Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-09 03:52:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,395 Commits 38 Branches 348 Tags
Commit Graph

11395 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
a68411566e Polish Memory Leak Mitigation 
Issue gh-9841
 2021-11-30 15:33:47 -07:00
Hiroshi Shirosaki
2bc643d6c8 Address SecurityContextHolder memory leak 
To get current context without creating a new context.
Creating a new context may cause ThreadLocal leak.

Closes gh-9841
 2021-11-30 15:33:39 -07:00
Josh Cummings
1251cde04c Add Missing Since 
Issue gh-10482
 2021-11-30 15:17:48 -07:00
Igor Pelesic
a3a9de1b9b PermitAllSupport supports AuthorizeHttpRequestsConfigurer 
PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown.

Closes gh-10482
 2021-11-30 15:17:22 -07:00
Josh Cummings
7e55c84cfc Add Missing Since 
Issue gh-10482
 2021-11-30 15:15:35 -07:00
Igor Pelesic
72109e2921 PermitAllSupport supports AuthorizeHttpRequestsConfigurer 
PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown.

Closes gh-10482
 2021-11-30 15:00:04 -07:00
Steve Riesenberg
f838b7cb1d Polish gh-10081 2021-11-30 15:44:41 -06:00
Jonas Dittrich
23e895f0b1 Add ObjectIdentityGenerator customization to JdbcAclService 
Providing the possibility to change, how ObjectIdentitys are created inside the BasicLookupStrategy,JdbcAclService

There was a problem with hard coded object identity creation inside the BasicLookupStrategy and the JdbcAclService. It was overkill to overwrite
these classes only for changing this, so introducing an ObjectIdentityGenerator seems the be the better solution here. At default, the standard
ObjectIdentityRetrievalStrategyImpl is used, but can be customized due to setters.

Closes gh-10079
 2021-11-30 15:43:11 -06:00
Josh Cummings
78857c62f4 Polish Memory Leak Mitigation 
Issue gh-9841
 2021-11-30 14:29:18 -07:00
Hiroshi Shirosaki
809ff883b0 Address SecurityContextHolder memory leak 
To get current context without creating a new context.
Creating a new context may cause ThreadLocal leak.

Closes gh-9841
 2021-11-30 14:29:18 -07:00
Steve Riesenberg
204f0b4599 Polish gh-10007 2021-11-30 15:27:58 -06:00
Guirong Hu
43317c5a61 Support IP whitelist for Spring Security Webflux 
Closes gh-7765
 2021-11-30 15:27:58 -06:00
Steve Riesenberg
898ba67098 Polish gh-10007 2021-11-30 13:59:55 -06:00
Guirong Hu
9f51240bf1 Support IP whitelist for Spring Security Webflux 
Closes gh-7765
 2021-11-30 13:59:55 -06:00
Steve Riesenberg
9a9136d96d Fix import spacing 2021-11-30 13:56:46 -06:00
Steve Riesenberg
c6a27d44e5 Remove failing test due to HttpMethod changes 
Closes gh-10569
 2021-11-30 13:31:39 -06:00
Jonas Erbe
8c063f8ccb Fix JwtClaimValidator wrong error code 
Previously JwtClaimValidator returned the invalid_request error on claim validation failure.
But validators have to return invalid_token errors on failure according to:
https://datatracker.ietf.org/doc/html/rfc6750#section-3.1.
Also see gh-10337

Closes gh-10337
 2021-11-29 12:13:24 -07:00
Jonas Erbe
dec858a5b7 Fix JwtClaimValidator wrong error code 
Previously JwtClaimValidator returned the invalid_request error on claim validation failure.
But validators have to return invalid_token errors on failure according to:
https://datatracker.ietf.org/doc/html/rfc6750#section-3.1.
Also see gh-10337

Closes gh-10337
 2021-11-29 12:04:30 -07:00
Jonas Erbe
82426e20e1 Fix JwtClaimValidator wrong error code 
Previously JwtClaimValidator returned the invalid_request error on claim validation failure.
But validators have to return invalid_token errors on failure according to:
https://datatracker.ietf.org/doc/html/rfc6750#section-3.1.
Also see gh-10337

