ee6df1701b
Polish SessionManagementConfigurer
2020-01-31 11:24:36 -07:00
cb9fd09150
Change AuthenticationWebFilter's constructor
...
Fixes gh-7872
2020-01-31 09:31:28 -07:00
a512789a93
Fix requiresAuthenticationMatcher not being used
...
The custom server requiresAuthenticationMatcher was not always picked up
Fixes: gh-7863
2020-01-27 16:12:27 +01:00
29377545d9
Fix authenticationFailureHandler not being used
...
The custom server authenticationFailureHandler was not always picked up
Fixes: gh-7782
2020-01-27 13:10:03 +01:00
bdc60a9128
Don't cache requests with `Accept: text/event-stream` by default.
...
The eventstream requests is typically not directly invoked by the browser.
And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..
2020-01-17 10:42:16 -08:00
f1f158b37e
AuthenticationEventPublisher DSL Lookup
...
Fixes gh-4400
2020-01-14 12:07:46 -07:00
5579846263
AuthenticationEventPublisher Bean Lookup
...
Issue gh-7793
Fixes gh-7515
2020-01-14 12:07:46 -07:00
fc9b97c94a
Typo in doc
2020-01-14 08:32:26 -07:00
f0856c83a9
Migrate LDAP integration tests groovy->java
...
This commit also removes BaseSpringSpec
Issue: gh-4939
2020-01-13 14:18:25 +01:00
a35ce77451
Add missing PowerMockIgnore annotation
...
WebSecurityConfigurerAdapterPowermockTests needs to exclude
javax.xml.transform.* from Powermock configuration.
2020-01-09 15:48:08 -07:00
ba21c156dd
Polish WebSecurityConfigurerAdapter tests
...
Moved Powermock-dependent test over to
WebSecurityConfigurerAdapterPowermockTests.
2020-01-09 13:51:19 -07:00
fcc6457bef
Unlock dependencies for next development version
...
This reverts commit 93acf8f0f1
2020-01-08 22:15:17 +01:00
93acf8f0f1
Lock dependencies for 5.3.0.M1
2020-01-08 19:41:10 +01:00
de87675f6d
Add JwtIssuerAuthenticationManagerResolver
...
Fixes gh-7724
2020-01-07 23:30:42 -07:00
2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security
...
Issue: gh-5558
2020-01-07 12:08:43 -05:00
65981444f1
Use Version Ranges
...
Fixes gh-7788
2020-01-06 14:46:48 -06:00
06d7443946
Use Gradle platform and constraints
...
This was largely generated from the following script
wget bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy
2020-01-06 14:46:36 -06:00
924b9e95a1
Polish MethodSecurityEvaluationContext
...
Issue: gh-6224
2020-01-03 20:08:52 -05:00
8b8267e1fe
Fix typo in LDAP Javadoc
2020-01-02 10:58:44 -05:00
b4619f31ee
Fix return type
...
AbstractConfiguredSecurityBuilder.objectPostProcessor() should cast to
B, the type of SecurityBuilder, instead of O, the type of object being
built.
Without this change, calls like
http.objectPostProcessor(...).getFilters() will fail with a
ClassCastException.
2019-12-30 12:01:56 -07:00
2c7f2c2117
Fix Javadoc error in oauth2ResourceServer
...
Fixes: gh-7670
2019-12-27 14:24:46 +01:00
af415948b1
Allow configuration of AuthenticationManagerResolver in saml2Login()
...
Fixes gh-7654
https://github.com/spring-projects/spring-security/issues/7654
2019-12-17 13:34:27 -08:00
9aa333ca4d
Use the custom ServerRequestCache that the user configures
...
on for the default authentication entry point and authentication
success handler
Fixes gh-7721
https://github.com/spring-projects/spring-security/issues/7721
Set RequestCache on the Oauth2LoginSpec default authentication success handler
import static ReflectionTestUtils.getField
Feedback incorporated per
https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359
2019-12-17 13:33:56 -08:00
02f161aba7
Use OidcIdToken.Builder
...
Issue gh-7592
2019-12-12 07:37:15 -07:00
c40a17b4d1
WebFlux oauth2Login() redirects on failed authentication
...
Fixes gh-5562 gh-6484
2019-12-05 16:50:43 -05:00
d8d59e97ac
Correctly configure authorization requests repository for OAuth2 login
...
To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and
OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is
correctly configured, but the latter always uses default, WebSession based repository. So authorization code created
before redirect to authorization endpoint will never be found to complete OAuth2 login when custom
ServerAuthorizationRequestRepository is used.
This change also makes OAuth2Client and OAuth2Login authentication converters consistent.
Fixes gh-7675
2019-11-29 12:05:15 -05:00
b7cb93f671
Fix WebFlux logout disabling
...
Fixes: gh-7682
2019-11-28 14:40:25 +01:00
c38e57fa42
Fix class and variable names
2019-11-28 09:23:38 +01:00
8ebc7ca0ea
Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc
2019-11-28 09:23:38 +01:00
8a95e5798d
Update @MessageMapping to match input/output cardinality
2019-11-22 15:07:38 -06:00
cd0bec48de
Fix typo in log message.
2019-11-21 15:55:27 -07:00
0d35194b47
Add sessionFixation Javadoc
2019-11-15 12:17:05 +01:00
ca8877c8c5
Updates javadoc for InitializeUserDetailsBeanManagerConfigurer
2019-11-13 10:34:10 +01:00
1188a3bb5f
Polish RememberMeConfigurer
...
Issue: gh-4140
2019-11-07 15:26:59 +01:00
b13f750646
Retrieve remember-me key from service as fallback
...
Fixes: gh-4140
2019-11-07 13:55:39 +01:00
9f6a36444a
Add missing schemas
2019-11-06 08:24:20 -06:00
925bf48ec0
Polish OAuth2ResourceServerConfigurerTests
...
To confirm that resource server only produces SCOPE_<scope>
authorities by default.
Issue gh-7596
2019-11-04 11:39:54 -07:00
0cafcf37e2
Make the loginProcessingUrl configurable for saml2Login()
...
Fixes gh-7565
https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
5f17032ffd
Restore Removed Throws Clauses
...
In a recent clean-up, certain exceptions were removed from various
throws clauses.
This PR re-introduces throws clauses that are important for one of the
following reasons:
1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.
Fixes gh-7541
2019-10-30 12:13:54 -06:00
635f7e1edd
CsrfWebFilter supports multipart/form-data
...
Fixes gh-7576
2019-10-28 14:06:10 -05:00
0ac5f5456f
Fix typo 'is' -> 'if' in javadoc
2019-10-25 13:27:11 -06:00
de7cbc82b5
Clarify in Javadoc that expressionHandler should not be null
...
Fixes: gh-2665
2019-10-23 15:10:39 -04:00
3051a79188
Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
2019-09-30 14:33:41 -05:00
a911f3d52f
Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-30 14:14:59 -05:00
3854afad61
Merge Add denyAll method in AuthorizePayloadsSpec.Access
2019-09-30 14:05:42 -05:00
758af54796
ObjectPostProcessor Tests groovy->java
...
Issue gh-4939
2019-09-27 16:36:33 -06:00
a08be5bf6f
UrlAuthorizationsTests groovy->java
...
Issue gh-4939
2019-09-27 16:23:33 -06:00
870d83eb3e
PermitAllSupportTests groovy->java
...
Issue gh-4939
2019-09-27 16:23:33 -06:00
350bce761f
Add hasAuthority method to RSocketSecurity
...
