Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,912 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

5912 Commits

Author SHA1 Message Date
stonio 2a197c72eb Fix typos in the reference 
Fix typos in the reference documentation

Fixes gh-4113
 2016-11-09 10:05:27 -06:00
Rob Winch ab5af87953 Add Referrer Policy to What's New 2016-11-08 16:14:20 -06:00
Eddú Meléndez 23294c4c57 Add Referrer-Policy header support 
Fixes gh-4110
 2016-11-08 13:21:35 -06:00
Kazuki Shimizu eb2870bf82 Polishing doc in What's New in Spring Security 4.2 2016-11-08 11:19:51 -06:00
Rob Winch 9fa42117f7 Update GRADLE_OPTS to use " instead of ' 2016-11-01 20:11:05 -05:00
Rob Winch cf3d6e7167 Fix Small Typo 
propoerty->property
 2016-10-31 11:31:52 -05:00
Spring Buildmaster 08f0b57243 Next development version 2016-10-26 02:49:27 +00:00
Spring Buildmaster 97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch 8ca4b55d32 Update What's New Section of Reference 
Fixes gh-4109
 2016-10-25 15:03:59 -05:00
Rob Winch 8e546454a5 Polish ApacheDSContainer LDAPs support 
Issue gh-4096
 2016-10-25 10:17:08 -05:00
Gunnar Hillert 406bb1d4d5 Add LDAPs support to ApacheDSContainer 
* Add the ability to enable LDAP over SSL (LDAPs)
* Add tests

Fixes gh-4096
 2016-10-25 10:16:35 -05:00
Rob Winch 8437d0fea3 Remove Eclipse Project Name customization 
Previously the build specified the major.minor.x as a suffix for the
project name. This is now removed since Buildship ignores it.
 2016-10-24 18:39:49 -05:00
Rob Winch df3b8bc284 Add Spring MVC test for override cache control 
Issue gh-3975
 2016-10-24 15:57:32 -05:00
Rob Winch 57d7ad05f9 Revert "Cache Control only written if not set" 
This reverts commit 242b831f20.
Spring MVC fixed the issue we were working around and the changes
in Spring Security were unreliable.

Fixes gh-3975
 2016-10-24 15:57:26 -05:00
Rob Winch e62596f36d Polish PasswordEncoderUtils do not leak length 
Fix possible / 0 if expected is empty String.

Issue gh-255
 2016-10-24 12:50:46 -05:00
Rob Winch d3685d89c5 Polish PasswordEncoderUtils do not leak length 
Issue gh-255
 2016-10-24 11:26:43 -05:00
avri-schneider a98389fa98 PasswordEncoderUtils do not leak length 
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
 2016-10-24 11:26:34 -05:00
Rob Winch dc9f9b140f Polish PasswordEncoderUtilsTests 
* Add more tests
* Smaller tests
* Follow new naming convention
 2016-10-24 11:24:24 -05:00
Rob Winch f432c04111 Create UserBuilder 
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
 2016-10-21 16:42:03 -05:00
Johnny Lim 50b72dddbc Fix typo in Javadoc 
This commit simply fixes typo in Javadoc.
 2016-10-20 21:07:15 -05:00
Rob Winch 94e580fe64 Add Support for Custom Default Configuration in Web Security 
Fixes gh-4102
 2016-10-19 16:15:56 -05:00
Rob Winch af9139b613 Add intercept-url@request-matcher-ref 
Fixes gh-4097
 2016-10-18 22:27:31 -05:00
Rob Winch f019ea89e7 Remove unused lowercase-comparisons from XSD 
Fixes gh-3932
 2016-10-18 22:27:28 -05:00
Rob Winch 0d700628dc Add spring-security-4.2.xsd to spring.schemas 
Fixes gh-4098
 2016-10-18 22:27:22 -05:00
Rob Winch aaa9708b95 Add BeanResolver to AuthenticationPrincipalArgumentResolver 
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.

This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.

