Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,496 Commits 34 Branches 334 Tags 115 MiB
Commit Graph

15496 Commits

Author SHA1 Message Date
Josh Cummings 530d6e748f
Merge branch '6.2.x' 2024-04-17 16:32:48 -06:00
Josh Cummings 05b9375227
Update to OAuth2 OIDC SDK 9.43.4 
Issue gh-14920
 2024-04-17 16:24:48 -06:00
Josh Cummings 3de5767059
Update to Nimbus 9.37.3 
Closes gh-14836
 2024-04-17 16:22:40 -06:00
Josh Cummings 4c44de7db2
Update What's New in 6.3 
Closes gh-14918
 2024-04-17 10:13:49 -06:00
Josh Cummings 8dd28b797a
Update to BouncyCastle 1.78 
Closes gh-14910
 2024-04-15 15:32:08 -06:00
github-actions[bot] 3ae446e08b Next development version 2024-04-15 17:36:36 +00:00
github-actions[bot] 58f66a97a9 Next development version 2024-04-15 15:50:46 +00:00
github-actions[bot] acc96f10be Release 6.2.4 2024-04-15 15:20:29 +00:00
github-actions[bot] 52ce49bf1d Release 6.3.0-RC1 2024-04-15 15:20:24 +00:00
github-actions[bot] 2ed013858a Merge branch '6.1.x' into 6.2.x 2024-04-15 04:06:08 +00:00
github-actions[bot] bf478d91ce Merge branch '6.2.x' 2024-04-15 04:06:08 +00:00
dependabot[bot] c74f6bdac4 Bump org.slf4j:slf4j-api from 2.0.12 to 2.0.13 
Bumps org.slf4j:slf4j-api from 2.0.12 to 2.0.13.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-14 21:05:20 -07:00
github-actions[bot] d6acb6cae2 Merge branch '6.2.x' 2024-04-15 03:49:24 +00:00
dependabot[bot] 82e8817c95 Bump org.slf4j:slf4j-api from 2.0.12 to 2.0.13 
Bumps org.slf4j:slf4j-api from 2.0.12 to 2.0.13.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-14 20:48:36 -07:00
github-actions[bot] 7366fe550f Merge branch '6.2.x' 2024-04-15 03:41:05 +00:00
dependabot[bot] e80ef2df6c Bump org.springframework.data:spring-data-bom from 2023.1.4 to 2023.1.5 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2023.1.4 to 2023.1.5.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2023.1.4...2023.1.5)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-14 20:40:15 -07:00
dependabot[bot] 8dfaf50177 Bump org.slf4j:slf4j-api from 2.0.12 to 2.0.13 
Bumps org.slf4j:slf4j-api from 2.0.12 to 2.0.13.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-14 20:20:01 -07:00
dependabot[bot] 0cd02b599a Bump ch.qos.logback:logback-classic from 1.5.4 to 1.5.5 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.4 to 1.5.5.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.4...v_1.5.5)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-14 20:17:49 -07:00
Marcus Hert Da Coregio 2fbbcc4bd0 Polish Method Authorization Denied Handling 
- Renamed @AuthorizationDeniedHandler to @HandleAuthorizationDenied
- Merged the post processor interface into MethodAuthorizationDeniedHandler , it now has two methods handleDeniedInvocation and handleDeniedInvocationResult
- @HandleAuthorizationDenied now handles AuthorizationDeniedException thrown from the method

Issue gh-14601
 2024-04-12 15:55:25 -03:00
Marcus Hert Da Coregio 14da8f4fc8 Upgrade to Spring Data Bom 2024.0.0-RC1 
Closes gh-14901
 2024-04-12 14:20:32 -03:00
Sarvajith Adyanthaya b5c9ba6c1c
Update Documentation about Kotlin Coroutine Support 
Closes gh-14646
 2024-04-12 11:29:38 -05:00
Steve Riesenberg fd891d8fe3
Add proxyBeanMethods=false 
Addresses too early creation warning of a configuration imported by
ReactiveOAuth2ClientConfiguration.

