d874c4954e
AuthenticationWebFilter handle empty Authentication
...
Fixes: gh-5333
2018-05-11 04:19:50 -05:00
e78457d3a1
Fix checkstyle for CsrfServerLogoutHandlerTests
...
Issue: gh-4840
2018-05-11 04:16:48 -05:00
26f53a20b3
Add CsrfServerLogoutHandler
...
Create a CsrfServerLogoutHandler which invalidates the current CsrfToken
Fixes gh-4840
2018-05-11 04:16:48 -05:00
21750242cf
Add HttpStatusReturningServerLogoutSuccessHandler
...
An HttpStatusReturningServerLogoutSuccessHandler is missing on the
reactive side - essentially the reactive equivalent of
HttpStatusReturningLogoutSuccessHandler.
Fixes gh-5081
2018-05-11 04:03:21 -05:00
bc9f8ec430
Add HttpStatusServerEntryPoint
...
An HttpStatusServerEntryPoint is missing on the
reactive side - essentially the reactive equivalent of
HttpStatusEntryPoint.
Fixes gh-5082
2018-05-11 04:00:49 -05:00
902fc0f657
Fixed confused word in the class javadoc
2018-05-07 16:54:40 -05:00
b3c5bfe4db
CookieServerCsrfTokenRepository fails when cookie is null/empty
...
The CookieServerCsrfTokenRepository fails with an IllegalArgumentException
when a cookie is present but the value is null or empty.
Fixes gh-5315
2018-05-07 16:16:51 -05:00
3ba15a16bf
Polish CookieServerCsrfTokenRepository
...
- Only do work if subscribed to
- use test naming conventions
- Refactor tests to avoid extracting
- Uses String for member names which are not type safe
- Uses long argument list which makes assertions difficult to read
Issue: gh-5083
2018-05-04 16:54:48 -05:00
37b1136c0c
Remove CookieServerCsrfTokenRepository builder methods
...
This is inconsistent with the rest of the code base.
Issue: gh-5083
2018-05-04 16:54:48 -05:00
1eaecc12ec
Add CookieServerCsrfTokenRepository
...
A cookie implementation of ServerCsrfTokenRepository (like CookieCsrfTokenRepository)
is missing. In this implementation it would be nice to allow the setting of the domain as well.
Fixes: gh-5083
2018-05-04 16:54:48 -05:00
0570cebbce
Avoid unnecessary grow of ArrayList
...
Adapted ArrayList size in CacheControlHeadersWriter::createHeaders()
2018-05-04 14:23:31 -05:00
3740d33e64
The HttpHeader's ContentLength is a byte unit
2018-05-04 14:18:03 -05:00
23dd136efb
The HttpHeader's ContentLength is a byte unit
2018-05-04 14:18:03 -05:00
9bb841ac67
ExceptionTranslationFilter does not handle committed responses
...
Fixes: gh-5273
2018-04-30 16:49:51 -05:00
afdefe7b13
Fixes: gh-5190
2018-04-16 17:52:27 -05:00
8fbec3f0f1
Polish NegatedServerWebExchangeMatcher
...
Issue: gh-5170
2018-03-29 21:17:40 -05:00
d83b67e4cb
Add NegatedServerWebExchangeMatcher
...
Fixes: gh-5170
2018-03-29 21:16:11 -05:00
fb7394c1de
Polish Javadoc
...
Fixes: gh-5186
2018-03-29 15:33:57 -05:00
3c07d99b0a
Close quoted expected path in log when matching
2018-03-27 11:14:14 -05:00
d20ed9f5c9
Fix @since for StrictHttpFirewall
2018-03-27 11:01:26 -05:00
d07cfe655d
Use Supplier variants of Assert methods
2018-03-27 10:58:55 -05:00
b1d013e8f0
Fix JDK 9
...
Issue: gh-5160
2018-03-27 09:30:56 -05:00
7e6ed52603
CookieClearingLogoutHandler adds uses contextPath + "/"
...
Fixes: gh-2325
2018-03-19 16:51:22 -05:00
d21338d212
Support errorOnInvalidType for Reactive AuthenticationPrincipal
...
