Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,643 Commits 34 Branches 337 Tags
Commit Graph

5643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
1dbd3f5906 Fix NPE in OnCommittedResponseWrapper trackContentLength (#3824) 
OnCommittedResponseWrapper trackContentLength will throw a
NullPointerException when the content length passed in is null.

This commit properly tracks the null value as a length of 4.

Fixes gh-3823
 2016-04-19 14:58:56 -04:00
Rob Winch
a5a8aeb550 Message SecurityExpressionHandler is post processed (#3820) 
Previously the SecurityExpressionHandler for message based configuration
did not have a beanResolver set.

This commit post processes the default message SecurityExpressionHandler
to ensure the beanResolver is set.

Fixes gh-3797
 2016-04-19 13:21:58 -04:00
Rob Winch
c872a77ad1 RoleHiearchy Bean used in GlobalMethodSecurity (#3394) 
Previously it required quite a bit of extra work to use RoleHiearchy
within Java Based Spring Security configuration.

Now if a single RoleHiearchy Bean is defined it will automatically
be picked up and used by method security.

Fixes gh-3394
 2016-04-19 12:47:38 -04:00
Johnny Lim
933a7e8363 Remove duplicate words 
Fixes gh-3826
 2016-04-18 23:21:20 -05:00
Rob Winch
fb5776cb5c Support Camel case URI variables (#3814) 
Perviously there were issues with case insenstive patterns and URI
variables that contained upper case characters. For example, the pattern
"/user/{userId}" could not resolve the variable #userId Instead it was
forced to lowercase and #userid was used.

Now if the pattern is case insensitive then so is the variable. This means
that #userId will work as will #userid.

Fixes gh-3786
 2016-04-18 17:54:48 -04:00
Will Tran
b01437281d Bouncy Castle 1.47 Support 
This forces us to avoid using CipherOutputStream, and instead use the
BlockCiphers directly. As an extra measure for correctness, test the
equivalence of the BC implementations against data sizes from 1 to 2048
bytes.

Fixes gh-2917
 2016-04-18 08:35:57 -05:00
Joe Grandja
81c9fa805f Fix AuthenticationPrincipalArgumentResolver xml doc 
Fixes gh-3771
 2016-04-15 16:06:17 -05:00
Simon Olofsson
337a7ed35e Fix HeaderWriterFilter Javadoc 
Fixes the formatting and spelling in HeaderWriterFilter Javadoc

Issue gh-3813
 2016-04-15 08:56:58 -05:00
Marten Deinum
cad81d0e18 Update TestNG 
This commit updates the TestNG dependency to 6.8.21. This
is the last JDK 1.6 supporting version. The update of TestNG
makes it possible to run the integration tests from within
Intellij allowing for easier debugging and troubleshooting.

Issue gh-3811
 2016-04-15 08:55:15 -05:00
Andrew NS Yeow
eb26095ca9 Fix HpkpHeaderWriter Javadoc format 2016-04-15 08:41:43 -05:00
Will Tran
44fa624b6b Refactor test assumptions about JCE to common class. (#3817) 
Apply assumptions directly to test methods instead of checking for key
length in crypto.gradle.
 2016-04-14 17:02:31 -05:00
Matthias Merdes
b6800bdb4d Update ExpressionUrlAuthorizationConfigurer Error Message 
Update error message
 2016-04-14 15:33:48 -05:00
Will Tran
40208127e8 Skip tests when AesBytesEncryptor can't be created in CBC or GCM mode. (#3816) 
Tests would fail in cases where JCE unlimited strength was available but
GCM wasn't, like on JDK7.
 2016-04-14 15:21:20 -05:00
Rob Winch
59db9413aa Add SpEL Bean reference test (#3815) 
Issue gh-3797
 2016-04-14 12:11:40 -05:00
Will Tran
63b2cfe1cf Bouncy Castle implementations of AES-256 
Adds "AES/CBC/PKCS5Padding" and "AES/GCM/NoPadding"

Fixes gh-2917
 2016-04-13 16:28:55 -05:00
Rob Winch
6f169267c4 HttpSecurity comparitor->comparator 
Rename HttpSecurity's comparitor to comparator

Fixes gh-3810
 2016-04-13 15:04:22 -05:00
Rob Winch
a7fb6d2e58 Add HttpSecurity.addFilterAt (#3809) 
Fixes gh-3784
 2016-04-13 16:01:25 -04:00
Joe Grandja
2ef3da1b47 Documents the new @AuthenticationPrincipal in more detail. 
Fixes gh-3771
 2016-04-13 12:27:23 -04:00
Rob Winch
95a3e30d9f Polish Pbkdf2PasswordEncoder 
Fixes gh-2158
Fixes gh-51
 2016-04-12 17:16:38 -05:00
Rob Worsnop
0ab7126e64 Added PBKDF2PasswordEncoder. 
- Also moved some logic into a new class, AbstractPasswordEncoder.
Both PBKDF2PasswordEncoder and the now-simplified
StandardPasswordEncoder extend AbstractPasswordEncoder.
 - Added tests for PBKDF2PasswordEncoder

