Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 04:52:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,410 Commits 55 Branches 348 Tags
Commit Graph

7410 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ankur Pathak
2625de9c23
Fixes typo in x,rnc files 
1. Fixes type ammount to amount in *.rnc files
2. Regenerates *.xsd files from *.rnc files

Fixes: gh-6325
 2019-01-08 11:33:46 -07:00
Onur Kagan Ozcan
a145653030 Fix UsernamePasswordAuthenticationTokenDeserializer to handle customized object mapper inclusion settings 
Resolves #4698
 2019-01-07 14:23:53 -06:00
Slava Semushin
8bc0ef86da LazyCsrfTokenRepository: fix a typo in javadoc. 2019-01-07 13:36:17 -06:00
Joe Grandja
a02d6ad2a4 AuthenticationFailureEvent should publish once 
Fixes gh-6281
 2018-12-21 07:55:24 -05:00
Josh Cummings
acdd9ba1db
Split Branches Into Multiple Sonarqube Projects 
Eliminate analysis collisions and simplify application of analysis
quite periods.

Fixes: gh-6091
 2018-12-18 14:42:45 -07:00
finke-ba
e218ac2e40 Add conditionally servlet based support for spring security web jackson module. 2018-12-18 14:22:48 -06:00
Rob Winch
dd859c4a6e Fix LoginPageGeneratingWebFilter Markup 
Fixes: gh-6295
 2018-12-17 11:18:40 -06:00
Ian He
5d85a1c9d8 Fix DefaultLoginPageGeneratingFilter Markup 
the `</h3>` should be `</h2>`.
 2018-12-17 10:50:23 -06:00
Zhanwei Wang
49167458d2 Improve error message for Chinese. 2018-12-06 11:59:35 -06:00
Robbie Martinus
6b4edacde2 SessionRegistryImpl uses computeIfAbsent 
Fixes: gh-5834
 2018-12-05 10:28:30 -06:00
lmagyar
b7cebee89e SecurityContextCallableProcessingInterceptor thread visibility fix 
Within class SecurityContextCallableProcessingInterceptor field securityContext should volatile.

Fixes gh-6143
 2018-12-03 15:46:20 -06:00
Rafael Dominguez
01787ea168 Restored Jacoco default task dependence 
This commit ensures that the jacoco plugin is applied when calling
check and test tasks.
Also remoed the clean task that prevented sonarqube using coverage data

Fixes: gh-6199
 2018-11-30 14:26:36 -06:00
Rob Winch
e3e9758da7 Fix Generics in ReactorContextTestExecutionListenerTests for JDK 9+ 
Issue: gh-6075
 2018-11-30 12:08:50 -06:00
Aanuoluwapo Otitoola
46012d62af ReactorContextTestExecutionListener should use named hooks 
Fixes: gh-6075
 2018-11-30 11:16:47 -06:00
Rob Winch
6eb8129173 Next Snapshot 2018-11-28 08:45:53 -06:00
Rob Winch
55dd732443 Release 5.1.2.RELEASE 5.1.2.RELEASE 2018-11-28 08:44:40 -06:00
Rob Winch
45cbdc03ba Remove Thymeleaf dependency management 
Fixes: gh-6161
 2018-11-28 08:20:09 -06:00
Rob Winch
d99c7dbfd1 Update to GAE 1.9.68 
Fixes: gh-6160
 2018-11-28 08:19:56 -06:00
Rob Winch
d8de4d06f7 Update to Mockito 2.23.4 
Fixes: gh-6159
 2018-11-28 08:19:41 -06:00
Rob Winch
be2f0f0fae Update to AspectJ 1.9.2 
Fixes: gh-6158
 2018-11-28 08:19:33 -06:00
Rob Winch
920d5ca6ad Update to unboundid 4.0.9 
Fixes: gh-6157
 2018-11-28 08:19:20 -06:00
Rob Winch
6dcf5a27b1 Update to Powermock 2.0.0-RC.4 
Fixes: gh-6156
 2018-11-28 08:19:13 -06:00
Rob Winch
c2166c4207 Update to cglib-nodep:3.2.9 
Fixes: gh-6155
 2018-11-28 08:18:57 -06:00
Rob Winch
1542835268 Update to Spring Data Lovelace-SR3 
Fixes: gh-6154
 2018-11-28 08:18:40 -06:00
Rob Winch
ae471e1456 Update to Spring 5.1.3 
Fixes: gh-6153
 2018-11-28 08:18:31 -06:00
Rob Winch
853c54eecb Update to Reactor Californium-SR3 
Fixes: gh-6152
 2018-11-28 08:18:18 -06:00
Joe Grandja
10f6d10f81 Update com.squareup.okhttp3 deps to 3.12.0 
Fixes gh-5570
 2018-11-26 12:44:30 -05:00
Rafael Dominguez
02d844d528
Enable Code Coverage Reports in Sonar 
This commit ensures that jacocoTestReport task is called when running the Sonar stage.
Additionally, a variable is passed instructing Sonar where to find the test result data.