Fixes: gh-5096
2018-03-09 12:05:55 -06:00
a2073b2b91
Support BeanResolver for Reactive AuthenticationPrincipal
...
Fixes: gh-4326
2018-03-09 12:05:55 -06:00
949c7d68b8
Fix StrictHttpFirewall rules
...
Fixes: gh-5044
2018-03-08 21:30:23 -06:00
055a2ca917
Polish Javadoc HttpStatusServerAccessDeniedHandler
2018-03-07 12:35:25 -06:00
9f23212e43
HttpStatusServerAccessDeniedHandler use injected HttpStatus
...
Fixes: gh-5078
2018-03-07 12:35:25 -06:00
8d75554b6b
Lazily Create Throwables
...
Fixes: gh-5040
2018-02-26 16:24:40 -06:00
0fc67f765a
Polish StrictHttpFirewall Javadoc
...
Also cleanup DefaultHttpFirewall Javadoc
Issue: gh-5008
2018-02-15 17:18:28 -06:00
fcf967687b
Add FilterSecurityInterceptor once per request test
...
Issue: gh-4997
2018-02-08 17:11:37 -06:00
40a1281c66
FilterSecurityInterceptor once per request set attr
...
Only set the attribute if once per request is true
2018-02-08 17:10:45 -06:00
ce5fb51b20
Remove Mono.defer in ReactorContextWebFilter
...
Fixes: gh-5010
2018-02-08 16:19:10 -06:00
66298dcf5d
Clean ReactorContextWebFilterTests imports
...
Issue: gh-4962
2018-02-08 16:15:29 -06:00
141e3f581f
ReactorContextWebFilter preserves main Context
...
Previously ReactorContextWebFilter overrode
the main Context.
Fixes: gh-4962
2018-02-08 14:58:08 -06:00
c399987450
Polish StrictHttpFirewall Javadoc
...
Fixes: gh-5008
2018-02-08 14:08:54 -06:00
ea3dd336aa
Cache headers only if no cache headers set
...
Fixes: gh-5004
2018-02-07 14:56:34 -06:00
8b7f772761
Update to Jackson 2.9.4
...
Fixes: gh-4985
2018-02-01 13:45:06 -06:00
0eef5b4b42
Add StrictHttpFirewall
2018-01-24 11:06:08 -06:00
6a0833165a
AuthorizationWebFilter handles null Authentication
...
If the AuthorizationManager used the Authentication and the Authentication
was null the AuthorizationWebFilter would produce a NullPointerException
This commit fixes the test to ensure that Authentication is subscribed to
and ensures that the Authentication is not null
Fixes: gh-4966
2018-01-22 15:16:58 -06:00
921157cdcd
Remove explicit super() calls
2017-12-21 15:11:51 -06:00
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
c16456623f
Remove unused imports
2017-12-20 16:05:38 -06:00
70be0f3619
Mono<CsrfToken> saveToken->Mono<Void>
...
Issue: gh-4856
2017-11-20 16:30:29 -06:00
d55db837e1
CsrfWebFilter places Mono<CsrfToken>
...
Fixes: gh-4855
2017-11-20 16:30:29 -06:00
701933c7f7
Fix copyright start years
...
See gh-4655
See gh-4725
2017-11-17 10:14:32 -06:00
5f518d00e5
Apply Checkstyle EmptyStatementCheck module
...
This commit adds Checkstyle `EmptyStatementCheck` module and aligns code with it.
2017-11-16 20:18:21 -06:00
be397b8b33
WebSessionServerSecurityContextRepository Polish
...
- map(WebSession::getAttributes)
- use Mono.justOrEmpty
Issue: gh-4843
2017-11-16 15:54:33 -06:00
8d30d6110b
WebSessionSecurityContextRepository custom session attribute name
...
Fixes: gh-4843
2017-11-16 15:54:21 -06:00
b7529be3d0
WebSessionSecurityContextRepository changes session id
...
Fixes: gh-4842
2017-11-16 15:46:26 -06:00
b19e14330f
WebSessionServerCsrfTokenRepository session fixation protection
...
