a7bf8f7cc6
Require Locale argument for toLower/toUpperCase usage
2024-11-18 04:03:07 -05:00
a0e6c17512
Do not log exception if CasJackson2Module is not present
...
Closes gh-15749
2024-09-09 08:32:40 -03:00
2c9dc08e43
Merge branch '5.7.x' into 5.8.x
...
Closes gh-14664
2024-03-18 06:40:34 -03:00
5a7f12f1a9
Check for null Authentication
...
Closes gh-14715
2024-03-18 06:39:08 -03:00
8f42c86a57
Use AuthorizationInterceptorsOrder for Post Authorize Method Interceptors
...
Closes gh-14720
2024-03-12 10:17:45 -03:00
be11812fe4
Account for Super-super-interface Inheritance
...
Closes gh-13625
2023-12-09 11:41:02 -07:00
a7da9491d9
Use assertj assertions
2023-11-17 09:03:36 -03:00
11a21896dd
Defer SecurityContextHolderStrategy Lookup
...
Due to how early method interceptors are loaded during startup
it's reasonable to consider scenarios where applications are
changing the global security context holder strategy during
startup.
Closes gh-12877
2023-11-07 12:36:16 -07:00
64e2a2ff8b
Apply updated Code Style
...
Closes gh-13881
2023-09-29 11:44:32 -03:00
05ef215b88
Align Formatting
...
Issue gh-13132
2023-05-11 11:42:51 -06:00
9669747245
Ignore synthetic methods when checking for duplicate annotations
...
Closes gh-13132
2023-05-11 11:42:51 -06:00
9244989b2e
Fix allOf/anyOf Abstain Logic
...
Closes gh-13069
2023-04-24 15:36:17 -06:00
54117d7d27
Fix test suffix to align with checkstyle
2023-04-14 13:29:15 -03:00
16dcfd1cfe
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12982
2023-04-10 11:25:01 -05:00
c69df9fba0
Fix javadoc typo in ReactiveAuthorizationManager
...
Closes gh-12978
2023-04-10 11:24:49 -05:00
ebabcaa51a
Merge branch '5.7.x' into 5.8.x
2023-03-03 15:02:07 -07:00
094bf1b527
Validate hasRole Input
...
There are no check for role prefix in AuthorizeHttpRequestsConfigurer#XXXrole
methods. This PR adds check for the same. Now the configuration
will fail if role/s start with prefix for hasRole and hasAnyRole methods.
Closes #12581
2023-03-03 15:00:34 -07:00
36d83f863a
Fix Javadoc since tag for class ExpressionAuthorizationDecision
...
Closes gh-12411
2022-12-19 10:44:36 -03:00
68a344d238
Merge branch '5.7.x' into 5.8.x
2022-11-30 14:18:59 -07:00
e23c1cf7a7
Merge branch '5.6.x' into 5.7.x
2022-11-30 14:18:12 -07:00
14a48ea939
Fix formatting
...
Issue gh-12143
2022-11-29 20:15:13 -07:00
709de43e89
Fix typo in JavaDoc
...
Closes gh-12143
2022-11-29 20:15:12 -07:00
a3d278380e
Add Polish localization to error messages from ExceptionTranslationFilter
2022-11-14 18:06:02 -07:00
c75ca10900
Add DeferredSecurityContext
...
Issue gh-12023
2022-10-17 19:33:58 -05:00
8d096554f8
Add AuthorizationEvent
...
Closes gh-11972
2022-10-10 12:28:57 -06:00
f054505d6d
Support Deferred Contexts
...
Closes gh-11817
Issue gh-10913
2022-09-30 16:49:47 -06:00
c1d27612af
Simplify AuthorizationManager composition
...
Closes gh-11625
2022-09-20 16:24:45 -06:00
3f8503f1b4
Deprecate AccessDecisionManager et al
...
Closes gh-11302
2022-09-20 16:09:59 -06:00
0f58620643
Add AspectJ AuthorizationManager Support
...
