Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,240 Commits 34 Branches 337 Tags
Commit Graph

2290 Commits

Author SHA1 Message Date
Marcus Da Coregio
1a4a2a9055 Merge branch '5.8.x' into 6.0.x 2023-04-14 13:32:10 -03:00
Marcus Da Coregio
54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Marcus Da Coregio
67645b32f4 Merge branch '5.8.x' into 6.0.x 2023-03-22 10:12:11 -03:00
Marcus Da Coregio
fd65dc6756 Merge branch '5.7.x' into 5.8.x 2023-03-22 10:08:17 -03:00
Martin Tarjányi
5eefe9dcff Fix typo in SessionManagementConfigurer javadoc 2023-03-22 10:07:44 -03:00
twosom
cbb4e40166 fix typo in RequestCacheResultMatcher 2023-03-20 17:02:00 -06:00
Josh Cummings
bbd31f0e33
Defer ObservationRegistry Lookup 
Closes gh-12780
 2023-02-24 11:03:32 -07:00
Marcus Da Coregio
7d22e02593 Merge branch '5.8.x' into 6.0.x 
Closes gh-12777
 2023-02-23 15:17:25 -03:00
Marcus Da Coregio
97ba596ca3 Merge branch '5.7.x' into 5.8.x 
Closes gh-12776
 2023-02-23 15:17:04 -03:00
Marcus Da Coregio
1c3ce1e401 Fix entity-id ignored in RelyingPartyRegistration XML config 
Closes gh-11898
 2023-02-23 15:16:40 -03:00
Josh Cummings
cedb9fd199
Merge branch '5.8.x' into 6.0.x 
Closes gh-12687
 2023-02-16 14:56:32 -07:00
Josh Cummings
0baf650f38
Merge branch '5.7.x' into 5.8.x 
Closes gh-12686
 2023-02-16 14:55:22 -07:00
Leonid Rozenblyum
000b4bc495 Fix NPE in HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter 
Before the fix, these methods would throw a NPE in case when the filter class passed as the second parameter, is not registered yet.

In particular, this exception can occur when mixing standard and custom DSL to register filters.

The fix doesn't change the situation that standard DSL for registration of filters cannot refer to filters that are registered via custom DSL even though those calls were done earlier.

It just provides more user-friendly error handling for this and most likely other scenarios of calls of HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter.

The error handling is implemented similarly to HttpSecurity#addFilter.