Issue: gh-4842
2017-11-16 15:45:57 -06:00
75a7c5268a
ServerRequestCache.removeMatchingRequest
...
Issue: gh-4789
2017-11-16 15:44:32 -06:00
fffd781b03
Add localization to error messages from ExceptionTranslationFilter
...
Fixes gh-4504
2017-11-16 11:25:56 -06:00
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
64ad08e96d
ServerRedirectCache.getRequest->getRedirectUri
...
Issue: gh-4789
2017-11-15 15:10:47 -06:00
1d9b0760d5
ServerRequestCache uses URI
...
Issue: gh-4789
2017-11-15 12:54:05 -06:00
942b51dba7
Reactive Basic does not create session by default
...
Fixes: gh-4825
2017-11-15 12:50:29 -06:00
5f79fdd3eb
requiresLogoutMatcher naming polish
...
Issue: gh-4822
2017-11-14 16:42:41 -06:00
c1f94156f9
serverWebExchange->exchange
...
Issue: gh-4822
2017-11-14 16:42:38 -06:00
11f6e0477c
serverLogoutSuccessHandler->logoutSuccessHandler
...
Issue: gh-4822
2017-11-14 16:42:36 -06:00
bf570854b8
serverLogoutHandler->logoutHandler
...
Issue: gh-4822
2017-11-14 16:42:33 -06:00
1c977ca15f
serverRedirectStrategy->redirectStrategy
...
Issue: gh-4822
2017-11-14 16:42:30 -06:00
2cbdb4ba02
serverCsrfTokenRepository->csrfTokenRepository
...
Issue: gh-4822
2017-11-14 16:42:27 -06:00
3bfda6cff7
serverAccessDeniedHandler->accessDeniedHandler
...
Issue: gh-4822
2017-11-14 16:42:24 -06:00
9e82fc0b83
serverAuthenticationEntryPoint->authenticationEntryPoint
...
Issue: gh-4822
2017-11-14 16:42:20 -06:00
9cf0dc6b38
serverWebExchange->webExchange
...
Issue: gh-4822
2017-11-14 16:42:17 -06:00
520e0a5a68
serverAuthenticationSuccessHandler->authenticationSuccessHandler
...
Issue: gh-4822
2017-11-14 16:42:14 -06:00
5c83f92ddc
serverAuthenticationFailureHandler->authenticationFailureHandler
...
Issue: gh-4822
2017-11-14 16:42:10 -06:00
692233e431
ServerSecurityContextRepository members to securityContextRepository
...
Issue: gh-4822
2017-11-14 16:42:06 -06:00
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
1b70efce2b
Add ServerRequestCache
...
Fixes: gh-4789
2017-11-13 15:49:34 -06:00
8f6491b281
Add RedirectServerAuthenticationFailureHandler
...
Fixes gh-4816
2017-11-13 15:49:20 -06:00
060d8689fe
Make RedirectServer*Tests less specific
...
Issue: gh-4816
2017-11-13 15:49:06 -06:00
99df632f24
Add missing @Override annotations
...
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
2017-11-08 13:27:24 -06:00
676020321e
Add reactive CsrfRequestDataValueProcessor
...
Fixes gh-4762
2017-11-07 22:25:36 -06:00
7622826b69
WebSessionServerCsrfTokenRepository saves on getToken
...
Fixes gh-4801
2017-11-07 22:25:23 -06:00
776364d403
ServerCsrfTokenRepository.saveToken return Mono<CsrfToken>
...
Fixes gh-4800
2017-11-07 22:24:53 -06:00
3f18881493
Remove additional attribute name from CsrfWebFilter
...
Fixes gh-4799
2017-11-07 22:24:42 -06:00
35706ad60a
Deserialize the principal in a neutral way
...
When the principal of the Authentication is an object, it is not necessarily
an User: it could be another implementation of UserDetails, or even a
completely unrelated type. Since the type of the object is serialized as a
property and used by the deserialization anyway, there's no point in
enforcing a stricter type.
2017-10-30 00:53:31 -05:00
6fd9ff254b
Map values directly from the JSON nodes
...
