spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00

Author	SHA1	Message	Date
Rob Winch	c79ebf4edf	Setup Forward Merge	2022-08-22 16:19:44 -05:00
Marcus Da Coregio	a8d6c1d21f	Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService Closes gh-11449 Closes gh-11726	2022-08-19 09:58:22 -03:00
Marcus Da Coregio	c7912c551b	Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService Closes gh-11449 Closes gh-11726	2022-08-19 09:51:53 -03:00
Steve Riesenberg	7c7f9380c7	Refresh remote JWK when unknown KID error occurs Closes gh-11621	2022-08-18 16:54:45 -05:00
tinolazreg	888715bbb2	Add tests for unknown KID error Issue gh-11621	2022-08-18 16:54:45 -05:00
Steve Riesenberg	53a3ff8932	Refresh remote JWK when unknown KID error occurs Closes gh-11621	2022-08-18 16:53:45 -05:00
tinolazreg	77d11a3f9f	Add tests for unknown KID error Issue gh-11621	2022-08-18 16:53:44 -05:00
jujunChen	13feb87171	Modify words - <dependencyManagement> to dependencyManagement - pom.xml to build.gradle	2022-08-16 14:51:36 -06:00
jujunChen	d93bde7465	Modify words - <dependencyManagement> to dependencyManagement - pom.xml to build.gradle	2022-08-16 14:51:06 -06:00
Rob Winch	faf9fb7337	NamespaceLdapAuthenticationProviderTests use Dynamic Port Closes gh-11710	2022-08-15 15:26:46 -05:00
Rob Winch	9f00045638	NamespaceLdapAuthenticationProviderTests use Dynamic Port Closes gh-11710	2022-08-15 15:26:30 -05:00
Rob Winch	f33d7253b6	GitHubMilestoneApiTests due_on Uses LocalDate `GitHubMilestoneApiTests` uses `Instant.now()` for `due_on`. Since `Instant.now()` is UTC time based, `isMilestoneDueTodayWhenDueTodayThenTrue` fails when the computer that runs the test is not the same day as it is in UTC time. To fix it, `due_on` should be set to an `Instant` based upon the timezone of the current computer. Closes gh-11706	2022-08-15 13:04:29 -05:00
Rob Winch	d8ae2c8763	GitHubMilestoneApiTests due_on Uses LocalDate `GitHubMilestoneApiTests` uses `Instant.now()` for `due_on`. Since `Instant.now()` is UTC time based, `isMilestoneDueTodayWhenDueTodayThenTrue` fails when the computer that runs the test is not the same day as it is in UTC time. To fix it, `due_on` should be set to an `Instant` based upon the timezone of the current computer. Closes gh-11706	2022-08-15 13:03:10 -05:00
github-actions[bot]	db74e9d128	Next development version	2022-08-15 16:07:33 +00:00
github-actions[bot]	c188b70c88	Next development version	2022-08-15 16:06:45 +00:00
github-actions[bot]	4559d269e0	Release 5.6.7 5.6.7	2022-08-15 15:25:05 +00:00
github-actions[bot]	173d74d693	Release 5.7.3 5.7.3	2022-08-15 15:24:54 +00:00
Josh Cummings	66cb3e02d0	Update org.springframework.data to 2021.2.2 Closes gh-11698	2022-08-11 14:20:52 -06:00
Josh Cummings	74675ef793	Update org.springframework to 5.3.22 Closes gh-11697	2022-08-11 14:20:48 -06:00
Josh Cummings	a92ac82c4b	Update jsonassert to 1.5.1 Closes gh-11696	2022-08-11 14:20:45 -06:00
Josh Cummings	db638c2a77	Update org.jetbrains.kotlinx to 1.6.4 Closes gh-11695	2022-08-11 14:20:41 -06:00
Josh Cummings	f884527c1b	Update hibernate-entitymanager to 5.6.10.Final Closes gh-11694	2022-08-11 14:20:38 -06:00
Josh Cummings	dbd174418f	Update org.eclipse.jetty to 9.4.48.v20220622 Closes gh-11693	2022-08-11 14:20:35 -06:00
Josh Cummings	2eeee99d2e	Update io.projectreactor to 2020.0.22 Closes gh-11691	2022-08-11 14:20:28 -06:00
