Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,902 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1821 Commits

Author SHA1 Message Date
Josh Cummings ba5a68ec63 Polish LdapAuthenticationPopulator Support 
PR gh-9276
 2021-11-19 12:19:43 -07:00
Filip Hanik ae08608011 LdapAuthoritiesPopulator should be postProcessed 
To enable customizations through withObjectPostProcessor
 2021-11-19 12:03:44 -07:00
Norbert Nowak 4bc55769a3 Import cleanup 
Issue gh-10333
 2021-11-19 11:46:08 -07:00
Norbert Nowak 4f186f2c1f Move Dsl files to annotation Package 
Closes gh-10333
 2021-11-19 11:46:08 -07:00
Marcus Da Coregio 25feedb870 Fix removal of framework deprecated code 
Issue https://github.com/spring-projects/spring-framework/issues/27686
 2021-11-19 13:06:13 -03:00
« Christophe e85958f65c Fix CsrfConfigurer default AccessDeniedHandler consistency 
Fix when AccessDeniedHandler is specified per RequestMatcher on
ExceptionHandlingConfigurer.

This introduces evolutions on :
- CsrfConfigurer#getDefaultAccessDeniedHandler,
to retrieve an AccessDeniedHandler similar to the one used by
ExceptionHandlingConfigurer.
- OAuth2ResourceServerConfigurer#accessDeniedHandler, to continue to
handle CsrfException with the default AccessDeniedHandler implementation

Fixes: gh-6511
 2021-11-16 14:25:03 -06:00
Rob Winch 0aa75e04b7 Fix imports for ChannelSecurityConfigurerTests 
gh-7997
 2021-11-16 14:07:53 -06:00
Stephane Nicoll 2e4c6c3bf1 Avoid using SpEL to change the meaning of the injection point 
This commit removes the use of SpEL expression and replaces it with an
explicit call to the underlying method.
 2021-11-16 13:53:29 -06:00
Onur Kagan Ozcan ef25304a30 Add RedirectStrategy customization to ChannelSecurityConfigurer for RetryWith classes 2021-11-16 13:44:34 -06:00
Josh Cummings 869e379099 Separate Namespace Servlet Docs 
Issue gh-10367
 2021-11-01 17:49:15 -06:00
Marcus Da Coregio caf4c47105 Remove CAS module 
Closes gh-10441
 2021-11-01 09:02:43 -03:00
Marcus Da Coregio db60df2f9c Update to Spring Framework 6.0 
Issue gh-10360
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio b2e6c60d94 Remove remoting technologies support 
Closes gh-10366
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio 010f719344 Upgrade to JDK 17 
Closes gh-10343
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio 12f3e908b0 Update to Spring Security 6.0 2021-11-01 09:02:41 -03:00
Marcus Da Coregio 2f1638ec57 Fix javadoc 
Closes gh-10382
 2021-10-22 11:20:37 -03:00
Emil Sierżęga cb70b6a39b Fixed invalid usage of & tag in Javadocs 2021-10-21 11:47:04 +02:00
Emil Sierżęga 04b47c5928 Fixed various broken links in Javadocs 2021-10-21 11:47:04 +02:00
Emil Sierżęga a188138715 Javadocs author tag doesn't work in methods 2021-10-21 11:47:04 +02:00
Emil Sierżęga 6b26032ce7 Fixed invalid usege of > tag in Javadocs 2021-10-21 11:47:04 +02:00
Rob Winch f836897190 Checkstyle Fixes 
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
 2021-10-18 21:03:35 -05:00
Philipp Neuschwander 6db58cbf8a Conditionally resolve bearer token from request parameters 
Before this commit, the DefaultBearerTokenResolver unconditionally
resolved the request parameters to check whether multiple tokens
are present in the request and reject those requests as invalid.

This commit changes this behaviour to resolve the request parameters
only if parameter token is supported for the specific request
according to spec (RFC 6750).

Closes gh-10326
 2021-10-13 17:10:50 -05:00
Gaurav Tiwari 33708e61fb Add postProcess support to Saml2LogoutConfigurer 
Closes gh-10311
 2021-10-13 12:05:48 -06:00
Josh Cummings fbb7691be4 Polish SecurityNamespaceHandler Tests 
Issue gh-8974
 2021-10-13 11:50:14 -06:00
Emil Sierżęga 8daa6ec1fd SecurityNamespaceHandler: update schema version to 5.6 
Closes gh-8974
 2021-10-13 11:49:57 -06:00
Eleftheria Stein ba8844a67e Deprecate Kotlin methods that don't use reified types 
Closes gh-10365
 2021-10-13 10:16:37 +02:00
Marcus Da Coregio 02b2fcc6f0 Restore ManagementConfigurationPlugin 
Issue gh-9615
 2021-10-05 11:23:29 -03:00
Marcus Da Coregio d2e5f2ae0d Update Gradle to 7.2 
Closes gh-9615
 2021-10-04 15:19:40 -03:00
Marcus Da Coregio 7112ee3eaa Allow SAML 2.0 loginProcessingURL without registrationId 
Closes gh-10176
 2021-10-04 09:54:40 -03:00
Marcus Da Coregio e36e2b2a97 Move Saml2AuthnRequestRepository to web package 
Moving to solve package tangles

