Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,468 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

3038 Commits

Author SHA1 Message Date
Rob Winch 13125d0745 Add AuthorizationDeniedException(String) 
Closes gh-15607
 2024-08-14 13:57:07 -05:00
Josh Cummings 59ec1f6480
Revert "Polish AuthorizationAdvisorProxyFactory advisor configuration" 
This commit had some unintended consequences when the advisor
interceptor was published in a Spring Boot application. As such,
15497 will be reopened to investigate. In the meantime, this commit
reverts the previous change so as to allow the build to pass.

Issue gh-15497
 2024-08-12 10:12:14 -06:00
Josh Cummings 08b8b09066
Update Copyright 
Issue gh-15286
 2024-08-10 11:48:14 -06:00
Josh Cummings e40c98e6d7 Deprecate PrePostTemplateDefaults 
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.

If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.

Issue gh-15286
 2024-08-10 11:46:51 -06:00
MrJovanovic13 6d657ea3da InMemoryUserDetailsManager preserve user type 
Closes gh-3192
 2024-08-09 10:09:41 -06:00
MrJovanovic13 503d653cea Add InMemoryUserDetailsManager tests 
Tests added:
createUserWhenUserAlreadyExistsThenException
updateUserWhenUserDoesNotExistThenException
loadUserByUsernameWhenUserNullThenException

Issue gh-3192
 2024-08-09 10:09:41 -06:00
Josh Cummings de77e054fd
Default Handler Resolution to Reflection-Based 
Closes gh-15496
 2024-08-07 14:34:40 -06:00
Josh Cummings 02cca6f737
Polish AuthorizationAdvisorProxyFactory advisor configuration 
Closes gh-15497
 2024-08-07 10:09:51 -06:00
Josh Cummings 37a2812d1a
Mimic Annotation Fallback Logic 
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
 2024-07-31 16:17:42 -06:00
Josh Cummings 77bce14462
Polish Annotation Test 
This new arrangement of the test better matches the class
hierarchy described by the original ticket.

Issue gh-13234
 2024-07-31 16:17:42 -06:00
Josh Cummings 90335bd0a6
Polish Annotation Test 
This test was made more effective by having it focus on the real
scenario of resolving annotations from the standpoint of a bean
 2024-07-31 16:17:42 -06:00
KyeongHoon Lee 4036e910c7 Add @FunctionalInterface to AuthenticationManager 2024-07-18 17:25:44 -07:00
Josh Cummings c736e075c1
Add AnnotationSythesizer API 
Closes gh-13234
Closes gh-13490
Closes gh-15097
 2024-07-18 09:55:17 -06:00
Josh Cummings e3438aa36a
Support AliasFor 
Closes gh-15436
 2024-07-18 09:46:39 -06:00
Josh Cummings 03bcc6776a
Correct Authorization Tests 
Issue gh-9289
 2024-07-18 09:46:38 -06:00
Josh Cummings 56c93afc66
Correct Tests About Conflicting Annotations 
Issue gh-9289
 2024-07-18 09:46:38 -06:00
Juliana Hachmann 9a714424d5 Adds missing translated messages for PT-BR 
Partially fix #spring-projectsgh-9315

Adds Brazilian Portuguese translation missing for following messages in messages_pt_BR.properties;
- ExceptionTranslationFilter.insufficientAuthentication 
- LdapAuthenticationProvider.badLdapConnection
- PersistentTokenBasedRememberMeServices.cookieStolen
 2024-05-31 12:36:52 -06:00
Josh Cummings aa9bf83c6d
Polish Exception Handling 
Issue gh-15093
 2024-05-31 12:34:33 -06:00
Blagoja Stamatovski 63f48167bd Add Kotlin support to PreFilter and PostFilter annotations 
Closes gh-15093
 2024-05-31 12:32:28 -06:00
Hyeon Sung 742c95b1fc Use instanceof Pattern Matching 2024-05-15 08:32:25 -03:00
MrJovanovic13 e932387714 fix docs error 
Closes gh-14978
 2024-05-13 09:28:27 -03:00
Marcus Hert Da Coregio b3c7f3ff19 Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision 
Issue gh-7395
 2024-04-30 08:38:03 -03:00
DingHao 2a6f0cac5a Fix not exist class in java doc 
Closes gh-14954
 2024-04-25 11:37:23 -06:00
Marcus Hert Da Coregio 2fbbcc4bd0 Polish Method Authorization Denied Handling 
- Renamed @AuthorizationDeniedHandler to @HandleAuthorizationDenied
- Merged the post processor interface into MethodAuthorizationDeniedHandler , it now has two methods handleDeniedInvocation and handleDeniedInvocationResult
- @HandleAuthorizationDenied now handles AuthorizationDeniedException thrown from the method

