Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-21 22:05:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,520 Commits 33 Branches 337 Tags
Commit Graph

947 Commits

Author SHA1 Message Date
Joe Grandja
9a8ddebc94 Use param matching for Authorization Response 
Fixes gh-4576
 2017-09-28 10:21:01 -04:00
Joe Grandja
8448a54678 Remove ClientRegistrationRepository.getRegistrations() 
Fixes gh-4582
 2017-09-28 07:02:59 -04:00
Joe Grandja
b463f8e6b5 Remove httpSecurity.oauth2Login().userInfoEndpoint().userNameAttributeName() 
Related gh-4580
 2017-09-27 15:39:39 -04:00
Joe Grandja
814742fef6 Rename ClientRegistration.clientAlias -> registrationId 
Fixes gh-4575
 2017-09-27 09:14:55 -04:00
Joe Grandja
38be35677d Add userNameAttributeName to ClientRegistration 
Fixes gh-4580
 2017-09-26 21:55:19 -04:00
Joe Grandja
0e9b2807bf Split up NimbusOAuth2UserService 
Fixes gh-4447
 2017-09-26 11:32:49 -04:00
Rob Winch
6d26b86792 Add UserDetailsRepositoryResourceFactoryBean.fromString 
Fixes gh-4566
 2017-09-22 20:18:59 -05:00
Rob Winch
a4c2073bcd Add UserDetailsManagerResourceFactoryBean.fromString 
Fixes gh-4567
 2017-09-22 20:18:59 -05:00
Rob Winch
bc99f8aff3 Add UserDetailsResourceFactoryBean.fromString 
Fixes gh-4568
 2017-09-22 20:18:59 -05:00
Stephan Schroevers
9e719bc313 Drop the aopalliance:aopalliance dependency 
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.

This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)

The documentation is updated accordingly.

[1] https://jira.spring.io/browse/SPR-13984
 2017-09-22 11:11:04 -05:00
Joe Grandja
8521ca8f94 Polish gh-4560 2017-09-21 17:21:41 -04:00
Joe Grandja
baa3b6f258 Add utility for loading properties of client types 
Fixes gh-4560
 2017-09-20 22:50:19 -04:00
Rob Winch
8a66d0c78d Polish PermissionEvaluator Autowired into Web Security 
Issue gh-4077
 2017-09-18 16:53:19 -05:00
Craig Andrews
3bf6bf10de Configure permissionEvaluator and roleHierarchy by default 
Implementations of AbstractSecurityExpressionHandler (such as the very commonly used DefaultWebSecurityExpressionHandler) get PermissionEvaluator and RoleHierarchy from the application context (if the application context is provided, and exactly one of such a bean exists in it). This approach matches that used in GlobalMethodSecurityConfiguration, making everything in Spring Security work the same way (including WebSecurity).

Issue gh-4077
 2017-09-18 16:35:16 -05:00
Rob Winch
f8ee9944ff Copyright date range 2017-09-18 11:18:46 -05:00
Rob Winch
1f4082e754 Fix copyright lines 2017-09-18 11:11:25 -05:00
Rob Winch
01d4387f56 Fix empty lines in copyright 2017-09-18 10:53:04 -05:00
Rob Winch
3ecf3ea034 Fix double * in Copyright headers 2017-09-18 10:47:26 -05:00
Rob Winch
e14af37775 Add LogoutWebFilter 
Fixes gh-4539
 2017-09-13 16:43:04 -05:00
Rob Winch
426e24c18e Polish 
Formatting changes
 2017-09-13 15:31:32 -05:00
Joe Grandja
65b968f04a Move servlet-specific classes to 'web' package 
Fixes gh-4366
 2017-09-13 16:13:32 -04:00
Rob Winch
0a36359f11 WebFlux HTTP Basic & Form Login Sessions 
By default both HTTP Basic and form log are enabled. Now HTTP Session will
not be used for HTTP Basic, but will be for form log in.
 2017-09-13 14:47:44 -05:00
Rob Winch
3d745e63f6 HttpSecurityConfiguration applies all defaults 
HttpSecurity headers is off by default and relies on
HttpSecurityConfiguration to enable it. This is more consistent with the
other operators
 2017-09-12 22:07:12 -05:00
Rob Winch
b5edb58050 Polish reactive config 
Code Checkstyle fixes
 2017-09-12 21:56:09 -05:00
Rob Winch
8b32b8db74 Polish 
HeadersBuilder build is protected
 2017-09-12 21:51:26 -05:00
Rob Winch
d93c774691 Add FormLogin Configuration 
Fixes gh-4537
 2017-09-12 20:40:56 -05:00
Rob Winch
a0a0a32bda Add WebTestClient HtmlUnit Support 
Fixes gh-4534
 2017-09-12 20:40:56 -05:00
Rob Winch
8d997fd079 Remove DefaultAuthenticationSuccessHandler 
We always need to save the user after authentication, so it should be
part of AuthenticationWebFilter