Not only is it more efficient without converting to an intermediate String,
using JsonNode.toString() may not even produce valid JSON according to its
Javadoc (ObjectMapper.writeValueAsString() should be used).
2017-10-30 00:53:31 -05:00
a1fdb7dcb3
Update AbstractRememberMeServices.java
...
this file`s file encode is unkown,maybe is "Eddu Melendez"
2017-10-30 00:50:23 -05:00
832f5c39c1
SEC-3190: Add support for colons in remember-me token values
...
We have an issue where token strings that contain a colon break
the existing decoding strategy, which tokenizes on colons. so this
change urlencodes the individual tokens when creating the cookie
string; and urldecodes them decoding the cookie and extracting the
tokens. This also eliminates the need for existing code to deal with
openid tokens which contain urls, and thus colons.
2017-10-30 00:33:14 -05:00
93ac706d86
Polish XFrameOptionsHeaderWriter
...
Issue: gh-4559
2017-10-29 23:32:53 -05:00
02a78b17b9
Add check to see if return value is DENY
...
Originally, if the return from getAllowFromValue(request) is "DENY",
then the X-Frame-Options header's value will proceed to be written as
"ALLOW FROM DENY" - an invalid value.
This commit adds a condition in the if clause that checks whether
allowFromValue is "DENY". This way, the X-Frame-Options header will be
written as "ALLOW FROM origin" or "DENY".
2017-10-29 23:32:53 -05:00
bed4ec7d18
Fix leading space characters reported by checkstyle
2017-10-29 22:22:34 -05:00
0771778b81
Polish more AssertJ assertions
2017-10-29 22:22:34 -05:00
e0aca04a28
Polish AssertJ assertions
...
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
5a5ec58ca4
Add LogoutPageGeneratingWebFilter
...
Fixes gh-4735
2017-10-29 00:12:23 -05:00
0734d70d02
Logout requires POST
...
Issue: gh-4734
2017-10-29 00:11:59 -05:00
8da2c7f657
Add WebFlux CSRF Protection
...
Fixes gh-4734
2017-10-28 22:59:24 -05:00
192776858d
HttpStatusServerAccessDeniedHandler write error message
2017-10-28 22:59:24 -05:00
e63c53e267
Add AuthorizationWebFilterTests
2017-10-28 22:58:55 -05:00
2060125ebd
ServerWebExchangeAttributeServerSecurityContextRepository->NoOpNoOpServerSecurityContextRepository
...
Issue: gh-4719
2017-10-27 18:17:52 -05:00
4777a869bc
Logout at the end of logout method
...
Issue: gh-4719
2017-10-27 18:17:40 -05:00
5bcf3c559b
Remove wrappedExchange from AuthenticationWebFilter
...
Issue: gh-4719
2017-10-27 18:17:29 -05:00
437ba56415
ReactorContextWebFilter & SecurityContextServerWebExchangeWebFilter
...
Issue: gh-4719
2017-10-27 18:17:10 -05:00
c63b258b16
AuthorizeWebFilter uses ReactiveSecurityContextHolder
...
Issue gh-4719
2017-10-27 18:16:59 -05:00
747473257f
Use ReactorSecurityContextHolder
...
Issue gh-4713
2017-10-26 20:11:42 -05:00
44b41e78cd
Flux member variables in favor of Collections
...
Fix gh-4694
2017-10-25 07:41:37 -05:00
fcc1152f78
WebFilterChainProxy not matched continues WebFilterChain
...
Fixes gh-4668
2017-10-24 16:22:07 -05:00
b81c1ce2c0
Move spring-security-webflux into spring-security-web
...
Fixes gh-4662
2017-10-18 16:20:09 -05:00
a74f7c6faa
Fix CSRF / DefaultLoginPageGeneratingFilter package tangle
...
Issue: gh-4636
2017-10-16 16:36:49 -05:00
0c830f9ba8
fix JavaDoc typo on `BasicAuthenticationEntryPoint`
2017-10-12 07:42:58 -05:00
23f56f568c
Update MockitJunitRunner import
...
