Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,401 Commits 29 Branches 320 Tags 104 MiB
Commit Graph

3037 Commits

Author SHA1 Message Date
Josh Cummings 59ec1f6480
Revert "Polish AuthorizationAdvisorProxyFactory advisor configuration" 
This commit had some unintended consequences when the advisor
interceptor was published in a Spring Boot application. As such,
15497 will be reopened to investigate. In the meantime, this commit
reverts the previous change so as to allow the build to pass.

Issue gh-15497
 2024-08-12 10:12:14 -06:00
Josh Cummings 08b8b09066
Update Copyright 
Issue gh-15286
 2024-08-10 11:48:14 -06:00
Josh Cummings e40c98e6d7 Deprecate PrePostTemplateDefaults 
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.

If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.

Issue gh-15286
 2024-08-10 11:46:51 -06:00
MrJovanovic13 6d657ea3da InMemoryUserDetailsManager preserve user type 
Closes gh-3192
 2024-08-09 10:09:41 -06:00
MrJovanovic13 503d653cea Add InMemoryUserDetailsManager tests 
Tests added:
createUserWhenUserAlreadyExistsThenException
updateUserWhenUserDoesNotExistThenException
loadUserByUsernameWhenUserNullThenException

Issue gh-3192
 2024-08-09 10:09:41 -06:00
Josh Cummings de77e054fd
Default Handler Resolution to Reflection-Based 
Closes gh-15496
 2024-08-07 14:34:40 -06:00
Josh Cummings 02cca6f737
Polish AuthorizationAdvisorProxyFactory advisor configuration 
Closes gh-15497
 2024-08-07 10:09:51 -06:00
Josh Cummings 37a2812d1a
Mimic Annotation Fallback Logic 
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
 2024-07-31 16:17:42 -06:00
Josh Cummings 77bce14462
Polish Annotation Test 
This new arrangement of the test better matches the class
hierarchy described by the original ticket.

Issue gh-13234
 2024-07-31 16:17:42 -06:00
Josh Cummings 90335bd0a6
Polish Annotation Test 
This test was made more effective by having it focus on the real
scenario of resolving annotations from the standpoint of a bean
 2024-07-31 16:17:42 -06:00
KyeongHoon Lee 4036e910c7 Add @FunctionalInterface to AuthenticationManager 2024-07-18 17:25:44 -07:00
Josh Cummings c736e075c1
Add AnnotationSythesizer API 
Closes gh-13234
Closes gh-13490
Closes gh-15097
 2024-07-18 09:55:17 -06:00
Josh Cummings e3438aa36a
Support AliasFor 
Closes gh-15436
 2024-07-18 09:46:39 -06:00
Josh Cummings 03bcc6776a
Correct Authorization Tests 
Issue gh-9289
 2024-07-18 09:46:38 -06:00
Josh Cummings 56c93afc66
Correct Tests About Conflicting Annotations 
Issue gh-9289
 2024-07-18 09:46:38 -06:00
Juliana Hachmann 9a714424d5 Adds missing translated messages for PT-BR 
Partially fix #spring-projectsgh-9315

Adds Brazilian Portuguese translation missing for following messages in messages_pt_BR.properties;
- ExceptionTranslationFilter.insufficientAuthentication 
- LdapAuthenticationProvider.badLdapConnection
- PersistentTokenBasedRememberMeServices.cookieStolen
 2024-05-31 12:36:52 -06:00
Josh Cummings aa9bf83c6d
Polish Exception Handling 
Issue gh-15093
 2024-05-31 12:34:33 -06:00
Blagoja Stamatovski 63f48167bd Add Kotlin support to PreFilter and PostFilter annotations 
Closes gh-15093
 2024-05-31 12:32:28 -06:00
Hyeon Sung 742c95b1fc Use instanceof Pattern Matching 2024-05-15 08:32:25 -03:00
MrJovanovic13 e932387714 fix docs error 
Closes gh-14978
 2024-05-13 09:28:27 -03:00
Marcus Hert Da Coregio b3c7f3ff19 Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision 
Issue gh-7395
 2024-04-30 08:38:03 -03:00
DingHao 2a6f0cac5a Fix not exist class in java doc 
Closes gh-14954
 2024-04-25 11:37:23 -06:00
Marcus Hert Da Coregio 2fbbcc4bd0 Polish Method Authorization Denied Handling 
- Renamed @AuthorizationDeniedHandler to @HandleAuthorizationDenied
- Merged the post processor interface into MethodAuthorizationDeniedHandler , it now has two methods handleDeniedInvocation and handleDeniedInvocationResult
- @HandleAuthorizationDenied now handles AuthorizationDeniedException thrown from the method

Issue gh-14601
 2024-04-12 15:55:25 -03:00
Josh Cummings 933ef67637
Polish AuthorizationDeniedException Handling 
Issue gh-14600
 2024-04-11 14:30:00 -06:00
Josh Cummings 50b85aea0d Handle SpEL AuthorizationDeniedExceptions 
Closes gh-14600
 2024-04-10 15:36:23 -07:00
Marcus Hert Da Coregio 61eba00654 Move HaveIBeenPwnedRestApiPasswordChecker to spring-security-web 
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.

