181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
7527fd811c
Merge branch '5.8.x'
2022-09-26 09:56:55 -05:00
bbac85e20b
Reduce severity of invalid registrationId to warn
...
This prevents filling the log file with error messages when routine
scans are being performed.
Closes gh-11344
2022-09-26 09:56:20 -05:00
c0e784b16d
Update What's New for 6.0
2022-09-26 09:48:52 -05:00
80a6ce940e
Merge remote-tracking branch 'origin/5.8.x'
2022-09-23 16:32:12 -06:00
ae6fb8c681
Add Deprecated Versions of Original Classes
...
Issue gh-7349
2022-09-23 16:31:22 -06:00
37a160245f
Adjust OAuth2 Resource Server packaging
...
Closes gh-7349
2022-09-23 16:31:21 -06:00
21c0c73878
Remove request-resolver-ref in 6.0
...
Issue gh-11896
2022-09-23 16:04:35 -05:00
bcb21c9384
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
2022-09-23 15:39:43 -05:00
46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver
...
Closes gh-11896
2022-09-23 15:09:00 -05:00
53dbcfd457
Add Deprecated Versions of Original Classes
...
Issue gh-7349
2022-09-23 12:06:59 -06:00
3c66ef6305
Change default SecurityContextRepository
...
Save SecurityContext in request attributes for stateless session
management using RequestAttributeSecurityContextRepository.
Closes gh-11026
2022-09-22 17:31:14 -05:00
ccac34b07c
Merge branch '5.8.x'
2022-09-22 16:45:48 -05:00
d140d95305
Fix assertion in NullSecurityContextRepository
...
Issue gh-11060
2022-09-22 15:33:22 -05:00
5d757919a2
Add SecurityContextHolderStrategy to new repository
...
In 6.0, RequestAttributeSecurityContextRepository will be the default
implementation of SecurityContextRepository. This commit adds the
ability to configure a custom SecurityContextHolderStrategy, similar
to other components.
Issue gh-11060
Closes gh-11895
2022-09-22 15:33:21 -05:00
0efe26c1fd
Merge branch '5.8.x'
...
Closes gh-11894
2022-09-22 13:47:04 -05:00
d94677f87e
CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
...
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.
Closes gh-11892
2022-09-22 11:09:44 -05:00
44b7847258
Fix Import Order
...
Issue gh-8819
2022-09-21 09:08:41 -06:00
70460ca009
Adjust OAuth2 Resource Server packaging
...
Closes gh-7349
2022-09-20 17:44:05 -06:00
61c80bcac5
Move Saml2 Authentication Filters
...
Closes gh-8819
2022-09-20 17:18:05 -06:00
48e31f87e4
Remove Deprecated OpenSAML 3 Support
...
Closes gh-10556
2022-09-20 16:57:38 -06:00
2a487ae7f8
Updated hashcode and equals
...
Closes gh-4133
2022-09-20 16:36:37 -06:00
e071c28e8a
Merge remote-tracking branch 'origin/5.8.x'
2022-09-20 16:25:45 -06:00
c1d27612af
Simplify AuthorizationManager composition
...
Closes gh-11625
2022-09-20 16:24:45 -06:00
46f402243b
Merge remote-tracking branch 'origin/5.8.x'
2022-09-20 16:11:16 -06:00
3f8503f1b4
Deprecate AccessDecisionManager et al
...
Closes gh-11302
2022-09-20 16:09:59 -06:00
63af5c9b03
Merge branch '5.8.x'
2022-09-20 08:33:55 -03:00
983ca6ea27
Update What's New for 5.8
2022-09-20 08:33:38 -03:00
2b4a3a85f9
Update What's New for 6.0
2022-09-20 08:33:11 -03:00
e256b7511d
Merge branch '5.8.x'
...
Closes gh-11881
2022-09-19 15:59:11 -03:00
0c96989cbe
Move script tag into body element
...
Closes gh-11879
2022-09-19 15:46:23 -03:00
9564f1b5e4
Next development version
2022-09-19 16:55:17 +00:00
009032e03c
Next development version
2022-09-19 15:47:44 +00:00
dcbe900ff8
Release 5.8.0-M3
2022-09-19 15:24:11 +00:00
a0a92b81f7
Release 6.0.0-M7
2022-09-19 15:23:23 +00:00
463bfead38
add information to README describing how to build the reference docs
2022-09-19 10:01:43 -05:00
38d8b21fa7
Update aspectj-plugin to 6.5.1
...
Closes gh-11859
2022-09-16 16:15:45 -03:00
b1064bd3e2
Update to Spring LDAP 3.0.0-M3
...
Closes gh-11718
2022-09-16 15:57:46 -03:00
e8184d1b76
Update to org.springframework 6.0.0-M6
...
Closes gh-11833
2022-09-16 15:57:46 -03:00
bb33174232
Update org.mockito to 4.8.0
...
Closes gh-11871
2022-09-16 15:57:45 -03:00
191a5425a3
Update junit-bom to 5.9.0
...
Closes gh-11870
2022-09-16 15:57:45 -03:00
f96f51b54c
Update hsqldb to 2.7.0
...
Closes gh-11868
2022-09-16 15:57:45 -03:00
791f4b98c2
Update hibernate-core to 6.1.3.Final
...
Closes gh-11867
2022-09-16 15:57:45 -03:00
9ddb248dc2
Update org.eclipse.jetty to 11.0.12
...
Closes gh-11866
2022-09-16 15:57:45 -03:00
f2a073b806
Update htmlunit to 2.64.0
...
Closes gh-11865
2022-09-16 15:57:44 -03:00
eff478cad8
Update jakarta.inject to 2.0.1
...
Closes gh-11864
2022-09-16 15:57:44 -03:00
f0f848fa41
Update io.rsocket to 1.1.3
...
Closes gh-11863
2022-09-16 15:57:44 -03:00
222ebeab3b
Update io.projectreactor to 3.5.0-M6
...
Closes gh-11861
2022-09-16 15:57:44 -03:00
6f23aa72bc
Update mockk to 1.12.8
...
Closes gh-11860
2022-09-16 15:57:44 -03:00
cc919c542f
Update com.nimbusds to 9.43.1
...
Closes gh-11858
2022-09-16 15:57:43 -03:00
Steve Riesenberg
Josh Cummings
Rob Winch
Evgeniy Cheban
Marcus Da Coregio
github-actions[bot]
Dan Allen