Issue gh-9185
 2021-09-29 14:10:39 -03:00
Rob Winch 3b64cdfc03 Fix XsdDocumentedTests 
Issue gh-5835
 2021-09-24 10:25:26 -05:00
Josh Cummings c3ba2332da Wire BeanResolver into DefaultMethodSecurityExpressionHandler 
Closes gh-10305
 2021-09-22 14:14:29 -06:00
Josh Cummings 7b599d4770 Share JWKSource Instances 
Closes gh-10312
 2021-09-22 13:28:08 -06:00
Marcus Da Coregio 0364518b69 Update Saml2LoginConfigurer to pick up Saml2AuthenticationTokenConverter bean 
Closes gh-10268
 2021-09-17 08:13:19 -03:00
Eleftheria Stein 1e76b11b3c Remove duplicate entry from test LDIF file 
Closes gh-10274
 2021-09-16 10:26:06 +02:00
Josh Cummings 4f06fc6ed1 Add Saml2LogoutConfigurer 
Closes gh-9497
 2021-09-13 16:39:48 -06:00
Josh Cummings 6488295cad Add RelyingPartyRegistrationResolver 
Closes gh-9486
 2021-09-13 16:39:48 -06:00
Derek Van Blerkom 58d50888df Fix return type to allow further security config 2021-09-13 15:31:02 -03:00
Yanming Zhou f2b2e6002f Replace static "ROLE_" with customized role prefix 
Fix gh-4134
 2021-09-09 11:48:25 -06:00
Eleftheria Stein 3ab6bee856 Make method static to prevent circular dependency error 
Workaround for circular dependency between ServerHttpSecurityConfiguration and WebFluxConfigurationSupport.

Closes gh-10076
 2021-08-11 13:46:45 +02:00
Marcus Da Coregio 662ab10416 Fix test getting stuck 
The tests are getting stuck when running a single test class and the mock is performed in a static variable inside an inner class

Issue gh-6025
 2021-07-27 14:55:53 -06:00
Marcus Da Coregio 16e17d242e Add Saml2AuthenticationRequestRepository 
Closes gh-9185
 2021-07-27 14:55:53 -06:00
Josh Cummings 6b68a6d62b
Apply rnc2Xsd 
Issue gh-8657
 2021-07-27 13:22:42 -06:00
Josh Cummings 6370906ead
Add SpringOpaqueTokenIntrospector 
Closes gh-9354
 2021-07-26 10:50:50 -06:00
Abdul Al-Faraj d1dfb2b9ee Improve OpenSAML Version Check 
Closes gh-10077
 2021-07-26 10:42:40 -06:00
Nick McKinney 5c8fb254c2 Add AuthenticationDetailsSource to OAuth2 Login Kotlin DSL 
Closes gh-9838
 2021-07-16 15:42:00 +02:00
Nick McKinney b1612b1283 Add AuthenticationDetailsSource to Form Login Kotlin DSL 
Closes gh-9837
 2021-07-16 15:42:00 +02:00
Rob Winch f73f213f50 Remove DependencySetPlugin 
Closes gh-10070
 2021-07-12 15:31:38 -05:00
Rob Winch 342884e851 kotlin uses @ExtendWith(SpringTestContextExtension::class) 
cd config/src/test/kotlin
rg 'SpringTestContext' -l | xargs sed -i '/^import org.junit.jupiter.api.Test/a import org.junit.jupiter.api.extension.ExtendWith'
rg 'SpringTestContext' -l | xargs sed -i '/^import org.springframework.security.config.test.SpringTestContext/a import org.springframework.security.config.test.SpringTestContextExtension'
rg 'SpringTestContext' -l | xargs sed -i '/^class .*/i @ExtendWith(SpringTestContextExtension::class)'
 2021-07-09 15:57:21 -05:00
Rob Winch cc732bda3b Use @ExtendWith(SpringExtension::class) 2021-07-09 15:57:21 -05:00