Fixes gh-7435
2019-09-27 16:48:25 -05:00
5f905232cb
Polish CurrentSecurityContextArgumentResolvers
...
Fixes gh-7487
2019-09-27 13:19:08 -06:00
5ef6e7ed6f
Add author for SecurityReactorContextConfiguration
...
Issue gh-7422
2019-09-27 15:17:20 -04:00
0fea57d6a1
Optimize SecurityReactorContextConfiguration
...
Issue gh-7422
2019-09-27 14:46:39 -04:00
33ba292fed
Resource Server w/ SecurityReactorContextSubscriber
...
Fixes gh-7423
2019-09-27 11:01:04 -06:00
5a67971375
WebFluxSecurityConfiguration configures oauth2Client() by default
...
Fixes gh-7470
2019-09-27 10:04:19 -04:00
08d2c93713
Polish gh-7466
2019-09-26 22:11:53 -04:00
9bae0a4dbd
Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec
...
Fixes gh-7466
2019-09-26 17:19:32 -04:00
2a5bd6e719
Align Servlet ExchangeFilterFunction CoreSubscriber
...
Fixes gh-7422
2019-09-26 16:17:17 -04:00
d3b7a47ef8
Polish gh-4442
2019-09-25 21:37:31 -04:00
da9f027fa4
Add nonce to OIDC Authentication Request
...
Fixes gh-4442
2019-09-25 14:57:54 -04:00
ceab56f764
Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION
...
Fixes gh-7434
2019-09-24 15:39:25 -05:00
9f18c2e21a
OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri
...
Fixes gh-7036
2019-09-24 11:07:36 -04:00
98e75eb51a
Fix Javadoc for anonymous
2019-09-23 11:06:28 -04:00
00f8991fac
Merge Remove Redudant Throws
...
Fixes gh-7301
2019-09-19 11:04:53 -05:00
3a66191756
Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
...
See Fixes gh-7437
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
2019-09-18 21:17:09 -05:00
034b5e9e93
Introduce LogoutSuccessEvent
...
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.
By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.
This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.
Fixes gh-2900
2019-09-18 10:57:16 -05:00
9926ad68b8
add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-18 07:59:20 -05:00
daf6b53e3a
Add denyAll method in AuthorizePayloadsSpec.Access
...
See gh-7437
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
2019-09-17 20:17:10 -05:00
05caf3d8fb
Use Jwt.Builder
...
Fixes gh-7443
2019-09-16 14:00:25 -06:00
1176d0cfdb
Polish DefaultFilters,Issue55Tests
...
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code
Issue gh-4939
2019-09-16 13:56:17 -06:00
950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java
...
Issue gh-4939
2019-09-16 13:37:22 -06:00
101e0a21a8
Bearer WebClient Filter Authentication Propagation
...
Fixes: gh-7418
2019-09-11 16:27:21 +01:00
96d44cd4b7
Add Default RSocketSecurity
...
Fixes gh-7361
2019-09-09 16:10:55 -05:00
5d0815bc76
Allow RSocketMessageHandlerITests to timeout
...
Fixes gh-7415
2019-09-09 16:10:50 -05:00
6296e6e896
RSocketSecurity delegates to correct matcher
...
Fixes gh-7414
2019-09-09 16:09:23 -05:00
1b699a49fb
Polish RSocket packaging
...
Fixes gh-7413
2019-09-09 16:07:14 -05:00
aa533c2565
Add missing javadoc to session fixation
2019-09-06 16:33:51 -04:00
316380e622
Allow Custom PayloadInterceptor to be Added
...
Fixes gh-7362
2019-09-06 14:52:47 -05:00
a60446836b
OAuth2AuthorizeRequest supports attributes
...
Fixes gh-7341
2019-09-05 21:04:25 -04:00
08d50868c9
Merge pull request #7260 from fhanik/feature/saml2-sp-mvp
...
Add SAML Service Provider Support
2019-09-05 17:04:14 -07:00
e9a44bc0ce
HttpSecurity.saml2login() - MVP Core Code
...
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
2019-09-05 14:40:08 -07:00
9639962e27
Fix RSocket Package Tangle
...
Issue gh-7360
2019-09-05 16:27:57 -05:00
7ad641d106
RSocket Tests use Available Port
...
Issue gh-7360
2019-09-05 09:16:07 -05:00
26a65249f9
Remove invalid characters
2019-09-05 04:32:34 -06:00
5a4eded696
Add RSocket Support
...
Fixes gh-7360
2019-09-04 19:24:01 -05:00
dcd997ea43
Add support for Resource Owner Password Credentials grant
...
Fixes gh-6003
2019-09-04 14:07:45 -04:00
de672e3ae9
Polish oauth2ResourceServer() Error Messaging
...
Fixes: gh-6876
2019-09-04 11:49:22 -06:00
1fc5b27fa2
Update LogoutConfigurerClearSiteData Tests
...
Issue gh-7347
2019-09-04 03:30:37 -06:00
068f4f0147
Polish Opaque Token
...
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.
Fixes gh-7344
Fixes gh-7345
2019-09-03 15:58:05 -06:00
8773c7994f
Allow to set default securityContextRepository for each authentication mechanisms
...
Fixes gh-7249
2019-09-03 07:46:59 -06:00
f6c650db47
Replace Streams with Loops
...
First version of replacing streams
fix wwwAuthenticate and codestyle
fix errors in implementation to pass tests
Fix review notes
Remove uneccessary final to align with cb
Short circuit way to authorize
Simplify error message, make code readably
Return error while duplicate key found
Delete check for duplicate, checkstyle issues
Return duplicate error
Fixes gh-7154
2019-09-02 15:30:48 -06:00
d6d0d89ff8
NamespaceRememberMeTests groovy->java
...
Issue gh-4939
2019-09-02 13:08:21 -06:00
bf5b693549
NamespaceHttpOpenIDLoginTests groovy->java
...
Issue gh-4939
2019-08-30 15:54:43 -06:00
95511331fa
fix checkstyle
2019-08-26 22:42:26 +02:00
2c2e8e5f24
Remove internal Optional usage in favor of null checks
...
Issue gh-7155
2019-08-26 09:27:40 -04:00
34dd5fea30
Remove redundant throws clauses
...
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
46756d2e6b
Introduce Reactive OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-7116
2019-08-21 14:12:38 -04:00
9876b66f99
Polish GlobalMethodSecurityConfiguration
...
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
2019-08-17 16:35:30 -06:00
71444ff5dc
RequestCache ignores multipart requests
...
Fixes gh-7060
2019-08-15 09:21:41 -05:00
08ea2348d6
Polish RequestCache ignores multipart requests
2019-08-15 09:20:45 -05:00
1ab05dae02
added test
2019-08-14 21:35:34 +02:00
abc90280e0
Add unbounid support in xml
...
Add unbounid support in xml
Fixes gh-6011
2019-08-14 10:05:49 -05:00
cb4f3d2f44
Use UTF-8 for Java sources and XML
2019-08-14 08:47:00 -05:00
2e63def05b
Add tests
2019-08-14 00:56:26 -05:00
93142f3e30
Remove unboundid dependency
2019-08-13 20:39:25 -05:00
c03fb701ce
Improve logic to pick embedded server
2019-08-13 20:36:46 -05:00
3511c0ea4f
Update xsd
2019-08-13 20:17:51 -05:00
4ed197e515
Rename OAuth2TokenIntrospectionClient
...
