spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00

Author	SHA1	Message	Date
Marcus Da Coregio	fc25b87967	Merge branch '5.6.x' into 5.7.x	2022-12-05 14:40:38 -08:00
Mitja Kotnik	f39f215140	Replace javadoc with SecurityFilterChain bean definition	2022-12-05 14:40:05 -08:00
Guillaume Husta	a5464ed819	Fix typo in DefaultLoginPageConfigurer Javadoc 'isLogoutRequest' seems to have nothing to do here.	2022-12-05 14:31:15 -08:00
Marcus Da Coregio	f561d3784e	Improve deprecation notice in WebSecurityConfigurerAdapter Closes gh-12260	2022-11-21 10:05:08 -03:00
Josh Cummings	6efac34ca7	Merge branch '5.6.x' into 5.7.x Closes gh-12125	2022-11-01 18:06:01 -06:00
Koos Gadellaa	5c4362bbc4	Refresh parsers when not found Closes gh-3065	2022-11-01 18:05:15 -06:00
Marcus Da Coregio	a8d6c1d21f	Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService Closes gh-11449 Closes gh-11726	2022-08-19 09:58:22 -03:00
Marcus Da Coregio	c7912c551b	Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService Closes gh-11449 Closes gh-11726	2022-08-19 09:51:53 -03:00
Rob Winch	faf9fb7337	NamespaceLdapAuthenticationProviderTests use Dynamic Port Closes gh-11710	2022-08-15 15:26:46 -05:00
Rob Winch	9f00045638	NamespaceLdapAuthenticationProviderTests use Dynamic Port Closes gh-11710	2022-08-15 15:26:30 -05:00
Steve Riesenberg	99f768bab9	Polish HttpSecurity	2022-07-29 17:43:00 -05:00
Steve Riesenberg	984355e637	Remove references to WebSecurityConfigurerAdapter * AbstractAuthenticationFilterConfigurer * DefaultLoginPageConfigurer * EnableGlobalAuthentication * FormLoginConfigurer * HeadersConfigurer * HttpSecurity * OpenIDLoginConfigurer * RememberMeConfigurer * WebSecurity * WebSecurityConfiguration * WebSecurityConfigurer * X509Configurer Closes gh-11288	2022-07-29 17:43:00 -05:00
Steve Riesenberg	09173c95d6	Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity Closes gh-11277	2022-07-29 17:43:00 -05:00
Marcus Da Coregio	a996dfc55b	Add Deprecated annotation to WebSecurity#securityInterceptor Closes gh-11634	2022-07-27 14:38:50 -03:00
Marcus Da Coregio	d66ad22652	Add Deprecated annotation to WebSecurity#securityInterceptor Closes gh-11634	2022-07-27 14:32:44 -03:00
Juny Tse	649428b49a	Use Base64 encoder with no CRLF in output for SAML 2.0 messages Closes gh-11262	2022-05-25 12:06:27 -06:00
Juny Tse	d0da160007	Use Base64 encoder with no CRLF in output for SAML 2.0 messages Closes gh-11262	2022-05-25 12:02:13 -06:00
Marcus Da Coregio	e45dcb3ab2	Update copyright headers Issue gh-10956	2022-05-06 14:18:42 -03:00
Marcus Da Coregio	d3a451fffb	Fix mvcMatchers overriding previous paths Closes gh-10956	2022-05-06 14:18:36 -03:00
Marcus Da Coregio	d86ed6f523	Update copyright headers Issue gh-10956	2022-05-06 14:14:16 -03:00
Marcus Da Coregio	1959c25a03	Fix mvcMatchers overriding previous paths Closes gh-10956	2022-05-06 14:11:37 -03:00
Rob Winch	7b6fd598d0	Multiple <authentication-manager> Do Not Duplicate Alias Previously, two authentication managers with different ids would duplicate the alias to the global authentication manager. This would cause failures for when allowBeanDefinitionOverriding = false. This commit ensures that if the global authentication manager alias is already set, then it is not set again. This means the first <authentication-manager> will be used as the global AuthenticationManager. Closes gh-8767	2022-05-03 14:57:22 -05:00
Eleftheria Stein	5ac5edc2e6	Detect UserDetailsService bean in X509 configuration Closes gh-11174	2022-04-28 14:47:18 +02:00
Eleftheria Stein	d40c15e09e	Update remember me Javadocs Describe the new behaviour for retrieving the UserDetailsService Issue gh-11170	2022-04-28 14:13:52 +02:00
