5f7fc0eb26
Improve Upgrading
...
Closes gh-11259
2022-05-16 11:08:00 -06:00
1a9ec8a756
AntRegexRequestMatcher Optimization
...
Closes gh-11234
2022-05-16 10:18:51 -05:00
4967a0394f
Extract rejectNonPrintableAsciiCharactersInFieldName
...
Closes gh-11234
2022-05-16 10:18:51 -05:00
3f91f851fe
Add End-of-Life Notice
2022-01-03 12:58:28 +02:00
2d25e9a687
Remove from CI
2022-01-03 12:58:03 +02:00
1c642bdae9
Next development version
2021-12-20 16:48:09 -03:00
cfbf28b8ba
Revert "Lock Dependencies for Release"
...
This reverts commit 3d4e90ba2a
2021-12-20 16:47:36 -03:00
f9989bfc42
Release 5.4.10
2021-12-20 16:11:51 -03:00
3d4e90ba2a
Lock Dependencies for Release
2021-12-20 16:03:13 -03:00
7e34c6a045
Fix reactive resource server tests
...
Closes gh-10660
2021-12-20 15:41:22 -03:00
3d4ad5fe50
Make gretty samples compatible with logback 1.2.9
...
Explicitly reference the logback.xml file to prevent gretty from configuring the defaults using groovy.
Issue gh-10642
2021-12-20 14:10:48 -03:00
0be66d2cc0
Update copyright year
...
Issue gh-10557
2021-12-01 17:37:17 -06:00
414e096ae4
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 16:05:23 -06:00
5c732b9b7f
Fix JwtClaimValidator wrong error code
...
Previously JwtClaimValidator returned the invalid_request error on claim validation failure.
But validators have to return invalid_token errors on failure according to:
https://datatracker.ietf.org/doc/html/rfc6750#section-3.1 .
Also see gh-10337
Closes gh-10337
2021-11-29 12:34:53 -07:00
fa82c00a67
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:15:14 -03:00
e05c9f4bba
Improve log message when no CSRF token found
...
Closes gh-10436
2021-11-19 08:43:48 -03:00
bd42939b52
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:38:32 -07:00
ef23337f90
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:35:10 -07:00
e8bbe7a1ce
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:21:59 -07:00
f89a34c30b
Don't Cache ReactiveJwtDecoders Errors
...
Closes gh-10444
2021-11-10 18:07:14 -07:00
89db1c37a3
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-22 14:49:13 -03:00
f1e7744d42
Next Development Version
2021-10-19 00:49:21 -05:00
0704c709dc
Revert "Lock Dependencies for Release"
...
This reverts commit 03c2c49d66
2021-10-18 17:38:07 -05:00
957111c29c
Release 5.4.9
2021-10-18 17:35:38 -05:00
03c2c49d66
Lock Dependencies for Release
2021-10-18 17:34:42 -05:00
397781e57c
Update to Spring Boot 2.4.11
...
Closes gh-10418
2021-10-18 17:33:19 -05:00
c83bd075a2
Revert "Lock Dependencies for Release"
...
This reverts commit bedb569f0d
2021-10-18 16:49:15 -05:00
bedb569f0d
Lock Dependencies for Release
2021-10-18 15:38:17 -05:00
ba468c7e6e
Restructure SwitchUserFilter Logs
...
Issue gh-6311
2021-10-18 15:38:16 -05:00
37ccf3c18c
Fixed link in .editorconfig
2021-10-13 15:38:01 -06:00
f45b990b4b
Allow SAML 2.0 loginProcessingURL without registrationId
...
Closes gh-10176
2021-10-05 13:30:20 -03:00
4df9b4547f
Fix OAuth2 Error Code
...
Closes gh-10319
2021-09-28 14:56:25 -06:00
02060015a5
Fix typo
...
Closes gh-10276
2021-09-22 16:36:38 -06:00
278bda1c2d
Remove finally block for junit
...
Allow this to be gathered by Gradle enterprise since if build is up to
date there will be no tests ran which causes failure. Additionally,
Gradle Enterprise displays the tests better than Jenkins.
2021-09-22 16:25:20 -05:00
8104a17049
Specify Jenkins user in Jenkinsfile
2021-09-22 16:06:49 -05:00
7614346a6f
Updated test.adoc SecurityMockServerConfigurers method references
...
Updated all references to SecurityMockServerConfigurers to refer to
correct methods.
Added documentation for mockJwt to include the
SecurityMockServerConfigurers class.
Issue gh-10254
2021-09-14 16:19:49 -03:00
9a1f04c08f
Fix return type to allow further security config
...
Issue gh-10245
2021-09-13 15:41:25 -03:00
8c1201ae49
Preserve Null Claim Values
...
Prior to this commit ClaimTypeConverter returned the claims with the
original value for all the claims with a null converted value.
The changes allows ClaimTypeConverter to overwrite and return claims
with converted value of null.
Closes gh-10135
2021-08-16 15:07:23 -06:00
fefe985242
Next Development Version
2021-08-16 11:57:20 -04:00
ec6b2203ca
Revert "Lock Dependencies for Release"
...
This reverts commit 067bdd0dd9
2021-08-16 11:55:39 -04:00
16b28f5a2f
Release 5.4.8
2021-08-16 11:12:40 -04:00
067bdd0dd9
Lock Dependencies for Release
2021-08-16 11:12:40 -04:00
2f81cbc577
Update to Spring Boot 2.4.8
...
Closes gh-10181
2021-08-16 11:12:21 -04:00
dc81e1c86b
Revert "URL encode client credentials"
...
This reverts commit 5243b1b8a8
2021-07-20 13:29:29 -05:00
6878ff7487
Update oauth2-resourceserver.adoc
...
fix the name of the parameter, from failure to badCredentials
Replaces AuthenticationFailureEvent
Remove AuthenticationFailureEvent Reference
Closes gh-10062
2021-07-16 12:03:35 -06:00
c5a50bd7ec
Fix typos
...
Closes gh-10050
2021-07-08 09:48:28 -03:00
37e2cc4e89
Fix Saml2WebSsoAuthenticationRequestFilter javadoc
...
Closes gh-10025
2021-06-30 13:55:35 +02:00
ad45a74b34
Update to use s01.oss.sonatype.org
...
Closes gh-10015
2021-06-29 16:36:42 -05:00
84118a7d44
Remove -PdeployDocsHost=docs-ip.spring.io
...
Closes gh-10021
2021-06-29 16:17:38 -05:00
fb83ddabe2
Update to spring-build-conventions:0.0.38
...
Closes gh-10020
2021-06-29 16:14:43 -05:00
Josh Cummings
Rob Winch
Eleftheria Stein
Marcus Da Coregio
Steve Riesenberg
Jonas Erbe
Henning Poettker
Emil Sierżęga
heowc
Anthony Lofton
Derek Van Blerkom
Fabio Guenci
Joe Grandja
dmitrilc
Luke Quinane
Daniel Garnier-Moiroux