Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-31 06:38:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,577 Commits 48 Branches 362 Tags
Commit Graph

2312 Commits

Author SHA1 Message Date
Spring Operator
2bf126f4cf URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.

* http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated:
   ([https](https://luke.taylor.openid.cn/) result SSLHandshakeException).

# Fixed URLs

## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.

* http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to:
  https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException).
* http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 2 occurrences migrated to:
  https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to:
  https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException).
* http://schema.openid.net/namePerson/friendly (UnknownHostException) with 1 occurrences migrated to:
  https://schema.openid.net/namePerson/friendly ([https](https://schema.openid.net/namePerson/friendly) result UnknownHostException).
* http://somehost/someUrl (UnknownHostException) with 1 occurrences migrated to:
  https://somehost/someUrl ([https](https://somehost/someUrl) result UnknownHostException).
* http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/) result UnknownHostException).
* http://example.net/pkp-report (404) with 1 occurrences migrated to:
  https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404).
* http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to:
  https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng) result 404).
* http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to:
  https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd) result 404).
* http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to:
  https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd) result 404).
* http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to:
  https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller) result 404).

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://raykrueger.blogspot.com/ with 1 occurrences migrated to:
  https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/) result 200).
* http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to:
  https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects) result 200).
* http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to:
  https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd) result 200).
* http://www.springframework.org/dtd/spring-beans.dtd with 4 occurrences migrated to:
  https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 5 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd) result 200).
* http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 20 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 267 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.2.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context.xsd with 6 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd) result 200).
* http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd) result 200).
* http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 10 occurrences migrated to:
  https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security-2.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 266 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200).
* http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd) result 200).
* http://www.springframework.org/schema/tx/spring-tx.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util-3.0.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util.xsd with 4 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 6 occurrences migrated to:
  https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200).
* http://www.headwaysoftware.com with 1 occurrences migrated to:
  https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com) result 301).
* http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to:
  https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302).

# Ignored
These URLs were intentionally ignored.

* http://appengine.google.com/ns/1.0 with 1 occurrences
* http://docbook.org/ns/docbook with 1 occurrences
* http://jakarta.apache.org/log4j/ with 1 occurrences
* http://java.sun.com/xml/ns/javaee with 22 occurrences
* http://www.springframework.org/schema/aop with 14 occurrences
* http://www.springframework.org/schema/beans with 576 occurrences
* http://www.springframework.org/schema/c with 6 occurrences
* http://www.springframework.org/schema/context with 18 occurrences
* http://www.springframework.org/schema/data/jpa with 2 occurrences
* http://www.springframework.org/schema/jdbc with 2 occurrences
* http://www.springframework.org/schema/mvc with 20 occurrences
* http://www.springframework.org/schema/p with 10 occurrences
* http://www.springframework.org/schema/security with 534 occurrences
* http://www.springframework.org/schema/tx with 10 occurrences
* http://www.springframework.org/schema/util with 16 occurrences
* http://www.springframework.org/schema/websocket with 12 occurrences
* http://www.w3.org/1999/xlink with 1 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 299 occurrences
 2019-03-19 17:33:29 -05:00
Spring Operator
b93528138e URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://www.apache.org/licenses/ with 1 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).
 2019-03-14 15:46:20 -05:00
Ankur Pathak
4ff51491d7 fixes setting paramName only when it is not null 
Fixes: gh-6223
 2019-01-10 10:13:44 -06:00
Onur Kagan Ozcan
fe40e6d65a Fix UsernamePasswordAuthenticationTokenDeserializer to handle customized object mapper inclusion settings 
Resolves #4698
 2019-01-07 14:17:24 -06:00
Panayiotis Vlissidis
4123d96cd5 JdbcUserDetailsManager handles extra UserDetails attributes 
Check ResutSetMetaData to see if extra columns are present in order to
also handle the UserDetails attributes: accountNonExpired,
accountNonLocked and credentialsNonExpired.

Fixes gh-4399
 2018-12-21 09:46:17 -06:00
Joe Grandja
be23ab8114 AuthenticationFailureEvent should publish once 
Fixes gh-6281
 2018-12-20 22:40:45 -05:00
finke-ba
b838f7c7b7 Add WebFlux support for spring security web jackson module. 
Fixes: gh-6303
 2018-12-19 10:11:17 -06:00
Robbie Martinus
e60ae4984a Add hasAnyAuthority() and hasAnyRole() in AuthorizeExchangeSpec 
Fixes gh-6306
 2018-12-19 09:55:47 -06:00
finke-ba
9c7cab835f Add conditionally servlet based support for spring security web jackson module. 2018-12-18 14:21:31 -06:00
Richard Valdivieso
cb0ea0241b Spring Security provides a DelegatingSecurityContextRunnable 
abstraction for Runnable that can be used for async and
scheduled tasks. The primary contract for task scheduling is
TaskScheduler and there's no such wrapper available at the moment.

The new DelegatingSecurityContextTaskScheduler class implements
TaskScheduler interface.

Fixes gh-6043
 2018-12-17 14:30:55 -06:00
mibo
60e3bf4093 Add Anonymous Support to AuthenticatedReactiveAuthorizationManager 
Fixes: gh-6235
 2018-12-12 15:48:17 -06:00
ir73
9a357f8cb6 Moved CachingUserDetailsService to spring-core 
Made CachingUserDetailsService constructor public and moved to spring-core to make it easier to configure caching in UserDetailsService

Fixes gh-4139
 2018-12-11 13:22:08 -06:00
Eric Deandrea
4178c92741 Add Reactive Support for UserDetailsChecker 
Integrate UserDetailsChecker into ReactiveAuthenticationManager and
OAuth2 resource server authentication converters.

