
9b603b99ab
Using modern Java features
2023-06-22 11:24:25 -06:00
7e01ebdd92
Remove LazyCsrfTokenRepository usage
...
Closes gh-13194
2023-06-22 11:23:35 -06:00
fb910e2997
Prepare for Spring Security 6.2
...
Closes gh-14316
2023-06-22 11:03:28 -06:00
acf1d34d94
Merge branch '6.0.x'
2023-06-19 11:13:57 -03:00
2686af0c4d
Revert "Only Register as Advisor in Proxy Mode"
...
This reverts commit 35ad1f85
2023-06-19 11:13:39 -03:00
Marcus Hert Da Coregio
Taehong Kim
Yan Kardziyaka
Josh Cummings
brunodmartins
Rob Winch
DerChris173
kandaguru17
Steve Riesenberg
Eric Haag
Tim te Beek
Olivier Vanekem
Joe Grandja
Seongguk Jeong
Claudio Nave
Evgeniy Cheban
Krzysztof Krason