Renamed to OpaqueTokenIntrospector
Fixes gh-7245
2019-08-12 18:05:28 -04:00
c1db1aad91
Cleanup Code Style Issues
...
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
9b2af944fa
Add unbounid support in xml
...
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.
Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.
Fixes gh-6011
2019-08-10 19:07:45 -05:00
0410bac559
Add support for oauth2Login().securityContextRepository(...)
...
Fixes gh-7222
2019-08-10 15:56:20 -04:00
ff1070df36
remove redundant modifiers found by checkstyle
2019-08-10 00:18:56 +02:00
bbefc491b2
unused imports
2019-08-09 16:59:07 -05:00
38de737663
Java 8: Statement lambda can be replaced with expression lambda
2019-08-09 16:59:07 -05:00
3a5d8ba696
Java 8: Collections.sort() can be replaced with List.sort()
2019-08-09 16:59:07 -05:00
91c846756e
Java 5: Unnecessary Boxing
2019-08-09 16:59:07 -05:00
578d628774
'Collection.toArray()' call style
2019-08-09 16:57:31 -05:00
40bee457f9
Unnecessary enum modifier
2019-08-09 00:42:07 +02:00
eddcd1622f
Type parameter extends Object
...
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
2019-08-09 00:40:13 +02:00
fb39d9c255
Anonymous type can be replaced with lambda
2019-08-08 17:09:09 -04:00
05f42a4995
Remove unused imports
2019-08-08 14:22:31 -04:00
65f6025cef
Polish OAuth2LoginConfigurer
...
Improve way of accessing ApplicationContext to ensure backward
compatibility.
Issue gh-7232
2019-08-07 13:25:38 -06:00
a00ad37168
OAuth2LoginConfigurer UserService Beans
...
Fixes gh-7232
2019-08-07 10:58:23 -06:00
f5cd0ec302
Use try-with-resources instead of try-finally
2019-08-06 15:33:04 -05:00
2056834432
Cleanup unnecessary unboxing
...
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
2019-08-06 10:17:38 -04:00
2306d987e9
Cleanup unnecessary boxing
2019-08-06 10:17:38 -04:00
2c836a171a
Add authenticationFailureHandler method in OAuth2LoginSpec
...
Allow to customize the failure handler.
Fixes gh-7051
2019-08-05 14:09:11 -05:00
776a4c3760
Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers
2019-08-03 12:28:37 -04:00
50adb6abcb
Fix javadoc
2019-07-31 15:36:30 -04:00
e88c5c0eee
Fix CSRF session authentication strategy since version
2019-07-31 07:45:51 -05:00
0591403dea
ignore Multipart requests in HttpSessionRequestCache.requestMatcher
2019-07-31 12:17:55 +02:00
0b4502b2c5
Remove exceptions from lambda security configuration
...
Fixes: gh-7128
2019-07-30 08:31:37 -05:00
c05b0765c1
Introduce OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-6845
2019-07-25 11:12:54 -04:00
7e845409f1
Fix Javadoc for headers configurer methods
...
Fixes: gh-7123
2019-07-24 09:11:44 -04:00
a288ce4b00
Support nested builder in DSL for reactive apps
...
Fixes: gh-7107
2019-07-23 15:57:10 -05:00
d5e5ac0503
Add JavaDoc to reactive oauth2ResourceServer
2019-07-18 10:48:47 -04:00
fbf6d22343
Add JavaDoc to reactive oauth2Login
2019-07-18 08:49:08 -04:00
e8dd1325fd
Fixed misleading OAuth2 error messages
...
Error messages sent by BearerTokenAccessDeniedHandler included
information about the scopes of the rejected token instead of
the scopes required by the resource.
* Removal of token scopes from error_description attribute.
* Removal of scope attribute from WWW-Authenticate response header.
Fixes gh-7089
2019-07-18 07:01:33 -04:00
b153d92b23
Fix JavaDoc for formLogin in ServerHttpSecurity
2019-07-18 06:23:04 -04:00
09e8ae42ed
Allow configuration of SessionAuthenticationStrategy for CSRF
...
Closes gh-5300
2019-07-16 07:47:13 -05:00
ea54d9014d
DSL nested builder for HTTP security
...
DSL nested builder for HTTP security
Fixes gh-5557
2019-07-12 16:09:19 -05:00
7961b819aa
Allow configuration of session fixation and concurrency through nested builder
...
Issue: gh-5557
2019-07-12 13:53:55 -04:00
28855e9cd6
Changed docs to reflect that init should apply configurers
2019-07-10 11:54:56 -05:00
3ea9d376b2
Cleanup explicit type arguments
2019-07-10 09:32:41 -05:00
c5b5cc507c
Cleanup redundant type casts
2019-07-10 09:31:09 -05:00
4b2539df10
Allow configuration of oauth2 resource server through nested builder
...
Issue: gh-5557
2019-07-09 16:11:26 -04:00
415760838f
Allow configuration of oauth2 client through nested builder
...
Issue: gh-5557
2019-07-09 16:03:46 -04:00
e47389e60b
Allow configuration of oauth2 login through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
bf1bbd14e9
Allow configuration of openid login through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
c3dad06ea6
Allow configuration of request matchers through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
1ad9f15e19
Allow configuration of requires channel through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
ae8e12f049
Allow configuration of anonymous through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
a5943fbafb
Allow configuration of servlet api through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
04e0dcfe61
Allow configuration of security context through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
81d3cf1e7b
Allow configuration of authorize requests through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
1445d1b012
Allow configuration of request cache through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
fcb119b94e
Allow configuration of remember me through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
ae9eb6f56b
Allow configuration of x509 through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
bfc9538da1
Allow configuration of jee through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
86f0f84740
Allow configuration of port mapper through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
6fbea88e1e
Allow configuration of session management through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
6fd515813c
Allow configuration of cors through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
a9a1f8ee53
Allow configuration of form login through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
758397f102
Allow configuration of headers through nested builder
...
Issue: gh-5557
2019-07-09 15:35:37 -04:00
6986cf3ef3
Allow configuration of csrf through nested builder
...
Issue: gh-5557
2019-07-09 10:14:18 -04:00
1a31376dda
Allow configuration of exception handling through nested builder
...
Issue: gh-5557
2019-07-09 10:14:18 -04:00
92314b0956
Allow configuration of logout through nested builder
...
Issue: gh-5557
2019-07-09 10:14:18 -04:00
d66d895e60
Migrate ServletApiConfigurerTests groovy->java
...
Issue: gh-4939
2019-07-04 12:14:49 -04:00
491da9db03
Added OAuth2TokenAttributes to wrap attributes
...
To simplify access to OAuth 2.0 token attributes
Fixes gh-6498
2019-07-02 07:45:56 -06:00
ee8182dceb
NamespaceSessionManagementTests groovy->java
...
Issue: gh-4939
2019-07-02 07:34:36 -06:00
7782e29a58
Allow custom ReactiveAuthenticationManager for basic and form auth
...
Prior to this change, "HttpBasicSpec#authenticationManager" and
"FormLoginSpec#authenticationManager" were always overridden by
"ServerHttpSecurity#authenticationManager".
This commit makes sure override only happens when custom authentication
manager was not specified.
Fixes: gh-5660
2019-06-28 11:04:21 -05:00
39ba1006ba
Migrate FormLoginConfigurerSpec groovy->java
...
Issue: gh-4939
2019-06-27 11:53:32 -04:00
3c240d0ce3
Migrate DefaultLoginPageConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-24 10:38:20 -04:00
12da990b6b
Allow configuration of HTTP basic through nested builder
...
