Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,134 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1428 Commits

Author SHA1 Message Date
Derek Van Blerkom 2bdaa31f72 Fix return type to allow further security config 
Issue gh-10245
 2021-09-13 15:41:40 -03:00
/usr/local/ΕΨΗΕΛΩΝ 5b1221a846 Improve AuthenticationManagerBeanDefinitionParser XML parsing 
Closes gh-7282
 2021-06-28 13:21:35 +02:00
Eleftheria Stein 442c9cbf38 Disable default logout page when logout disabled 
Closes gh-9475
 2021-06-18 10:31:50 +02:00
Marcus Hert da Coregio e16b88c9d5 Fix Adding Filter Relative to Custom Filter 
Closes gh-9787
 2021-06-14 16:56:33 -03:00
Joe Grandja c8b6dc390d WebFlux httpBasic() matches on XHR requests 
Closes gh-9660
 2021-04-20 09:42:08 -04:00
Rob Winch 6c5e92fb0b Fix HttpSecurity.addFilter* Ordering 
Closes gh-9633
 2021-04-14 21:01:09 -05:00
Denis Washington d3af4f7354 Limit oauth2Login() links to redirect-based flows 
This prevents the generated login page from showing links for
authorization grant types like "client_credentials" which are
not redirect-based, and thus not meant for interactive use in
the browser.

Closes gh-9457
 2021-04-14 06:16:43 -04:00
Josh Cummings 87cc4d4519
Fix Test Configuration 
- Typo in PlaceholderConfig was causing Windows builds to
resolve the CLASSPATH environment variable

Closes gh-9421
 2021-02-10 11:36:44 -07:00
Josh Cummings 2985d805b0
Migrate SAML 2.0 Test and Docs to PCFOne 
Issue gh-9362
 2021-01-22 15:12:31 -07:00
Josh Cummings 93c37e6b15
Update Test Controllers 
Closes gh-9121
 2020-10-12 18:08:52 -06:00
Artem Grankin dec0368b39
Replace expired msdn link with latest web archive copy 
Initial link expired in March, 2016. Latest copy found in web archive is from February, 2016
 2020-09-28 17:15:45 -06:00
Josh Cummings 5d8bac1971
Polish WebSecurityConfigurerAdapter JavaDoc 
Issue gh-8784
 2020-07-20 15:23:43 -06:00
Romil Patel a55267f867
WebSecurityConfigurerAdapter JavaDoc 
Closes gh-8784
 2020-07-20 15:23:36 -06:00
Evgeniy Cheban eb90857d6e DefaultWebSecurityExpressionHandler uses RoleHierarchy bean 
Fixes gh-7059
 2020-06-10 16:56:15 -04:00
Joe Grandja 38c1e3ffa8 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException 
Issue gh-8609
 2020-06-09 15:27:32 -04:00
Eleftheria Stein 7a7707b899 Revert "Temporarily ignore RSocket integration tests" 
This reverts commit 8dd9cb2b33.

Fixes gh-8643
 2020-06-08 16:43:12 -04:00
Eleftheria Stein 8dd9cb2b33
Temporarily ignore RSocket integration tests 
Issue gh-8643
 2020-06-03 13:58:13 -06:00
Rob Winch cf142ef024 Delay AuthenticationPrincipalArgumentResolver Creation 
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
 2020-05-29 16:51:23 -05:00
Dávid Kovács a89e3d385f Add ROLE_INFRASTRUCTURE to infrastructure beans 
Closes gh-8407
 2020-04-27 09:02:33 -05:00
Rob Winch f6ddba8cd8 Logout defaults to use Global SecurityContextServerLogoutHandler 
Closes gh-8375
 2020-04-13 16:37:29 -05:00
Eleftheria Stein 2d71297b7e Fix HttpSecurity Javadoc 
Fixes gh-4404
 2020-04-02 11:40:07 -04:00
Rob Winch 0e6e2b2a21 Fix HttpServlet3RequestFactory Logout Handlers 
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.

This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.