Issue gh-7395
 2024-04-10 14:58:01 -03:00
Marcus Hert Da Coregio 8d914ef145 Add @AuthorizationDeniedHandler for Method Authorization Denied Handling 
Issue gh-14601
 2024-04-08 14:42:13 -03:00
Josh Cummings c8e5fbf21b
Fix Package Tangle 
Issue gh-14598
 2024-04-05 16:48:52 -06:00
YunByungil e5f7453690 fix: variable naming convention 
Changed the variable name from MAX_INTITEM_LENGTH to MAX_INT_ITEM_LENGTH to adhere to naming conventions
 2024-04-05 15:05:32 -07:00
Josh Cummings 3f7355abc6
Synthesize all annotation attributes 
Issue gh-14601
 2024-04-04 13:30:29 -06:00
Josh Cummings 6f07d63938
Support SpEL Returning AuthorizationDecision 
Closes gh-14598
 2024-04-04 11:32:00 -06:00
Josh Cummings 0a9c482f62
Revert "Support SpEL Returning AuthorizationDecision" 
This reverts commit 77f2977c55.
 2024-04-04 11:31:45 -06:00
Josh Cummings 77f2977c55 Support SpEL Returning AuthorizationDecision 
Closes gh-14599
 2024-04-04 09:52:15 -07:00
Marcus Hert Da Coregio d85857f905 Add Authorization Denied Handlers for Method Security 
Closes gh-14601
 2024-04-03 09:25:12 -03:00
Marcus Hert Da Coregio 19d66c0b8a Introduce AuthorizationResult 2024-04-03 09:25:12 -03:00
Marcus Hert Da Coregio 7d66525e23 Add Compromised Password Checker 
Closes gh-7395
 2024-04-01 09:48:07 -03:00
Josh Cummings 148776309f
Merge branch '6.2.x' 2024-03-22 14:33:57 -06:00
Josh Cummings afcce0c277
Merge branch '6.1.x' into 6.2.x 
Closes gh-14795
 2024-03-22 14:33:44 -06:00
Josh Cummings 7162046144
Remove Reference to MethodInvocationResult 
Closes gh-14794
 2024-03-22 14:33:23 -06:00
Ali-Hassan 04799c5aac Update AuthenticationProvider JavaDoc 
Authentication is an interface, not a class. So, it's not correct
to say "instance of the Authentication class".
 2024-03-22 11:27:58 -06:00
Josh Cummings e1c5dc0e66 Polish JavaDoc 
Issue gh-14597
 2024-03-22 11:00:39 -06:00
Josh Cummings 9898e0e993 Move AuthorizationAdvisorProxyFactory 
To prevent package tangles

Issue gh-14596
 2024-03-22 11:00:39 -06:00
Josh Cummings 12ea8a5738 Add Supplier Support 
Issue gh-14597
 2024-03-22 11:00:39 -06:00
Josh Cummings 795e44d11f Add Value-Type Ignore Support 
Issue gh-14597
 2024-03-22 11:00:39 -06:00
Josh Cummings ce54a6db18 Add TestAuthentication convenience method 
Issue gh-14597
 2024-03-19 10:27:03 -06:00
Josh Cummings d169d5a835 Add AuthorizeReturnObject 
Closes gh-14597
 2024-03-19 10:27:03 -06:00
Marcus Hert Da Coregio a8a9341f2e Merge branch '6.2.x' 
Closes gh-14667
 2024-03-18 06:43:37 -03:00
Marcus Hert Da Coregio a972338e1d Merge branch '6.1.x' into 6.2.x 
Closes gh-14666
 2024-03-18 06:43:09 -03:00
Marcus Hert Da Coregio f84c4ea583 Merge branch '5.8.x' into 6.1.x 
Closes gh-14665
 2024-03-18 06:42:43 -03:00
Marcus Hert Da Coregio 2c9dc08e43 Merge branch '5.7.x' into 5.8.x 
Closes gh-14664
 2024-03-18 06:40:34 -03:00