Fixes gh-4524
 2017-09-12 20:40:56 -05:00
Joe Grandja
4ff0b52f74 Remove HttpClientConfig 
Issue gh-4478
 2017-09-12 21:03:40 -04:00
Rob Winch
d9bad2bc9d Mono.currentContext()->subscriberContext() 
Fixing refactoring by Reactor
 2017-09-01 17:20:47 -05:00
Rob Winch
be0081290b EnableWebFluxSecurity uses PasswordEncoder Bean 2017-08-30 10:02:00 -05:00
Rob Winch
9f2ea90f0d Polish HttpSecurity 
Code Style fixes
 2017-08-29 20:34:20 -05:00
Rob Winch
51ad53f76a Remove Optional from Reactive HttpSecurity 2017-08-29 20:30:04 -05:00
Rob Winch
20befc3702 Support .and() in Reactive HttpBasic & HeaderBuilder 2017-08-29 20:17:56 -05:00
Rob Winch
c4917f359a Fix for Reactor Refactor 
- contextStart -> subscriberContext
 2017-08-29 08:24:55 -05:00
Joe Grandja
bc6be86aec Add in-memory AccessTokenRepository 
Fixes gh-4508
 2017-08-23 17:18:35 -04:00
Joe Grandja
91b0bd4ba5 Provide oauth2login.tokenEndpoint config 
Fixes gh-4506
 2017-08-23 17:18:01 -04:00
Joe Grandja
c06975080f Allow configuring oauth2 authentication handlers 
Fixes gh-4472
 2017-08-23 17:17:34 -04:00
Joe Grandja
93c2b2533e Allow configuring request paths for oauth2 filters 
Fixes gh-4473
 2017-08-23 17:17:01 -04:00
Rob Winch
416ff3c77a Add EnableReactiveMethodSecurity 
Issue gh-4496
 2017-08-17 16:42:01 -05:00
Rob Winch
b0b9b32c0c Add AuthenticationReactorContextFilter 
Fixes gh-4501
 2017-08-17 16:42:01 -05:00
Rob Winch
e16b8e7976 Fix logback-test.xml 2017-08-17 16:42:01 -05:00
Rob Winch
f3737b61e8 Add logback-classic as test dependency 2017-08-17 15:42:39 -05:00
Rob Winch
efc3cadd43 Fixed Circular Bean References in Java Config 
Fixes gh-4489
 2017-08-09 16:24:01 -05:00
Rob Winch
bfaead6f68 Removal of ParsingPathMatcher 
Changes needed for the removal of ParsingPathMatcher in Spring Framework

b1440b6816 (diff-972650c759c249004b9725f94b570db3R156)
 2017-08-02 11:11:11 -05:00
Joe Grandja
c872499eee Enable custom configuration for HTTP client 
Fixes gh-4477
 2017-07-28 16:43:44 -04:00
Rob Winch
9b7883fe10 Add WEB_FILTER_CHAIN_FILTER_ORDER 
Fixes gh-4475
 2017-07-27 21:02:38 -05:00
Joe Grandja
96ae0fe8f8 Expose configuration for authorities mapping 
Fixes gh-4409
 2017-07-12 17:35:16 -04:00
Joe Grandja
9cfb890207 Use id_token for user authentication 
Fixes gh-4410
 2017-07-07 12:44:26 -04:00
Rob Winch
0e100be333 Fix Groovy 2.5 Compile Errors 
Fixes gh-4415
 2017-06-22 13:31:21 -05:00