Closes gh-14900
 2024-04-12 11:17:41 -05:00
github-actions[bot] 0c56c54c55 Merge branch '6.2.x' 2024-04-12 04:15:02 +00:00
dependabot[bot] 8065e2b308 Bump org.springframework:spring-framework-bom from 6.1.5 to 6.1.6 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.5 to 6.1.6.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.5...v6.1.6)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 21:14:13 -07:00
github-actions[bot] f3396f8f7e Merge branch '6.2.x' 2024-04-12 04:11:11 +00:00
dependabot[bot] 5dd86473a3 Bump org.springframework.ldap:spring-ldap-core from 3.2.2 to 3.2.3 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.2...3.2.3)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 21:10:15 -07:00
github-actions[bot] e87e04d2d1 Merge branch '6.2.x' 2024-04-12 03:39:04 +00:00
github-actions[bot] b2f7603e6d Merge branch '6.1.x' into 6.2.x 2024-04-12 03:39:04 +00:00
dependabot[bot] a55c5c1d0d Bump org.springframework:spring-framework-bom from 6.0.18 to 6.0.19 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.0.18 to 6.0.19.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.0.18...v6.0.19)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 20:38:19 -07:00
dependabot[bot] 72543c53c6 Bump org.springframework:spring-framework-bom from 6.1.5 to 6.1.6 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.5 to 6.1.6.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.5...v6.1.6)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 20:32:58 -07:00
dependabot[bot] dc4a8b4409 Bump org.springframework.ldap:spring-ldap-core from 3.2.2 to 3.2.3 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.2...3.2.3)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 20:28:43 -07:00
github-actions[bot] c5fefd4dec Merge branch '6.1.x' into 6.2.x 2024-04-12 03:27:23 +00:00
github-actions[bot] 8a7ae7a7f9 Merge branch '5.8.x' into 6.1.x 2024-04-12 03:27:23 +00:00
github-actions[bot] ab1817fa42 Merge branch '6.2.x' 2024-04-12 03:27:23 +00:00
dependabot[bot] a608352689 Bump org.springframework:spring-framework-bom from 5.3.33 to 5.3.34 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.33 to 5.3.34.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.33...v5.3.34)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 20:26:39 -07:00
Josh Cummings 933ef67637
Polish AuthorizationDeniedException Handling 
Issue gh-14600
 2024-04-11 14:30:00 -06:00
Josh Cummings b1b84f9b8a
Revert "Support overriding RestOperations in OidcIdTokenDecoderFactory" 
This reverts commit 9c352c4b4b.

Issue gh-14178
 2024-04-11 14:29:59 -06:00
Josh Cummings 5a50bfccac
Revert "Support overriding WebClient in ReactiveOidcIdTokenDecoderFactory" 
This reverts commit 0041c658de.

Issue gh-14178
 2024-04-11 14:29:59 -06:00
Joe Grandja 9a7f1aa4d9 Add ClientAuthenticationMethod constants tls_client_auth and self_signed_tls_client_auth 
Closes gh-14889
 2024-04-11 15:15:11 -04:00
Joe Grandja 644cfa9f87 Add Jwt validator for the X509Certificate thumbprint claim 
Closes gh-10538
 2024-04-11 12:35:52 -04:00
Josh Cummings 2d24e09665
Polish link about SpEL beans 2024-04-10 16:38:10 -06:00
Josh Cummings 50b85aea0d Handle SpEL AuthorizationDeniedExceptions 
Closes gh-14600
 2024-04-10 15:36:23 -07:00
Marcus Hert Da Coregio 61eba00654 Move HaveIBeenPwnedRestApiPasswordChecker to spring-security-web 
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.

Issue gh-7395
 2024-04-10 14:58:01 -03:00
DingHao f689f3c3fc Fix continueOnError default value in java doc 
Closes gh-14870
 2024-04-10 13:28:06 -03:00
Marcus Hert Da Coregio f4712069d7 Allow customization of redirect strategy in CasAuthenticationEntrypoint 
Closes gh-14881
 2024-04-10 13:25:47 -03:00
github-actions[bot] 1fbfaa14d1 Merge branch '6.2.x' 2024-04-10 04:21:45 +00:00
github-actions[bot] ce2b9f5c90 Merge branch '6.1.x' into 6.2.x 2024-04-10 04:21:44 +00:00
github-actions[bot] 0c20b14542 Merge branch '5.8.x' into 6.1.x 2024-04-10 04:21:44 +00:00
dependabot[bot] c3dbbb2d01 Bump io.projectreactor:reactor-bom from 2020.0.42 to 2020.0.43 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.42 to 2020.0.43.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.42...2020.0.43)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-09 21:20:55 -07:00
github-actions[bot] 8e84111467 Merge branch '6.2.x' 2024-04-10 04:05:50 +00:00