Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 13:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,872 Commits 55 Branches 348 Tags
Commit Graph

17872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
40b84d3e44
Merge branch '6.4.x' 2025-03-27 16:34:39 -06:00
Josh Cummings
6c5b6d1c51
Merge branch '6.3.x' into 6.4.x 
Closes gh-16837
 2025-03-27 16:32:12 -06:00
Josh Cummings
456604ab45 Sort Default Advisors and Added Advisors 
This commit ensures that the default advisors and added advisors
are sorted in the event that this component is not being published
as a Spring bean.

Issue gh-16819
 2025-03-27 16:18:00 -06:00
Josh Cummings
15b9a50060 Add Test 
Issue gh-16819
 2025-03-27 16:18:00 -06:00
Tran Ngoc Nhan
fcc1bd598d Sort Advisors AfterSingletonsInstantiated 
In order to make so that authorization advisors are sorted
only one time and also as part of the configuration lifecycle,
AuthorizationAdvisorProxyFactory now implements
SmartInitializingBean.

Closes gh-16819

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-27 16:18:00 -06:00
Hao
6159e089d4 Fix inline code formatting in documentation 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
Hao
8c7d2e8922 Fix typo in multitenancy documentation 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
dependabot[bot]
071906b944 Bump org.seleniumhq.selenium:htmlunit3-driver from 4.29.0 to 4.30.0 
Bumps [org.seleniumhq.selenium:htmlunit3-driver](https://github.com/SeleniumHQ/htmlunit-driver) from 4.29.0 to 4.30.0.
- [Release notes](https://github.com/SeleniumHQ/htmlunit-driver/releases)
- [Commits](https://github.com/SeleniumHQ/htmlunit-driver/compare/4.29.0...4.30.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:htmlunit3-driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-26 20:46:40 -07:00
dependabot[bot]
e2d2df43d6 Bump org.htmlunit:htmlunit from 4.11.0 to 4.11.1 
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.11.0...4.11.1)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-26 20:46:36 -07:00
Tran Ngoc Nhan
7bca17cb5a Polish 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-26 17:02:06 -06:00
Josh Cummings
37b8d019fa
Polish RequestMatcher Migration Path for OAuth 2.0 Login DSL 
Issue gh-16573
 2025-03-26 16:38:39 -06:00
Josh Cummings
99345537d6
Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter 
Issue gh-16417
 2025-03-26 16:38:39 -06:00
Josh Cummings
91ee5e7f2b
Add RequestMatcher Migration Path for CAS 
Issue gh-16417
 2025-03-26 16:38:38 -06:00
Josh Cummings
15d9c13984
Add RequestMatcher MigrationPath for SwitchUserFilter 
To simplify migration, the filter's setter methods still use AntPathRequestMatcher.
Users can call the equivalent RequestMatcher setter methods to opt-in to the change early.

Issue gh-16417
 2025-03-26 16:38:38 -06:00
Josh Cummings
1eec51ab6c
Polish SwitchUserFilterTests 
Ensure that the appropriate HTTP Method is specified in tests

Issue gh-16417
 2025-03-26 16:38:38 -06:00
Steve Riesenberg
860f130bc4
Add additional validation when refreshing ID tokens 
Issue gh-16589
 2025-03-26 15:34:17 -05:00
Steve Riesenberg
5f98ce5ecc
Polish gh-16589 2025-03-26 15:34:17 -05:00
Josh Cummings
d2d9da0a39
Favor PathPatternRequestMatcher 
Issue gh-16828
 2025-03-26 14:33:46 -06:00
Josh Cummings
e65e32bb42
Polish CorsConfigurationSource Selection Logic 
Issue gh-16501
 2025-03-26 13:44:47 -06:00
Josh Cummings
1618963255
Deprecate AntPathRequestMatcher 
Closes gh-16632
 2025-03-26 13:40:05 -06:00
Josh Cummings
59f08e861e
Use PathPatternRequestMatcher in Docs 
Update documenation references from PathPatternRequestMatcher to AntPathRequestMatcher

Issue gh-16632
 2025-03-26 13:40:04 -06:00
Josh Cummings
ff52e05b24
Favor PathPatternRequestMatcher in XML Configuration 
Update BeanDefinitionParsers to use PathPatternRequestMatcher conditionally
on the presence of a PathPatternRequestMatcher.Builder bean

Closes gh-16828
 2025-03-26 13:40:04 -06:00
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components 
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
 2025-03-26 13:28:58 -06:00
Josh Cummings
50ad378a29
Polish MockHttpServletRequest Usage 
This commit makes so that the requestURI is set to a value that makes
sense with the other properties being mocked.