Issue: gh-5557
Fixes: gh-6885
2019-06-20 13:58:13 -05:00
6e76df8f1d
Revert OAuth2AuthorizationCodeGrantWebFilter works with /{action}/
...
Issue #5856
Commit 385bdfc055#5856 . Only the ServerWebExchangeMatcher for OAuth2LoginSpec is reverted.
Fixes gh-6890
2019-06-19 16:06:38 -04:00
06943d2d39
Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests
...
Issue #5915
Commit 93ca455405
2019-06-19 16:06:38 -04:00
f6ed1db702
Introduced ReactiveAuthenticationManagerResolver
...
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
2019-06-13 08:52:19 -06:00
759e47ba84
Migrate OpenIDLoginConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-12 15:23:47 -04:00
e6ace0891f
Migrate X509ConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-11 17:31:53 -04:00
6ad46da426
Migrate ExpressionUrlAuthorizationConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-11 15:46:37 -04:00
56b716d9f7
Migrate SessionManagementConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-11 09:24:42 -04:00
1ec040e554
Disable bean proxying in configuration classes
...
Fixes gh-6967
2019-06-10 20:40:06 -05:00
371a3b9c7f
Migrate CorsConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-10 16:36:38 -04:00
c4dd800653
Merge pull request #6944 from eleftherias/gh-4939-channel-security-groovy-to-java
...
Migrate ChannelSecurityConfigurerTests groovy->java
2019-06-10 15:28:42 -04:00
b6e8997e95
Updates OAuth2ResourceServer configuration tests
...
Refactores collapsed imports
2019-06-07 11:56:03 -06:00
d285c6ab4c
Migrate JeeConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-07 12:05:25 -05:00
8e6db95048
Fix HttpSecurity Javadoc for jee() method
...
Fixes: gh-6958
2019-06-07 11:21:05 -05:00
fcd8a38f0b
Add success handler modification of OAuth2LoginSpec
...
Add the ability to modify the success handler used in OAuth2LoginSpec. The
default success handler remains unchanged.
Closes #6863
2019-06-05 13:25:34 -04:00
abe7da6b85
Migrate RememberMeConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-04 15:12:11 -05:00
06d3b60947
Replace bean method calls with injection
...
This is so that our configuration classes do not rely on CGLIB to proxy bean methods.
Fixes gh-6818
2019-06-03 15:45:28 -05:00
4f042a4ff1
Migrate ChannelSecurityConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-03 11:09:49 -04:00
be651d9d16
Migrate CsrfConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 13:18:55 -06:00
6148eef689
Migrate SecurityContextConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 12:07:28 -06:00
16b0d782f4
Migrate HeadersConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 11:57:01 -06:00
7806ac21aa
Migrate RequestMatcherConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 11:48:34 -06:00
9fe8949883
Add @transient to OAuth2IntrospectionAuthenticationToken
...
fixes gh-6829
2019-05-29 08:42:09 -06:00
e15922322e
Migrate LogoutConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-27 22:53:51 -06:00
d660084538
Migrate HttpBasicConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-23 09:24:58 -06:00
f5f965b6aa
Fix JavaDoc for defaultSuccessUrl
...
Fixes gh-3337
2019-05-17 10:50:30 -05:00
1ed9e3a1c6
Resource Server AuthenticationManager
...
Making the authentication manager for jwt() and opaqueToken()
configurable.
Fixes: gh-6832
Fixes: gh-6849
2019-05-07 17:04:51 -06:00
5aa50500cf
oauth2Login does not auto-redirect for XHR request
...
Fixes gh-6812
2019-05-02 16:04:09 -04:00
aef3f514fe
Set "rolePrefix" in ReactiveMethodSecurityConfiguration
...
Currently, `GrantedAuthorityDefaults` is not considered in
`ReactiveMethodSecurityConfiguration`.
This commit updates the configuration to be aware of
`GrantedAuthorityDefaults` and update `rolePrefix` when the bean is
available.
Also, use the same instance of `DefaultMethodSecurityExpressionHandler`
when constructing `ExpressionBasedAnnotationAttributeFactory`.
2019-05-02 10:46:27 -05:00
cf0c5f9026
Various NamespaceHttp*Tests groovy->java
...
Issue: gh-4939
2019-04-29 23:36:06 -06:00
b1195e7789
Opaque Token Intermediate Type
...
Introducing OAuth2TokenIntrospectionClient and also
ReactiveOAuth2TokenIntrospectionClient as configuration points.
The DSL looks in the application context for these types in the same
way it looks for JwtDecoder and ReactiveJwtDecoder, and exposes
similar configuration methods.
Fixes: gh-6632
2019-04-29 13:39:53 -06:00
9a67441507
Add x509 support for Reactive Security
...
[gh #5038 ]
2019-04-26 12:15:18 -05:00
5aacd0c955
Expose bean setters in @Configuration used by @EnableWebFluxSecurity
...
Fixes gh-6624
2019-04-23 11:46:09 -04:00
1c25fe26c9
Introduce Support for Reading RSA Keys
...
Fixes: gh-6494
2019-04-13 19:39:11 -06:00
570eb01733
review phase1
2019-04-13 19:22:44 -06:00
678e0b19e0
Introduce @CurrentSecurityContext for method arguments
2019-04-13 19:22:44 -06:00
21f7148e7a
Update filters documentation
...
Fixes: gh-5553
2019-04-13 19:21:10 -06:00
7e8aadeb96
Multi-tenancy for Resource Server
...
Fixes: gh-5351
2019-03-29 15:00:48 -06:00
4e9c37b1ae
Manual URL Cleanup
2019-03-29 13:24:11 -04:00
3617fd257e
Introduced placeholder support for Headers tag attributes
...
Added the functionality to allow the disabled and defaults-disabled
attribute of <header> tag to accept a placeholder and resolve it during
parsing.
- Updated the spring-security .rnc files starting from 4.2 up to 5.2
with xsd:token type instead of boolean
- Added unit tests for headers.disabled and headers.defaults-disabled
attributes with placeholder
- Modified the HeadersBeanDefinitionParser to support resolving
placeholders
- Updated spring.schemas to point to latest spring-security-5.2.xsd
Fixes gh-6547
2019-03-21 17:25:48 -06:00
bfe1e6a154
OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> @Bean is discovered by OAuth2ClientConfiguration
...
Fixes gh-6572
2019-03-21 11:56:16 -04:00
3b89754926
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated:
([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html ) result ClosedChannelException).
* http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated:
([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html ) result SSLHandshakeException).
* http://cujojs.com/ (200) with 1 occurrences could not be migrated:
([https](https://cujojs.com/ ) result SSLHandshakeException).
* http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated:
([https](https://erik.eae.net/archives/2007/07/27/18.54.15/ ) result SSLHandshakeException).
* http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated:
([https](https://javascript.nwbox.com/IEContentLoaded/ ) result SSLHandshakeException).
* http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated:
([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html ) result SSLHandshakeException).
* http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated:
([https](https://monkeymachine.co.uk/ ) result SSLHandshakeException).
* http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated:
([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/ ) result SSLHandshakeException).
* http://somesite.com/login (200) with 3 occurrences could not be migrated:
([https](https://somesite.com/login ) result AnnotatedConnectException).
