Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-12-30 20:10:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,140 Commits 54 Branches 369 Tags
Commit Graph

1166 Commits

Author SHA1 Message Date
M-Faheem-Khan
241c3cd35a Remove deprecated Cookie usage 
Remove usage of comment and verison usage

Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>
 2025-05-07 14:55:54 -05:00
Rob Winch
5f833fa236 Fix Checkstyle Errors 2025-05-07 10:50:41 -05:00
milaneuh
7fda87aecd Remove deprecated methods from CookieServerCsrfTokenRepository 2025-05-07 10:50:41 -05:00
Rob Winch
b453840c0a
HttpHeaders no longer a MultiValueMap 
Closes gh-17060
 2025-05-06 13:27:13 -05:00
Rob Winch
e5e962ef90
Jakarta Cookie HttpOnly Serialization 
The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".

This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
 2025-05-06 13:27:13 -05:00
Rob Winch
66319fc3bc
MockServerHttpRequest.method(String,String)->method(HttpMethod,String) 
Closes gh-17058
 2025-05-06 13:26:16 -05:00
Josh Cummings
aa338e9b0d
Merge branch '6.4.x' 2025-05-02 10:58:22 -06:00
Josh Cummings
57fc29e614
Merge branch '6.3.x' into 6.4.x 
Closes gh-17032
 2025-05-02 10:57:55 -06:00
Josh Cummings
e48f26e51e
Propagate StrictFirewallRequest Wrapper 
Closes gh-16978
 2025-05-02 10:57:07 -06:00
Max Batischev
c855453e40 Fix Typo In SubjectDnX509PrincipalExtractorTests 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-04-29 12:25:41 -06:00
Josh Cummings
f93a7a2f85
Deprecate HandlerMappingIntrospectorRequestTransformer 
Closes gh-16536
 2025-04-07 13:56:18 -06:00
chu3la
8cbe02e3aa Update WebAuthn Test Objects Class Names 
Closes gh-16604

Signed-off-by: chu3la <elmansouri.houssam@gmail.com>
 2025-04-03 16:33:34 -06:00
Josh Cummings
4cdc6dab21
Fix Formatting 
Issue gh-16604
 2025-04-03 12:55:51 -06:00
Vasanth
04d7130975
Update WebAuthn Test Objects Class Names 
Renamed the WebAuthn test object class names

Closes gh-16604

Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>
 2025-04-03 12:55:50 -06:00
Josh Cummings
b7d399ab89
Merge branch '6.4.x' 2025-04-01 12:02:53 -06:00
Josh Cummings
0954638d57
Merge branch '6.3.x' into 6.4.x 
Closes gh-16862
 2025-04-01 12:02:25 -06:00
DingHao
857ef6fe08 WithHttpOnlyCookie defaults to false 
Closes gh-16820

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-04-01 11:59:51 -06:00
Max Batischev
9a897d0b62 Add Support Postgres To JdbcUserCredentialRepository 
Closes gh-16832

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-31 16:43:36 -06:00
wtigerhyunsu
bdbf6a2be3 Add toString() to IpAddressMatcher.java 
Closes gh-16795

Signed-off-by: wtigerhyunsu <jack951@naver.com>
 2025-03-27 16:38:53 -06:00
Josh Cummings
99345537d6
Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter 
Issue gh-16417
 2025-03-26 16:38:39 -06:00
Josh Cummings
1eec51ab6c
Polish SwitchUserFilterTests 
Ensure that the appropriate HTTP Method is specified in tests

Issue gh-16417
 2025-03-26 16:38:38 -06:00
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components 
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
 2025-03-26 13:28:58 -06:00
Josh Cummings
50ad378a29
Polish MockHttpServletRequest Usage 
This commit makes so that the requestURI is set to a value that makes
sense with the other properties being mocked.

Issue gh-16632
 2025-03-26 13:27:17 -06:00
Rob Winch
491d28b6bb
Merge branch '6.4.x' 
- Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity

Closes gh-16821
 2025-03-25 16:19:14 -05:00
Rob Winch
a6b5c05da9
Additional WebAuthn4jRelyingPartyOperationTests 
- verify that anonymous users not saved
- verify that when user found the CredentialRecord is allowed

Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
9c054474a8
Use Test Name Conventions 
Issue gh-16385
 2025-03-25 16:14:25 -05:00
Borghi
e3a715b8f5 Fix issues identified in PR review 
Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 13:00:27 -03:00
Josh Cummings
56e757a2a1 Provide Authentication to AuthenticationExceptions 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
Josh Cummings
464e506429 Polish ExceptionTranslateWebFilter 
- Isolated exception construction
- Isolated entry point subscription

Issue gh-16444
 2025-03-21 21:54:32 -06:00
Josh Cummings
bfc12d55eb
Polish Tests 
Issue gh-16771
 2025-03-21 14:43:05 -06:00
Josh Cummings
3d96878d43
Cache RequestPath 
In this way PathPatternRequestMatcher won't need to reparse for each
request matcher.

Issue gh-16771
 2025-03-21 14:43:05 -06:00
Josh Cummings
86599afd43
Rename servletPath to basePath 
Closes gh-16765
 2025-03-21 12:04:46 -06:00
Josh Cummings
c53bf2befe
PathPatternRequestParser Retains Servlet Path 
Issue gh-16765
 2025-03-21 12:04:45 -06:00
Josh Cummings
861a9a914e
OneTimeToken Missing Token Propagates Request 
Closes gh-16780
 2025-03-20 17:23:06 -06:00
Daeho Kwon
24b7287d55 Replace dynamic error message with static "Access Denied" 
Closes gh-16514

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-03-20 15:20:54 -05:00
Steve Riesenberg
0938ca01a4
Add support for automatic context-propagation with Micrometer 
Closes gh-16665
 2025-03-13 15:29:08 -05:00
Max Batischev
c7673e8f2f Polish AbstractAuthenticationTargetUrlRequestHandler 
PR gh-16557

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 14:03:13 -07:00
Max Batischev
47630ca354 Fix JdbcUserCredentialRepository Save 
Closes gh-16620

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 13:57:41 -07:00
Max Batischev
58a665e5aa Add Support SingleResultAuthorizationManager 
Closes gh-16590

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 13:46:23 -07:00
Josh Cummings
2d96fba5cf
Add HttpsRedirectFilter 
Closes gh-16678
 2025-02-28 09:30:53 -07:00
Josh Cummings
e569c7a39e
Fix Tests 
Issue gh-16517
 2025-02-27 14:07:49 -07:00
topiam
85f0f3f34a
Support Custom RequestMatchers for WebAuthn 
Closes gh-16517

Signed-off-by: topiam <support@topiam.cn>
 2025-02-27 14:07:49 -07:00
Rob Winch
9417f02790
Deprecate PortResolver 
Closes gh-15972
 2025-02-26 16:13:10 -06:00
Josh Cummings
588220a020
Add PathPatterRequestMatcher 
Closes gh-16429
Clsoes gh-16430
 2025-02-21 13:40:23 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
0ccbd20f0a Add Support ServerFormPostRedirectStrategy 
Closes gh-16542

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Borghi
0bc9313fdd Fix bug PublicKeyCredentialUserEntityRepository saves anonymousUser 
Issue gh-16385

Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>
 2025-02-16 22:50:34 -03:00
tejas-teju
c4b223266c Return Invalid Credentials message on login error 
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
 2025-02-14 16:01:22 -07:00
Josh Cummings
e42865b926
Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
Max Batischev
b5a4218a0b Make WebAuthnAuthenticationRequestToken Serializable 
Closes gh-16481

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-14 11:51:46 -07:00