Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 08:58:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,259 Commits 34 Branches 337 Tags
Commit Graph

8259 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
2827af15e0 Document Reactive CSRF Support 
Fixes gh-6487
 2019-10-28 15:14:14 -05:00
Rob Winch
635f7e1edd CsrfWebFilter supports multipart/form-data 
Fixes gh-7576
 2019-10-28 14:06:10 -05:00
Josh Cummings
387f765595
Catch Malformed BearerTokenError Descriptions 
Fixes gh-7549
 2019-10-28 12:30:27 -06:00
Vitalii Mahas
0ac5f5456f Fix typo 'is' -> 'if' in javadoc 2019-10-25 13:27:11 -06:00
Filip Hanik
4489163163 Use Spring Boot configuration for saml2Login() 
Fixes gh-7521

https://github.com/spring-projects/spring-security/issues/7521
 2019-10-25 08:22:40 -07:00
Filip Hanik
5345aecd7f Align RSocket sample with new Spring Boot configuration 2019-10-25 08:22:40 -07:00
Filip Hanik
bcaa8bc7e9 Upgrade to Spring Boot 2.2.0.RELEASE 2019-10-25 08:22:40 -07:00
Rob Winch
9b4c170af0 Create Exploits Section for Reactive 
Issue gh-2567
 2019-10-24 15:03:05 -05:00
Rob Winch
bbda755a07 Fix Servlet exploits leveloffset 
Fixes gh-2567
 2019-10-24 14:14:02 -05:00
Rob Winch
08fb9c960b Fix invalid ids 
Issue gh-2567
 2019-10-24 14:06:23 -05:00
Rob Winch
55a98b9969 CSRF Documentation 
Issue gh-2567
 2019-10-24 13:24:44 -05:00
Rob Winch
02aaba37cd Documentation TOC on the left 
This better aligns with other documentation

Issue gh-2567
 2019-10-24 13:24:36 -05:00
Eleftheria Stein
de7cbc82b5 Clarify in Javadoc that expressionHandler should not be null 
Fixes: gh-2665
 2019-10-23 15:10:39 -04:00
Filip Hrisafov
b9f122230b Align javadoc of continueFilterChainOnUnsuccessfulAuthentication with actual behaviour 2019-10-23 14:50:57 -04:00
Phil Clay
8584b12c8d Make saveAuthorizedClient save the authorized client 
Previously, saveAuthorizedClient never actually saved the authorized
client, because it ignored the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient.

Now, it does not ignore the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient, and includes it in
the stream, and therefore it will properly save the authorized client.

Fixes gh-7546
 2019-10-23 12:12:23 -04:00
Michel Palourdio
d26f40f062 DefaultRedirectStrategy should redirect to root if the context-relative URL does not contain the context-path. 2019-10-23 09:41:00 -04:00
Joe Grandja
1c53a7859b Fix access token expiry check with clock skew 
Fixes gh-7511
 2019-10-22 21:54:55 -04:00
Tadaya Tsuyukubo
62c7de03c3 Add RequestMatcher to AbstractPreAuthenticatedProcessingFilter 
Moved the existing auth check logic to the matcher.

Issue: gh-5928
 2019-10-22 16:55:54 -04:00
Giovanni Lovato
63607ee213 Add configurable mapping function to map authorities 2019-10-22 13:45:34 -04:00
Eleftheria Stein
2d26be9446 Remove redundant public modifier 2019-10-21 16:28:39 -04:00
Markus Öllinger
2cc05550fc rename comparison method to isGranted and add test 2019-10-21 16:00:33 -04:00
Markus Öllinger
a4ea989e9c remove trailing whitespace 2019-10-21 16:00:33 -04:00
Markus Öllinger
a449d6c316 extract permission mask comparison for subclasses to override 2019-10-21 16:00:33 -04:00
Everett Irwin
6ad328f909 Add Clock Skew Tests 
Fixes gh-7511

