4489163163
Use Spring Boot configuration for saml2Login()
...
Fixes gh-7521
https://github.com/spring-projects/spring-security/issues/7521
2019-10-25 08:22:40 -07:00
5345aecd7f
Align RSocket sample with new Spring Boot configuration
2019-10-25 08:22:40 -07:00
bcaa8bc7e9
Upgrade to Spring Boot 2.2.0.RELEASE
2019-10-25 08:22:40 -07:00
9b4c170af0
Create Exploits Section for Reactive
...
Issue gh-2567
2019-10-24 15:03:05 -05:00
bbda755a07
Fix Servlet exploits leveloffset
...
Fixes gh-2567
2019-10-24 14:14:02 -05:00
08fb9c960b
Fix invalid ids
...
Issue gh-2567
2019-10-24 14:06:23 -05:00
55a98b9969
CSRF Documentation
...
Issue gh-2567
2019-10-24 13:24:44 -05:00
02aaba37cd
Documentation TOC on the left
...
This better aligns with other documentation
Issue gh-2567
2019-10-24 13:24:36 -05:00
de7cbc82b5
Clarify in Javadoc that expressionHandler should not be null
...
Fixes: gh-2665
2019-10-23 15:10:39 -04:00
b9f122230b
Align javadoc of continueFilterChainOnUnsuccessfulAuthentication with actual behaviour
2019-10-23 14:50:57 -04:00
8584b12c8d
Make saveAuthorizedClient save the authorized client
...
Previously, saveAuthorizedClient never actually saved the authorized
client, because it ignored the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient.
Now, it does not ignore the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient, and includes it in
the stream, and therefore it will properly save the authorized client.
Fixes gh-7546
2019-10-23 12:12:23 -04:00
d26f40f062
DefaultRedirectStrategy should redirect to root if the context-relative URL does not contain the context-path.
2019-10-23 09:41:00 -04:00
1c53a7859b
Fix access token expiry check with clock skew
...
Fixes gh-7511
2019-10-22 21:54:55 -04:00
62c7de03c3
Add RequestMatcher to AbstractPreAuthenticatedProcessingFilter
...
Moved the existing auth check logic to the matcher.
Issue: gh-5928
2019-10-22 16:55:54 -04:00
63607ee213
Add configurable mapping function to map authorities
2019-10-22 13:45:34 -04:00
2d26be9446
Remove redundant public modifier
2019-10-21 16:28:39 -04:00
2cc05550fc
rename comparison method to isGranted and add test
2019-10-21 16:00:33 -04:00
a4ea989e9c
remove trailing whitespace
2019-10-21 16:00:33 -04:00
a449d6c316
extract permission mask comparison for subclasses to override
2019-10-21 16:00:33 -04:00
6ad328f909
Add Clock Skew Tests
...
Fixes gh-7511
Co-authored-by: Isaac Cummings <josh.cummings+zac@gmail.com>
2019-10-17 20:19:47 -06:00
264daec697
Test context relative URL with multiple schemes
2019-10-16 15:32:02 -04:00
1081066d60
Polish AuthorityUtils
...
Changed parameter name to authorities
Added JavaDoc
Fixes gh-4805
Co-authored-by: Everett Irwin <everettirwin77@gmail.com>
2019-10-16 10:44:00 -06:00
0387723334
fix webflux samples documentation path
...
The documentation of webflux integration sample projects was pointing to the `javaconfig` instead of `boot` folder.
2019-10-16 10:52:08 -04:00
f4b9abdbb1
Fix typo in Javadoc
2019-10-16 10:46:17 -04:00
8ebfba3019
Support configuration of protocol binding for authentication requests
2019-10-15 15:57:45 -05:00
971ae346c5
Update to Spring Data Moore-RELEASE
2019-09-30 20:04:17 -07:00
0feaf9bf6f
Disable force milestone repository
...
We will be using spring boot release for our next release, so we
do not need to force milestones now.
2019-09-30 18:22:13 -05:00
b8beee97a8
Next development version
2019-09-30 16:12:25 -05:00
b7d97ca077
Release 5.2.0.RELEASE
2019-09-30 16:11:06 -05:00
0d088b581b
Allow milestone for Boot version
2019-09-30 16:07:29 -05:00
4113e79aa3
Upgrade Spring Boot to 2.2.0.M6
2019-09-30 14:05:17 -07:00
8c4252681e
Upgrade rsocket to 1.0.0-RC5 without BOM
2019-09-30 14:05:17 -07:00
cdeeb27b51
Upgrade Spring Data to Lovelace-SR11
2019-09-30 14:05:17 -07:00
9393017e3f
Upgrade Project Reactor to Dysprosium-RELEASE
2019-09-30 14:05:17 -07:00
09c29d286a
Upgrade Spring Framework to 5.2.0.RELEASE
2019-09-30 14:05:17 -07:00
b29106ea31
Use deamon thread for Schedulers.newParallel
...
Fixes gh-7492
2019-09-30 15:19:31 -05:00
1bf0e70bd0
Revert "Dispose default Scheduler"
...
This reverts commit 39600b901f
2019-09-30 15:19:31 -05:00
8bc3ad16ef
SAML 2 Login - Documentation
...
Fixes gh-7472
https://github.com/spring-projects/spring-security/issues/7472
2019-09-30 13:03:05 -07:00
fc8a0184b0
Polish Dispose default Scheduler
2019-09-30 14:42:28 -05:00
e0414e5cbe
Merge pull request #7493 from robotmrv/gh-7492
...
Dispose default Scheduler
2019-09-30 14:40:28 -05:00
3051a79188
Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
2019-09-30 14:33:41 -05:00
a911f3d52f
Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-30 14:14:59 -05:00
3854afad61
Merge Add denyAll method in AuthorizePayloadsSpec.Access
2019-09-30 14:05:42 -05:00
03e2efacf4
Add Hello RSocket Sample
...
Fixes gh-7504
2019-09-30 13:58:03 -05:00
83b5f5c7ae
Improve the Saml2AuthenticationRequest object
...
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
2019-09-30 11:01:34 -07:00
9731386de5
Correctly set "Destination" in AuthNRequest message
...
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
2019-09-30 11:01:34 -07:00
69eacac514
Fix javadoc for RelyingPartyRegistrationRepository
2019-09-30 09:22:36 -07:00
7adb4da3ef
Always require signature on either response or assertion
...
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
2019-09-30 09:22:36 -07:00
d83aa34dde
Add RSocket Reference
...
Fixes gh-7502
2019-09-30 11:03:00 -05:00
b764af6b9b
CookieServerCsrfTokenRepositoryTests Leading Dot
...
ResponseCookie removed support for having a leading dot in the cookie
domain.
Fixes gh-7500
2019-09-30 08:39:45 -06:00
Filip Hanik
Rob Winch
Eleftheria Stein
Filip Hrisafov
Phil Clay
Michel Palourdio
Joe Grandja
Tadaya Tsuyukubo
Giovanni Lovato
Markus Öllinger
Everett Irwin
Isaac Cummings
Ramon Pires da Silva
Roland Weisleder
Brendt Lucas
Josh Cummings