c706a103f9
Revert "Lock Dependencies"
...
This reverts commit 1533f098d2
2021-08-16 10:35:39 -03:00
1533f098d2
Lock Dependencies
2021-08-16 09:42:34 -03:00
b0d22d1a03
Revert "Lock Dependencies"
...
This reverts commit eb300c78bd
2021-06-22 10:20:07 -03:00
eb300c78bd
Lock Dependencies
2021-06-21 09:23:19 -03:00
02285708eb
Adjust createNewSessionIfAllowed to prevent NPE
...
Ensure that isTransientAuthentication reuses the same authentication object from saveContext
Closes gh-8947
2021-05-26 15:13:55 -03:00
a85ce9c91f
Add guard around logger.debug statement
...
The log message involves string concatenation, the cost of which
should only be incurred if debug logging is enabled
Issue gh-9648
2021-04-16 10:54:10 -06:00
26c6570b10
Revert "Lock Dependencies"
...
This reverts commit b3250c06a9
2021-04-12 14:42:38 -04:00
b3250c06a9
Lock Dependencies
2021-04-12 14:19:19 -04:00
22d7043d01
Add null check in CsrfFilter and CsrfWebFilter
...
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.
When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.
ZiQiang Zhao<1694392889@qq.com>
Closes gh-9561
2021-04-09 21:55:30 -06:00
71f9876c48
Revert "Lock dependencies"
...
This reverts commit dca4858d81
2021-02-11 13:38:50 -06:00
dca4858d81
Lock dependencies
2021-02-11 13:00:32 -06:00
419839d05c
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 13:00:31 -06:00
38e9e8ca52
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 13:00:31 -06:00
ec8f6014d4
Revert "Lock dependencies"
...
This reverts commit fa5f789beb
2021-02-11 09:51:54 -06:00
fa5f789beb
Lock dependencies
2021-02-11 08:53:40 -06:00
10946e8153
Polish Tests
...
Issue gh-9331
2021-02-03 09:30:27 -07:00
3cb98ebed0
Configure CurrentSecurityContextArgumentResolver BeanResolver
...
Closes gh-9331
2021-02-03 09:24:22 -07:00
e6d6b39767
Constant Time Comparison for CSRF tokens
...
Closes gh-9291
2021-01-20 16:17:25 -06:00
b08075a721
Fix CsrfWebFilter error message when expected CSRF not found
...
Closes gh-9337
2021-01-12 11:30:12 -06:00
7c2010f507
Revert "Lock Dependencies for 5.3.6"
...
This reverts commit a153012056
2020-12-02 19:32:03 -07:00
a153012056
Lock Dependencies for 5.3.6
2020-12-02 16:31:52 -07:00
2dcfda7fac
Revert "Lock Dependencies for 5.3.5.RELEASE"
...
This reverts commit 846a5a962c
2020-10-07 16:39:28 -06:00
846a5a962c
Lock Dependencies for 5.3.5.RELEASE
2020-10-07 13:18:01 -06:00
e44471331b
Create the CSRF token on the bounded elactic scheduler
...
The CSRF token is generated by UUID.randomUUID() which is I/O blocking operation.
This commit changes the subscriber thread to the bounded elactic scheduler.
Closes gh-9018
2020-09-16 09:01:45 -06:00
d8bef76a0f
Unlock dependencies
...
This reverts commit b619d298aa
2020-08-05 18:18:02 +02:00
b619d298aa
Lock Dependencies for 5.3.4.RELEASE
2020-08-05 12:33:31 +02:00
070706d948
LoginPageGeneratingWebFilter honors context path
...
Closes gh-8807
2020-07-07 13:36:35 -05:00
38c1e3ffa8
OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
...
Issue gh-8609
2020-06-09 15:27:32 -04:00
bbd2a9ebae
Revert "Lock Dependencies for 5.3.3.RELEASE"
...
This reverts commit 116bfe01e6
2020-06-03 16:11:59 -06:00
116bfe01e6
Lock Dependencies for 5.3.3.RELEASE
2020-06-03 13:14:07 -06:00
2ebbb6f80a
Mock request with non-standard HTTP method in test
...
Fixes gh-8594
2020-05-26 15:38:53 -04:00
b6efd5ba76
Create the CSRF token on the bounded elactic scheduler
...
The CSRF token is created with a call to UUID.randomUUID which is blocking.
This change ensures this blocking call is done on the bounded elastic scheduler which supports blocking calls.
Fixes gh-8128
2020-05-18 11:05:50 -05:00
9e665388d2
Update AntPathRequestMatcher.java
...
Fixes gh-8512
2020-05-13 17:07:45 -04:00
06a02ed4bb
Fix non-standard HTTP method for CsrfWebFilter
...
Closes gh-8452
2020-05-11 17:28:40 -05:00
413dfc8679
Unlock dependencies
...
This reverts commit a61145f74c
2020-05-06 15:29:45 -04:00
a61145f74c
Lock dependencies for 5.3.2.RELEASE
2020-05-06 15:06:08 -04:00
566c25aa10
Fix example in javadoc of FilterChainProxy
...
Closes gh-8344
2020-04-08 09:12:56 -05:00
a78872f268
Unlock dependencies for 5.3.1.RELEASE
...
This reverts commit 88c02684bb
2020-03-31 17:53:13 -04:00
88c02684bb
Lock dependencies for 5.3.1.RELEASE
2020-03-31 17:28:36 -04:00
0e6e2b2a21
Fix HttpServlet3RequestFactory Logout Handlers
...
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.
This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.
Closes gh-4760
2020-03-30 20:50:12 -05:00
034c23d46c
SwitchUserFilter Defaults to POST
...
Fixes gh-4183
2020-03-27 14:25:28 -06:00
dfa78804a8
Fix exception for empty basic auth header token
...
fixes spring-projectsgh-7976
2020-03-16 16:05:14 -04:00
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
2020-03-04 12:02:48 -07:00
147d7dadd7
Lock dependencies for 5.3.0.RELEASE
2020-03-04 10:28:39 -07:00
2ce9eef95e
Fix typo in AntPathRequestMatcher contructor comment
2020-03-02 07:14:27 -06:00
82cd203791
Remove unnecessary mocking
...
Fixes gh-8012
2020-02-23 19:35:16 -05:00
5bdf57d1e5
Remove Groovy and Spock Dependencies
...
Fixes gh-4939
2020-02-10 10:38:40 -07:00
bae50ecc05
AbstractSecurityWebApplicationInitializerTests groovy->java
...
Issue gh-4939
2020-02-10 10:38:39 -07:00
84b8a5abd7
Unlock dependencies for next development version
...
This reverts commit 064616f1ef
2020-02-05 15:53:04 +01:00
064616f1ef
Lock dependencies for 5.3.0.RC1
2020-02-05 10:20:05 +01:00
Marcus Da Coregio
Craig Andrews
Joe Grandja
佚名
Rob Winch
Josh Cummings
happier233
Rob Winch
Tomoki Tsubaki
Eleftheria Stein
cbornet
Artyom Tarynin
Joe Grandja
Zeeshan Adnan
AmitB