Co-authored-by: Isaac Cummings <josh.cummings+zac@gmail.com>
 2019-10-17 20:19:47 -06:00
Eleftheria Stein
264daec697 Test context relative URL with multiple schemes 2019-10-16 15:32:02 -04:00
Isaac Cummings
1081066d60 Polish AuthorityUtils 
Changed parameter name to authorities
Added JavaDoc

Fixes gh-4805

Co-authored-by: Everett Irwin <everettirwin77@gmail.com>
 2019-10-16 10:44:00 -06:00
Ramon Pires da Silva
0387723334 fix webflux samples documentation path 
The documentation of webflux integration sample projects was pointing to the `javaconfig` instead of `boot` folder.
 2019-10-16 10:52:08 -04:00
Roland Weisleder
f4b9abdbb1 Fix typo in Javadoc 2019-10-16 10:46:17 -04:00
Brendt Lucas
8ebfba3019 Support configuration of protocol binding for authentication requests 2019-10-15 15:57:45 -05:00
Filip Hanik
971ae346c5 Update to Spring Data Moore-RELEASE 2019-09-30 20:04:17 -07:00
Rob Winch
0feaf9bf6f Disable force milestone repository 
We will be using spring boot release for our next release, so we
do not need to force milestones now.
 2019-09-30 18:22:13 -05:00
Rob Winch
b8beee97a8 Next development version 2019-09-30 16:12:25 -05:00
Rob Winch
b7d97ca077 Release 5.2.0.RELEASE 5.2.0.RELEASE 2019-09-30 16:11:06 -05:00
Rob Winch
0d088b581b Allow milestone for Boot version 2019-09-30 16:07:29 -05:00
Filip Hanik
4113e79aa3 Upgrade Spring Boot to 2.2.0.M6 2019-09-30 14:05:17 -07:00
Filip Hanik
8c4252681e Upgrade rsocket to 1.0.0-RC5 without BOM 2019-09-30 14:05:17 -07:00
Filip Hanik
cdeeb27b51 Upgrade Spring Data to Lovelace-SR11 2019-09-30 14:05:17 -07:00
Filip Hanik
9393017e3f Upgrade Project Reactor to Dysprosium-RELEASE 2019-09-30 14:05:17 -07:00
Filip Hanik
09c29d286a Upgrade Spring Framework to 5.2.0.RELEASE 2019-09-30 14:05:17 -07:00
Rob Winch
b29106ea31 Use deamon thread for Schedulers.newParallel 
Fixes gh-7492
 2019-09-30 15:19:31 -05:00
Rob Winch
1bf0e70bd0 Revert "Dispose default Scheduler" 
This reverts commit 39600b901f25b545b57a66129848b1641215de2e.
 2019-09-30 15:19:31 -05:00
Filip Hanik
8bc3ad16ef SAML 2 Login - Documentation 
Fixes gh-7472
https://github.com/spring-projects/spring-security/issues/7472
 2019-09-30 13:03:05 -07:00
Rob Winch
fc8a0184b0 Polish Dispose default Scheduler 2019-09-30 14:42:28 -05:00
Rob Winch
e0414e5cbe Merge pull request #7493 from robotmrv/gh-7492 
Dispose default Scheduler
 2019-09-30 14:40:28 -05:00
Rob Winch
3051a79188 Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 2019-09-30 14:33:41 -05:00
Rob Winch
a911f3d52f Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access 2019-09-30 14:14:59 -05:00
Rob Winch
3854afad61 Merge Add denyAll method in AuthorizePayloadsSpec.Access 2019-09-30 14:05:42 -05:00
Rob Winch
03e2efacf4 Add Hello RSocket Sample 
Fixes gh-7504
 2019-09-30 13:58:03 -05:00
Filip Hanik
83b5f5c7ae Improve the Saml2AuthenticationRequest object 
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
 2019-09-30 11:01:34 -07:00
Filip Hanik
9731386de5 Correctly set "Destination" in AuthNRequest message 
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
 2019-09-30 11:01:34 -07:00