Josh Cummings	e8c56420bf	Update mockk to 1.12.5 Closes gh-11690	2022-08-11 14:20:24 -06:00
Marcus Da Coregio	627809d2dc	Update org.springframework.data to 2021.1.6 Closes gh-11686	2022-08-10 14:52:51 -03:00
Marcus Da Coregio	4b1d7e9479	Update org.springframework to 5.3.22 Closes gh-11685	2022-08-10 14:52:51 -03:00
Marcus Da Coregio	d9980a4dfe	Update jsonassert to 1.5.1 Closes gh-11684	2022-08-10 14:52:51 -03:00
Marcus Da Coregio	8eb7e589eb	Update hibernate-entitymanager to 5.6.10.Final Closes gh-11683	2022-08-10 14:52:51 -03:00
Marcus Da Coregio	0d7dce9d71	Update org.eclipse.jetty to 9.4.48.v20220622 Closes gh-11682	2022-08-10 14:52:51 -03:00
Marcus Da Coregio	da09788be9	Update io.projectreactor to 2020.0.22 Closes gh-11680	2022-08-10 14:52:51 -03:00
Marcus Da Coregio	ead587c597	Consistently handle RequestRejectedException if it is wrapped Closes gh-11645	2022-08-09 08:32:42 -03:00
Marcus Da Coregio	6a2ca52aae	Consistently handle RequestRejectedException if it is wrapped Closes gh-11645	2022-08-09 08:32:10 -03:00
Rob Winch	269c711a64	RequestAttributeSecurityContextRepository never null SecurityContext Previously loadContext(HttpServletRequest) could return a Supplier that returned a null SecurityContext This commit ensures that null is never returned by the Supplier by returning SecurityContextHolder.createEmptyContext() instead. Closes gh-11606	2022-08-08 13:52:56 -05:00
Steve Riesenberg	99f768bab9	Polish HttpSecurity	2022-07-29 17:43:00 -05:00
Steve Riesenberg	984355e637	Remove references to WebSecurityConfigurerAdapter * AbstractAuthenticationFilterConfigurer * DefaultLoginPageConfigurer * EnableGlobalAuthentication * FormLoginConfigurer * HeadersConfigurer * HttpSecurity * OpenIDLoginConfigurer * RememberMeConfigurer * WebSecurity * WebSecurityConfiguration * WebSecurityConfigurer * X509Configurer Closes gh-11288	2022-07-29 17:43:00 -05:00
Steve Riesenberg	09173c95d6	Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity Closes gh-11277	2022-07-29 17:43:00 -05:00
Steve Riesenberg	02459919cc	Skip workflows on forks of spring-security	2022-07-28 15:13:56 -05:00
Steve Riesenberg	57d212ddca	Use cache and user.name system property on Windows	2022-07-28 15:13:55 -05:00
Steve Riesenberg	539b17f6da	Only run prerequisites job if on upstream repo	2022-07-28 15:13:54 -05:00
Steve Riesenberg	37e1ad27fe	Simplify dependency graph	2022-07-28 15:13:53 -05:00
Steve Riesenberg	043fdd6f03	Use Spring Gradle Build Action Closes gh-11630	2022-07-28 15:13:52 -05:00
Steve Riesenberg	3234e05085	Polish gh-11367	2022-07-28 15:13:51 -05:00
naveen	f957e3c051	Set permissions for GitHub actions Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com> Closes gh-11367	2022-07-28 15:13:51 -05:00
Steve Riesenberg	24033be046	Skip workflows on forks of spring-security	2022-07-28 15:11:09 -05:00
Steve Riesenberg	47a5665767	Use cache and user.name system property on Windows	2022-07-28 15:11:08 -05:00
Steve Riesenberg	aad60cc6af	Only run prerequisites job if on upstream repo	2022-07-28 15:11:07 -05:00
Steve Riesenberg	13e94935ae	Simplify dependency graph	2022-07-28 15:11:06 -05:00
Steve Riesenberg	6c29007fac	Use Spring Gradle Build Action Closes gh-11630	2022-07-28 15:11:05 -05:00
Steve Riesenberg	6ad567f0fa	Polish gh-11367	2022-07-28 15:11:05 -05:00

... 2 3 4 5 6 ...

11509 Commits