Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 15:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,936 Commits 33 Branches 337 Tags
Commit Graph

6936 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Artyom Emelyanenko
902fc0f657 Fixed confused word in the class javadoc 2018-05-07 16:54:40 -05:00
Johnny Lim
b91ebf7090 Fix @since for MockEventListener 2018-05-07 16:53:26 -05:00
이경욱
26bc6be850 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
이경욱
6adbe8dae0 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
Robert Roth
4bfce2a591 Fixed typo in acl database schema appendix. 
Fixes gh-5204
 2018-05-07 16:44:32 -05:00
Robert Roth
fddc28ba3b Fixed typo in CSRF documentation. 
Fixes gh-4792
 2018-05-07 16:44:32 -05:00
Denys Ivano
fed15f2b01 Add accessDeniedHandler method to ExceptionHandlingSpec 
This allows to configure accessDeniedHandler in ExceptionTranslationWebFilter through ServerHttpSecurity.

Issue: gh-5257
 2018-05-07 16:22:29 -05:00
Eric Deandrea
b3c5bfe4db CookieServerCsrfTokenRepository fails when cookie is null/empty 
The CookieServerCsrfTokenRepository fails with an IllegalArgumentException
 when a cookie is present but the value is null or empty.

Fixes gh-5315
 2018-05-07 16:16:51 -05:00
Johnny Lim
9b42831c70 Suppress deprecation warnings in spring-security-crypto 2018-05-04 21:02:57 -05:00
Johnny Lim
2a0f529ee4 Use spring-projects for organization in GitHub URLs 2018-05-04 21:01:39 -05:00
Rob Winch
3ba15a16bf Polish CookieServerCsrfTokenRepository 
- Only do work if subscribed to
- use test naming conventions
- Refactor tests to avoid extracting
  - Uses String for member names which are not type safe
  - Uses long argument list which makes assertions difficult to read

Issue: gh-5083
 2018-05-04 16:54:48 -05:00
Rob Winch
37b1136c0c Remove CookieServerCsrfTokenRepository builder methods 
This is inconsistent with the rest of the code base.

Issue: gh-5083
 2018-05-04 16:54:48 -05:00
Eric Deandrea
1eaecc12ec Add CookieServerCsrfTokenRepository 
A cookie implementation of ServerCsrfTokenRepository (like CookieCsrfTokenRepository)
is missing. In this implementation it would be nice to allow the setting of the domain as well.

Fixes: gh-5083
 2018-05-04 16:54:48 -05:00
Alexander Münch
0570cebbce Avoid unnecessary grow of ArrayList 
Adapted ArrayList size in CacheControlHeadersWriter::createHeaders()
 2018-05-04 14:23:31 -05:00
XYUU
3740d33e64 The HttpHeader's ContentLength is a byte unit 2018-05-04 14:18:03 -05:00
XYUU
23dd136efb The HttpHeader's ContentLength is a byte unit 2018-05-04 14:18:03 -05:00
Johnny Lim
44b22e7208 Fix 'attributes' deprecation warning in spring-security-docs-guides 2018-05-04 14:12:14 -05:00
Kazuki Shimizu
8d716f75a4 Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:49:25 -05:00
Joe Grandja
fff64db0e2 Improve ClaimAccessor getClaimAsInstant 
Fixes gh-5250
 2018-05-03 21:03:45 -04:00
Joe Grandja
2356749cc3 Add test NimbusUserInfoResponseClient sets Accept header to JSON 
Issue gh-5294
 2018-05-03 20:18:41 -04:00
Joe Grandja
b8f225c49e NimbusUserInfoResponseClient sets Accept header to JSON 
Fixes gh-5294
 2018-05-03 16:34:38 -04:00
Rob Winch
0a5da93640 Improve PasswordEncoder deprecated notices 
Fixes: gh-5296
 2018-05-03 15:13:06 -05:00
Rob Winch
948e650a0e Add update-dependencies.sh 
Fixes: gh-5276
 2018-05-03 14:59:16 -05:00
Rob Winch
bc0c3a5b69 Update to Spring Framework 5.0.6.BUILD-SNAPSHOT 
Issue: gh-5290