* http://someurl.com/ (200) with 2 occurrences could not be migrated:
([https](https://someurl.com/ ) result SSLHandshakeException).
* http://sscce.org/ (200) with 1 occurrences could not be migrated:
([https](https://sscce.org/ ) result SSLHandshakeException).
* http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated:
([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf ) result 404).
* http://www.example.com:80/ (200) with 1 occurrences could not be migrated:
([https](https://www.example.com:80/ ) result NotSslRecordException).
* http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/qa/rfcc-1940.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc1945.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc3548.html ) result AnnotatedConnectException).
* http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated:
([https](https://www.zytrax.com/books/ldap/ ) result AnnotatedConnectException).
* http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated:
([https](https://blindsignals.com/index.php/2009/07/jquery-delay/ ) result SSLHandshakeException).
* http://www.faqs.org/ (301) with 1 occurrences could not be migrated:
([https](https://www.faqs.org/ ) result AnnotatedConnectException).
* http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated:
([https](https://sam.zoy.org/wtfpl/ ) result SSLHandshakeException).
* http://hey.openid.com/ (302) with 1 occurrences could not be migrated:
([https](https://hey.openid.com/ ) result SSLHandshakeException).
* http://iharder.net/base64 (303) with 2 occurrences could not be migrated:
([https](https://iharder.net/base64 ) result AnnotatedConnectException).
* http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated:
([https](https://jaspan.com/improved_persistent_login_cookie_best_practice ) result AnnotatedConnectException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://www.relaxng.org/ (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org/ ) result SSLHandshakeException).
* http://www.relaxng.org (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org ) result SSLHandshakeException).
* http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to:
https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ) result ReadTimeoutException).
* http://foo.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://foo.test.com ) result SSLHandshakeException).
* http://abc.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://abc.test.com ) result SSLHandshakeException).
* http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to:
https://192.168.1:8080 ([https](https://192.168.1:8080 ) result ConnectTimeoutException).
* http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page ) result ConnectTimeoutException).
* http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to:
https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ) result ReadTimeoutException).
* http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/ ([https](https://axschema.org/ ) result UnknownHostException).
* http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder ) result UnknownHostException).
* http://default (UnknownHostException) with 12 occurrences migrated to:
https://default ([https](https://default ) result UnknownHostException).
* http://endpoint (UnknownHostException) with 4 occurrences migrated to:
https://endpoint ([https](https://endpoint ) result UnknownHostException).
* http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token ) result UnknownHostException).
* http://example.com¶m1=value1¶m2=value2 (UnknownHostException) with 1 occurrences migrated to:
https://example.com¶m1=value1¶m2=value2 ([https](https://example.com¶m1=value1¶m2=value2 ) result UnknownHostException).
* http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to:
https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah ) result UnknownHostException).
* http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder ) result UnknownHostException).
* http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to:
https://id.openid.zz ([https](https://id.openid.zz ) result UnknownHostException).
* http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token ) result UnknownHostException).
* http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/user ([https](https://invalid-provider.com/user ) result UnknownHostException).
* http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to:
https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json ) result UnknownHostException).
* http://issuer/certs (UnknownHostException) with 1 occurrences migrated to:
https://issuer/certs ([https](https://issuer/certs ) result UnknownHostException).
* http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/ ) result UnknownHostException).
* http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to:
https://joe.myopenid.com/ ([https](https://joe.myopenid.com/ ) result UnknownHostException).
* http://logout (UnknownHostException) with 2 occurrences migrated to:
https://logout ([https](https://logout ) result UnknownHostException).
* http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token ) result UnknownHostException).
* http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to:
https://openid.aol.com/ ([https](https://openid.aol.com/ ) result UnknownHostException).
* http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to:
https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server ) result UnknownHostException).
* http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue ) result UnknownHostException).
* http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to:
https://some.site.org/index.html ([https](https://some.site.org/index.html ) result UnknownHostException).
* http://something/ (UnknownHostException) with 1 occurrences migrated to:
https://something/ ([https](https://something/ ) result UnknownHostException).
* http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to:
https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0 ) result UnknownHostException).
* http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to:
https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select ) result UnknownHostException).
* http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to:
https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules ) result UnknownHostException).
* http://www.faqs (UnknownHostException) with 1 occurrences migrated to:
https://www.faqs ([https](https://www.faqs ) result UnknownHostException).
* http://www.test123.com (UnknownHostException) with 1 occurrences migrated to:
https://www.test123.com ([https](https://www.test123.com ) result UnknownHostException).
* http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 ) result 400).
* http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to:
https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ) result 404).
* http://example.com/auth (404) with 2 occurrences migrated to:
https://example.com/auth ([https](https://example.com/auth ) result 404).
* http://example.com/info (404) with 2 occurrences migrated to:
https://example.com/info ([https](https://example.com/info ) result 404).
* http://example.com/jwkset (404) with 2 occurrences migrated to:
https://example.com/jwkset ([https](https://example.com/jwkset ) result 404).
* http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id ) result 404).
* http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2 ) result 404).
* http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to:
https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d ) result 404).
* http://example.com/pkp-report (404) with 5 occurrences migrated to:
https://example.com/pkp-report ([https](https://example.com/pkp-report ) result 404).
* http://example.com/token (404) with 2 occurrences migrated to:
https://example.com/token ([https](https://example.com/token ) result 404).
* http://example.net/pkp-report (404) with 7 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to:
https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ) result 404).
* http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to:
https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js ) result 404).
* http://json.org/json2.js (404) with 1 occurrences migrated to:
https://json.org/json2.js ([https](https://json.org/json2.js ) result 404).
* http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to:
https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/ ) result 404).
* http://provider.com/user (302) with 2 occurrences migrated to:
https://provider.com/user ([https](https://provider.com/user ) result 404).
* http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to:
https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0 ) result 404).
* http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to:
https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello ) result 404).
* http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to:
https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ) result 404).
* http://www.example.com/identity (404) with 1 occurrences migrated to:
https://www.example.com/identity ([https](https://www.example.com/identity ) result 404).
* http://www.example.com/login/openid (404) with 2 occurrences migrated to:
https://www.example.com/login/openid ([https](https://www.example.com/login/openid ) result 404).
* http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld ) result 404).
* http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html ) result 404).
* http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar ) result 404).
* http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to:
https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html ) result 404).
* http://www.example.com/realm (404) with 1 occurrences migrated to:
https://www.example.com/realm ([https](https://www.example.com/realm ) result 404).
* http://www.example.com/redirect (404) with 1 occurrences migrated to:
https://www.example.com/redirect ([https](https://www.example.com/redirect ) result 404).
* http://www.example.org/do/something (404) with 4 occurrences migrated to:
https://www.example.org/do/something ([https](https://www.example.org/do/something ) result 404).
* http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to:
https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ) result 404).
* http://www.json.org/json2.js (404) with 1 occurrences migrated to:
https://www.json.org/json2.js ([https](https://www.json.org/json2.js ) result 404).
* http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to:
https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to:
https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ) result 200).
* http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282 ) result 200).
* http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359 ) result 200).
* http://claimid.com/ with 2 occurrences migrated to:
https://claimid.com/ ([https](https://claimid.com/ ) result 200).
* http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to:
https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ) result 200).
* http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ) result 200).
* http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ) result 200).
* http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ) result 200).
* http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ) result 200).
* http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ) result 200).
* http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to:
https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking ) result 200).
* http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting ) result 200).
* http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep ) result 200).
* http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to:
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ) result 200).
* http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ) result 200).
* http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack ) result 200).