Issue: gh-4608
2017-10-09 16:13:33 -05:00
445834784a
Update to Mockito 2.10.0
...
Issue: gh-4608
2017-10-09 16:13:11 -05:00
f3828924ff
Fix equals and hashCode alignment
...
Fixes gh-4588
2017-09-28 17:25:00 -05:00
646b3e48b3
Avoid Exception Message in HTTP Response
...
Fixes gh-4587
2017-09-28 17:24:49 -05:00
9e719bc313
Drop the `aopalliance:aopalliance` dependency
...
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.
This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)
The documentation is updated accordingly.
[1] https://jira.spring.io/browse/SPR-13984
2017-09-22 11:11:04 -05:00
95de158909
Add `ForwardLogoutSuccessHandler`
2017-09-06 15:15:02 -05:00
4951550d7d
Add context path to authorization request URI
...
Fixes gh-4510
2017-08-26 18:55:23 -04:00
e16b8e7976
Fix logback-test.xml
2017-08-17 16:42:01 -05:00
d8a678df6f
Removed Unicode Character from Parameter Name
2017-06-29 16:03:29 -05:00
f2c04dd9b1
fix typo
2017-06-20 08:17:15 -05:00
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
829c386756
Add support for OAuth 2.0 Login
...
Fixes gh-3907
2017-04-28 10:58:59 -04:00
dd6fc48dd8
Standardize Build
...
The build now uses spring build conventions to simplify the build
Fixes gh-4284
2017-04-21 10:55:05 -05:00
5a65da400d
Use ReflectionTestUtils rather than Whitebox
...
This is better because it no longer uses Mockito's internal API
Fixes gh-4305
2017-04-21 10:54:58 -05:00
9d9aadb80f
Fix DefaultSavedRequestMixinTests with Spring 5
...
Previously DefaultSavedRequestMixinTests
serializeDefaultRequestBuildWithConstructorTest broke in Spring 5
because Spring 5's MockHttpServletRequest.setCookie now automatically adds
the Cookie header.
This commit ensures that the Cookie header is not added by overriding the
class we are writing.
Fixes gh-4272
2017-04-12 15:51:26 -05:00
2ce174dbf0
Update poms to 5.0.0.BUILD-SNAPSHOT
2017-04-07 16:49:50 -04:00
2b81983f7c
Update to Java 8 compatibility
...
* Spring IO Athens-BUILD-SNAPSHOT -> Cairo-BUILD-SNAPSHOT
* CGLib 3.1 -> 3.2.5 latest release Issue related to ASM https://github.com/cglib/cglib/issues/20
* AssertJ 2.2.0 -> 3.6.2 latest release
* PowerMock 1.6.2 -> 1.6.5 latest release is 1.6.6 but has regression Issue https://github.com/powermock/powermock/issues/717
* Update maven-compiler-plugin source/target to 1.8
2017-04-07 16:49:38 -04:00
8a458eb9e1
Avoid multiple X-Frame-Options headers
...
XFrameOptionsHeaderWriter should not *add*, but *set* the
X-Frame-Options header. According to
https://tools.ietf.org/html/rfc7034#section-2.1 , having
multiple values for the header is disallowed:
"There are three different values for the header field.
These values are mutually exclusive; that is, the header
field MUST be set to exactly one of the three values."
With this change, only the latest XFrameOptionsHeaderWriter
will remain.
2017-03-08 15:49:18 -06:00
d2524eadfc
Update poms to new to SNAPSHOT version
2017-03-02 09:20:34 -06:00
081f0c4d94
Release version 4.2.2.RELEASE
2017-03-02 07:29:42 +00:00
247f54dc41
Fix SwitchUserFilter.setSwitchFailureUrl assertion
...
Fixes gh-4198
2017-03-02 00:47:09 -06:00
017e9834bd
Fix NPE in UrlUtils with null url
...
Fixes gh-4233
2017-03-02 00:46:01 -06:00
168f4b8f70
Prevent Duplicate Cache Headers
...
Fixes gh-4199
2017-03-01 16:14:12 -06:00
9c03571bbb
Use message in all Assert
...
This ensures compatibility with Spring 5.
