1ca4781923
Merge branch '6.0.x'
2023-02-14 08:25:29 -07:00
8ca726f4fa
Specify query string
...
Issue gh-12665
2023-02-14 08:24:07 -07:00
e7d65966fd
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12671
2023-02-14 08:01:31 -07:00
0d4c619648
Include continue in query string
...
Closes gh-12665
2023-02-14 08:00:19 -07:00
073dab3bf6
Refactor SavedCookie for Cookie's deprecated method
...
Closes gh-12454
2023-02-01 12:33:45 -07:00
a855b33535
fix typo in RememberMeAuthenticationFilter
2023-02-01 12:33:45 -07:00
6abbdd3654
Merge branch '6.0.x'
2023-01-26 15:55:41 -06:00
1363a4eece
Merge branch '5.8.x' into 6.0.x
2023-01-26 15:44:47 -06:00
c306df9b46
Add XorCsrfChannelInterceptor
...
Issue gh-12378
2023-01-23 16:00:35 -06:00
879770a0f6
Polish AbstractAuthenticationTargetUrlHandler
...
Issue gh-12344
2023-01-18 08:30:57 -07:00
6b8a778da8
Rework determineTargetUrl for Readability
...
Closes gh-12344
2023-01-18 08:30:57 -07:00
58e948a781
Test AbstractAuthenticationTargetUrlRequestHandler
...
Issue gh-12344
2023-01-18 08:30:57 -07:00
62b58d2c92
Polish gh-12530
2023-01-17 15:05:56 -06:00
c77c76e722
Relax final modifiers on AbstractRememberMeServices methods
...
Closes gh-12145
2023-01-17 15:05:09 -06:00
f9d674cb10
Merge branch '6.0.x'
...
Closes gh-12525
2023-01-11 10:14:01 -07:00
4d2dab9b6b
Lookup Parent Observation
...
Closes gh-12524
2023-01-11 10:13:33 -07:00
5f89f39627
Merge branch '6.0.x'
...
Closes gh-12515
2023-01-10 11:34:34 -06:00
4e80338a9b
Polish gh-12466
2023-01-10 11:31:51 -06:00
2c8854bb7f
Adjusts setRequestHandler javadoc in CsrfFilter
...
Adjusts setRequestHandler method javadoc in CsrfFilter class to reflect
changes in 6.0.
In 6.0, the default CsrfTokenRequestHandler changed to
XorCsrfTokenRequestAttributeHandler, however, the javadoc for the
setRequestHandler method still said it was
CsrfTokenRequestAttributeHandler.
This change adjusts the information to make it more accurate, because,
although XorCsrfTokenRequestAttributeHandler is a subclass of
CsrfTokenRequestAttributeHandler, the behavior is quite different.
Closes gh-12464
2023-01-10 11:31:51 -06:00
556891b4fa
Merge branch '6.0.x'
...
Closes gh-12512
2023-01-10 09:43:05 -03:00
d1fc789ae2
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12511
2023-01-10 09:42:48 -03:00
ae46032ced
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12510
2023-01-10 09:39:40 -03:00
ffdb397830
Save the SecurityContext when switching user
...
Closes gh-12504
2023-01-10 09:27:56 -03:00
f3ce04e59a
Merge branch '6.0.x'
...
Closes gh-12493
2023-01-06 11:15:03 -07:00
c308e4665a
Polish Event Name
...
Provide a name with no spaces separate from the human-friendly
one with spaces.
Closes gh-12490
2023-01-06 11:13:11 -07:00
c0fe74869f
Merge branch '6.0.x'
...
Closes gh-12484
2023-01-04 10:54:10 -07:00
27b3f4d403
Adjusts setRequestHandler javadoc in CsrfWebFilter
...
Adjusts setRequestHandler method javadoc in CsrfWebFilter class to reflect changes in 6.0.
In 6.0, the default ServerCsrfTokenRequestHandler changed to XorServerCsrfTokenRequestAttributeHandler, however, the javadoc for the setRequestHandler method still said it was ServerCsrfTokenRequestAttributeHandler.
