Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 06:58:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,996 Commits 33 Branches 337 Tags
Commit Graph

2737 Commits

Author SHA1 Message Date
stonio
901a4e183a Update SecurityContextHolder.java 
Use StringUtils.hasText
 2017-03-01 23:54:04 -06:00
Rob Winch
b64cdb5765 Fix RoleHiearchyUtilsTests on Windows 
Fixes gh-4228
 2017-03-01 23:27:11 -06:00
Rob Winch
9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Spring Buildmaster
7a7ce11ebb Release version 4.2.1.RELEASE 2016-12-21 17:23:28 +00:00
Rob Winch
6bec625e68 Update to Spring 4.3.5.RELEASE 
Fixes gh-4167
 2016-12-21 09:04:16 -06:00
Spring Buildmaster
24fcb6c45a Release version 4.2.0.RELEASE 2016-11-09 23:42:11 +00:00
Rob Winch
a9024de734 Polish Spring Version Update 
Fix related tests.

Issue gh-4123
 2016-11-09 17:05:25 -06:00
Rob Winch
f97f38fd57 jacksonDatavindVersion->jacksonDatabindVersion 
Issue gh-4122
 2016-11-09 16:46:38 -06:00
Rob Winch
f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Spring Buildmaster
97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch
e62596f36d Polish PasswordEncoderUtils do not leak length 
Fix possible / 0 if expected is empty String.

Issue gh-255
 2016-10-24 12:50:46 -05:00
Rob Winch
d3685d89c5 Polish PasswordEncoderUtils do not leak length 
Issue gh-255
 2016-10-24 11:26:43 -05:00
avri-schneider
a98389fa98 PasswordEncoderUtils do not leak length 
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
 2016-10-24 11:26:34 -05:00
Rob Winch
dc9f9b140f Polish PasswordEncoderUtilsTests 
* Add more tests
* Smaller tests
* Follow new naming convention
 2016-10-24 11:24:24 -05:00
Rob Winch
f432c04111 Create UserBuilder 
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
 2016-10-21 16:42:03 -05:00
Rob Winch
08c1f500a7 Version bumps for Spring 5 
Issue gh-4080
 2016-10-17 17:00:17 -05:00
Jitendra Singh
48ff518a41 Fix Jackson 2.7+ 
UnmodifiableSetDeserializer added which will ensure
Collection$UnmodifiableSet deserialize properly with jackson-databind 2.7+

Fixes gh-4073
 2016-10-13 07:42:07 -05:00
Spring Buildmaster
c1b8150439 Release version 4.2.0.M1 2016-09-23 19:39:33 +00:00
Rob Winch
b443baef04 Polish GrantedAuthorityDefaults 
* Move GrantedAuthorityDefaults to config module
* Move setting of default role into config module vs
  ApplicationContextAware

Issue gh-3701
 2016-09-22 15:13:05 -05:00
Eddú Meléndez
eabeaf35d6 Make single definition of defaultRolePrefix and rolePrefix 
Previous to this commit, role prefix had to be set in every class
causing repetition. Now, bean `GrantedAuthorityDefaults` can be used to
define the role prefix in a single point.

Fixes gh-3701
 2016-09-21 14:55:41 -05:00
Joe Grandja
c75a5b7279 Polish RoleHierarchyUtils and add tests 2016-09-19 14:07:34 -04:00
Thomas Darimont
06c67070a6 Add convenience method for constructing RoleHierarchy from Map. 
Introduced `RoleHierarchyUtils` which enables convenient
construction of `RoleHierarchy` from map based representation.
Where the map key is the role name and the map value is a list
of implied role names.

Here is a small example for that in action:
https://gist.github.com/thomasdarimont/ee9fffdef1adb9243b12ad247478aad4

Fixes #3990.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
 2016-09-19 14:07:34 -04:00
Rob Winch
92a59e0df7 Fix checkstyle 
Issue gh-3736
 2016-09-02 12:02:39 -05:00
Rob Winch
8ad0003456 Polish Whitespace 
Issue gh-3736
 2016-09-02 11:37:21 -05:00
Rob Winch
3531cc93c2 JSON tests ObjectMapper Cleanup 
* Move to @Setup
* Consistently extend from AbstractMixinTests and reuse ObjectMapper

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
bd925313af Improve Readablility of JSON test strings 
This improves the readability of the JSON strings used for
testing JSON serialize / deserialize of Spring Security

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
d4c48dd3e1 Remove MockitoJUnitRunner from JSON tests 
Previously the JSON tests unnecessarily had MockitoJUnitRunner.

