1144 Commits

Author SHA1 Message Date
Josh Cummings
39e84013f7
ClearSiteDataHeaderWriter Directives
Fixes gh-7347
2019-09-03 15:57:10 -06:00
Eleftheria Stein
ad0d3e9702 Polish remember me username check 2019-09-03 11:48:46 -04:00
Scott Murphy
26ae590c68 Check that userdetails for username exists. 2019-09-03 11:48:46 -04:00
kostya05983
f6c650db47
Replace Streams with Loops
First version of replacing streams

fix wwwAuthenticate and codestyle

fix errors in implementation to pass tests

Fix review notes

Remove uneccessary final to align with cb

Short circuit way to authorize

Simplify error message, make code readably

Return error while duplicate key found

Delete check for duplicate, checkstyle issues

Return duplicate error

Fixes gh-7154
2019-09-02 15:30:48 -06:00
Lars Grefer
95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
watsta
2c2e8e5f24 Remove internal Optional usage in favor of null checks
Issue gh-7155
2019-08-26 09:27:40 -04:00
Lars Grefer
34dd5fea30 Remove redundant throws clauses
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
Daniel Wegener
1a233a58c7 Add OnCommittedResponseWrapper.setContentLengthLong
Add setContentLengthLong tracking to OnCommittedResponseWrapper in
order to detect commits on servlets that use setContentLengthLong to
announce the entity size they are about to write (as used in the
Apache Tomcat's DefaultServlet).

Fixes gh-7261
2019-08-19 21:14:41 -04:00
Eleftheria Stein
4bc231872f Expire as many sessions as exceed maximum allowed
Fixes: gh-7166
2019-08-15 09:48:42 -05:00
Josh Cummings
9735a718cc
Remove MultiTenantAuthenticationManagerResolver
Fixes gh-7259
2019-08-14 11:14:47 -06:00
Rob Winch
c1db1aad91
Cleanup Code Style Issues
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
Lars Grefer
ec6ca97226 Fix tests 2019-08-11 21:09:10 +02:00
Lars Grefer
ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer
38de737663 Java 8: Statement lambda can be replaced with expression lambda 2019-08-09 16:59:07 -05:00
Lars Grefer
7b2a7847e5 Java 8: Single Map method can be used 2019-08-09 16:59:07 -05:00
Lars Grefer
25c06be1eb Java 7: Identical 'catch' branches in 'try' statement 2019-08-09 16:59:07 -05:00
Lars Grefer
578d628774 'Collection.toArray()' call style 2019-08-09 16:57:31 -05:00
Lars Grefer
b388976ac8 fix checkstyle 2019-08-09 02:46:20 +02:00
Lars Grefer
35bdf1f009 Unnecessary semicolon 2019-08-09 00:43:13 +02:00
Lars Grefer
d9c1f03b84 Unnecessary interface modifier 2019-08-09 00:42:35 +02:00
Lars Grefer
40bee457f9 Unnecessary enum modifier 2019-08-09 00:42:07 +02:00
Lars Grefer
8d0ca14e55 Unnecessary conversion to String 2019-08-09 00:41:46 +02:00
Lars Grefer
fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer
05f42a4995 Remove unused imports 2019-08-08 14:22:31 -04:00
Lars Grefer
2056834432 Cleanup unnecessary unboxing
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
2019-08-06 10:17:38 -04:00
Lars Grefer
2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00
Filip Hanik
2055466ad7 Add Javadoc 2019-08-05 19:43:00 -04:00
Filip Hanik
ddf68821cb Add RequestMatcher.matcher(HttpServletRequest)
Step 3 - Usage of RequestVariablesExtractor or types that are assigned
to AntPathRequestMatcher should be replaced with the new method.

[closes ]
2019-08-05 19:43:00 -04:00
Eddú Meléndez
496579dde2 Add match result for servlet requests
Fixes gh-7148
2019-08-05 19:43:00 -04:00
Josh Cummings
774a2e669c
Polish setAllowedHostnames
Added JavaDoc to method, including @since attribute

Issue gh-4310
2019-08-03 19:19:44 -06:00
Eddú Meléndez
f712c5598c Add support for allowedHostnames in StrictHttpFirewall
Introduce a new method `setAllowedHostnames` which perform the validation
against untrusted hostnames.

Fixes gh-4310
2019-08-03 21:16:45 -04:00
Khy
a5cfd9fdb9 Downgrade AuthenticationFilter modifier
Fixes gh-7177
2019-08-03 21:14:33 -04:00
Lars Grefer
776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Rob Winch
ad2f999c25 Polish BasicAuthenticationConverter
This reverts to the old behavior from BasicAuthenticationFilter.
Specifically, if a token has an empty password, it still parses a username
and an empty String password.

Issue gh-7025
2019-08-02 09:04:55 -05:00
Josh Cummings
d157125c8e
Polish AuthenticationFilter
Updated member variable references to be prefixed with "this.".
Fixed typo in authentication manager resolver error message.

Issue: gh-6506
2019-08-01 16:26:54 -06:00
Eddú Meléndez
50adb6abcb Fix javadoc 2019-07-31 15:36:30 -04:00
Eleftheria Stein
0b4502b2c5 Remove exceptions from lambda security configuration
Fixes: gh-7128
2019-07-30 08:31:37 -05:00
Eleftheria Stein
b55322b2cb Make basic authentication scheme case-insensitive
Fixes: gh-7163
2019-07-29 16:30:03 -04:00
sbespalov
f1187bdfc2 issue/6506: AuthenticationConverter implementation 2019-07-23 17:31:21 -05:00
Clement Ng
ab6440db10 Throws exception when passed IP address with too long mask
Fixes gh-2790
2019-07-19 06:25:58 -04:00
Rob Winch
ea54d9014d
DSL nested builder for HTTP security
DSL nested builder for HTTP security

Fixes gh-5557
2019-07-12 16:09:19 -05:00
Lars Grefer
3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer
c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Eleftheria Stein
758397f102 Allow configuration of headers through nested builder
Issue: gh-5557
2019-07-09 15:35:37 -04:00
Lars Grefer
43737a56bd Use foreach where possible 2019-07-09 06:11:45 -06:00
Bruno Studer
8016a193b9
Optimize IpAddressMatcher
Get rid of byte array allocation in matcher and small optimizations
2019-07-03 23:27:12 -06:00
Lars Grefer
4b0fb19fff Use MessageDigest.isEqual() where possible
fixes 
2019-07-03 05:40:20 -06:00
Lars Grefer
400e0c83b0 Add missing nullability annotation 2019-06-27 14:54:14 -05:00
Josh Cummings
f5da63118e Add MultiTenantAuthenticationManagerResolver
A class with a number of handy request-based implementations of
AuthenticationManagerResolver targeted at common multi-tenancy
scenarios.

Fixes: gh-6976
2019-06-25 17:21:38 -06:00
Bagyoni Attila
878d262a26 Reimplement some hashCodes according to the currently recommended pattern.
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
2019-06-18 12:44:57 -06:00