Fixes gh-3949
 2016-10-18 19:45:54 -05:00
Joe df9e6c973c linked to java configuration sample applications 
removed outdated description and linked directly to java configuration sample applications
 2016-10-17 21:12:17 -05:00
Paul Samsotha 1da9c06f3b Fix Reference (test.adoc) Typo 
@SpringExecutionListeners -> @SpringTestExecutionListeners
 2016-10-17 21:11:19 -05:00
Rob Winch 0c35209d77 Document Proxy Server 
Issue gh-4076
 2016-10-17 21:07:57 -05:00
Rob Winch badb466cc5 AuthenticationConfiguration imports ObjectPostProcessor 
Fixes gh-4086
 2016-10-17 20:00:27 -05:00
Rob Winch 46bb855737 Remove chat sample 
Removed in favor of
https://github.com/spring-projects/spring-session/tree/master/samples/websocket

Fixes gh-4094
 2016-10-17 17:02:59 -05:00
Rob Winch 6a3a5f7beb Polish Deprecations 
Issue gh-4080
 2016-10-17 17:02:59 -05:00
Rob Winch 52c6e3cf89 Create RedirectMatcher 
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.

Issue gh-4080
 2016-10-17 17:02:58 -05:00
Rob Winch 17cfd4707b Fix deprecations 
Issue gh-4080
 2016-10-17 17:00:18 -05:00
Rob Winch 2c99cd3bbf Remove MatcherAssertionErrors 
Spring 5 removes MatcherAssertionErrors. We should not have been using
this class anyways.

This commit updates to using assertj in favor of MatcherAssertionErrors.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 8a7ac398e6 Remove TheController from Bean 
It is already picked up with classpath scanning

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 5e35e37a2b Update to Thymeleaf 3.0.2 and remove tiles 
Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch c1e9140940 Update itest/web to use Servelt 3.1 
Previously itest/web used Servlet 2.5 which Spring 5 is not
compatabile with. This commit removes unnecessary tests (ones that
were already covered) and converts the remaining tests to MockMvc
using the provided servlet version.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 1222fc5f10 XML ref to bean 
Spring 5 removes ref XML attribute in favor of bean XML attribute. This
commit updates all the samples and tests to use bean instead of ref.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 08c1f500a7 Version bumps for Spring 5 
Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch a18707c870 gradlew disables Gradle Daemon 
Fixes gh-4093
 2016-10-17 17:00:16 -05:00
Jitendra Singh 48ff518a41 Fix Jackson 2.7+ 
UnmodifiableSetDeserializer added which will ensure
Collection$UnmodifiableSet deserialize properly with jackson-databind 2.7+

Fixes gh-4073
 2016-10-13 07:42:07 -05:00
Rob Winch 0b1e3b4e4a Fix Reference Typo 
unlimitted->unlimited
 2016-09-23 16:45:08 -05:00
Rob Winch 6b4a52715b Fix Typo in Reference 2016-09-23 14:57:52 -05:00
Spring Buildmaster 7fb052e7ae Next development version 2016-09-23 19:39:35 +00:00
Spring Buildmaster c1b8150439 Release version 4.2.0.M1 2016-09-23 19:39:33 +00:00
Rob Winch 8b89e804e3 Polish RequestAttributeAuthenticationFilter 
Issue gh-3978
 2016-09-23 13:08:08 -05:00
Rob Winch c0f5aaee78 Adds What's New Spring Security 4.2 
Fixes gh-4070
 2016-09-23 13:02:27 -05:00
Rob Winch 6fb564a629 Polish HTTP Response Splitting 
Issue gh-3910
 2016-09-23 12:49:01 -05:00
Rob Winch 9ae163e92d Rename to RequestAttributeAuthenticationFilter 
Rename EnvironmentVariableAuthenticationFilter to
RequestAttributeAuthenticationFilterTests

Polish gh-3978
 2016-09-22 16:44:10 -05:00
Milan Ševčík a8120e74a7 Added authentication filter reading environment variables. 
This style is used in many SSO implementations, such as Stanford WebAuth
and Shibboleth.
 2016-09-22 16:30:54 -05:00