Fixes: gh-6092
 2018-11-26 09:29:21 -07:00
Rafael Dominguez
c0849ba891 Update to Gradle 4.10.2 
Fixes gh-6106
 2018-11-21 09:59:12 -06:00
Josh Cummings
db145fa03f
Register NullRequestCache When Disabled 
Fixes: gh-6102
 2018-11-20 07:39:54 -07:00
Josh Cummings
42b8b794a8
RequestCacheConfigurerTests groovy->java 
Issue: gh-4939
 2018-11-20 07:37:54 -07:00
dperezcabrera
8014114225 Make InMemory*ClientRegistrationRepository Consistent 
The previous builders with the list argument were inconsistent with their 
respective builders of var args.
 2018-11-19 11:12:37 -06:00
Rafael Dominguez
a742c0c3f2 WebClientReactiveClientCredentialsTokenResponseClient.getTokenResponse expects 2xx http status code 
This ensures that token response is only extracted when ClientResponse has a successful status

Fixes: gh-6089
 2018-11-19 10:51:33 -06:00
Rafael Dominguez
1cec4fe3ac OAuth2AccessTokenResponseBodyExtractor supports Object values 
This commit ensures the token response is parsed correctly if the values are not a String.

Fixes: gh-6087
 2018-11-15 13:24:48 -06:00
Daniel Bustamante Ospina
8655caa2de Update webflux-form sample to use Built in CSRF Support 
Remove the CsrfControllerAdvice class and update dependencies to add
org.thymeleaf.extras:thymeleaf-extras-springsecurity5

Issue: gh-6061
 2018-11-14 17:19:06 -06:00
Dongmin Shin
dc5f5f348d Fix Typo in Reference Docs 
Fixes gh-6076
 2018-11-14 11:37:22 -06:00
Rafael Dominguez
35e05780ea Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE 2018-11-14 10:55:26 -06:00
Gunnar Hillert
a461abcf32 Docs: Fix Maven Property example spring-security.version 2018-11-13 15:09:46 -06:00
Josh Cummings
ba1f5f3873
Leave Issuer As String - Documentation 
Update documentation that indicated the iss claim is proactively
coerced into a URL.

Issue: gh-6073
 2018-11-13 12:35:08 -07:00
Josh Cummings
5478b74116
Leave Issuer As String 
Since StringOrURI is a valid issuer, MappedJwtClaimSetConverter and
JwtIssuerValidator no longer assume it.

Issue: gh-6073
 2018-11-13 10:43:36 -07:00
Josh Cummings
dc4aa3d017
Favor URL.toExternalForm 
Converts URLs to Strings before comparing them. Uses toString(),
which delegates to toExternalForm().

Fixes: gh-6073
 2018-11-13 07:39:24 -07:00
Josh Cummings
2bc156ed19
Update to spring-build-conventions:0.0.22.RELEASE 
Fixes: gh-6064
 2018-11-12 09:31:51 -07:00
dperezcabrera
0270994340 InMemoryUserDetailsManager.updatePassword case-insenstive 
Previously updatePassword was case sensitive which was
inconsistent with the rest of the class.

This commit updates updatePassword to be case insensitive.

Fixes: gh-6039
 2018-11-09 11:41:44 -06:00
Erik van Paassen
a557a324c0 Fix csrf:token-repository-ref XSD documentation 
The documentation of the token-repository-ref attribute of the csrf
element in the schema has been updated to make clear the default
repository is lazy. Targets versions 4.2, 5.0 and 5.1.

Fixes gh-6037
 2018-11-08 10:22:07 -06:00
Josh Cummings
73022059d4
Update Reactive Resource Server Docs 
Resource Server documentation for both Servlet and Reactive now have a
similar feel and offer deeper exposure to common use cases.

Fixes: gh-6054
 2018-11-07 12:10:33 -07:00
Josh Cummings
165cbcb723
Write Security Headers Before Servlet Include 
HeaderWriterFilter wraps request dispatcher so it can write security
headers before the include occurs.

Fixes: gh-5499
 2018-10-31 09:32:40 -06:00
Josh Cummings
d99ecc2a7b
Add JDK 11 to Jenkins 
Fixes: gh-5860
 2018-10-26 07:38:55 -06:00
Josh Cummings
ccd2664e6c
JDK 11 Compatibility 
Upgraded dependencies and removed a test in the Java Config LDAP
sample which is arguably an integration test since it starts up an
LDAP container. This test also isn't JDK 11 compatible and the
remaining integration tests in the sample cover the same material.

Issue: gh-5860
 2018-10-26 07:38:31 -06:00
Joe Grandja
b87ff3c00f Remove charset from Accept header in UserInfo request 
Fixes gh-6017
 2018-10-25 14:10:41 -04:00
Joe Grandja
8971777908 Set AuthenticationEventPublisher on each AuthenticationManagerBuilder 
Fixes gh-6009
 2018-10-23 14:41:26 -04:00