* http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern ) result 200).
* http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record ) result 200).
* http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy ) result 200).
* http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to:
https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation ) result 200).
* http://example.com with 8 occurrences migrated to:
https://example.com ([https](https://example.com ) result 200).
* http://example.com/ with 1 occurrences migrated to:
https://example.com/ ([https](https://example.com/ ) result 200).
* http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to:
https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ) result 200).
* http://flywaydb.org/ with 1 occurrences migrated to:
https://flywaydb.org/ ([https](https://flywaydb.org/ ) result 200).
* http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to:
https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css ) result 200).
* http://gradle.org with 1 occurrences migrated to:
https://gradle.org ([https](https://gradle.org ) result 200).
* http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to:
https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ) result 200).
* http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to:
https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ) result 200).
* http://jquery.com/ with 1 occurrences migrated to:
https://jquery.com/ ([https](https://jquery.com/ ) result 200).
* http://knockoutjs.com/ with 1 occurrences migrated to:
https://knockoutjs.com/ ([https](https://knockoutjs.com/ ) result 200).
* http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to:
https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools ) result 200).
* http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to:
https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ) result 200).
* http://openid.net with 1 occurrences migrated to:
https://openid.net ([https](https://openid.net ) result 200).
* http://openid.net/ with 1 occurrences migrated to:
https://openid.net/ ([https](https://openid.net/ ) result 200).
* http://openid.net/certification/ with 4 occurrences migrated to:
https://openid.net/certification/ ([https](https://openid.net/certification/ ) result 200).
* http://openid.net/connect/ with 4 occurrences migrated to:
https://openid.net/connect/ ([https](https://openid.net/connect/ ) result 200).
* http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to:
https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to:
https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to:
https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html ) result 200).
* http://sizzlejs.com/ with 2 occurrences migrated to:
https://sizzlejs.com/ ([https](https://sizzlejs.com/ ) result 200).
* http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to:
https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ) result 200).
* http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ ) result 200).
* http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ ) result 200).
* http://spring.io/projects with 1 occurrences migrated to:
https://spring.io/projects ([https](https://spring.io/projects ) result 200).
* http://spring.io/services with 1 occurrences migrated to:
https://spring.io/services ([https](https://spring.io/services ) result 200).
* http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to:
https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security ) result 200).
* http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to:
https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ) result 200).
* http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to:
https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797 ) result 200).
* http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to:
https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469 ) result 200).
* http://vimeo.com/34436402 with 1 occurrences migrated to:
https://vimeo.com/34436402 ([https](https://vimeo.com/34436402 ) result 200).
* http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to:
https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ) result 200).
* http://www.ja-sig.org/cas (301) with 1 occurrences migrated to:
https://www.apereo.org ([https](https://www.ja-sig.org/cas ) result 200).
* http://ehcache.sourceforge.net (301) with 2 occurrences migrated to:
https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net ) result 200).
* http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to:
https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ) result 200).
* http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to:
https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt ) result 200).
* http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to:
https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt ) result 200).
* http://www.liquibase.org/ with 1 occurrences migrated to:
https://www.liquibase.org/ ([https](https://www.liquibase.org/ ) result 200).
* http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to:
https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.test.com with 9 occurrences migrated to:
https://www.test.com ([https](https://www.test.com ) result 200).
* http://www.thymeleaf.org with 25 occurrences migrated to:
https://www.thymeleaf.org ([https](https://www.thymeleaf.org ) result 200).
* http://www.thymeleaf.org/ with 3 occurrences migrated to:
https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/ ) result 200).
* http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to:
https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ) result 200).
* http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to:
https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ) result 200).
* http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to:
https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ) result 200).
* http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to:
https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ) result 200).
* http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to:
https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html ) result 200).
* http://www.w3.org/TR/selectors/ with 3 occurrences migrated to:
https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/ ) result 200).
* http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to:
https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU ) result 200).
* http://api.jquery.com/jQuery.browser with 1 occurrences migrated to:
https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ) result 301).
* http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ) result 301).
* http://code.google.com/p/openid-selector/ with 3 occurrences migrated to:
https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/ ) result 301).
* http://contributor-covenant.org with 1 occurrences migrated to:
https://contributor-covenant.org ([https](https://contributor-covenant.org ) result 301).
* http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to:
https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/ ) result 301).
* http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to:
https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/ ) result 301).
* http://docs.spring.io with 1 occurrences migrated to:
https://docs.spring.io ([https](https://docs.spring.io ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ) result 301).
* http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to:
https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ) result 301).
* http://help.github.com/set-up-git-redirect with 1 occurrences migrated to:
https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect ) result 301).
* http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to:
https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ) result 301).
* http://jquery.org/license with 1 occurrences migrated to:
https://jquery.org/license ([https](https://jquery.org/license ) result 301).
* http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647 ) result 301).
* http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941 ) result 301).
* http://openid.net/get/ with 2 occurrences migrated to:
https://openid.net/get/ ([https](https://openid.net/get/ ) result 301).
* http://openid.net/what/ with 2 occurrences migrated to:
https://openid.net/what/ ([https](https://openid.net/what/ ) result 301).
* http://technorati.com/people/technorati/ with 2 occurrences migrated to:
https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/ ) result 301).
* http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to:
https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html ) result 301).
* http://www.jasig.org/cas with 1 occurrences migrated to:
https://www.jasig.org/cas ([https](https://www.jasig.org/cas ) result 301).
* http://www.modernizr.com/ with 1 occurrences migrated to:
https://www.modernizr.com/ ([https](https://www.modernizr.com/ ) result 301).
* http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to:
https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php ) result 301).
* http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to:
https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads ) result 301).
* http://www.springframework.org/security with 1 occurrences migrated to:
https://www.springframework.org/security ([https](https://www.springframework.org/security ) result 301).
* http://www.springsource.com/ with 2 occurrences migrated to:
https://www.springsource.com/ ([https](https://www.springsource.com/ ) result 301).
* http://www.springsource.org with 1 occurrences migrated to:
https://www.springsource.org ([https](https://www.springsource.org ) result 301).
* http://www.springsource.org/sts with 1 occurrences migrated to:
https://www.springsource.org/sts ([https](https://www.springsource.org/sts ) result 301).
* http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to:
https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/ ) result 301).
* http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to:
https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/ ) result 301).
* http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to:
https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/ ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ) result 302).
* http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to:
https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ) result 302).
* http://example2.com with 3 occurrences migrated to:
https://example2.com ([https](https://example2.com ) result 302).
* http://flickr.com/ with 2 occurrences migrated to:
https://flickr.com/ ([https](https://flickr.com/ ) result 302).
* http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to:
https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html ) result 302).
* http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to:
https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ) result 302).
* http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
* http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ) result 302).
* http://spring.io/spring-security with 1 occurrences migrated to:
https://spring.io/spring-security ([https](https://spring.io/spring-security ) result 302).
* http://spring.io/spring-security/ with 2 occurrences migrated to:
https://spring.io/spring-security/ ([https](https://spring.io/spring-security/ ) result 302).
* http://spring.io/tools/sts with 1 occurrences migrated to:
https://spring.io/tools/sts ([https](https://spring.io/tools/sts ) result 302).
* http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to:
https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ) result 302).
* http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to:
https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html ) result 302).
* http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to:
https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ) result 302).
