Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-08 22:44:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,246 Commits 50 Branches 370 Tags
Commit Graph

1368 Commits

Author SHA1 Message Date
arianna
3386e077e6 Fix typos in SAML 2.0 Documentation 
- Fix wrong docs link in Servlet - SAML2 Log In Overview
- Fix examples in Servlet - SAML2 Authentication Responses
- Fix examples in Servlet - SAML2 Logout

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
10490a7b92 Fix typos in OAuth 2.0 Resource Server 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
f1e742dfc5 Fix typos in Authorization Documentation 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
8e9480545e Fix issue reports 
Closes gh-18376

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
Josh Cummings
fc2fd63793
Merge branch '7.0.x' 2026-02-05 17:23:08 -07:00
Vincent Stradiot
075c48c0d8 Fix typo in documentation 
Signed-off-by: Vincent Stradiot <vincentstradiot@hotmail.com>
 2026-02-05 17:22:43 -07:00
Joe Grandja
517bc7cb65 Polish gh-18614 2026-02-05 15:32:47 -05:00
Elayne Bloom
a2d407518c Document ClientSettings 
Added documentation to describe the possible client configuration options when setting up an Oauth2 Authorization Server.

Closes gh-18614

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-05 15:32:46 -05:00
Joe Grandja
8f22fd4407 Merge branch '7.0.x' 2026-02-02 16:38:29 -05:00
Elayne Bloom
2c97b3376b Document Client PKCE settings 
Updated the documentation to reflect recent changes to enable PKCE by default for `authorization_code` flows in the documentation for the client.

Closes gh-18304

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-02 16:30:27 -05:00
Vyacheslav
e029b3ac6f Update authorize-http-requests.adoc 
Comma added for java configuration 

Signed-off-by: Vyacheslav <43342280+cmmttd@users.noreply.github.com>
 2026-02-02 11:48:07 -06:00
Josh Cummings
30d6b3a02b Merge branch '7.0.x' 2026-01-15 12:41:29 -07:00
Josh Cummings
1f39a3dd3e Merge branch '6.5.x' into 7.0.x 2026-01-15 12:41:22 -07:00
Josh Cummings
84b124d29d Merge branch '6.4.x' into 6.5.x 2026-01-15 12:41:16 -07:00
songhee
fee6a9bb0e docs: add CurrentSecurityContext section and link references 
Signed-off-by: songhee <songhee9327@gmail.com>
 2026-01-15 12:31:58 -07:00
Tran Ngoc Nhan
cfe13c7c76 Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-15 10:52:01 -07:00
Guillaume Husta
508b3f26e3 docs: Typo in page Preparing for 7.0 / Web (version 6.5) 
In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:35:26 -07:00
박기현\qkrrl
91d8a04ec2 Fix duplicated use-authorization-manager in docs 
Signed-off-by: 박기현\qkrrl <qkrrlgus114@naver.com>
 2026-01-14 14:21:38 -07:00
Robert Winch
63c99b9438
Revert "Update to 7.1.0-SNAPSHOT" 
This reverts commit b77ea8d3a3009940229239b4b442fe902acf4fba.
 2026-01-12 14:31:57 -06:00
Robert Winch
b77ea8d3a3 Update to 7.1.0-SNAPSHOT 2026-01-12 13:37:32 -06:00
Robert Winch
5a7d93ee3b
Merge branch '7.0.x' 
Closes gh-18471
 2026-01-09 16:55:02 -06:00
Fr05ty-hub
e9a92a8e9a Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but is referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Fr05ty-hub
ed774d3595 Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but was referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Robert Winch
3833650d33
Update to 7.1.0-SNAPSHOT 2026-01-09 10:32:03 -06:00
Robert Winch
2344fe5ebb Use proper xref syntax 
Incldue the required resource id and required # of the fragment.