Closes gh-12637
 2023-02-16 14:54:44 -07:00
Tobias Meurer
7dd5cc6082 Pick Up Custom SecurityContextRespository 
Closes gh-12579
 2023-02-07 12:46:12 -07:00
Marcus Da Coregio
52ed165476 Move classpath checks to class member variable 
Closes gh-11437
 2023-02-07 09:25:06 -03:00
Marcus Da Coregio
3572111cf5 Add JwtDecoder hint for oauth2Login 
Closes gh-12615
 2023-02-03 14:34:32 -03:00
Steve Riesenberg
13487be268
Default to XorCsrfChannelInterceptor in 6.0.x 
Closes gh-12378
 2023-01-26 15:45:04 -06:00
Steve Riesenberg
1363a4eece
Merge branch '5.8.x' into 6.0.x 2023-01-26 15:44:47 -06:00
Josh Cummings
c3563df25a
Include HttpStatusRequestRequestedHandler 
Closes gh-12548
 2023-01-26 14:07:22 -07:00
Josh Cummings
66711f2365
Add RequestRejectedHandler Test 
Issue gh-12548
 2023-01-26 13:07:16 -07:00
Steve Riesenberg
c306df9b46
Add XorCsrfChannelInterceptor 
Issue gh-12378
 2023-01-23 16:00:35 -06:00
Josh Cummings
5b6b3d585f
Change EnableReactiveMethodSecurity Defaults 
Closes gh-12506
 2023-01-10 08:30:52 -07:00
Marcus Da Coregio
7080ea652f Add hints for ProxyFactoryBean AuthenticationManager 
Closes gh-12367
 2022-12-14 10:16:04 -03:00
Marcus Da Coregio
f1698ec188 Fix removed code by merge 2022-12-05 14:57:28 -08:00
Marcus Da Coregio
2fdf762726 Merge branch '5.8.x' into 6.0.x 2022-12-05 14:41:59 -08:00
Marcus Da Coregio
7aaa25b88e Merge branch '5.7.x' into 5.8.x 2022-12-05 14:40:54 -08:00
Marcus Da Coregio
fc25b87967 Merge branch '5.6.x' into 5.7.x 2022-12-05 14:40:38 -08:00
Mitja Kotnik
f39f215140 Replace javadoc with SecurityFilterChain bean definition 2022-12-05 14:40:05 -08:00
Guillaume Husta
a5464ed819 Fix typo in DefaultLoginPageConfigurer Javadoc 
'isLogoutRequest' seems to have nothing to do here.
 2022-12-05 14:31:15 -08:00
Marcus Da Coregio
e774bd480b Merge branch '5.7.x' into 5.8.x 
Closes gh-12261
 2022-11-21 10:25:43 -03:00
Marcus Da Coregio
f561d3784e Improve deprecation notice in WebSecurityConfigurerAdapter 
Closes gh-12260
 2022-11-21 10:05:08 -03:00
Steve Riesenberg
dd9f954ace
Fix tests in CsrfConfigurerTests 
Closes gh-12241
 2022-11-18 14:58:41 -06:00
Steve Riesenberg
5da78f44f2
Merge branch '5.8.x' 2022-11-18 14:54:33 -06:00
Steve Riesenberg
ea6ce05662
Add configurer tests for CookieCsrfTokenRepository 
Issue gh-12236
 2022-11-18 13:12:59 -06:00
Steve Riesenberg
2ed7cff643
Check for existing token before clearing 
Closes gh-12236
 2022-11-18 13:12:59 -06:00
Josh Cummings
e08ed89403 Polish Span and Meter Names 
Closes gh-12156
 2022-11-17 15:09:52 -07:00
Steve Riesenberg
222f8ae1a5
Merge branch '5.8.x' 2022-11-16 16:54:32 -06:00
Jan Marten
2301e8ca77
Fix Javadoc in EnableWebSocketSecurity 
Add missing method name in EnableWebSocketSecurity JavaDoc code example.
 2022-11-16 16:51:42 -06:00
Josh Cummings
c45cd6ec9f
Defer ObservationRegistry Resolution 
- If Method Security asks for  too early, it is no longer
eligible for post-processing. As such, this commit defers loading it until
the first authorization request.

Issue gh-11990
 2022-11-09 22:07:57 -07:00
Marcus Da Coregio
3b5d19c8a4 Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1 
Closes gh-12146
Closes gh-12148
 2022-11-08 08:34:21 -03:00
Marcus Da Coregio
72c25332a5 Fix authenticationFailureHandler customization tests 
Issue gh-12132
 2022-11-03 10:32:38 -03:00
Josh Cummings
fc8e20b89f
Merge branch '5.8.x' 
Closes gh-12133
 2022-11-02 15:49:18 -06:00
Josh Cummings
3192618220
Add authenticationFailureHandler 
- To ServerHttpSecurity#httpBasic
- To ServerHttpSecurity#oauthResourceServer

Closes gh-12132
 2022-11-02 15:35:01 -06:00
Josh Cummings
983f1d4efb
Merge branch '5.8.x' 
Closes gh-12127
 2022-11-01 18:08:08 -06:00
Josh Cummings
6622e0135a
Merge branch '5.7.x' into 5.8.x 
Closes gh-12126
 2022-11-01 18:06:41 -06:00
Josh Cummings
6efac34ca7
Merge branch '5.6.x' into 5.7.x 
Closes gh-12125
 2022-11-01 18:06:01 -06:00
Koos Gadellaa
5c4362bbc4
Refresh parsers when not found 
Closes gh-3065
 2022-11-01 18:05:15 -06:00
Rob Winch
d860775b45 Document Defer load CsrfToken 
Closes gh-12105
 2022-10-28 15:41:25 -05:00
Josh Cummings
abe68abfe4
Merge remote-tracking branch 'origin/5.8.x' 2022-10-26 17:13:02 -06:00
mmoussa_mapfreusa
bd4e0fb5db
Set LogoutRequestRepository on Saml2 LogoutSuccessHandler 
Closes gh-11363
 2022-10-26 16:44:23 -06:00