* http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to:
https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://java.sun.com/JSP/Page with 14 occurrences
* http://java.sun.com/jsp/jstl/core with 31 occurrences
* http://java.sun.com/jsp/jstl/fmt with 6 occurrences
* http://java.sun.com/jsp/jstl/functions with 1 occurrences
* http://java.sun.com/jstl/core with 1 occurrences
* http://java.sun.com/xml/ns/j2ee with 2 occurrences
* http://java.sun.com/xml/ns/javaee with 6 occurrences
* http://localhost with 20 occurrences
* http://localhost/ with 6 occurrences
* http://localhost/Test</value></property> with 1 occurrences
* http://localhost/appcontext/page with 1 occurrences
* http://localhost/authenticated with 1 occurrences
* http://localhost/authentication/login with 2 occurrences
* http://localhost/authorize/oauth2/code/registration-id with 3 occurrences
* http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences
* http://localhost/callback/client-1 with 1 occurrences
* http://localhost/callback/client-1?error=invalid_grant with 1 occurrences
* http://localhost/client-1 with 9 occurrences
* http://localhost/cookie with 1 occurrences
* http://localhost/cookie/delete with 1 occurrences
* http://localhost/custom-login with 1 occurrences
* http://localhost/custom-logout with 1 occurrences
* http://localhost/form-page with 1 occurrences
* http://localhost/iss with 1 occurrences
* http://localhost/issuer with 2 occurrences
* http://localhost/login with 38 occurrences
* http://localhost/login/oauth2/code/ with 4 occurrences
* http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences
* http://localhost/login/oauth2/code/registration-id with 3 occurrences
* http://localhost/login/oauth2/code/registration-id& with 2 occurrences
* http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences
* http://localhost/login/openid with 1 occurrences
* http://localhost/login2 with 1 occurrences
* http://localhost/loginPage with 2 occurrences
* http://localhost/logout with 1 occurrences
* http://localhost/messages with 4 occurrences
* http://localhost/oauth2/authorization/google with 1 occurrences
* http://localhost/openid-page with 1 occurrences
* http://localhost/saved-request with 1 occurrences
* http://localhost/secured with 2 occurrences
* http://localhost/signin with 1 occurrences
* http://localhost/some-url with 1 occurrences
* http://localhost/tosave with 1 occurrences
* http://localhost/user with 1 occurrences
* http://localhost:123456 with 3 occurrences
* http://localhost:1280/certs with 1 occurrences
* http://localhost:314 with 1 occurrences
* http://localhost:4080 with 1 occurrences
* http://localhost:543 with 1 occurrences
* http://localhost:8080 with 16 occurrences
* http://localhost:8080/ with 4 occurrences
* http://localhost:8080/SomeService with 1 occurrences
* http://localhost:8080/contacts with 1 occurrences
* http://localhost:8080/login/oauth2/code with 1 occurrences
* http://localhost:8080/login/oauth2/code/client-id with 2 occurrences
* http://localhost:8080/login/oauth2/code/facebook with 2 occurrences
* http://localhost:8080/login/oauth2/code/github with 2 occurrences
* http://localhost:8080/login/oauth2/code/google with 4 occurrences
* http://localhost:8080/login/oauth2/code/okta with 2 occurrences
* http://localhost:8080/path/page.html?query=string with 1 occurrences
* http://localhost:8080/sample/ with 15 occurrences
* http://localhost:8080/secure with 1 occurrences
* http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences
* http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences
* http://localhost:9080/protected with 2 occurrences
* http://localhost:9080/secured with 1 occurrences
* http://localhost:9080/unsecured with 1 occurrences
* http://localhost:9080/user with 1 occurrences
* http://test.com with 1 occurrences
* http://test.foobar.com with 1 occurrences
* http://testopenid.com?openid.return_to= with 1 occurrences
* http://www.springframework.org/schema/aop with 2 occurrences
* http://www.springframework.org/schema/beans with 8 occurrences
* http://www.springframework.org/schema/context with 2 occurrences
* http://www.springframework.org/schema/mvc with 2 occurrences
* http://www.springframework.org/schema/security with 45 occurrences
* http://www.springframework.org/schema/security/spring-security- with 1 occurrences
* http://www.springframework.org/schema/websocket with 2 occurrences
* http://www.springframework.org/security/tags with 17 occurrences
* http://www.springframework.org/tags with 12 occurrences
* http://www.springframework.org/tags/form with 14 occurrences
* http://www.w3.org/1999/XSL/Transform with 1 occurrences
* http://www.w3.org/1999/xhtml with 26 occurrences
* http://www.w3.org/2001/XMLSchema with 15 occurrences
* http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
2019-03-19 23:53:23 -05:00
e9de49efef
Polish URL Cleanup
...
Fixes: gh-6626
2019-03-19 19:04:51 -05:00
2bf126f4cf
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated:
([https](https://luke.taylor.openid.cn/ ) result SSLHandshakeException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/ ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://schema.openid.net/namePerson/friendly (UnknownHostException) with 1 occurrences migrated to:
https://schema.openid.net/namePerson/friendly ([https](https://schema.openid.net/namePerson/friendly ) result UnknownHostException).
* http://somehost/someUrl (UnknownHostException) with 1 occurrences migrated to:
https://somehost/someUrl ([https](https://somehost/someUrl ) result UnknownHostException).
* http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/ ) result UnknownHostException).
* http://example.net/pkp-report (404) with 1 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to:
https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ) result 404).
* http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to:
https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd ) result 404).
* http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to:
https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ) result 404).
* http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to:
https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://raykrueger.blogspot.com/ with 1 occurrences migrated to:
https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/ ) result 200).
* http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to:
https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects ) result 200).
* http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to:
https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ) result 200).
* http://www.springframework.org/dtd/spring-beans.dtd with 4 occurrences migrated to:
https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 5 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 20 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 267 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.2.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context.xsd with 6 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd ) result 200).
* http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ) result 200).
* http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 10 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security-2.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 266 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ) result 200).
* http://www.springframework.org/schema/tx/spring-tx.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util-3.0.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util.xsd with 4 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 6 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.headwaysoftware.com with 1 occurrences migrated to:
https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com ) result 301).
* http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to:
https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://appengine.google.com/ns/1.0 with 1 occurrences
* http://docbook.org/ns/docbook with 1 occurrences
* http://jakarta.apache.org/log4j/ with 1 occurrences
* http://java.sun.com/xml/ns/javaee with 22 occurrences
* http://www.springframework.org/schema/aop with 14 occurrences
* http://www.springframework.org/schema/beans with 576 occurrences
* http://www.springframework.org/schema/c with 6 occurrences
* http://www.springframework.org/schema/context with 18 occurrences
* http://www.springframework.org/schema/data/jpa with 2 occurrences
* http://www.springframework.org/schema/jdbc with 2 occurrences
* http://www.springframework.org/schema/mvc with 20 occurrences
* http://www.springframework.org/schema/p with 10 occurrences
* http://www.springframework.org/schema/security with 534 occurrences
* http://www.springframework.org/schema/tx with 10 occurrences
* http://www.springframework.org/schema/util with 16 occurrences
* http://www.springframework.org/schema/websocket with 12 occurrences
* http://www.w3.org/1999/xlink with 1 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 299 occurrences
2019-03-19 17:33:29 -05:00
a45df2c802
Move OIDC Reactive Packaging
2019-03-19 09:00:46 -06:00
8f5493acce
Move OIDC Servlet Packaging
2019-03-19 09:00:46 -06:00
fba31dfb6a
Reactive Oidc RP-Initiated Logout
...
Issue: gh-5350
2019-03-19 09:00:46 -06:00
248a8c030b
Support for OIDC RP-Initiated Logout
...