Issue gh-14601
 2024-04-12 15:55:25 -03:00
Josh Cummings 933ef67637
Polish AuthorizationDeniedException Handling 
Issue gh-14600
 2024-04-11 14:30:00 -06:00
Josh Cummings 50b85aea0d Handle SpEL AuthorizationDeniedExceptions 
Closes gh-14600
 2024-04-10 15:36:23 -07:00
Marcus Hert Da Coregio 61eba00654 Move HaveIBeenPwnedRestApiPasswordChecker to spring-security-web 
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.

Issue gh-7395
 2024-04-10 14:58:01 -03:00
Marcus Hert Da Coregio 8d914ef145 Add @AuthorizationDeniedHandler for Method Authorization Denied Handling 
Issue gh-14601
 2024-04-08 14:42:13 -03:00
Josh Cummings c8e5fbf21b
Fix Package Tangle 
Issue gh-14598
 2024-04-05 16:48:52 -06:00
YunByungil e5f7453690 fix: variable naming convention 
Changed the variable name from MAX_INTITEM_LENGTH to MAX_INT_ITEM_LENGTH to adhere to naming conventions
 2024-04-05 15:05:32 -07:00
Josh Cummings 3f7355abc6
Synthesize all annotation attributes 
Issue gh-14601
 2024-04-04 13:30:29 -06:00
Josh Cummings 6f07d63938
Support SpEL Returning AuthorizationDecision 
Closes gh-14598
 2024-04-04 11:32:00 -06:00
Josh Cummings 0a9c482f62
Revert "Support SpEL Returning AuthorizationDecision" 
This reverts commit 77f2977c55.
 2024-04-04 11:31:45 -06:00
Josh Cummings 77f2977c55 Support SpEL Returning AuthorizationDecision 
Closes gh-14599
 2024-04-04 09:52:15 -07:00
Marcus Hert Da Coregio d85857f905 Add Authorization Denied Handlers for Method Security 
Closes gh-14601
 2024-04-03 09:25:12 -03:00
Marcus Hert Da Coregio 19d66c0b8a Introduce AuthorizationResult 2024-04-03 09:25:12 -03:00
Marcus Hert Da Coregio 7d66525e23 Add Compromised Password Checker 
Closes gh-7395
 2024-04-01 09:48:07 -03:00
Josh Cummings 148776309f
Merge branch '6.2.x' 2024-03-22 14:33:57 -06:00
Josh Cummings afcce0c277
Merge branch '6.1.x' into 6.2.x 
Closes gh-14795
 2024-03-22 14:33:44 -06:00
Josh Cummings 7162046144
Remove Reference to MethodInvocationResult 
Closes gh-14794
 2024-03-22 14:33:23 -06:00
Ali-Hassan 04799c5aac Update AuthenticationProvider JavaDoc 
Authentication is an interface, not a class. So, it's not correct
to say "instance of the Authentication class".
 2024-03-22 11:27:58 -06:00
Josh Cummings e1c5dc0e66 Polish JavaDoc 
Issue gh-14597
 2024-03-22 11:00:39 -06:00
Josh Cummings 9898e0e993 Move AuthorizationAdvisorProxyFactory 
To prevent package tangles

Issue gh-14596
 2024-03-22 11:00:39 -06:00
Josh Cummings 12ea8a5738 Add Supplier Support 
Issue gh-14597
 2024-03-22 11:00:39 -06:00
Josh Cummings 795e44d11f Add Value-Type Ignore Support 
Issue gh-14597
 2024-03-22 11:00:39 -06:00
Josh Cummings ce54a6db18 Add TestAuthentication convenience method 
Issue gh-14597
 2024-03-19 10:27:03 -06:00
Josh Cummings d169d5a835 Add AuthorizeReturnObject 
Closes gh-14597
 2024-03-19 10:27:03 -06:00
Marcus Hert Da Coregio a8a9341f2e Merge branch '6.2.x' 
Closes gh-14667
 2024-03-18 06:43:37 -03:00
Marcus Hert Da Coregio a972338e1d Merge branch '6.1.x' into 6.2.x 
Closes gh-14666
 2024-03-18 06:43:09 -03:00
Marcus Hert Da Coregio f84c4ea583 Merge branch '5.8.x' into 6.1.x 
Closes gh-14665
 2024-03-18 06:42:43 -03:00