This commit removes MockitoJUnitRunner from the JSON tests.

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
df613ed4cc JSON UserDetails deserializes null 
JSON UserDetails null use to be treated as "".

This changes null to be treated as a null

Issue gh-3736
 2016-09-02 11:37:16 -05:00
Rob Winch
3fb77f3b59 Polish SecurityJacksonModules 
Issue gh-3736
* ClassLoader argument - this is required because we do not want to assume
the ClassLoader that should be used
* Clean up logging - logging is now at debug level because we don't expect
all of the modules are loaded (they are quite possibly off the ClassPath)
* Remove ObjectUtils as it was being used on methods that expect a
Collection or Array with non collection based objects
* Polish Javadoc warnings
 2016-09-02 11:37:13 -05:00
Rob Winch
c2d8ea92d0 SimpleGrantedAuthorityMixin role->authority 
Issue gh-3736
 2016-09-02 11:36:33 -05:00
Rob Winch
6f2b24a62b Polish JSON warnings / javadoc 
Issue gh-3736
 2016-09-02 11:36:23 -05:00
Rob Winch
6d2003722e Polish JSON class scope 
Use package scope when possible

Issue gh-3736
 2016-09-02 11:36:06 -05:00
Rob Winch
03d8904a03 Polish constructor assertions 
Previously the JSON modules didn't use Spring's Assert.

This commit changes the assertions to use Spring's Assert and does
some minor restructuring.

Issue gh-3736
 2016-09-02 11:34:57 -05:00
Jitendra Singh Bisht
d77ca17e95 Add JSON Serialization 
Fixes gh-3812
 2016-09-02 11:29:53 -05:00
Rob Winch
4d02a5c0a0 Update pom.xml dependencies 2016-08-30 11:27:29 -05:00
Rob Winch
53352e336d Polish gh-4048 2016-08-30 09:42:28 -05:00
vitalii-dmytruk
422bc37115 Suppurt custom messages 
According to the SpringSecurityMessageSource documentation class which uses
SpringSecurityMessageSource should also implement MessageSourceAware interface
in order to support alternative message source.

Issue gh-4048
 2016-08-30 09:41:37 -05:00
Rob Winch
c266930483 Update Dependency Versions (#4035) (#4036) 2016-08-19 16:10:46 -05:00
Kevin Conaway
d2a37cb1d6 Improve field visibility in DefaultMethodSecurityExpressionHandler 
Fixes gh-210
 2016-07-26 09:56:00 -04:00
Eddú Meléndez
13b0ddb7e6 Fix test assertions 2016-07-07 13:29:00 -05:00
Rob Winch
b4ab0483b1 Update version to 4.2.0.BUILD-SNAPSHOT 2016-07-07 12:56:20 -05:00
Spring Buildmaster
919f000c80 Release version 4.1.1.RELEASE 2016-07-07 00:57:35 +00:00
Johnny Lim
310bb39a0d Fix typo 2016-07-06 16:22:33 -05:00
Rob Winch
5f6312c5be Update to Spring 4.3.1 
Fixes gh-3963
 2016-07-06 15:47:44 -05:00
Rob Winch
843ed3e437 Update to Spring 4.3.1.BUILD-SNAPSHOT 2016-07-01 22:04:55 -05:00
Eddú Meléndez
a2ead4cf7a Polish 
Fixes gh-3892
 2016-06-20 12:35:43 -05:00
Rob Winch
d2b909e7c5 Doc InteractiveAuthenticationEvent doesn't extend AuthentcationEvent 
Document why InteractiveAuthenticationEvent doesn't extend
AuthentcationEvent. This is to avoid multiple AuthenticationSuccessEvent
from being sent to any listeners.

Fixes gh-3857
 2016-06-17 17:16:54 -05:00
Rob Winch
2d6051625f Update pom.xml 2016-06-17 14:30:11 -05:00
Spring Buildmaster
001b05569a Release version 4.1.0.RELEASE 2016-05-05 04:25:46 +00:00
Rob Winch
9745de9510 Add @AuthenticationPrincipal expression 
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.

Fixes gh-3859
 2016-05-03 18:08:52 -04:00