6792 Commits

Author SHA1 Message Date
Rob Winch
2f441f18e6 Make MIN_SPRING_VERSION Dynamic
Fixes: gh-5065

# Conflicts:
#	core/src/main/java/org/springframework/security/core/SpringSecurityCoreVersion.java
2018-05-03 11:01:27 -05:00
Joe Grandja
a7de1e363f OAuth2LoginAuthenticationFilter should handle null ClientRegistration
Fixes gh-5251
2018-05-02 20:31:59 -04:00
Rob Winch
32f5fb5eb2 ExceptionTranslationFilter does not handle committed responses
Fixes: gh-5273
2018-04-30 16:50:02 -05:00
Rob Winch
f7f6798f71 DefaultWebSecurityExpressionHandler uses PermissionEvaluator Bean
The default instance of DefaultWebSecurityExpressionHandler uses the
PermissionEvaluator Bean by default.

Fixes: gh-5272
2018-04-30 12:16:34 -05:00
Joe Grandja
0b72f93027 WebSecurityConfigurationTests groovy->java
Issue: gh-4939
2018-04-30 11:43:30 -05:00
Rob Winch
5b751baf61 Fixes: gh-5190 2018-04-16 17:52:55 -05:00
Joe Grandja
ec9ab1965a Next Development Version 2018-04-04 13:36:28 -04:00
Joe Grandja
30aede82da Release 5.0.4.RELEASE 5.0.4.RELEASE 2018-04-04 13:03:55 -04:00
Joe Grandja
2686452b99 Update to aspectjtools:1.9.0
Fixes gh-5211
2018-04-04 13:00:46 -04:00
Joe Grandja
7e470ff5bd Update to aspectjrt:1.9.0
Fixes gh-5210
2018-04-04 12:59:09 -04:00
Joe Grandja
df6a6e5991 Update to Reactor Bismuth SR8
Fixes gh-5209
2018-04-04 12:53:54 -04:00
Joe Grandja
1500a22439 Update to Spring Data Kay SR6
Fixes gh-5167
2018-04-04 10:31:04 -04:00
Joe Grandja
64cb256bb9 Update to Spring Framework 5.0.5
Fixes gh-5166
2018-04-04 10:27:43 -04:00
Joe Grandja
e6d68acfd6 Fix NPE with exp claim in NimbusJwtDecoderJwkSupport
Fixes gh-5168
2018-04-04 09:02:05 -04:00
Joe Grandja
bc2a7ac394 ClaimAccessor.getClaimAsInstant() converts Long or Date
Fixes gh-5191, Fixes gh-5192
2018-04-04 04:57:36 -04:00
Joe Grandja
55019b2f0b Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:16:50 -04:00
Rob Winch
151b545ed0 Polish Javadoc
Fixes: gh-5186
2018-03-29 15:33:31 -05:00
Rob Winch
c67ce144b9 Polish HeadersSpec
Fixes: gh-5187
2018-03-29 15:33:31 -05:00
Rob Winch
6729c39905 Fix JDK 9
Issue: gh-5160
2018-03-28 15:00:41 -05:00
Rob Winch
197439f9e1 Update to mockito 2.17.0
Fixes: gh-5181
2018-03-28 14:42:43 -05:00
Rob Winch
70a11267fa Update to hibernate-validator:6.0.9.Final
Fixes: gh-5180
2018-03-28 14:42:35 -05:00
Rob Winch
4e0c165d47 Update to hibernate-entitymanager:5.2.16.Final
Fixes: gh-5178
2018-03-28 14:42:09 -05:00
Rob Winch
93844b1823 Update to assertj 2.9.1
Fixes: gh-5177
2018-03-28 14:32:49 -05:00
Rob Winch
a30b3321c4 Update to thymeleaf-layout-dialect:2.3.0
Fixes: gh-5176
2018-03-28 14:32:30 -05:00
Rob Winch
ffb8c1978a Update to unbounded 4.0.5
Fixes: gh-5175
2018-03-28 14:32:13 -05:00
Rob Winch
4722ab21bf Update to oauth2-oidc-sdk:5.57
Fixes: gh-5179
2018-03-28 14:32:07 -05:00
Rob Winch
335735e227 Update to nimbus-jose-jwt:5.9
