Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,522 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

6522 Commits

Author SHA1 Message Date
Rob Winch 3c7fb977fe WebTestClientHtmlUnitDriverBuilder uses WebTestClient for localhost 
Fixes gh-4815
 2017-11-13 15:48:52 -06:00
Joe Grandja 426c034c01 OidcUserService uses custom userNameAttributeName 
Fixes gh-4812
 2017-11-12 14:44:57 -05:00
Joe Grandja 3661cb58d6 Polish oauth2Login sample integration test 
Fixes gh-4811
 2017-11-12 12:59:58 -05:00
Joe Grandja aa9e057ba8 Fix CNF exception if oauth2-jose dependency not included 
Fixes gh-4753
 2017-11-12 12:27:18 -05:00
Joe Grandja 6775d9fdd8 OAuth2AccessTokenResponse should account for expires_in <= 0 
Fixes gh-4810
 2017-11-12 11:30:11 -05:00
Joe Grandja 1dac191b19 Remove custom security config from oauth2Login sample 
Fixes gh-4808
 2017-11-11 21:15:01 -05:00
Joe Grandja cd9e712117 Remove GlobalAuthenticationConfigurerAdapter from oauth2Login sample 
Fixes gh-4665
 2017-11-11 21:15:01 -05:00
Joe Grandja 9098d1a726 Update to Spring Boot 2.0.0.M6 
Fixes gh-4809
 2017-11-11 21:14:18 -05:00
Joe Grandja 63e2db72ea Add tests to oauth2-jose 
Fixes gh-4806
 2017-11-10 17:09:48 -05:00
Joe Grandja 473ac0e37c Add tests to oauth2-client 
Fixes gh-4299
 2017-11-10 16:03:34 -05:00
Rob Winch f2ccc53549 Add UserDetailsMapFactoryBean 
Fixes gh-4804
 2017-11-09 14:01:43 -06:00
Johnny Lim 99df632f24 Add missing @Override annotations 
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
 2017-11-08 13:27:24 -06:00
Rob Winch be0c6cde3d Update to Reactor-Bismuth-SNAPSHOT 
This may fix the hanging webflux-form build

Issue: gh-4803
 2017-11-08 10:37:01 -06:00
Rob Winch f1245059ff Consistent Thymeleaf Version in Boot Samples 
Issue gh-4802
 2017-11-08 09:04:50 -06:00
Rob Winch 9d7802d71f Configure logback for webflux-form 
Issue gh-4802
 2017-11-08 08:32:32 -06:00
Rob Winch 1728e21804 Update Thymeleaf 
We can remove PatchThymleeafReactiveView now that it is fixed and released
in Thymeleaf.

Issue gh-4802
 2017-11-08 08:29:49 -06:00
Rob Winch 75e77292cf webflux-form sample 
Fixes gh-4802
 2017-11-07 22:25:56 -06:00
Rob Winch adec62cdf2 EnableWebFluxSecurity creates CsrfRequestDataValueProcessor 
Fixes gh-4762
 2017-11-07 22:25:48 -06:00
Rob Winch 676020321e Add reactive CsrfRequestDataValueProcessor 
Fixes gh-4762
 2017-11-07 22:25:36 -06:00
Rob Winch 7622826b69 WebSessionServerCsrfTokenRepository saves on getToken 
Fixes gh-4801
 2017-11-07 22:25:23 -06:00
Rob Winch 776364d403 ServerCsrfTokenRepository.saveToken return Mono<CsrfToken> 
Fixes gh-4800
 2017-11-07 22:24:53 -06:00
Rob Winch 3f18881493 Remove additional attribute name from CsrfWebFilter 
Fixes gh-4799
 2017-11-07 22:24:42 -06:00
Rob Winch 91e27c1422 Add slf4jDependencies to hellowebflux 
Fixes gh-4798
 2017-11-07 22:24:32 -06:00
Rob Winch c7c84e0996 Fix CustomLoginPage test 
Fixes gh-4797
 2017-11-07 22:24:21 -06:00
Rob Winch 1506dcd413 SpringTestContext.getContext() 
Add accessor method for SpringTestContext.getContext()