Fixes: gh-5350
2019-03-19 09:00:46 -06:00
9478abebd2
Internalize Nimbus JwtDecoder Builder
...
Issue: gh-6010
2019-03-18 12:32:44 -06:00
b93528138e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 15:46:20 -05:00
da0f969929
NamespaceExpressionHandlerTests groovy->java
...
Issue: gh-4939
2019-03-11 12:01:51 -06:00
9642d33a6b
NamespaceHttpX509Tests groovy->java
...
Fixes: gh-4939
2019-03-06 16:46:06 -07:00
ad9dc49d55
OAuth2LoginSpec discovers ReactiveOAuth2AccessTokenResponseClient @Bean
...
Fixes: gh-6477
2019-03-04 15:44:42 -05:00
82d527ed42
Add Support for Clear Site Data on Logout
...
Added an implementation of HeaderWriter for Clear-Site-Data HTTP
response header as welll as an implementation of LogoutHanlder
that accepts an implementation of HeaderWriter to write headers.
- Added ClearSiteDataHeaderWriter and HeaderWriterLogoutHandler
that implements HeaderWriter and LogoutHandler respectively
- Added unit tests for both implementations's behaviours
- Integration tests for HeaderWriterLogoutHandler that uses
ClearSiteDataHeaderWriter
- Updated the documentation to include link to
HeaderWriterLogoutHandler
Fixes gh-4187
2019-02-28 11:01:08 -07:00
2b960b074b
Polish Eager Header Config Tests
...
In the Java config tests, there is a simplified way to configure
Spring, and that is with SpringTestRule.
Also, test names typically follow the when-then convention.
Issue: gh-6501
2019-02-18 09:24:17 -07:00
ac13b55ecd
HeaderWriterFilter writes headers at beginning
...
Add support for HeaderWriterFilter to write headers at the beginning of the request
Fixes: gh-6501
2019-02-18 07:43:08 -07:00
fba25614bf
Reactive Opaque Token Support
...
Fixes: gh-6513
2019-02-15 15:59:25 -06:00
ef9c3e4771
Opaque Token Support
...
Fixes: gh-5200
2019-02-07 12:40:12 -07:00
594a169798
Introduce OAuth2AuthorizationRequest.attributes
...
Fixes gh-5940
2019-02-07 11:49:17 -05:00
5c2ee09bc3
Favor RestOperations in Resource Server Configurer
...
Also polished exposure of the JWK Set Uri for the tests where
MockWebServer is preferred.
Fixes: gh-6104
2019-01-29 15:43:09 -07:00
8e6bcc1c35
No RequestMatcher After AnyRequest
...
Don't allow any type of RequestMatchers
after any request by throwing IllegalStateException
Fixes: gh-6359
2019-01-25 11:14:33 -07:00
b581bb7eae
Add new configuration options for OAuth2LoginSpec
...
Fixes gh-5598
2019-01-24 10:37:52 -05:00
2e70d66063
Improve CsrfBeanDefinitionParser xml parsing
...
1. CsrfBeanDefinitionParser registers requestDataValueProcessor
if not already registered
2. Created Tests in CsrfBeanDefinitionParserTests
Fixes: gh-6423
2019-01-22 13:56:20 -06:00
ffe602fdbe
HTML markup fixed in DefaultLoginPageGeneratingFilter
...
Ending div moved out of condition.
Fixes: gh-6417
2019-01-22 13:20:35 -06:00
ca02d8a4f8
NamespaceLogoutTests groovy->java
...
Issue: gh-4939
2019-01-18 16:56:13 -07:00
e68b6f17de
NamespaceHttpBasicTests groovy->java
...
Issue: gh-4939
2019-01-18 15:41:26 -07:00
b7ed919cee
Add preload support to Strict-Transport-Security
...
1. Preload support in Servlet Security(XML & Java)
2. Preload support in Reactive Security
3. Test for preload support in Servlet Security
4. Test for preload support in Reactive Security
Fixes: gh-6312
2019-01-16 11:10:06 -06:00
d099a62a6f
hasRole should not be called on a string with "ROLE_" prefix ( #6353 )
...
Removed "ROLE_" from UrlAuthorizationConfigurer
This fixes IllegalArgumentException: ROLE_ANONYMOUS should not start
with ROLE_ since ROLE_
2019-01-15 08:59:34 -06:00
c94f13a971
Polish tests
2019-01-08 11:16:22 -06:00
1a02cafe81
NamespaceHttpAnonymousTests groovy->java
...
Issue: gh-4939
2019-01-07 15:04:26 -07:00
9b65107922
NamespaceDebugTests groovy->java
...
Issue: gh-4939
2019-01-04 17:53:31 -07:00
5f33bbe512
Removed isServlet30 check
2019-01-04 08:27:26 -07:00
6e1db1105b
Fixes typo in x,rnc files
...
1. Fixes type ammount to amount in *.rnc files
2. Regenerates *.xsd files from *.rnc files
Fixes: gh-6325
2019-01-02 11:17:02 -07:00
f289ef8689
Fixes Documentation Problem
...
Fixes documentation problem of Anonymous Authentication
in ServerHttpSecurity
Fixes: gh-6327
2019-01-02 11:13:18 -07:00
d77b12d229
authorization_uri Uses UriComponentsBuilder
...
Because of this, authorization_uri can now be a fully-qualified url.
Fixes: gh-5760
2018-12-21 13:23:47 -07:00
9c0d78da71
Extract OidcTokenValidator to an OAuth2TokenValidator
...
Fixes gh-5930
2018-12-21 11:06:40 -05:00
7a55af246e
Polish tests and javadoc
...
When using AssertJ, it's easy to commit the following error
assertThat(some boolean condition)
The above actually does nothing. It at least needs to be
assertThat(some boolean condition).isTrue()
This commit refines some assertions that were missing a verify
condition.
Also, one Javadoc was just a little bit confusing, so this
clarifies it.
Issue: gh-6259
2018-12-21 08:47:37 -07:00
086b105273
Remove Servlet 2.5 Support for Session Fixation
...
This commit removes existence validation of a method only available in Servlet 3.1.
Spring Framework baseline is Servlet 3.1 so is not longer required.
Fixes: gh-6259
2018-12-21 08:47:37 -07:00
James
Josh Cummings
Eleftheria Stein
Johannes Edmeier
Vincent Ricard
Rob Winch
BELHAKEL Ammar
Filip Hanik
Joe Grandja
Alexey Nesterov
Ruslan Stelmachenko
Pim Moerenhout
Paul Pazderski
Adrian Pena
邓超
Yanming Zhou
Vitalii Mahas
Luis Felipe Vega Calle
Roman Chigvintsev
Mark Heckler
Jesús Ascama
Ebert Toribio
Onur Kagan Ozcan
Manuel Tejeda
kostya05983
Eddú Meléndez
Lars Grefer
watsta
John Lin
Ahmed Sayed
Francesco Chicchiriccò
Sam Simmons
Édouard Hue
Michael Vitz
Clement Ng
Tadaya Tsuyukubo
Rafiullah Hamedy
Vishal Raj
Daniel Meier
Florian Aumeier
Alexey Nesterov
Dan Zheng
Denis Babochenko
Daniel Fritz
Spring Operator
Aanuoluwapo Otitoola
Ankur Pathak
Nick Bromfield
Mohammad Sadeq Dousti
Johnny Lim
Farooq Khan
Rafael Dominguez