Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,389 Commits 32 Branches 333 Tags 111 MiB
Commit Graph

1931 Commits

Author SHA1 Message Date
Joe Grandja 177baba8c9 RuntimeHintsPredicates moved to predicate package 2022-07-12 16:00:50 -04:00
Marcus Da Coregio 6455e98745 FilterSecurityInterceptor applies to every request by default 
Closes gh-11466
 2022-07-12 10:53:03 -03:00
Josh Cummings 60652afb32
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:54:59 -06:00
Rob Winch d2d5313bba Fix Formatting 
Issue gh-11327
 2022-07-08 09:21:53 -05:00
Josh Cummings e8a7b654b4
Add Configuration Test 
Issue gh-11327
 2022-07-07 14:42:07 -06:00
Josh Cummings 01ffc93062
Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 14:40:53 -06:00
Josh Cummings ec8c13392c
Clarify variable names 
Issue gh-11327
 2022-07-07 14:26:40 -06:00
Steve Riesenberg 696da87478 Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:00:04 -05:00
Josh Cummings 148c926de0
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 13:01:57 -06:00
Igor Bolic d96b4a0463 Set the useTrailingSlashMatch to true for tests 
The Spring MVC changed the default behavior for trailing slash match
with https://github.com/spring-projects/spring-framework/issues/28552.
This causes failures in Spring Security's tests.

Setting the `useTrailingSlashMatch` to `true` ensures that Spring
Security will work for users who have modified the default configuration.
Specifing the request mapper with trailing slash path ensures that the tests
are successful when default behavior is used.

Closes gh-11451
 2022-07-05 11:29:36 -06:00
Josh Cummings 05b788d1ac
Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:33:05 -06:00
Josh Cummings d24a89ad53
Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 15:07:16 -06:00
Josh Cummings a218d3e140
Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:56:55 -06:00
Josh Cummings 83b3bb3209
Add SecurityContextHolderStrategy to Pre-authenticated scenarios 
Issue gh-11060
Issue gh-11061
 2022-06-28 12:10:07 -06:00
Josh Cummings 97cb2a7d91
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-28 12:09:56 -06:00
Josh Cummings 944f565c16
Use SecurityContextHolderStrategy for Remember-me 
Issue gh-11060
Isuse gh-11061
 2022-06-28 11:09:38 -06:00
Josh Cummings b316a3217b
Add SecurityContextHolderStrategy for Jaas 
Issue gh-11060
Issue gh-11061
 2022-06-28 09:35:54 -06:00
Josh Cummings bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:24:27 -06:00
Josh Cummings 484f35ca39
Add SecurityContextHolderStrategy Java Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:17:29 -06:00
Josh Cummings 5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:40:55 -06:00
Josh Cummings 74d646f569
Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:17:46 -06:00
Josh Cummings ef29d3944e
Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:17:44 -06:00
Josh Cummings c29b91cec7
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:17:43 -06:00
Marcus Da Coregio a8c30f79e6 Add Core, MVC and MethodSecurity runtime hints 
Closes gh-11431
 2022-06-27 09:25:49 -03:00
Josh Cummings 150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 12:21:10 -06:00
Josh Cummings ce218c78f9
Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:58:38 -06:00
Steve Riesenberg a061191bd2 Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 13:42:06 -05:00
Steve Riesenberg d18291676f
Update copyright year 
Issue gh-11372
 2022-06-15 13:14:07 -05:00
Steve Riesenberg c7df39a3e6
Fix tests using root cause for exception messages 
Closes gh-11372
 2022-06-14 17:12:15 -05:00
Jared Rufer 89989722d0 Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:50:33 -06:00
Houssem BELHADJ AHMED f4049c18b1 add SAML authentication request support to login configurer 
Closes gh-8873
 2022-06-06 08:05:33 -06:00
Josh Cummings 9683856956
Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:05:17 -06:00
Josh Cummings 2afa9313eb
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 16:01:41 -06:00
Josh Cummings e125a76687
Fix rnc typo 
Issue gh-11076
 2022-05-27 17:06:02 -06:00
Josh Cummings f4c0fcb5ef
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 13:35:19 -06:00
Juny Tse f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:42:54 -06:00
Josh Cummings 5cbc1a47da
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 15:30:07 -06:00
Josh Cummings 88f9529329
Correctly encode query parameters 
Issue gh-11235
 2022-05-23 15:30:01 -06:00
Josh Cummings 0814136ee8
Polish WebExpressionAuthorizationManager 
- Add support for request variables
- Added additional tests

Issue gh-11105
 2022-05-13 14:14:42 -06:00
Evgeniy Cheban c4766e64fe
Add AuthorizationManager that uses ExpressionHandler 
Closes gh-11105
 2022-05-13 14:05:34 -06:00
Rob Winch f34ea188e2 RequestRejectedException is 400 by Default 
Closes gh-7568
 2022-05-12 10:32:27 -05:00
Marcus Da Coregio 806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Marcus Da Coregio dc2bd2b4f8 Update copyright headers 
Issue gh-10956
 2022-05-06 14:33:59 -03:00
Marcus Da Coregio de9b7b4fb8 Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:33:59 -03:00
Marcus Da Coregio 995b2918bb Remove SAML Deprecations 
Closes gh-11077
 2022-05-06 10:15:42 -03:00
Rob Winch dec0d97ef0 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:50:56 -05:00
Josh Cummings 4ebd37ae77
Add 5.8 Support 2022-05-03 09:04:34 -06:00
Josh Cummings 397ccbc1c8
Add 5.7 Schema 2022-05-03 09:03:50 -06:00
Eleftheria Stein 48ac100a92 Remove WebSecurityConfigurerAdapter from Kotlin tests 
Issue gh-10902
 2022-04-28 16:13:35 +02:00
Eleftheria Stein 736f439bb5 Detect UserDetailsService bean in X509 configuration 
Closes gh-11174
 2022-04-28 14:48:40 +02:00