Fixes gh-4796
 2017-11-07 22:24:15 -06:00
Joe Grandja db35dc6c03 Add tests to oauth2-core 
Fixes gh-4298
 2017-11-06 11:39:17 -05:00
Rob Winch d9abd2e443 User.UserBuilder only encodes once 
Fixes gh-4794
 2017-11-06 09:47:37 -06:00
Rob Winch 21aec19d42 Add FormLoginBuilder.serverAuthenticationSuccessHandler 
Fixes: gh-4786
 2017-11-03 08:47:59 -05:00
Rob Winch 1d4c7da1e1 Fix WebTestClientWebConnection for redirects 2017-11-03 08:46:56 -05:00
Craig Walls 06c4bffc5f Use id field instead of name field for GitHub and Facebook providers. 
Fixes gh-4764
 2017-11-01 10:48:57 -04:00
Greg Turnquist 881cd0befb Fix UsernamePasswordAuthenticationTokenMixin to handle null credentials/details 
Resolves #4698
 2017-10-31 16:34:07 -05:00
Rob Winch 82adf744f5 Polish Docs 2017-10-31 10:27:34 -05:00
Rob Winch 35758fc61f Next Development Version 5.0.0.BUILD-SNAPSHOT 2017-10-30 17:06:54 -05:00
Rob Winch e7ab2a697d Release 5.0.0.RC1 2017-10-30 16:47:44 -05:00
Rob Winch e95430fa36 Polish Reactive Method Security reference 
Issue gh-4757
 2017-10-30 16:27:50 -05:00
Rob Winch d664ff2e26 Lookup HandlerMappingIntrospector from Bean 2017-10-30 16:27:50 -05:00
Joe Grandja ef9cd76607 Polish oauth2 
Fixes gh-4758
 2017-10-30 16:49:01 -04:00
Rob Winch 8e6c726fb2 Add WebFlux to What's New 5.0 
Fixes gh-4757
 2017-10-30 15:29:13 -05:00
Joe Grandja d435f149eb Polish spring-security-oauth2-jose 
Fixes gh-4755
 2017-10-30 13:09:40 -04:00
Joe Grandja 511d702ee0 Remove JwtDecoderRegistry 
Fixes gh-4754
 2017-10-30 12:52:42 -04:00
Joe Grandja 727098d6c0 Fix NPE when configuring oauth2Login.loginPage 
Fixes gh-4752
 2017-10-30 06:26:07 -04:00
Rob Winch 5280ac40e9 WebMvcConfigurerAdapter->WebMvcConfigurer 
Fixes gh-4612
 2017-10-30 01:30:08 -05:00
Gajendra kumar ec723952d5 principals and sessionIds should be set using constructor so that can be shared across node in cluster 
As principals and sessionIds are set in class itself so one can't share user session count across nodes(Cluster). Using constructor for setting principals and sessionIds we can pass Cache map to constructor which can enable common session count in cluster otherwise user would be allowed to logged in with multiple sessions. There is no point keeping principals and sessionIds completely internal.
 2017-10-30 01:08:15 -05:00
Kazuki Shimizu 3d5989dea4 Change a default realm name 
Change a default realm name of Basic Authentication for XML namespace to 'Realm'.

Fixes gh-4220
 2017-10-30 00:59:39 -05:00
Frank Pavageau 35706ad60a Deserialize the principal in a neutral way 
When the principal of the Authentication is an object, it is not necessarily
an User: it could be another implementation of UserDetails, or even a
completely unrelated type. Since the type of the object is serialized as a
property and used by the deserialization anyway, there's no point in
enforcing a stricter type.
 2017-10-30 00:53:31 -05:00
Frank Pavageau 6fd9ff254b Map values directly from the JSON nodes 
Not only is it more efficient without converting to an intermediate String,
using JsonNode.toString() may not even produce valid JSON according to its
Javadoc (ObjectMapper.writeValueAsString() should be used).
 2017-10-30 00:53:31 -05:00
SignleMR a1fdb7dcb3 Update AbstractRememberMeServices.java 
this file`s file encode is unkown,maybe is "Eddu Melendez"
 2017-10-30 00:50:23 -05:00
Rob Winch 4295461830 ServerHttpSecurity extracts WebFilter from OrderedWebFilter 
Fixes gh-4736
 2017-10-30 00:45:26 -05:00
Jeremy Waters 832f5c39c1 SEC-3190: Add support for colons in remember-me token values 
We have an issue where token strings that contain a colon break
the existing decoding strategy, which tokenizes on colons.  so this 
change urlencodes the individual tokens when creating the cookie 
string; and urldecodes them decoding the cookie and extracting the 
tokens.  This also eliminates the need for existing code to deal with
openid tokens which contain urls, and thus colons.
 2017-10-30 00:33:14 -05:00
Trygve Aasjord 8d717c62af Pass username as second parameter for search filter. 
Allows the username only (without domain) to be used in custom search filter like "sAMAccountName={1}",
in eg. situations where the userPrincipalName has a different suffix than domain.

Thanks to contributors in issue.

fixes gh-2448
 2017-10-29 23:58:58 -05:00