Commit Graph

11442 Commits

Author SHA1 Message Date
Steve Riesenberg 181ee7410b
Change default authority for oauth2Login()
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.

* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER

Documentation has been updated to include this implementation detail.

Closes gh-7856
2022-09-26 10:06:31 -05:00
Steve Riesenberg 7527fd811c
Merge branch '5.8.x' 2022-09-26 09:56:55 -05:00
Steve Riesenberg bbac85e20b Reduce severity of invalid registrationId to warn
This prevents filling the log file with error messages when routine
scans are being performed.

Closes gh-11344
2022-09-26 09:56:20 -05:00
Steve Riesenberg c0e784b16d
Update What's New for 6.0 2022-09-26 09:48:52 -05:00
Josh Cummings 80a6ce940e
Merge remote-tracking branch 'origin/5.8.x' 2022-09-23 16:32:12 -06:00
Josh Cummings ae6fb8c681
Add Deprecated Versions of Original Classes
Issue gh-7349
2022-09-23 16:31:22 -06:00
Josh Cummings 37a160245f
Adjust OAuth2 Resource Server packaging
Closes gh-7349
2022-09-23 16:31:21 -06:00
Steve Riesenberg 21c0c73878
Remove request-resolver-ref in 6.0
Issue gh-11896
2022-09-23 16:04:35 -05:00
Steve Riesenberg bcb21c9384
Merge branch '5.8.x'
# Conflicts:
#	config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
2022-09-23 15:39:43 -05:00
Steve Riesenberg 46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver
Closes gh-11896
2022-09-23 15:09:00 -05:00
Josh Cummings 53dbcfd457
Add Deprecated Versions of Original Classes
Issue gh-7349
2022-09-23 12:06:59 -06:00
Steve Riesenberg 3c66ef6305
Change default SecurityContextRepository
Save SecurityContext in request attributes for stateless session
management using RequestAttributeSecurityContextRepository.

Closes gh-11026
2022-09-22 17:31:14 -05:00
Steve Riesenberg ccac34b07c
Merge branch '5.8.x' 2022-09-22 16:45:48 -05:00
Steve Riesenberg d140d95305
Fix assertion in NullSecurityContextRepository
Issue gh-11060
2022-09-22 15:33:22 -05:00
Steve Riesenberg 5d757919a2
Add SecurityContextHolderStrategy to new repository
In 6.0, RequestAttributeSecurityContextRepository will be the default
implementation of SecurityContextRepository. This commit adds the
ability to configure a custom SecurityContextHolderStrategy, similar
to other components.

Issue gh-11060
Closes gh-11895
2022-09-22 15:33:21 -05:00
Rob Winch 0efe26c1fd Merge branch '5.8.x'
Closes gh-11894
2022-09-22 13:47:04 -05:00
Rob Winch d94677f87e CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.

Closes gh-11892
2022-09-22 11:09:44 -05:00
Josh Cummings 44b7847258
Fix Import Order
Issue gh-8819
2022-09-21 09:08:41 -06:00
Josh Cummings 70460ca009
Adjust OAuth2 Resource Server packaging
Closes gh-7349
2022-09-20 17:44:05 -06:00
Josh Cummings 61c80bcac5
Move Saml2 Authentication Filters
Closes gh-8819
2022-09-20 17:18:05 -06:00
Rob Winch 48e31f87e4 Remove Deprecated OpenSAML 3 Support
Closes gh-10556
2022-09-20 16:57:38 -06:00
Josh Cummings 2a487ae7f8
Updated hashcode and equals
Closes gh-4133
2022-09-20 16:36:37 -06:00
Josh Cummings e071c28e8a
Merge remote-tracking branch 'origin/5.8.x' 2022-09-20 16:25:45 -06:00
Evgeniy Cheban c1d27612af Simplify AuthorizationManager composition
Closes gh-11625
2022-09-20 16:24:45 -06:00
Josh Cummings 46f402243b
Merge remote-tracking branch 'origin/5.8.x' 2022-09-20 16:11:16 -06:00
Josh Cummings 3f8503f1b4
Deprecate AccessDecisionManager et al
Closes gh-11302
2022-09-20 16:09:59 -06:00
Marcus Da Coregio 63af5c9b03 Merge branch '5.8.x' 2022-09-20 08:33:55 -03:00
Marcus Da Coregio 983ca6ea27 Update What's New for 5.8 2022-09-20 08:33:38 -03:00
Marcus Da Coregio 2b4a3a85f9 Update What's New for 6.0 2022-09-20 08:33:11 -03:00
Marcus Da Coregio e256b7511d Merge branch '5.8.x'
Closes gh-11881
2022-09-19 15:59:11 -03:00
Marcus Da Coregio 0c96989cbe Move script tag into body element
Closes gh-11879
2022-09-19 15:46:23 -03:00
github-actions[bot] 9564f1b5e4 Next development version 2022-09-19 16:55:17 +00:00
github-actions[bot] 009032e03c Next development version 2022-09-19 15:47:44 +00:00
github-actions[bot] dcbe900ff8 Release 5.8.0-M3 2022-09-19 15:24:11 +00:00
github-actions[bot] a0a92b81f7 Release 6.0.0-M7 2022-09-19 15:23:23 +00:00
Dan Allen 463bfead38 add information to README describing how to build the reference docs 2022-09-19 10:01:43 -05:00
Marcus Da Coregio 38d8b21fa7 Update aspectj-plugin to 6.5.1
Closes gh-11859
2022-09-16 16:15:45 -03:00
Marcus Da Coregio b1064bd3e2 Update to Spring LDAP 3.0.0-M3
Closes gh-11718
2022-09-16 15:57:46 -03:00
Marcus Da Coregio e8184d1b76 Update to org.springframework 6.0.0-M6
Closes gh-11833
2022-09-16 15:57:46 -03:00
Marcus Da Coregio bb33174232 Update org.mockito to 4.8.0
Closes gh-11871
2022-09-16 15:57:45 -03:00
Marcus Da Coregio 191a5425a3 Update junit-bom to 5.9.0
Closes gh-11870
2022-09-16 15:57:45 -03:00
Marcus Da Coregio f96f51b54c Update hsqldb to 2.7.0
Closes gh-11868
2022-09-16 15:57:45 -03:00
Marcus Da Coregio 791f4b98c2 Update hibernate-core to 6.1.3.Final
Closes gh-11867
2022-09-16 15:57:45 -03:00
Marcus Da Coregio 9ddb248dc2 Update org.eclipse.jetty to 11.0.12
Closes gh-11866
2022-09-16 15:57:45 -03:00
Marcus Da Coregio f2a073b806 Update htmlunit to 2.64.0
Closes gh-11865
2022-09-16 15:57:44 -03:00
Marcus Da Coregio eff478cad8 Update jakarta.inject to 2.0.1
Closes gh-11864
2022-09-16 15:57:44 -03:00
Marcus Da Coregio f0f848fa41 Update io.rsocket to 1.1.3
Closes gh-11863
2022-09-16 15:57:44 -03:00
Marcus Da Coregio 222ebeab3b Update io.projectreactor to 3.5.0-M6
Closes gh-11861
2022-09-16 15:57:44 -03:00
Marcus Da Coregio 6f23aa72bc Update mockk to 1.12.8
Closes gh-11860
2022-09-16 15:57:44 -03:00
Marcus Da Coregio cc919c542f Update com.nimbusds to 9.43.1
Closes gh-11858
2022-09-16 15:57:43 -03:00