This change adjusts the information to make it more accurate, because, although XorServerCsrfTokenRequestAttributeHandler is a subclass of ServerCsrfTokenRequestAttributeHandler, the behavior is quite different.
Closes gh-12465
2023-01-04 10:53:47 -07:00
c2d0ea3694
Merge branch '6.0.x'
...
Closes gh-12369
2022-12-12 16:55:32 -03:00
898c36287c
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12368
2022-12-12 16:55:14 -03:00
99d6d21554
Apply SecurityContextHolderFilter to all dispatcher types
...
Closes gh-11962
2022-12-12 11:45:24 -08:00
886d1ffec2
Remove Deprecated Usage
...
Issue gh-12086
2022-12-05 11:00:57 -07:00
8ef2fc3837
Format
...
Issue gh-12086
2022-12-05 10:51:42 -07:00
8717b7544a
Perform JUnit 5 clean up tasks
...
- For CookieCsrfTokenRepositoryTests and
CookieServerCsrfTokenRepositoryTests
Issue gh-12086
2022-12-05 10:51:41 -07:00
b79ba89eeb
Add setCookieCustomizer to csrf token repository
...
- Mark setCookieHttpOnly, setCookieDomain, setCookieMaxAge and
setSecure as deprecated.
- Add the method setCookieCustomizer which allows to set properties
to the ResponseCookieBuilder without having to add new setter methods.
Closes gh-12086
2022-12-05 10:51:40 -07:00
701f754e37
Cast FilterChainObservationContext Safely
...
Closes gh-12268
2022-11-29 16:24:56 -07:00
fd547321e8
Default to XorCsrfTokenRequestAttributeHandler
...
As of gh-11960, Xor CSRF tokens are the default in 6.0. This commit
makes CsrfAuthenticationStrategy consistent with CsrfFilter.
Issue gh-11960
Closes gh-12235
2022-11-18 22:50:26 -06:00
5da78f44f2
Merge branch '5.8.x'
2022-11-18 14:54:33 -06:00
2ed7cff643
Check for existing token before clearing
...
Closes gh-12236
2022-11-18 13:12:59 -06:00
24860d9fb0
Observe Filter Start and Stop
...
Issue gh-11911
2022-11-17 15:11:29 -07:00
e08ed89403
Polish Span and Meter Names
...
Closes gh-12156
2022-11-17 15:09:52 -07:00
063f06e7bf
Register FilterChainProxy for all dispatcher types
...
Closes gh-12180
2022-11-16 09:55:21 -03:00
1a3be83084
Merge branch '5.8.x'
...
Closes gh-12185
2022-11-09 12:28:37 -06:00
57b163bb78
Polish gh-12141
2022-11-09 12:19:43 -06:00
2a261e0583
Add Jakarta WebSocket 2.1 test dependency to spring-security-web
...
Issue gh-12148
2022-11-08 09:54:34 -03:00
3b5d19c8a4
Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1
...
Closes gh-12146
Closes gh-12148
2022-11-08 08:34:21 -03:00
36f668dd9c
Merge branch '5.8.x'
...
Closes gh-12142
2022-11-04 18:12:34 -05:00
6b0ed0205b
Re-generate tokens in CookieCsrfTokenRepository
...
Fixes support for re-generating tokens within a request such as when
CsrfAuthenticationStrategy removes a null token and saves an empty
cookie value on the response.
Closes gh-12141
2022-11-04 18:10:15 -05:00
801ceb0832
Merge branch '5.8.x'
2022-10-31 08:58:14 -05:00
66f2f1cde7
Merge branch '5.7.x' into 5.8.x
2022-10-31 08:55:03 -05:00
2915a70bf7
Merge branch '5.6.x' into 5.7.x
2022-10-28 13:05:48 -05:00
Josh Cummings
twosom
Steve Riesenberg
Dayan Kodippily
Onur Kagan Ozcan
Wellington Domiciano
Marcus Da Coregio
Alex Montoya