Marcus Da Coregio	e94adedb94	Add shouldFilterAllDispatcherTypes to Kotlin DSL Closes gh-11153	2022-04-28 08:19:20 -03:00
Eleftheria Stein	8e34cedcfe	Detect UserDetailsService bean in remember me Closes gh-11170	2022-04-28 12:43:13 +02:00
nor-ek	a3e7e54b70	Security Context Dsl Closes gh-11039	2022-04-26 17:34:44 +02:00
Marcus Da Coregio	9d378103b0	Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator Issue gh-10908	2022-04-25 09:43:50 -03:00
Marcus Da Coregio	23594b3d01	Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator Issue gh-10908	2022-04-25 09:42:00 -03:00
Rob Winch	aaf78330b1	ForceEagerSessionCreationFilter Closes gh-11109	2022-04-15 14:16:35 -05:00
Marcus Da Coregio	7fea639a43	Add Option to Filter All Dispatcher Types Closes gh-11092	2022-04-14 15:58:00 -03:00
Josh Cummings	147ab42440	Revert "Pick up AuthorizationManager Bean" This reverts commit 32b83aae63db382d3107ad3eb68259715bbd88da. Issue gh-11067	2022-04-12 09:32:09 -06:00
Rob Winch	39b0620a84	Add DisableUrlRewritingFilter Closes gh-11084	2022-04-08 16:13:44 -05:00
Josh Cummings	32b83aae63	Pick up AuthorizationManager Bean Closes gh-11067 Closes gh-11068	2022-04-08 10:08:33 -06:00
Josh Cummings	b39f213e64	Revert "Add AuthorizationManager to Messaging" This reverts commit 77a6e014a9c3da916559ae7d1707b09db3ab1194.	2022-04-07 17:39:34 -06:00
Josh Cummings	77a6e014a9	Add AuthorizationManager to Messaging Closes gh-11076	2022-04-07 17:39:10 -06:00
Josh Cummings	66213e5b2e	Add Default Test to HttpBasicConfigurerTests Issue gh-10973	2022-04-05 17:11:39 -06:00
Josh Cummings	47c8676be7	Polish Saml2LoginConfigurerTests Issue gh-10973	2022-04-05 17:11:38 -06:00
Josh Cummings	c175118f62	Use RequestMatcherEntry Closes gh-11046	2022-03-30 14:31:11 -06:00
Josh Cummings	061f69eb70	Polish Authorization Event Support - Added spring-security-config support - Renamed classes - Changed contracts to include the authenticated user and secured object - Added method security support Issue gh-9288	2022-03-29 16:03:19 -06:00
Josh Cummings	a43677d36a	Simplify PrePostMethodSecurityConfiguration Issue gh-9288	2022-03-29 15:44:16 -06:00
Rob Winch	67fd46bfa6	Add SecurityContextRepository.loadContext(HttpServletRequest) This allows loading the SecurityContext lazily, without the need for the response, and does not attempt to automatically save the request when the response is comitted. Closes gh-11028	2022-03-25 14:21:52 -05:00
Yuriy Savchenko	446ab5047c	Add authorizeHttpRequests to Kotlin DSL Closes gh-10481	2022-03-22 09:39:06 -06:00
Yuriy Savchenko	3016ed0067	Fix typos in Kotlin DSL docs Issue gh-10481	2022-03-22 08:27:29 -06:00
Rob Winch	87ed31a99c	Add SecurityContextHolderFilter Closes gh-9635	2022-03-11 17:22:23 -06:00
Rob Winch	dbcb5004b4	Extract createSecurityContextRepository() Extract out method in preparation for adding SecurityContextHolderFilter configuration. Issue gh-9635	2022-03-11 17:21:49 -06:00
Norbert Nowak	ac9c29b2a0	Add UsernamePasswordAuthenticationToken factory methods - unauthenticated factory method - authenticated factory method - test for unauthenticated factory method - test for authenticated factory method - make existing constructor protected - use newly factory methods in rest of the project - update copyright dates Closes gh-10790	2022-03-09 15:23:35 -07:00
Marcus Da Coregio	93d4fd3559	Add SAML 2.0 Single Logout XML Support Closes gh-10842	2022-03-09 09:18:01 -03:00
Marcus Da Coregio	73f839312d	Add SAML 2.0 Login XML Support Closes gh-9012	2022-03-09 09:18:01 -03:00
Josh Cummings	963251314b	Replace Apache Commons Base64 Decoding Issue gh-10923	2022-03-02 16:40:11 -07:00

1 2 3 4 5 ...

1906 Commits