Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 06:58:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,320 Commits 33 Branches 337 Tags
Commit Graph

16320 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
416859e70e
Use OpenSAML API in authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
94431d1650
Add Internal OpenSAML API 
This will be useful for exposing OpenSAML functionality at
a higher level. Each OpenSAML major version release should
provide a new implementation.

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Josh Cummings
54a4792b7a
Remove Unneeded OpenSAML 4 References 
This will reduce the number of components that need to be
duplicated between the OpenSAML 4 and 5 support

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Josh Cummings
ab842b74b9
Use OpenSAML ParserPool Defaults 
Originally, Spring Security turned off various features
XML parsing feature for the underlying DocumentBuilderFactory
that OpenSAML uses.

Both OpenSAML 4 and 5 set these values by default, so we
can safely accept the defaults at this point.

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Daniel Garnier-Moiroux
bc8ba7f3b7 Inline CSS for default login and logout page 
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
  in air-gapped or offline scenarios, and no dependency on an external CDN that may
  go away some day.
 2024-08-05 09:27:18 -05:00
github-actions[bot]
66efb63dba Merge branch '6.3.x' 2024-08-05 01:29:19 +00:00
github-actions[bot]
c2fdc752aa Merge branch '6.2.x' into 6.3.x 2024-08-05 01:29:19 +00:00
github-actions[bot]
1b708a1aec Merge branch '5.8.x' into 6.2.x 2024-08-05 01:29:19 +00:00
dependabot[bot]
e9e0ec89fb Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 18:28:27 -07:00
github-actions[bot]
3db1ba28e4 Merge branch '6.3.x' 2024-08-05 01:14:00 +00:00
github-actions[bot]
0d017f1413 Merge branch '6.2.x' into 6.3.x 2024-08-05 01:14:00 +00:00
github-actions[bot]
154a540682 Merge branch '5.8.x' into 6.2.x 2024-08-05 01:14:00 +00:00
dependabot[bot]
596c5f9b0c Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 18:13:16 -07:00
github-actions[bot]
0706959853 Merge branch '6.3.x' 2024-08-05 00:41:15 +00:00
github-actions[bot]
3bd295f002 Merge branch '6.2.x' into 6.3.x 2024-08-05 00:41:15 +00:00
dependabot[bot]
a1e08a302d Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:40:47 -07:00
dependabot[bot]
a6c4031b6b Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:40:29 -07:00
dependabot[bot]
999a3bb879 Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:36:29 -07:00
dependabot[bot]
d8e3a64c33 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:33:53 -07:00
github-actions[bot]
2f1d758538 Merge branch '6.2.x' into 6.3.x 2024-08-05 00:32:53 +00:00
github-actions[bot]
dd61619cbc Merge branch '6.3.x' 2024-08-05 00:32:53 +00:00
dependabot[bot]
fd8bc579d3 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:32:11 -07:00
dependabot[bot]
64b938ad80 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:31:57 -07:00
Josh Cummings
37a2812d1a
Mimic Annotation Fallback Logic 
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
 2024-07-31 16:17:42 -06:00
Josh Cummings
77bce14462
Polish Annotation Test 
This new arrangement of the test better matches the class
hierarchy described by the original ticket.

Issue gh-13234
 2024-07-31 16:17:42 -06:00
Josh Cummings
90335bd0a6
Polish Annotation Test 
This test was made more effective by having it focus on the real
scenario of resolving annotations from the standpoint of a bean
 2024-07-31 16:17:42 -06:00
Josh Cummings
b743d8f7a1
Merge branch '6.3.x' 2024-07-31 16:17:15 -06:00
Josh Cummings
f20ae1a71c
Revert gh-13783 
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
 2024-07-31 16:16:34 -06:00
Steve Riesenberg
b710b666d0
Merge branch '6.3.x' 2024-07-31 17:04:36 -05:00
Steve Riesenberg
f059c05c93
Merge branch '6.2.x' into 6.3.x 2024-07-31 17:04:22 -05:00
Steve Riesenberg
d2ebde2418
Revert merged file 
Issue gh-15503
 2024-07-31 17:04:09 -05:00
Steve Riesenberg
4595bb6ae7
Merge branch '6.3.x' 2024-07-31 17:01:01 -05:00
Steve Riesenberg
ce26b42f97
Merge branch '6.2.x' into 6.3.x 2024-07-31 17:00:37 -05:00
Steve Riesenberg
5895f19a73
Merge branch '5.8.x' into 6.2.x 2024-07-31 17:00:07 -05:00
Steve Riesenberg
5d335ccf8d
Fix job dependencies 
Issue gh-15503
 2024-07-31 16:59:35 -05:00
Josh Cummings
d47e0d46b2
Merge branch '6.3.x' 2024-07-31 15:56:21 -06:00
Josh Cummings
eac8bc24aa
Merge branch '6.2.x' into 6.3.x 2024-07-31 15:56:08 -06:00
Josh Cummings
8d43f1bd7d
Merge branch '5.8.x' into 6.2.x 2024-07-31 15:48:44 -06:00
Josh Cummings
5cdcdc9bcb
Suppress Node Files From Nohttp Analysis 
Given that we have no control over the contents of
third-party code, it isn't helpful to have nohttp
generate errors for the usage of http:// in that code.
 2024-07-31 15:48:28 -06:00
Steve Riesenberg
6c43f357b7
Merge branch '6.3.x' 
Closes gh-15506
 2024-07-31 15:46:37 -05:00
Steve Riesenberg
f00a5db132
Merge branch '6.2.x' into 6.3.x 
Closes gh-15505
 2024-07-31 15:45:31 -05:00
Steve Riesenberg
dae2674dbe
Merge branch '5.8.x' into 6.2.x 
Closes gh-15504
 2024-07-31 15:42:08 -05:00
Steve Riesenberg
a5b1dec99a
Migrate slack notifications to GChat 
Closes gh-15503
 2024-07-31 14:59:04 -05:00
Josh Cummings
ef35c4a64a
Merge branch '6.3.x' 2024-07-29 15:10:50 -06:00
Josh Cummings
97a49e18b9
Merge branch '6.2.x' into 6.3.x 2024-07-29 15:10:32 -06:00
Josh Cummings
e51507e32d Polish Inline Code Formatting 2024-07-29 14:08:01 -07:00
Junhyunny
bfee6927c2 Correct Explanation for HttpSessionCsrfTokenRepository 2024-07-29 14:08:01 -07:00
Josh Cummings
78f2c15f0d
Merge branch '6.3.x' 2024-07-29 15:06:41 -06:00
Josh Cummings
abaab2ef55
Merge branch '6.2.x' into 6.3.x 
Closes gh-15495
 2024-07-29 15:06:27 -06:00
Josh Cummings
9a83986b91
Merge branch '5.8.x' into 6.2.x 
Closes gh-15494
 2024-07-29 15:04:49 -06:00