Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,016 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

6016 Commits

Author SHA1 Message Date
borlafu 8a458eb9e1 Avoid multiple X-Frame-Options headers 
XFrameOptionsHeaderWriter should not *add*, but *set* the
X-Frame-Options header. According to
https://tools.ietf.org/html/rfc7034#section-2.1, having
multiple values for the header is disallowed:

"There are three different values for the header field.
These values are mutually exclusive; that is, the header
field MUST be set to exactly one of the three values."

With this change, only the latest XFrameOptionsHeaderWriter
will remain.
 2017-03-08 15:49:18 -06:00
Rob Winch d2524eadfc Update poms to new to SNAPSHOT version 2017-03-02 09:20:34 -06:00
Spring Buildmaster db08be05ee Next development version 2017-03-02 07:29:50 +00:00
Spring Buildmaster 081f0c4d94 Release version 4.2.2.RELEASE 2017-03-02 07:29:42 +00:00
Rob Winch 247f54dc41 Fix SwitchUserFilter.setSwitchFailureUrl assertion 
Fixes gh-4198
 2017-03-02 00:47:09 -06:00
Rob Winch 017e9834bd Fix NPE in UrlUtils with null url 
Fixes gh-4233
 2017-03-02 00:46:01 -06:00
Rob Winch 49719480a8 Fix configuration-source-ref doc 
Fixes gh-4200
 2017-03-02 00:25:51 -06:00
Rob Winch f3edaa673a Fix SecurityNamespaceHandler Version Error Message 
Fixes gh-4210
 2017-03-02 00:25:51 -06:00
pkovacs f99fe36e02 Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl 
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.

Fixes gh-4163.
 2017-03-02 00:09:14 -06:00
Joris Kuipers 546d44d6e7 Fix NPE in WebSocketMessageBrokerSecurityBeanDefinitionParser 
Fixes gh-4112
Closes gh-4194
 2017-03-01 23:58:02 -06:00
stonio 901a4e183a Update SecurityContextHolder.java 
Use StringUtils.hasText
 2017-03-01 23:54:04 -06:00
Artyom Kosykh 72d08a2a5f Fix index.adoc typo 2017-03-01 23:45:50 -06:00
Kazuki Miyahara 2ac51c9c7f Fix class name in comment 2017-03-01 23:31:32 -06:00
Rob Winch b64cdb5765 Fix RoleHiearchyUtilsTests on Windows 
Fixes gh-4228
 2017-03-01 23:27:11 -06:00
pkovacs aa31f1f695 Update required JDK version to JDK8 
Fixes gh-4154.
 2017-03-01 23:18:50 -06:00
Eddú Meléndez 8353984733 Fix warning from spring-boot plugin 2017-03-01 23:13:56 -06:00
SendilKumar N c31bdb6390 SCryptPasswordEncoder to take default keyLength value 
Fixes gh-4225
Closes gh-4231
 2017-03-01 23:11:52 -06:00
Rob Winch 168f4b8f70 Prevent Duplicate Cache Headers 
Fixes gh-4199
 2017-03-01 16:14:12 -06:00
Rob Winch 9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Rob Winch 4c79107e01 Force mockito-core version 2017-01-09 15:30:50 -06:00
Rob Winch 3f543d0fbd Use anyListOf 
Fixes compatability with Spring IO Cairo
 2017-01-09 13:08:45 -06:00
Rob Winch 08104eb06c Add eclipseConfiguration Gradle task 2017-01-05 11:43:33 -06:00
Rob Winch b54d350e54 AspectJ fixes for Spring IO 2017-01-05 11:43:33 -06:00
Rob Winch b5e0886bde update to spring-io-plugin:0.0.6 
- Update spring-io-plugin
- Update Spring Boot because spring-io-plugin now requires
  non passive dependency management plugin
 2017-01-05 11:42:48 -06:00
Kazuki Shimizu 38492a5794 Add since version in javadoc 
Issue: gh-4130
 2016-12-21 16:12:39 -06:00
Spring Buildmaster b7541d56d0 Next development version 2016-12-21 17:23:37 +00:00
Spring Buildmaster 7a7ce11ebb Release version 4.2.1.RELEASE 2016-12-21 17:23:28 +00:00
Eddú Meléndez 028854b936 Add HttpSessionRequestCache sessionAttrName property 
This commit allows to customize the session attribute name. Default is
SPRING_SECURITY_SAVED_REQUEST.

Fixes gh-4130
 2016-12-21 10:22:09 -06:00
stonio aa5df61eff Fix index.adoc typo 2016-12-21 10:19:51 -06:00
stonio 6df5b76f24 Fix test.adoc typo 2016-12-21 10:19:51 -06:00
stonio c8ed130008 Fix websocket.adoc typo 2016-12-21 10:19:51 -06:00
Rob Winch d39f3385b6 Polish DefaultHttpFirewallTests 
Issue gh-4169
 2016-12-21 09:29:23 -06:00
Rob Winch 6bec625e68 Update to Spring 4.3.5.RELEASE 
Fixes gh-4167
 2016-12-21 09:04:16 -06:00
Rob Winch 666e356ebc Block URL Encoded "/" in DefaultHttpFirewall 
Fixes gh-4169
 2016-12-21 09:04:00 -06:00
Rob Winch fc516b55a6 Fix Build Against Spring 5.0.0.BUILD-SNAPSHOT 
Change Bean definition to static to avoid SPR-12646

Fixes gh-4150
 2016-12-08 15:54:46 -06:00
Rob Winch bb834bccf6 Polish Exception Message 
Polish Exception message for bad salt in BCrypt

Issue gh-4147
 2016-12-06 08:45:08 -06:00
Jan Brennenstuhl 09436649cc handling null-values for salts properly now - fixes gh-4147 2016-12-06 08:43:19 -06:00
Johnny Lim f94399cff9 Polish 2016-11-17 09:49:41 -06:00
Dapeng 94fb1893de fix typo "RemoteIpValve" 2016-11-16 14:13:53 -06:00
Johnny Lim 3185876a7d Remove dead code in AclAuthorizationStrategyImplTests 2016-11-14 10:18:58 -06:00
Spring Buildmaster 2cb38ae115 Next development version 2016-11-09 23:42:16 +00:00
Spring Buildmaster 24fcb6c45a Release version 4.2.0.RELEASE 2016-11-09 23:42:11 +00:00
Rob Winch a9024de734 Polish Spring Version Update 
Fix related tests.

Issue gh-4123
 2016-11-09 17:05:25 -06:00
Rob Winch fd9f57eb5f Update What's New changelogs 2016-11-09 17:00:09 -06:00
Rob Winch 7259759f8d Update to Spring LDAP 2.2.0.RELEASE 
Fixes gh-4124
 2016-11-09 16:55:19 -06:00
Rob Winch 14e5e06ae0 Update to Spring 4.3.4.RELEASE 
Fixes gh-4123
 2016-11-09 16:55:19 -06:00
Rob Winch 697daeab7c Add Jackson2 Support for PreAuthenticatedAuthenticationToken 
Fixes gh-4120
 2016-11-09 16:55:10 -06:00
Rob Winch f97f38fd57 jacksonDatavindVersion->jacksonDatabindVersion 
Issue gh-4122
 2016-11-09 16:46:38 -06:00
Rob Winch a853d38076 Update to Jackson 2.8.4 
Fixes gh-4122
 2016-11-09 16:42:41 -06:00
Rob Winch f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00