67544f36f9
Remove references to WebSecurityConfigurerAdapter
...
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer
Closes gh-11288
2022-07-29 17:42:39 -05:00
05725af4d8
Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity
...
Closes gh-11277
2022-07-29 17:42:39 -05:00
4fbbfd2c8b
Skip workflows on forks of spring-security
2022-07-28 15:07:02 -05:00
66da4301fc
Use cache and user.name system property on Windows
2022-07-28 15:07:02 -05:00
8929bd5abc
Only run prerequisites job if on upstream repo
2022-07-28 15:07:02 -05:00
e3d1405f67
Simplify dependency graph
2022-07-28 15:07:02 -05:00
e756a1df19
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-28 15:07:02 -05:00
81fae2db2c
Polish gh-11367
2022-07-28 15:07:01 -05:00
054a3f0bc0
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
Closes gh-11367
2022-07-28 15:07:00 -05:00
409998a3fe
Add hash-based Content-Security-Policy for SAML pages
...
Closes gh-11631
2022-07-27 17:59:42 -06:00
e5ae35ab71
Add Deprecated annotation to WebSecurity#securityInterceptor
...
Closes gh-11634
2022-07-27 14:39:33 -03:00
0d74da4f97
Fix Snapshot Sources/Javadoc
...
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.
Closes gh-10602
2022-07-26 16:24:54 -05:00
2a336d4f49
"Well-Know" should be "Well-Known"
2022-07-26 15:41:05 -05:00
5322352427
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:49:21 -03:00
561f65b34d
Merge Same-named Attribute Elements
...
Closes gh-11042
2022-07-20 18:40:20 -06:00
631076e4dd
Build only on branches
...
Issue gh-11480
2022-07-18 11:45:39 -05:00
8d147100ee
Next development version
2022-07-18 16:00:47 +00:00
8d3586f949
Release 5.8.0-M1
2022-07-18 15:25:10 +00:00
95155ddb0c
Deprecate Resource Owner Password Credentials grant
...
Closes gh-11590
2022-07-15 16:28:47 -04:00
1be9be97a1
Exclude JavadocPackageCheck from Spring Checks
...
Issue gh-11422
2022-07-15 13:03:45 -05:00
33e4b07cc8
Update spring-ldap-core to 2.4.1
...
Closes gh-11563
2022-07-15 12:42:57 -05:00
5ddc1011a7
Update org.springframework.data to 2021.2.2
...
Closes gh-11562
2022-07-15 12:42:51 -05:00
58a9733b4c
Update org.springframework to 5.3.22
...
Closes gh-11561
2022-07-15 12:40:47 -05:00
2625388a87
Update jsonassert to 1.5.1
...
Closes gh-11560
2022-07-15 12:40:43 -05:00
3d0d8bdbe0
Update htmlunit-driver to 2.63.0
...
Closes gh-11559
2022-07-15 12:40:41 -05:00
0d2b71ed86
Update junit-bom to 5.9.0-RC1
...
Closes gh-11557
2022-07-15 12:40:36 -05:00
d20d6f5247
Update org.jetbrains.kotlinx to 1.6.4
...
Closes gh-11556
2022-07-15 12:40:33 -05:00
f69102f1a6
Update org.jetbrains.kotlin to 1.7.10
...
Closes gh-11555
2022-07-15 12:40:31 -05:00
e112e24efb
Update hibernate-entitymanager to 5.6.10.Final
...
Closes gh-11554
2022-07-15 12:40:28 -05:00
1f0a317923
Update org.eclipse.jetty to 9.4.48.v20220622
...
Closes gh-11553
2022-07-15 12:40:26 -05:00
0b18ebbd61
Update assertj-core to 3.23.1
...
Closes gh-11552
2022-07-15 12:40:23 -05:00
d152b38194
Update htmlunit to 2.63.0
...
Closes gh-11551
2022-07-15 12:40:21 -05:00
d6904fa84d
Update io.spring.javaformat to 0.0.34
...
Closes gh-11550
2022-07-15 12:40:18 -05:00
8d99e4b0c7
Update io.projectreactor to 2020.0.21
...
Closes gh-11548
2022-07-15 12:40:13 -05:00
eba9779205
Update mockk to 1.12.4
...
Closes gh-11547
2022-07-15 12:40:09 -05:00
4350f5fb9d
Update aspectj-plugin to 6.5.0.3
...
Closes gh-11546
2022-07-15 12:40:07 -05:00
32271ec811
Update com.nimbusds to 9.38.1
...
Closes gh-11545
2022-07-15 12:40:04 -05:00
bb06265552
Update jackson-bom to 2.13.3
...
Closes gh-11542
2022-07-15 12:39:56 -05:00
f45c4d4b8e
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:41:03 -03:00
5dff157755
Polish HttpSecurity Formatting
...
Issue gh-11360
2022-07-14 12:50:40 -06:00
400cd60368
Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer
...
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous
Closes gh-11360
2022-07-14 12:48:39 -06:00
57d6ab7134
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 09:13:46 -03:00
624fdfa731
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-13 17:58:16 -06:00
db25a37320
Consolidate ExpressionAuthorizationDecision
...
Issue gh-11493
2022-07-13 17:58:16 -06:00
281814a955
Add MethodExpressionAuthorizationManager
...
Closes gh-11493
2022-07-13 17:58:16 -06:00
51475e2583
Polish InterceptMethodsBeanDefinitionDecorator
...
Issue gh-11328
2022-07-13 17:57:38 -06:00
68bdb63faf
Use JDK 11 with spring-gradle-build-action
2022-07-13 14:27:34 -05:00
de45964f55
Backport release automation and github actions
...
Closes gh-11480
2022-07-13 13:43:13 -05:00
d3b8bacc3c
Polish InterceptMethodsBeanDefinitionDecorator
2022-07-13 11:38:50 -05:00
ce67fb08fd
Clearly end sentence in note before next sentence
2022-07-11 17:38:44 -06:00
Steve Riesenberg
naveen
Ulrich Grave
Marcus Da Coregio
Rob Winch
Desmond Silveira
Yuriy Savchenko
Josh Cummings
github-actions[bot]
Joe Grandja
Evgeniy Cheban
Tim te Beek