Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,433 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

10433 Commits

Author SHA1 Message Date
Rob Winch 7c5b939bbd AuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Marcus Da Coregio 8c94c2e15a AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains 
Closes gh-10950
 2022-03-09 15:21:14 -03:00
Lijamaija 660da6f4a0 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 17:49:43 +01:00
Steve Riesenberg 5f37ee2f64 Add missing output and checkout 
Issue gh-10928
 2022-03-09 10:47:48 -06:00
Rob Winch 2abeff2089 HttpSessionSecurityContextRepository saves with original response 
Previously, the HttpSessionSecurityContextRepository unnecessarily required
the HttpServletResponse from the HttpReqeustResponseHolder passed into
loadContext. This meant code that wanted to save a SecurityContext had to
have a reference to the original HttpRequestResponseHolder. Often that
implied that the code that saves the SecurityContext must also load the
SecurityContext.

This change allows any request / response to be used to save the
SecurityContext which means any code can save the SecurityContext not just
the code that loaded it. This sets up the code to be permit requiring
explicit saves. Using the request/response from the
HttpRequestResponseHolder is only necessary for implicit saves.

Closes gh-10947
 2022-03-09 10:21:51 -06:00
Marcus Da Coregio 1762a4ce70 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 10:48:34 -03:00
Marcus Da Coregio 1cbe7a75d3 Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 10:40:26 -03:00
Steve Riesenberg aa0005b1e1 Update CI process to create GitHub releases with release notes 
Closes gh-10928
 2022-03-08 17:41:57 -06:00
Rob Winch bab5d252a2 Add RequestAttributeSecurityContextRepository 
Closes gh-10918
 2022-03-08 15:00:22 -06:00
Josh Cummings 87828df9d5 Polish EntityDescriptor Customizer 
Issue gh-10839
 2022-03-04 10:40:30 -07:00
Ulrich Grave 3602eff1ac Add method to customize EntityDescriptor 
Closes gh-10839
 2022-03-04 10:40:30 -07:00
Josh Cummings 346038d66c Polish Formatting 
Issue gh-10799
 2022-03-02 16:36:23 -07:00
Sander van Schouwenburg c734b4b39e Preserve order of RelyingPartRegistration credentials 
Issue gh-10799
 2022-03-02 16:36:23 -07:00
Josh Cummings 5b9a45de01 Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:30:21 -07:00
Josh Cummings 0b59e7797d Use RFC2045 Encoding for SAML 2.0 Logout 
Closes gh-10923
 2022-03-02 16:30:21 -07:00
Josh Cummings 68e2586f06 Move UnmodifiableMapDeserializer 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Josh Cummings 4ede1feae5 Polish Saml2 Jackson Support 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Ulrich Grave 2334610fa9 Add Jackson Support for Saml2 Module 
Closes gh-10905
 2022-03-01 14:17:17 -07:00
Eleftheria Stein 8c95ed6568 Update release pipeline to push next milestone 
- Check that all associated issues are closed
- Update gradle.properties and push change

Issue gh-10451
 2022-03-01 16:10:25 +01:00
Talerngpong Virojwutikul acda921fe9 Update PasswordEncoder declaration 
Closes gh-10910
 2022-03-01 07:49:25 -07:00
Eleftheria Stein 6f35364c5d Default next milestone when checking for open issues 
Closes gh-10921
 2022-03-01 15:38:03 +01:00
Eleftheria Stein eb31913b2b Rearrange env variables in release pipeline 
Issue gh-10451
 2022-03-01 15:37:25 +01:00
Eleftheria Stein e472cc1cc8 Update release time to 1pm UTC 
Issue gh-10451
 2022-03-01 15:37:05 +01:00
Eleftheria Stein d644f32baa Add gradle task to update project version 
Closes gh-10455
 2022-03-01 09:48:35 +01:00
Eleftheria Stein f8675343e6 Extract IO Utils in buildSrc 
Issue gh-10455
 2022-03-01 09:48:35 +01:00
m0k045e 8cc18fa9dc OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager 
Closes gh-10846
 2022-02-28 15:31:22 -07:00
Filip Hanik 6e5bb71466 Change HashSet to LinkedHashSet 
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
 2022-02-28 15:01:58 -07:00
Josh Cummings 20d21f8eeb Invert Log Messages 
Closes gh-10909
 2022-02-28 13:16:06 -07:00
Josh Cummings 6dbd88a5a4 Remove WantAssertionsSigned 
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
 2022-02-22 08:14:05 -07:00
Marcus Da Coregio eca32b4812 Upgrade to Kotlin 1.6.20-M1 
Closes gh-10687
 2022-02-22 08:51:27 -03:00
Marcus Da Coregio 7faa2d4e70 Upgrade to AspectJ 1.9.8 
Closes gh-10349
 2022-02-22 08:37:38 -03:00
Rob Winch 8be80c00a6 Add .sdkmanrc 2022-02-18 13:50:07 -06:00
Talerngpong Virojwutikul 386e8a86a1 add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:54:04 -03:00
Eleftheria Stein 606bd120fb Deprecate WebSecurityConfigurerAdapter 
Closes gh-10822
 2022-02-17 12:25:14 +01:00
Josh Cummings b451ede189 Add Skipping Decryption Error Message 
Closes gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings c6e5781679 Correct Test 
Issue gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings 5cda362c47 Collect All Validation Errors 
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings a99a04f050 Update JavaDoc 
Issue gh-10564
 2022-02-15 12:51:09 -07:00
Yuriy Savchenko d6cbacb27a Make WebAuthenticationDetails constructor public 
Closes gh-10564
 2022-02-15 12:50:48 -07:00
Eleftheria Stein a2d1965c25 Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant 
Closes gh-10837
 2022-02-15 11:30:45 +01:00
Yuriy Savchenko f64181ab41 Update docs to use multi-tenancy 
Closes gh-10572
 2022-02-14 17:18:48 +01:00
Eleftheria Stein c7f3ad89f3 Re-enable check samples CI task 
Issue gh-10832

This reverts commit 85de423756.
 2022-02-14 13:04:32 +01:00
Eleftheria Stein 85de423756 Temporarily disable check samples CI task 
Issue gh-10832
 2022-02-14 12:53:48 +01:00
Talerngpong Virojwutikul d0faff62df Add Kotlin example for logout configuration of reactive authentication 
Closes gh-10819
 2022-02-11 13:01:43 +01:00
Eleftheria Stein 9f9fbb395f Apply configurers from spring.factories to HttpSecurity bean 
Closes gh-10814
 2022-02-09 14:42:04 +01:00
Eleftheria Stein 4142f06259 Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs 
Closes gh-10003
 2022-02-08 18:10:58 +01:00
Josh Cummings 84616543a3 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 14:58:20 -07:00
Manuel Jordan 6ae651bd67 Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 14:58:20 -07:00
Josh Cummings b4dbcd6b2d Add OpenSamlAssertingPartyDetails 
Closes gh-10781
 2022-02-07 14:43:06 -07:00
giger85 440e89095f Replace StringUtils class completely 
Issue gh-9925
Closes gh-10805
 2022-02-07 13:48:29 +01:00