Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-23 17:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,134 Commits 49 Branches 379 Tags
Commit Graph

244 Commits

Author SHA1 Message Date
Rob Winch
426e24c18e Polish 
Formatting changes
 2017-09-13 15:31:32 -05:00
Rob Winch
0a36359f11 WebFlux HTTP Basic & Form Login Sessions 
By default both HTTP Basic and form log are enabled. Now HTTP Session will
not be used for HTTP Basic, but will be for form log in.
 2017-09-13 14:47:44 -05:00
Rob Winch
3d745e63f6 HttpSecurityConfiguration applies all defaults 
HttpSecurity headers is off by default and relies on
HttpSecurityConfiguration to enable it. This is more consistent with the
other operators
 2017-09-12 22:07:12 -05:00
Rob Winch
b5edb58050 Polish reactive config 
Code Checkstyle fixes
 2017-09-12 21:56:09 -05:00
Rob Winch
d93c774691 Add FormLogin Configuration 
Fixes gh-4537
 2017-09-12 20:40:56 -05:00
Rob Winch
a0a0a32bda Add WebTestClient HtmlUnit Support 
Fixes gh-4534
 2017-09-12 20:40:56 -05:00
Rob Winch
d9bad2bc9d Mono.currentContext()->subscriberContext() 
Fixing refactoring by Reactor
 2017-09-01 17:20:47 -05:00
Rob Winch
be0081290b EnableWebFluxSecurity uses PasswordEncoder Bean 2017-08-30 10:02:00 -05:00
Rob Winch
20befc3702 Support .and() in Reactive HttpBasic & HeaderBuilder 2017-08-29 20:17:56 -05:00
Rob Winch
c4917f359a Fix for Reactor Refactor 
- contextStart -> subscriberContext
 2017-08-29 08:24:55 -05:00
Rob Winch
416ff3c77a Add EnableReactiveMethodSecurity 
Issue gh-4496
 2017-08-17 16:42:01 -05:00
Rob Winch
b0b9b32c0c Add AuthenticationReactorContextFilter 
Fixes gh-4501
 2017-08-17 16:42:01 -05:00
Rob Winch
bfaead6f68 Removal of ParsingPathMatcher 
Changes needed for the removal of ParsingPathMatcher in Spring Framework

b1440b6816 (diff-972650c759c249004b9725f94b570db3R156)
 2017-08-02 11:11:11 -05:00
Rob Winch
8130965259 Fixes for changes in SPR-15657 
Fixes gh-4408
 2017-06-20 16:42:24 -05:00
Rob Winch
ca6348800e HttpSecurity.authorizeExchange() allows Method Chaining 
Fixes gh-4397
 2017-06-15 15:50:30 -05:00
Rob Winch
fda0220fad Provide default reactive HttpSecurity 
Fixes gh-4396
 2017-06-15 13:00:19 -05:00
Rob Winch
9141a8a7c0 Add Multiple Reactive HttpSecurity 
Fixes gh-4395
 2017-06-15 13:00:19 -05:00
Rob Winch
30132892a0 Polish UserDetailsResourceFactoryBean Support 
Issues: gh-4380 gh-4381 gh-4382
 2017-06-13 15:15:21 -05:00
Rob Winch
337317a060 WebFlux now uses ParsingPathMatcher 
Fixes gh-4388
 2017-06-09 22:25:45 -05:00
Rob Winch
6428cb411e Add UserDetailsRepositoryResourceFactoryBean 
Add the ability to easily create a UserDetailsRepository from a Properties
in the standard Spring Security user format.

Fixes gh-4382
 2017-06-09 16:07:18 -05:00
Rob Winch
4cb77e5386 Add UserDetailsManagerResourceFactoryBean 
Add the ability to easily create a UserDetailsManager from a Properties
in the standard Spring Security user format.

Fixes gh-4381
 2017-06-09 16:07:18 -05:00
Rob Winch
256d14ede0 Add UserDetailsResourceFactoryBean 
Add the ability to create a Collection<UserDetails> from a Properties
Resource using the standard Spring Security user format.

Fixes gh-4380
 2017-06-09 16:07:18 -05:00
Joe Grandja
68368c87ca Resolve compile errors -> WebTestClient methods removed 
Fixes gh-4355
 2017-05-25 11:14:29 -04:00
Vedran Pavic
85719fcd64 Use Base64 implementation provided by Java 8 2017-05-10 00:27:36 -05:00
Rob Winch
b4f2777755 Add WebFlux 
Fixes gh-4128
 2017-05-10 00:13:02 -05:00
Rob Winch
5a65da400d Use ReflectionTestUtils rather than Whitebox 
This is better because it no longer uses Mockito's internal API