Fixes gh-6219
 2018-12-11 13:07:40 -06:00
Zhanwei Wang
12ab2cca31 Improve error message for Chinese. 2018-12-06 11:57:21 -06:00
Robbie Martinus
090000c3d2 SessionRegistryImpl uses computeIfAbsent 
Fixes: gh-5834
 2018-12-05 10:26:07 -06:00
dperezcabrera
898d005a53 InMemoryUserDetailsManager.updatePassword case-insenstive 
Previously updatePassword was case sensitive which was
inconsistent with the rest of the class.

This commit updates updatePassword to be case insensitive.

Fixes: gh-6039
 2018-11-09 11:39:58 -06:00
Josh Cummings
7d3302f52b
Polish Test Name 
So that it adheres to methodNameWhenConditionThenVerification naming
convention.

Issue: gh-3743
 2018-10-30 10:20:37 -06:00
Karl Goffin
50d26c9d28
Polish Logging and Tests 
Removing debug statements which would have prematurely terminated the
stream, changing to AssertJ, and adding another test.

Issue: gh-3743
 2018-10-30 10:18:16 -06:00
Karl Goffin
92e68a589a
PostFilter Support for Streams 
Users can return a Stream from a @PostFilter-annotated method.

Fixes: gh-3743
 2018-10-30 10:17:16 -06:00
Joe Grandja
8ef65ce5c5 Set AuthenticationEventPublisher on each AuthenticationManagerBuilder 
Fixes gh-6009
 2018-10-23 14:08:23 -04:00
Joe Grandja
7a94931514 Polish javadoc 2018-10-23 08:45:06 -04:00
Drummond Dawson
818a3506fe Remove unnecessary concatenation of sql in JdbcUserDetailsManager 2018-10-19 15:30:03 -05:00
Joe Grandja
0b3aa2ce24 Update Security version to 5.2 2018-10-17 14:52:06 -04:00
Johnny Lim
68ffa0fece Add a missing space in Secured.value() signature 2018-10-03 14:47:48 -04:00
John Lin
69b71ee0ed Remove unused variables in ConsensusBased and UnanimousBased 2018-09-21 08:12:40 -05:00
John Lin
f5e2ca1b6e Fix truncated javadoc for Secured 
Fixes: gh-5861
 2018-09-18 21:34:02 -05:00
Vedran Pavic
cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
Johnny Lim
68878a1675 Replace isEqualTo(null) with isNull() 2018-08-09 18:04:48 -06:00
Rob Winch
d595098823 Rename @TransientAuthentication to @Transient 
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
 2018-07-16 11:31:10 -05:00
Rob Winch
ed3ed5e64c Rename @TransientAuthentication to @Transient 
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
 2018-07-16 11:17:08 -05:00
Josh Cummings
3c46727be1 Transient Authentication Tokens 
This commit introduces support for transient authentication tokens
which indicate to the filter chain, specifically the
HttpSessionSecurityContextRepository, whether or not the token ought
to be persisted across requests.

To leverage this, simply annotate any Authentication implementation
with @TransientAuthentication, extend from an Authentication that uses
this annotation, or annotate a custom annotation.

Implementations of SecurityContextRepository may choose to not persist
tokens that are marked with @TransientAuthentication in the same way
that HttpSessionSecurityContextRepository does.

Fixes: gh-5481
 2018-07-16 10:40:45 -05:00
Rob Winch
a66b945ab7 Configuration for ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:08:06 -05:00
Rob Winch
72a267a311 UserDetailsRepositoryReactiveAuthenticationManager uses ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:08:01 -05:00
Rob Winch
ed8218a2b0 ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:07:53 -05:00
Rob Winch
7aaf70d582 DaoAuthenticationProvider supports password upgrades 
Issue: gh-2778
 2018-07-15 14:56:45 -05:00
Rob Winch
cabd0a5579 UserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 14:54:20 -05:00
Rob Winch
86b5150d88 Spring Version null for NullPointerException 2018-07-14 22:21:10 -05:00
Rob Winch
d9d9879909 Add JdbcUserDetailsManager(DataSource) constructor 
Fixes: gh-5512
 2018-07-13 15:59:13 -05:00
Rob Winch
4d1c8f26c5 Add DelegatingReactiveAuthenticationManager 
Fixes: gh-5448
 2018-06-18 16:03:41 -05:00
Rob Winch
bb11a81857 Add UserDetailsRepositoryReactiveAuthenticationManager.setScheduler 
Fixes: gh-5417
 2018-06-11 14:30:29 -05:00
Rob Winch
8fa6dd0f5b Revert "Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677" 
This reverts commit d4e459874a2d6c58f822dd8d907870954167641e.
 2018-05-11 04:19:50 -05:00
이경욱
26bc6be850 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
이경욱
6adbe8dae0 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
Kazuki Shimizu
8d716f75a4 Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:49:25 -05:00
Rob Winch
0a5da93640 Improve PasswordEncoder deprecated notices 
Fixes: gh-5296
 2018-05-03 15:13:06 -05:00
Joe Grandja
d4e459874a Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:38:37 -04:00
Rob Winch
fb7394c1de Polish Javadoc 
Fixes: gh-5186
 2018-03-29 15:33:57 -05:00
Christoph Dreis
d07cfe655d Use Supplier variants of Assert methods 2018-03-27 10:58:55 -05:00
Rob Winch
b1d013e8f0 Fix JDK 9 
Issue: gh-5160
 2018-03-27 09:30:56 -05:00
Alter Ego
0e37c0912e Update User.java 
fixed a typo; replaced "User.witUsername("user")" with "User.withUsername("user")"
 2018-03-22 08:19:44 -05:00