See

- https://docs.antora.org/antora/latest/page/xref/#xref-macro
- https://docs.antora.org/antora/latest/page/resource-id-coordinates/#id-resource
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
ba18f681e5 Use xref anchor id 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
3d9bc6a5cf Update mfa.adoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Martin Boulais
1d8ea63a9e Fix typo in HTTP Basic Auth Provider documentation 
The documentation states that setting the header `X-Requested-By` will remove the `WWW-Authenticate` header from the response.
However, after testing this and reading the library code it looks like the header to set is `X-Requested-With` (X-Requested-By is mentioned nowhere except in this documentation file), so I propose this simple PR to fix this.

Signed-off-by: Martin Boulais <31805063+martinboulais@users.noreply.github.com>
 2026-01-08 13:59:34 -06:00
Tran Ngoc Nhan
79815e044e Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Josh Cummings
765abe534e Add Missing Migration Pages to Side Navigation 
Closes gh-18313
 2025-12-15 09:05:06 -07:00
Josh Cummings
afb0c59875 Add request-matcher XML Migration Steps 
Closes gh-18211
 2025-12-15 09:05:06 -07:00
kucoll
10edc14d7e Fix typo in AnnotationTemplateExpressionDefaults 
The AnnotationTemplateExpressionDeafults was wrong,and right is  AnnotationTemplateExpressionDefaults

Signed-off-by: kucoll <kucoll@163.com>
 2025-12-02 17:26:34 -06:00
kucoll
7503d8018d Fix typo in AnnotationTemplateExpressionDefaults 
The AnnotationTemplateExpressionDeafults was wrong,and right is  AnnotationTemplateExpressionDefaults

Signed-off-by: kucoll <kucoll@163.com>
 2025-12-02 17:22:12 -06:00
Guillaume Husta
1ce73dd45a docs: Fix example in Custom DSLs for http.csrf() 
It should use lambda dsl to compile

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2025-12-01 18:02:41 -06:00
Guillaume Husta
bb7fcb27ef docs: Fix example in MyCustomDsl to remove throws Exception 
In `init` and `configure`, throws Exception has been removed in the super interface `SecurityConfigurer`, since Spring Security 7.0.
This change is the consequence of https://github.com/spring-projects/spring-security/issues/17957

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2025-12-01 17:59:07 -06:00
sach429
19cbd9c570 Update OAuth2 Client to OAuth2 Resource Server 
Fix section title to match the corresponding example

Signed-off-by: sach429 <satrajit.acharya@gmail.com>
 2025-12-01 17:42:28 -06:00
L33gn21
b37c5584f9 Fix broken link to Spring Boot docs 
Signed-off-by: L33gn21 <l33gn21@gmail.com>
 2025-12-01 16:52:43 -06:00
Peter Potrowl
d84d0ca22e Fix typo in ldap.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:33:48 -06:00
Peter Potrowl
f1793f5047 Fix typo in passkeys.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:33:48 -06:00
Peter Potrowl
4b227649f0 Fix typo in ldap.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:28:47 -06:00
Peter Potrowl
cfc27f8cc3 Fix typo in passkeys.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:28:47 -06:00
Peter Potrowl
5baff27ffb
Fix typo in ldap.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:12:20 -06:00
Peter Potrowl
39aaf25b60
Fix typo in passkeys.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:12:20 -06:00
Joe Grandja
b130e728b7 Polish gh-18153 
Issue gh-18144
 2025-11-11 14:27:50 -05:00
Andrey Litvitski
e6db56ab4f Add a minimal authorization server configuration 
Closes gh-18144

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-11-11 14:27:36 -05:00
Joe Grandja
571bd60d82 Document OAuth 2.0 Protected Resource Metadata support 
Issue gh-17244
 2025-11-04 14:37:19 -05:00
Rob Winch
6471a32d66
Merge branch '6.5.x' 
Closes gh-18132
 2025-11-04 11:37:11 -06:00
Rob Winch
c1e9e10bf0
Merge branch '6.4.x' into 6.5.x 
Closes gh-18131
 2025-11-04 11:28:40 -06:00
Daniel Garnier-Moiroux
fed6df5167 Default WebAuthnConfigurer#rpName to rpId 
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:

> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.

Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-11-04 11:16:22 -06:00
Rob Winch
5213cc44fc
Merge branch '6.5.x' 2025-11-04 10:24:32 -06:00