Fixes gh-4193
2017-01-30 19:58:24 -06:00
38492a5794
Add since version in javadoc
...
Issue: gh-4130
2016-12-21 16:12:39 -06:00
7a7ce11ebb
Release version 4.2.1.RELEASE
2016-12-21 17:23:28 +00:00
028854b936
Add HttpSessionRequestCache sessionAttrName property
...
This commit allows to customize the session attribute name. Default is
SPRING_SECURITY_SAVED_REQUEST.
Fixes gh-4130
2016-12-21 10:22:09 -06:00
d39f3385b6
Polish DefaultHttpFirewallTests
...
Issue gh-4169
2016-12-21 09:29:23 -06:00
666e356ebc
Block URL Encoded "/" in DefaultHttpFirewall
...
Fixes gh-4169
2016-12-21 09:04:00 -06:00
24fcb6c45a
Release version 4.2.0.RELEASE
2016-11-09 23:42:11 +00:00
697daeab7c
Add Jackson2 Support for PreAuthenticatedAuthenticationToken
...
Fixes gh-4120
2016-11-09 16:55:10 -06:00
f97f38fd57
jacksonDatavindVersion->jacksonDatabindVersion
...
Issue gh-4122
2016-11-09 16:46:38 -06:00
f0a9421aa4
SecurityJacksonModules->SecurityJackson2Modules
...
Fixes gh-4121
2016-11-09 16:42:41 -06:00
d2c28c58e2
Polishing the ReferrerPolicyHeaderWriter gh-4110
2016-11-09 13:16:41 -06:00
23294c4c57
Add Referrer-Policy header support
...
Fixes gh-4110
2016-11-08 13:21:35 -06:00
97b4cb0b73
Release version 4.2.0.RC1
2016-10-26 02:49:23 +00:00
57d7ad05f9
Revert "Cache Control only written if not set"
...
This reverts commit 242b831f20
2016-10-24 15:57:26 -05:00
50b72dddbc
Fix typo in Javadoc
...
This commit simply fixes typo in Javadoc.
2016-10-20 21:07:15 -05:00
aaa9708b95
Add BeanResolver to AuthenticationPrincipalArgumentResolver
...
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.
This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.
Fixes gh-3949
2016-10-18 19:45:54 -05:00
2c99cd3bbf
Remove MatcherAssertionErrors
...
Spring 5 removes MatcherAssertionErrors. We should not have been using
this class anyways.
This commit updates to using assertj in favor of MatcherAssertionErrors.
Issue gh-4080
2016-10-17 17:00:17 -05:00
08c1f500a7
Version bumps for Spring 5
...
Issue gh-4080
2016-10-17 17:00:17 -05:00
c1b8150439
Release version 4.2.0.M1
2016-09-23 19:39:33 +00:00
8b89e804e3
Polish RequestAttributeAuthenticationFilter
...
Issue gh-3978
2016-09-23 13:08:08 -05:00
6fb564a629
Polish HTTP Response Splitting
...
Issue gh-3910
2016-09-23 12:49:01 -05:00
9ae163e92d
Rename to RequestAttributeAuthenticationFilter
...
Rename EnvironmentVariableAuthenticationFilter to
RequestAttributeAuthenticationFilterTests
Polish gh-3978
2016-09-22 16:44:10 -05:00
a8120e74a7
Added authentication filter reading environment variables.
...
This style is used in many SSO implementations, such as Stanford WebAuth
and Shibboleth.
2016-09-22 16:30:54 -05:00
Rob Winch
Eric Deandrea
Artyom Emelyanenko
Alexander Münch
XYUU
Tao Qian
Mark Hobson
Johnny Lim
Christoph Dreis
json20080301
Eddú Meléndez
Benedikt Ritter
Frank Pavageau
SignleMR
Jeremy Waters
Nathan Wong
Antoine
Andreas Gebhardt
Stephan Schroevers
Vedran Pavic
Joe Grandja
Kyle Anderson
Takuma Setoguchi
borlafu
Rob Winch
Spring Buildmaster
Kazuki Shimizu
Milan Ševčík