Closes gh-4760
 2020-03-30 20:50:12 -05:00
Rob Winch f82d59a1e5 SpringTestContext returns ConfigurableWebApplicationContext 
Closes gh-8233
 2020-03-30 20:50:12 -05:00
Joe Grandja 0230827335 oauth2Login WebFlux does not auto-redirect for XHR request 
Fixes gh-8118
 2020-03-26 05:08:58 -04:00
Eleftheria Stein 699fed7f98 Fix rsocket test 
Request route that exists; add additional error message verification

Fixes gh-8154
 2020-03-20 08:39:43 -04:00
Erik van Paassen 82dbce47b1
Fix typo in Javadoc of HttpSecurity#csrf() 
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
 2020-03-17 13:35:28 -06:00
Markus Engelbrecht e6ad3d5508
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 11:00:18 -06:00
Josh Cummings c729fee7bc
Malformed Bearer Token Returns 401 for WebFlux 
Fixes gh-7668
 2020-03-03 15:42:02 -07:00
Joe Grandja c111099640 Polish client-registration xsd attributes 
Issue gh-4557
 2020-03-02 15:02:46 -05:00
Josh Cummings e97396b9c7 Add Resource Server XML Support 
Fixes gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings f1a2d69968 Add AuthenticationProvider List Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 34b40deb38 Add By-RequestMatcher Exception Handling 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 98a2ca3bbc Add Csrf Ignore Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 19584884b3
Register Authentication Provider in Init Phase 
Fixes gh-8031
 2020-02-28 15:32:27 -07:00
Filip Hanik 3257349045 Support POST binding for AuthNRequest 
Has been tested with

- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
 2020-02-28 09:15:26 -08:00
Rob Winch 727fee1e12 Polish HeaderWriterSpec 
Assert.notNull(Object,Supplier) is for when then message passed in
requires concatenation and avoids doing extra work. Since this does
not require concatenation, we can use Assert.notNull(Object,String)

Issue gh-7636
 2020-02-27 07:57:51 -06:00
Ankur Pathak 480c5bc87e Custom ServerHttpHeadersWriter to HeaderSpec 
Add the ability to have a custom ServerHttpHeadersWriter to HeaderSpec
Fixes gh-7636
 2020-02-27 07:55:30 -06:00
Eleftheria Stein 2fb3d3d5a2 Add hasRole to authorizeRequests in Kotlin DSL 
Fixes: gh-8023
 2020-02-25 08:29:26 -05:00
Joe Grandja 4cd89b584f Polish gh-5184 2020-02-20 21:25:17 -05:00
Joe Grandja 8a4ff4452b Add XML namespace support for oauth2-client 
Fixes gh-5184
 2020-02-20 20:05:48 -05:00
Eleftheria Stein 171e0d048f Fix typo in WebSecurityConfigurer Javadoc 
Fixes: gh-7876
 2020-02-14 11:00:45 +01:00
Joe Grandja ff8002eb2e Polish gh-4557 2020-02-12 15:47:57 -05:00
Ruby Hartono 71a5c9521c Add XML namespace support for oauth2-login 
Fixes gh-4557
 2020-02-12 15:26:17 -05:00
Joe Grandja 40c0a452d7 Define oauth2-login xsd elements 
Issue gh-4557
 2020-02-12 15:26:17 -05:00
Eleftheria Stein fde3ccb8b3 Add marker to make Kotlin DSL type safe 
Fixes: gh-7971
 2020-02-12 11:35:45 +01:00
Eleftheria Stein 1d6fdd249b Add missing Javadoc to Kotlin class 2020-02-11 18:09:30 +01:00
Eleftheria Stein f37a4557e6 Fix typo in Kotlin Javadoc 2020-02-11 18:09:30 +01:00
Josh Cummings 5bdf57d1e5
Remove Groovy and Spock Dependencies 
Fixes gh-4939
 2020-02-10 10:38:40 -07:00
Eleftheria Stein a5210aaf9b Support custom filter in Kotlin DSL 
Fixes: gh-7951
 2020-02-10 12:03:32 +01:00
Stephane Maldini 851be025e9 Don't force downcasting of RequestAttributes to ServletRequestAttributes 
Fixes gh-7952
 2020-02-07 20:44:19 -05:00