# Conflicts:
#	gradle/dependency-management.gradle
 2018-05-03 14:10:09 -05:00
Rob Winch
618e0ab98d Update to selenium 3.11.0 
Fixes: gh-5289
 2018-05-03 14:09:15 -05:00
Rob Winch
bc017a62ca Update to mockito-core:2.18.3 
Fixes: gh-5284
 2018-05-03 14:09:15 -05:00
Rob Winch
e971490605 Update to htmlunit:2.30 
Fixes: gh-5283
 2018-05-03 14:09:15 -05:00
Rob Winch
58b02364c2 Update to aspectj 1.9.1 
Fixes: gh-5282
 2018-05-03 14:09:12 -05:00
Rob Winch
ef9279dd7c Update to javax.servlet-api:4.0.1 
Fixes: gh-5281
 2018-05-03 14:08:25 -05:00
Rob Winch
ba5986f9b1 Update to oauth2-oidc-sdk:5.61 
Fixes: gh-5280
 2018-05-03 14:08:25 -05:00
Rob Winch
332aee8dd5 Update to nimbus-jose-jwt:5.10 
Fixes: gh-5279
 2018-05-03 14:08:25 -05:00
Rob Winch
c0813b7448 Update Spring Boot 2.0.1.RELEASE 
Fixes: gh-5278

# Conflicts:
#	gradle.properties
 2018-05-03 14:08:18 -05:00
Rob Winch
dc75c3e011 Update GAE 1.9.63 
Fixes: gh-5277
 2018-05-03 14:06:52 -05:00
Joe Grandja
4cc5705ae5 HttpSessionOAuth2AuthorizationRequestRepository removes empty Map from session 
Fixes gh-5263
 2018-05-02 11:07:26 -04:00
Joe Grandja
49b63e260d OAuth2LoginAuthenticationFilter should handle null ClientRegistration 
Fixes gh-5251
 2018-05-02 09:16:42 -04:00
Josh Cummings
2273839aad
FormLoginConfigTests groovy->java 
Issue: gh-4939
 2018-05-01 08:11:04 -06:00
Rob Winch
9bb841ac67 ExceptionTranslationFilter does not handle committed responses 
Fixes: gh-5273
 2018-04-30 16:49:51 -05:00
Rob Winch
eb067bc3a1 DefaultWebSecurityExpressionHandler uses PermissionEvaluator Bean 
The default instance of DefaultWebSecurityExpressionHandler uses the
PermissionEvaluator Bean by default.

Fixes: gh-5272
 2018-04-30 12:15:50 -05:00
Josh Cummings
359a73eff2
Merge pull request #5260 from jzheaux/gh-4939-FormLoginBeanDefinitionParserTests 
FormLoginBeanDefinitionParserTests groovy->java
 2018-04-27 12:03:55 -06:00
Josh Cummings
52d95770ec
Merge pull request #5240 from jzheaux/gh-4939-CsrfConfigTests 
CsrfConfigTests groovy->java
 2018-04-25 12:26:16 -06:00
Josh Cummings
3c1231efd3
CsrfConfigTests groovy->java 
Issue: gh-4939
 2018-04-25 11:41:32 -06:00
Josh Cummings
65326b1178
FormLoginBeanDefinitionParserTests groovy->java 
Issue: gh-4939
 2018-04-25 11:12:07 -06:00
Josh Cummings
f9eea1a58d
Merge pull request #5224 from jzheaux/gh-4939-AccessDeniedHandlerTests 
AccessDeniedConfigTests groovy->java
 2018-04-25 08:23:30 -06:00
Josh Cummings
9c0f2cc281
AccessDeniedConfigTests groovy->java 
Issue: gh-4939
 2018-04-24 08:11:47 -06:00
Josh Cummings
7daa27874e
Merge pull request #5247 from jzheaux/gh-5242 
Remove Default URLs and Parameters Commentary
 2018-04-19 10:34:16 -06:00
Josh Cummings
f8247fa346
Remove Default URLs and Parameters Commentary 
This paragraph was originally there to explain why Spring Security was
moving from the old default URLs and parameters to new ones.

Now that the defaults are the same in XML and well as Java Config, the
explanation is now no longer relevant.

Fixes: gh-5242
 2018-04-19 08:53:23 -06:00
Rob Winch
afdefe7b13 Fixes: gh-5190 2018-04-16 17:52:27 -05:00
Joe Grandja
6095340e93 OAuth2AuthorizationRequestRedirectFilter -> Reuse code for baseUrl 
Fixes gh-5153
 2018-04-09 21:11:00 -04:00
Joe Grandja
d8f91e4261 Fix NPE with exp claim in NimbusJwtDecoderJwkSupport 
Fixes gh-5168
 2018-04-04 07:58:32 -04:00
Joe Grandja
2bd31c96ed ClaimAccessor.getClaimAsInstant() converts Long or Date 
Fixes gh-5191, Fixes gh-5192
 2018-04-03 21:14:25 -04:00