Fixes gh-4305
 2017-04-21 10:54:58 -05:00
Joris Kuipers
546d44d6e7 Fix NPE in WebSocketMessageBrokerSecurityBeanDefinitionParser 
Fixes gh-4112
Closes gh-4194
 2017-03-01 23:58:02 -06:00
Rob Winch
fc516b55a6 Fix Build Against Spring 5.0.0.BUILD-SNAPSHOT 
Change Bean definition to static to avoid SPR-12646

Fixes gh-4150
 2016-12-08 15:54:46 -06:00
Eddú Meléndez
23294c4c57 Add Referrer-Policy header support 
Fixes gh-4110
 2016-11-08 13:21:35 -06:00
Rob Winch
df3b8bc284 Add Spring MVC test for override cache control 
Issue gh-3975
 2016-10-24 15:57:32 -05:00
Rob Winch
94e580fe64 Add Support for Custom Default Configuration in Web Security 
Fixes gh-4102
 2016-10-19 16:15:56 -05:00
Rob Winch
af9139b613 Add intercept-url@request-matcher-ref 
Fixes gh-4097
 2016-10-18 22:27:31 -05:00
Rob Winch
aaa9708b95 Add BeanResolver to AuthenticationPrincipalArgumentResolver 
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.

This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.

Fixes gh-3949
 2016-10-18 19:45:54 -05:00
Rob Winch
badb466cc5 AuthenticationConfiguration imports ObjectPostProcessor 
Fixes gh-4086
 2016-10-17 20:00:27 -05:00
Rob Winch
b443baef04 Polish GrantedAuthorityDefaults 
* Move GrantedAuthorityDefaults to config module
* Move setting of default role into config module vs
  ApplicationContextAware

Issue gh-3701
 2016-09-22 15:13:05 -05:00
Rob Winch
c6366baee2 Remove MvcRequestMatcher.afterPropertiesSet() 
The validation does not work due to restrictions within the servlet
container. Specifically we cannot access the servlets that are registered.

This commit reverts the validation logic for MvcRequestMatcher to determine
if servletPath is required.

Fixes gh-4027
 2016-08-19 14:18:07 -04:00
Rob Winch
bb997eecde Fix defaultMethodExpressionHandler autowiring 
Previously if a Bean for GlobalMethodSecurityConfiguration's
defaultMethodExpressionHandler was found on a Configuration that also
@Autowired a Bean that enabled method security, the Bean that was
@Autowired would not have security enabled.

This fixes the issue by delaying the lookup of Beans populated on
GlobalMethodSecurityConfiguration's defaultMethodExpressionHandler.

Fixes gh-4020
 2016-08-10 23:48:07 -05:00
Joe Grandja
e080905a79 MvcRequestMatcher servletPath Polish / XML Config 
Fixes gh-4014
 2016-08-09 16:29:30 -05:00
Rob Winch
3befb1c8a6 MvcRequestMatcher servletPath / JavaConfig 
Issue: gh-3987
 2016-08-09 16:29:30 -05:00
Rob Winch
ca170f8479 DummyRequest supports methods for MvcRequestMatcher 
To support MvcRequestMatcher DummyRequest needs to support
getCharacterEncoding() and getAttribute(String)
 2016-07-14 14:18:31 -05:00
Rob Winch
ada146244e Add HttpSecurity.mvcMatcher 
Fixes gh-3970
 2016-07-14 10:50:49 -04:00
Rob Winch
945e2e2ad4 Fix NPE requestMatchers().mvcMatchers 
Fixes gh-3969
 2016-07-14 10:50:49 -04:00
Eddú Meléndez
13b0ddb7e6 Fix test assertions 2016-07-07 13:29:00 -05:00
Rob Winch
e4c13e3c0e Add MvcRequestMatcher 
Fixes gh-3964
 2016-07-06 15:47:23 -05:00
Rob Winch
c935d857eb Add mvc namespace to XmlApplicationContext 2016-07-01 22:04:55 -05:00
Rob Winch
bd5f71bb0d Polish 
Fix checkstyle for LDAP JavaConfig Authority mapping

Issue gh-2768
 2016-06-21 17:08:37 -05:00
Tony Dalbrekt
b76e3be822 LDAP Java Config supports GrantedAuthoritiesMapper 
Fixes gh-2768
 2016-06-21 16:43:13 -05:00
Eddú Meléndez
a2ead4cf7a Polish 
Fixes gh-3892
 2016-06-20 12:35:43 -05:00
Rob Winch
fa1c484587 AuthenticationConfiguration.getAuthenticationManager() supports recursion 
AuthenticationConfiguration.getAuthenticationManager() now supports
recursion. This is necessary in instances where something using
@EnableGlobalAuthentication requires an object using method level security.

Fixes gh-3935
 2016-06-17 14:02:36 -05:00
Rob Winch
7fe0a135ec Default AntPathRequestMatcher to be case sensitive 
Issue gh-3831
 2016-04-20 13:29:18 -05:00