Issue gh-16632
 2025-03-26 13:27:17 -06:00
Evgeniy Cheban
ad1ee28f01 Update HandlerMappingIntrospector Usage in CORS support 
Closes gh-16501

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-03-26 13:11:05 -06:00
dependabot[bot]
ba1045e61d Bump org.htmlunit:htmlunit from 4.10.0 to 4.11.0 
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.10.0...4.11.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-25 20:43:41 -07:00
dependabot[bot]
4cf90dbd5f Bump io.freefair.gradle:aspectj-plugin from 8.13 to 8.13.1 
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.13 to 8.13.1.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.13...8.13.1)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-25 20:42:38 -07:00
Rob Winch
491d28b6bb
Merge branch '6.4.x' 
- Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity

Closes gh-16821
 2025-03-25 16:19:14 -05:00
Rob Winch
1f3dd53bdf
Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity 
Closes gh-16606
 2025-03-25 16:14:58 -05:00
Rob Winch
a6b5c05da9
Additional WebAuthn4jRelyingPartyOperationTests 
- verify that anonymous users not saved
- verify that when user found the CredentialRecord is allowed

Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
9c054474a8
Use Test Name Conventions 
Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
593f7c4490
Use !isAuthenticated 
It's more verbose to see if the user is not null and not anonymous

Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
4e20d56d2d
Fix format for WebAuthn4jRelyingPartyOperations 
Issue gh-16385
 2025-03-25 16:14:25 -05:00
Josh Cummings
388acbac00
Merge branch '6.4.x' 2025-03-25 15:11:59 -06:00
Josh Cummings
26aa253633
Merge branch '6.3.x' into 6.4.x 2025-03-25 15:11:42 -06:00
github-actions[bot]
af2668f7cb Bump Gradle Wrapper from 8.10.2 to 8.13. 
Release notes of Gradle 8.13 can be found here:
https://docs.gradle.org/8.13/release-notes.html

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-03-25 15:11:10 -06:00
Josh Cummings
c21295f8d1
Fix Formatting 2025-03-25 14:56:52 -06:00
Josh Cummings
3aec6c2f6e
Deprecate Access API in ACL 
Issue gh-11302
 2025-03-25 12:21:13 -06:00
Josh Cummings
05fdcd6a08
Deprecate MvcRequestMatcher 
Closes gh-16631
 2025-03-24 22:03:22 -06:00
Tomas Borghi
0a084135ec
Delete import unused 
Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 16:50:39 -03:00
Tomas Borghi
5571ad1b27
Fix issues identified in PR review 
Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 13:18:23 -03:00
Borghi
e3a715b8f5 Fix issues identified in PR review 
Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 13:00:27 -03:00
dependabot[bot]
6927566668 Bump org.seleniumhq.selenium:selenium-java from 4.29.0 to 4.30.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.29.0 to 4.30.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.29.0...selenium-4.30.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 21:06:02 -07:00
github-actions[bot]
ee962b51cc Merge branch '6.4.x' 2025-03-24 01:50:41 +00:00
dependabot[bot]
2f04512e01 Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.18 to 0.0.19.
- [Commits](852920ba3f...c203826512)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 18:49:53 -07:00
github-actions[bot]
8fff17070d Merge branch '6.4.x' 2025-03-24 01:41:23 +00:00
github-actions[bot]
23444dd13f Merge branch '6.3.x' into 6.4.x 2025-03-24 01:41:22 +00:00
dependabot[bot]
883765b2de Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.16 to 1.0.0-alpha.17.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.16...v1.0.0-alpha.17)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 18:40:37 -07:00
dependabot[bot]
a9acb6dabc Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.18 to 0.0.19.
- [Commits](852920ba3f...c203826512)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 17:32:20 -07:00
dependabot[bot]
4f8b757b2b Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.16 to 1.0.0-alpha.17.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.16...v1.0.0-alpha.17)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 17:22:31 -07:00