Closes gh-11326
2022-08-26 15:59:08 -06:00
e990174c89
Polish ReactiveMethodSecurity Support
...
- Changed annotation property to useAuthorizationManager
to match related XML support
- Moved support found in bean post-processors back into
interceptors directly. This reduces the number of components to
maintain and simplifies ongoing support
- Added @Deprecated annotation to indicate that applications
should use AuthorizationManagerBeforeReactiveMethodInterceptor and
AuthorizationManagerAfterReactiveMethodInterceptor instead. While
true that the new support does not support coroutines, the existing
coroutine support is problematic since it cannot be reliably paired
with other method interceptors
- Moved expression handler configuration to the constructors
- Constrain all method security interceptors to require publisher types
- Use ReactiveAdapter to check for single-value types as well
Issue gh-9401
Polish
2022-08-25 14:36:03 -06:00
6fd23d2567
Add MockMethodInvocation Constructor
...
Issue gh-9401
2022-08-25 14:36:02 -06:00
cbb4f40f0c
ReactiveAuthorizationManager + Reactive Method Security
...
Closes gh-9401
2022-08-25 14:35:04 -06:00
2fb625db84
Remove mockito deprecations
...
Issue gh-11748
2022-08-23 15:59:52 -05:00
400cd60368
Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer
...
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous
Closes gh-11360
2022-07-14 12:48:39 -06:00
db25a37320
Consolidate ExpressionAuthorizationDecision
...
Issue gh-11493
2022-07-13 17:58:16 -06:00
281814a955
Add MethodExpressionAuthorizationManager
...
Closes gh-11493
2022-07-13 17:58:16 -06:00
51475e2583
Polish InterceptMethodsBeanDefinitionDecorator
...
Issue gh-11328
2022-07-13 17:57:38 -06:00
38cb6c3172
Use SecurityContextHolderStrategy for Context Propagation
...
Issue gh-11060
2022-06-30 11:18:07 -06:00
ee66850aed
Add SecurityContextHolderStrategy for Jaas
...
Issue gh-11060
Issue gh-11061
2022-06-28 09:26:05 -06:00
52d8e10ace
Use SecurityContextHolderStrategy for Database Support
...
Issue gh-11060
2022-06-28 09:08:42 -06:00
25c74896d1
Add SecurityContextHolderStrategy to Method Security
...
Issue gh-11060
2022-06-27 13:02:59 -06:00
d32f74d19d
SecurityContextHolder Deferred SecurityContext
...
Closes gh-10913
2022-06-17 17:03:19 -05:00
31e25b115e
Add SecurityContextHolderStrategy to Default Components
...
Issue gh-11060
2022-06-17 11:28:10 -06:00
4c2401a576
Revert "Make source code compatible with JDK 8"
...
This reverts commit 60ed3602f6
2022-06-02 19:24:42 +02:00
d557d2d0eb
Add RoleHierarchy to AuthorityAuthorizationManager
...
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.
Closes gh-11304
2022-06-01 08:28:16 -06:00
362f15534e
createEvaluationContext should defer lookup of Authentication
...
- Added createEvaluationContext method that accepts Supplier<Authentication>
- Refactored classes that use EvaluationContext to use lazy initialization of Authentication
Closes gh-9667
2022-05-18 17:34:14 -06:00
3f861f7f20
Polish gh-11188
2022-05-12 16:20:43 -05:00
e01b1e7f38
Polish gh-11188
2022-05-12 16:19:48 -05:00
9f669c5e3c
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager
...
Closes gh-11188
2022-05-09 16:05:04 -06:00
89019fb340
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager
...
Closes gh-11188
2022-05-09 16:03:25 -06:00
Joe Grandja
Marcus Hert Da Coregio
Josh Cummings
Florian Cramer
Rob Winch
Yuanhang Guo
bist
Guillaume Husta
Junsung Cho
Kacper Piasta
Steve Riesenberg
Evgeniy Cheban