Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 12:32:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,382 Commits 55 Branches 348 Tags
Commit Graph

18382 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
60f729156b
Bump org.hibernate.orm:hibernate-core from 7.0.0.Final to 7.0.1.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.0.Final to 7.0.1.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.1/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.0...7.0.1)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.1.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-11 03:15:08 +00:00
Josh Cummings
9b724377ce Rework Saml2 Authentication Statement 
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.

Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.

As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.

Closes gh-10820
 2025-06-10 17:21:03 -06:00
Christian Schuster
02a8c416aa Add NameID to SAML 2.0 Authentication Info 
Issue gh-10820
 2025-06-10 17:21:03 -06:00
Christian Schuster
36c7b91fb9 SAML 2.0 Single Logout Uses Saml2AuthenticationInfo 
This allows SLO to be triggered without the authentication
principal needing to implement a given interface.

Issue gh-10820
 2025-06-10 17:21:03 -06:00
Rob Winch
ffd6e3c0f7
Merge branch '6.5.x' 2025-06-10 10:49:13 -05:00
Rob Winch
b4418014aa
Merge branch '6.4.x' into 6.5.x 2025-06-10 10:49:05 -05:00
Rob Winch
29ec4c8736
Merge branch '6.3.x' into 6.4.x 2025-06-10 10:48:44 -05:00
Rob Winch
888d87619d
Explicit Permissions for codeql.yml 2025-06-10 10:48:37 -05:00
Rob Winch
2c5bd4c916
Explicit Permissions for codeql.yml 2025-06-10 10:46:23 -05:00
Rob Winch
dc954875f3
Merge branch '6.5.x' 2025-06-10 09:56:09 -05:00
Rob Winch
0299ba6027
Merge branch '6.4.x' into 6.5.x 2025-06-10 09:55:50 -05:00
dependabot[bot]
a060f7b462
Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-10 03:41:53 +00:00
dependabot[bot]
d7bada7fec
Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-10 03:35:38 +00:00
dependabot[bot]
eaba293cc5
Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-10 03:25:56 +00:00
Lidoca
d0db5e3ea3 Update database-schema.adoc 
docs: match the database schema with https://github.com/spring-projects/spring-security/blob/6.5.0/docs/modules/ROOT/pages/servlet/authentication/passwords/jdbc.adoc

Signed-off-by: Lidoca <32785562+Lidoca@users.noreply.github.com>
 2025-06-09 22:17:57 -05:00
Josh Cummings
aa3135169d Polish Documentation 
Closes gh-14635
 2025-06-09 16:49:36 -06:00
Liviu Gheorghe
3ddf201d66 Updated Copyrights 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
1livv
edfd7b9b43 Addressed review comments 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
1livv
358f6c96b5 Update config tests 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
Liviu Gheorghe
eaf8184142 Send saml logout response even when validation errors happen 
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
 2025-06-09 16:45:24 -06:00
Rob Winch
097640b72a
Merge branch '6.5.x' 2025-06-09 17:11:12 -05:00
Rob Winch
c9a67818d7
Merge branch '6.4.x' into 6.5.x 2025-06-09 17:11:04 -05:00
Rob Winch
af15d735eb
Merge branch '6.3.x' into 6.4.x 2025-06-09 17:10:55 -05:00
Rob Winch
d7452138ac
Merge branch 'gradle/6.5.x/org.apache.maven-maven-resolver-provider-3.9.10' into 6.5.x 2025-06-09 17:10:46 -05:00
Rob Winch
35e8aa6435
Merge branch 'gradle/main/org.apache.maven-maven-resolver-provider-3.9.10' 2025-06-09 17:09:36 -05:00
Rob Winch
e00d06e97f
Merge branch 'gradle/6.4.x/org.apache.maven-maven-resolver-provider-3.9.10' into 6.4.x 2025-06-09 17:09:09 -05:00
Rob Winch
e8028e15c0
Merge branch 'gradle/6.3.x/org.apache.maven-maven-resolver-provider-3.9.10' into 6.3.x 2025-06-09 17:08:30 -05:00
Rob Winch
8e1db3fe2b
Merge branch '6.5.x' 2025-06-09 17:06:04 -05:00
Rob Winch
1bd59c7fec
Merge branch '6.4.x' into 6.5.x 2025-06-09 17:05:55 -05:00
Rob Winch
12d479baab
Merge branch '6.3.x' into 6.4.x 2025-06-09 17:05:46 -05:00
Rob Winch
362cc62611
Merge branch 'gradle/6.4.x/io.spring.develocity.conventions-0.0.23' into 6.4.x 2025-06-09 17:02:55 -05:00
Rob Winch
28174a6d3e
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 2025-06-09 16:56:15 -05:00
Rob Winch
3948440ee4
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 2025-06-09 16:53:33 -05:00
Rob Winch
c5b41f50f5
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 2025-06-09 16:52:54 -05:00
Rob Winch
f0ba7500ff
Bump io-spring-javaformat from 0.0.45 to 0.0.46 2025-06-09 16:25:30 -05:00
Rob Winch
72b5e96a0d
Bump io-spring-javaformat from 0.0.45 to 0.0.46 2025-06-09 16:24:44 -05:00
Rob Winch
fd2e3f43f6
Bump io-spring-javaformat from 0.0.45 to 0.0.46 2025-06-09 16:23:10 -05:00
Rob Winch
482eb0e2cd
Bump io-spring-javaformat from 0.0.45 to 0.0.46 2025-06-09 16:22:15 -05:00
Rob Winch
a47022799e
Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE 2025-06-09 16:20:57 -05:00
Rob Winch
aec876403f
Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE 2025-06-09 16:20:04 -05:00
Rob Winch
648882adc7
Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to 6.6.17.Final 2025-06-09 16:19:18 -05:00
Rob Winch
0411986013
Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to 6.6.17.Final 2025-06-09 16:16:56 -05:00
Joe Grandja
98c3453aa4 Merge branch '6.5.x' 2025-06-06 07:19:08 -04:00
Joe Grandja
d622183e62 Merge branch '6.4.x' into 6.5.x 
Closes gh-17216
 2025-06-06 07:06:12 -04:00
Joe Grandja
a377175455 Merge branch '6.3.x' into 6.4.x 
Closes gh-17215
 2025-06-06 06:50:45 -04:00
Andrey Litvitski
b0f8aa5ea0 Fix to allow multiple AuthenticationFilter instances to process each request 
Closes gh-17173

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-06-06 06:37:03 -04:00
dependabot[bot]
893d539c18
Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10 
Bumps org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-06 03:55:31 +00:00
dependabot[bot]
adca1b31be
Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10 
Bumps org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-06 03:52:18 +00:00
dependabot[bot]
47b6e31606
Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10 
Bumps org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-06 03:40:05 +00:00
dependabot[bot]
f75ac6c837
Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10 
Bumps org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-06 03:37:31 +00:00