Fixes: gh-5174
2018-03-28 14:31:47 -05:00
Rob Winch
501269a51f Update to appengine 1.9.63
Fixes: gh-5173
2018-03-28 14:30:57 -05:00
Rob Winch
6b58218256 Update to Jackson 2.9.5
Fixes: gh-5172
2018-03-28 14:30:48 -05:00
Rob Winch
de1137fc5e Update mockwebserver 3.10.0
Fixes: gh-5171
2018-03-28 14:30:36 -05:00
Rob Winch
e68657216c Fixes for SPR-16624
Fixes: gh-5165
2018-03-27 22:36:03 -05:00
Rob Winch
bfada59a1e CookieClearingLogoutHandler adds uses contextPath + "/"
Fixes: gh-5140
2018-03-19 16:50:48 -05:00
Rob Winch
bc17860cb6 Fix ReactorContextTestExecutionListener with custom SecurityContext
Fixes: gh-5139
2018-03-19 09:33:34 -05:00
Oleh Dokuka
5e351a4f75 ReactorContextTestExecutionListener with multiple Threads
Fixes: gh-5138
2018-03-19 09:32:36 -05:00
Rob Winch
0458ca88e6 Relax assertions in HeaderSpecTests
Fixes: gh-5117
2018-03-15 08:31:21 -05:00
Rob Winch
a7a71d6cef Fix @since on GlobalAuthenticationConfigurerAdapter
Fixes: gh-5109
2018-03-13 14:25:40 -05:00
Josh Cummings
a7f180b2c7 Authorities authenticate TestingAuthenticationToken
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5098
2018-03-09 13:26:36 -06:00
Josh Cummings
87f266133b Update to Spring Boot 2.0.0.RELEASE
Fixes: gh-5091
2018-03-09 09:45:20 -06:00
Rob Winch
8f8deac0f4 Fix StrictHttpFirewall rules
Fixes: gh-5092
2018-03-08 21:29:31 -06:00
Vedran Pavic
9830d01acc Upgrade Nimbus JOSE + JWT to 5.6
Fixes: gh-5089
2018-03-08 16:43:05 -06:00
Vedran Pavic
d8fea5c6f1 Upgrade Nimbus OAuth + OIDC SDK to 5.56
Fixes: gh-5088
2018-03-08 16:42:54 -06:00
Rob Winch
4d410b0b61 Polish Javadoc HttpStatusServerAccessDeniedHandler 2018-03-07 12:34:15 -06:00
Rob Winch
24a4fbfe56 HttpStatusServerAccessDeniedHandler use injected HttpStatus
Fixes: gh-5078
2018-03-07 12:28:45 -06:00
Josh Cummings
d5d1c30d1d Update to Gradle 4.6
Only thing of interest really is that the Jacoco Gradle plugin was bumped
to 0.8.0, which requires org.ow2.asm:asm:6.0.

Fixes: gh-5077
2018-03-06 20:27:31 -06:00
Johnny Lim
d316803596 Polish DaoAuthenticationProviderTests 2018-03-02 08:55:37 -06:00
Josh Cummings
1ed51033cc Migrate config-debug groovy->java
All tests in `org.springframework.security.config.debug` are migrated.

Note that `SecurityDebugBeanFactoryPostProceessorTest` preserves the original structure-verifying strategy used in the Groovy test. Verifying debug behavior turns out to be fairly tricky since being behaviorally invisible is in its nature.

Issue: gh-4939
2018-03-02 08:55:07 -06:00
Vedran Pavic
b8ae110b7b Upgrade Nimbus JOSE + JWT to 5.5 2018-03-02 08:48:16 -06:00
Rob Winch
458b571d02 Next Development Version 2018-02-28 08:36:16 -06:00
Rob Winch
ce8bea69ae Release 5.0.3.RELEASE 5.0.3.RELEASE 2018-02-28 07:05:44 -06:00
Rob Winch
ab5a760380 Update to Spring Data Kay SR5
Fixes: gh-5049
2018-02-28 07:05:08 -06:00