Closes gh-10337
 2021-11-29 12:02:02 -07:00
Eleftheria Stein
bbeca7cd65 Polish LDAP serialization 
Closes gh-9263
 2021-11-29 18:03:15 +01:00
Markus Heiden
3c18278123 Start with LDAP Jackson2 mixins 
Issue gh-9263
 2021-11-29 18:03:03 +01:00
Eleftheria Stein
4f8c1b34af Polish LDAP serialization 
Closes gh-9263
 2021-11-29 17:59:24 +01:00
Markus Heiden
7cfd415cb5 Start with LDAP Jackson2 mixins 
Issue gh-9263
 2021-11-29 17:49:57 +01:00
Steve Riesenberg
74e3abc992 Polish gh-10081 2021-11-23 15:52:45 -06:00
Jonas Dittrich
86193b9540 Add ObjectIdentityGenerator customization to JdbcAclService 
Providing the possibility to change, how ObjectIdentitys are created inside the BasicLookupStrategy,JdbcAclService

There was a problem with hard coded object identity creation inside the BasicLookupStrategy and the JdbcAclService. It was overkill to overwrite
these classes only for changing this, so introducing an ObjectIdentityGenerator seems the be the better solution here. At default, the standard
ObjectIdentityRetrievalStrategyImpl is used, but can be customized due to setters.

Closes gh-10079
 2021-11-23 15:52:45 -06:00
Henning Poettker
f1ca42e501 Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 14:14:05 -03:00
Henning Poettker
bb99d7d95a Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 14:13:12 -03:00
Henning Poettker
04161b9288 Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 10:38:04 -03:00
Lars Grefer
719149f01d Remove usages of Gradle's jcenter() repository 
Closes gh-10253
 2021-11-22 09:38:49 -03:00
Lars Grefer
ccd30607a9 Fix Gradle Deprecation Warnings 2021-11-22 09:38:44 -03:00
Lars Grefer
d736a2b358 Remove usages of Gradle's jcenter() repository 
Closes gh-10253
 2021-11-22 09:28:47 -03:00
Lars Grefer
cf95d3f91e Fix Gradle Deprecation Warnings 2021-11-22 09:28:24 -03:00
Lars Grefer
0541341201 Remove usages of Gradle's jcenter() repository 
Closes gh-10253
 2021-11-22 08:42:40 -03:00
Lars Grefer
5c012dc7eb Fix Gradle Deprecation Warnings 2021-11-22 08:42:40 -03:00
Josh Cummings
ba5a68ec63 Polish LdapAuthenticationPopulator Support 
PR gh-9276
 2021-11-19 12:19:43 -07:00
Filip Hanik
ae08608011 LdapAuthoritiesPopulator should be postProcessed 
To enable customizations through withObjectPostProcessor
 2021-11-19 12:03:44 -07:00
Josh Cummings
4374905801 Establish new Package Tangle Baseline 
Ran ./gradlew check && ./gradlew s101 -Ps101.label=baseline

Issue gh-10333
 2021-11-19 11:46:08 -07:00
Norbert Nowak
4bc55769a3 Import cleanup 
Issue gh-10333
 2021-11-19 11:46:08 -07:00
Norbert Nowak
4f186f2c1f Move Dsl files to annotation Package 
Closes gh-10333
 2021-11-19 11:46:08 -07:00
Jerome Prinet
0d8450a725 Bump up Gradle enterprise plugin to 3.7.2 2021-11-19 14:05:34 -03:00
Marcus Da Coregio
25feedb870 Fix removal of framework deprecated code 
Issue https://github.com/spring-projects/spring-framework/issues/27686
 2021-11-19 13:06:13 -03:00
Dávid Kováč
17e28fa7aa Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 13:48:32 +01:00
Dávid Kováč
aa1ef46d84 Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 13:33:05 +01:00
Dávid Kováč
862122a267 Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 08:13:12 +01:00
Josh Cummings
16a21264d0 Polish AuthRequestConverter Sample Doc 
Issue gh-10364
 2021-11-18 13:36:31 -07:00
Josh Cummings
739cdc1a4c Polish AuthRequestConverter Sample Doc 
Issue gh-10364
 2021-11-18 13:36:10 -07:00
Josh Cummings
2dac210cac Polish AuthRequestConverter Sample Doc 
Issue gh-10364
 2021-11-18 13:32:36 -07:00
Norbert Nowak
1c0f092176 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:26:53 -07:00
Norbert Nowak
02cd1dd3c4 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:26:25 -07:00
Norbert Nowak
9316241c01 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:24:59 -07:00