Issue gh-2158
 2016-04-12 17:16:38 -05:00
Rob Winch
d3a9cc6eae Add CsrfTokenRepository (#3805) 
* Create LazyCsrfTokenRepository

Fixes gh-3790

* Add CookieCsrfTokenRepository

Fixes gh-3009
 2016-04-12 17:26:53 -04:00
Vedran Pavić
e9cb92bb74 Add GitHub Pull Request template 
Added a Pull Request template for GitHub
 2016-04-12 16:08:16 -05:00
Leon Radley
b82df4ecf3 Add alwaysRemember to RememberMe Java Config 
Allow setting alwaysRemember from RememberMeConfigurer

Fixes gh-180
 2016-04-12 13:37:44 -05:00
Jeffrey Walraven
bd0c8a7baa Fix HttpSecurity logout JavaDoc 
Removed error provoking extra logout() from example code
 2016-04-12 13:24:40 -05:00
Art O Cathain
1d271184c9 Fix Documentation Formatting 
Fix corrupted character and add formatting per the duplicated text
block

Fixes gh-193
 2016-04-12 13:07:07 -05:00
Soeun Park
8f7cf28435 Fix typos in documentation 
Fixes gh-196
Fixes gh-3109
 2016-04-12 12:59:21 -05:00
Johnny Lim
fe94d654ed Fix typos (#228) 2016-04-12 11:11:51 -05:00
Nicolai Ehemann
c57dba6b77 Fix typo in setMessageExpessionHandler (#3803) 2016-04-12 11:08:52 -05:00
Joe Grandja
b90242f2fa Updates all POM versions to 4.1.0 snapshot build. 
Fixes gh-3804
 2016-04-12 10:35:43 -04:00
Joe Grandja
849c62b870 Disables doclint in Java 8 to prevent build error from javadoc task. 
Fixes gh-3767
 2016-04-11 18:19:30 -04:00
Joe Grandja
945a21a3fb Use xml / javaconfig folders for samples 
Fixes gh-3752
 2016-04-11 09:47:06 -05:00
izeye
2c85fb05d0 Remove duplicate test. 
Remove duplicate test with `trailingWildcardWithVariableMatchesCorrectly()`.

Fixes gh-183
 2016-04-08 13:36:45 -05:00
Rob Winch
4fd9fd2939 Update ISSUE_TEMPLATE.md 2016-04-08 09:30:50 -05:00
Rob Winch
5bba6c9111 Create ISSUE_TEMPLATE.md 2016-04-08 09:29:44 -05:00
Eddú Meléndez Gonzales
a5a5d9a1a9 Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities (#3793) 
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)

Fixes gh-3791
 2016-04-08 08:55:53 -05:00
Quinten De Swaef
d05fe8ec07 Fix typo in xsd 
Fixes gh-3229
 2016-04-05 09:47:48 -05:00
Rob Winch
8abb882927 Rename poorly named withUser variable 
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.

This commit renames the variables to withSecurityContext.

Fixes gh-3775
 2016-04-01 10:27:14 -05:00
Kamill Sokol
9c3db557dd Add missing # in SpEL expression doc 
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.

Fixes gh-3781
 2016-04-01 10:21:17 -05:00
Rob Winch
f49cd5faba Polish Codestyle 2016-04-01 09:53:32 -05:00
Rob Winch
d900c78f11 Perform null check on super.getAsyncContext() 
Fixes gh-3780
 2016-04-01 09:53:32 -05:00
Rob Winch
14fb2276e2 Merge pull request #3773 from jgrandja/master 
Includes reference to https://report-uri.io/ in CSP and HPKP docs
 2016-03-30 13:23:24 -05:00
Joe Grandja
9e5cdbd133 Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation. 
Fixes gh-3772
 2016-03-30 12:12:43 -04:00
Shazin Sadakath
1bc7060c93 Add AuthenticationSuccessHandler support to AbstractPreAuthenticatedProcessingFilter 
Fixes gh-3389
 2016-03-25 09:46:16 -05:00
Spring Buildmaster
008b721a20 Next development version 2016-03-23 07:15:45 -07:00
Spring Buildmaster
044acf7e27 Release version 4.1.0.RC1 4.1.0.RC1 2016-03-23 07:15:15 -07:00
Rob Winch
b3d26ed5d6 Add changelog in What's New 
Issue gh-3768
 2016-03-22 22:40:58 -05:00
Rob Winch
bf9a837b9a Polish What's New 
Issue gh-3768
 2016-03-22 22:37:52 -05:00
Rob Winch
40b7fa5b72 Update Issues Link 
Issue gh-3333
 2016-03-22 22:37:52 -05:00
Rob Winch
3e47531b19 Polish CSP reference 
Issue gh-3763
 2016-03-22 22:37:51 -05:00
Rob Winch
e04f685747 Fix Typo in @WithUserDetails reference 
Issue gh-3346
 2016-03-22 22:37:41 -05:00