Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-18 06:50:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,223 Commits 49 Branches 376 Tags
Commit Graph

1724 Commits

Author SHA1 Message Date
Steve Riesenberg
99f768bab9 Polish HttpSecurity 2022-07-29 17:43:00 -05:00
Steve Riesenberg
984355e637 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:43:00 -05:00
Steve Riesenberg
09173c95d6 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:43:00 -05:00
Marcus Da Coregio
a996dfc55b Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:38:50 -03:00
Juny Tse
d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:02:13 -06:00
Marcus Da Coregio
d86ed6f523 Update copyright headers 
Issue gh-10956
 2022-05-06 14:14:16 -03:00
Marcus Da Coregio
1959c25a03 Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:11:37 -03:00
Rob Winch
7b6fd598d0 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:57:22 -05:00
Eleftheria Stein
5ac5edc2e6 Detect UserDetailsService bean in X509 configuration 
Closes gh-11174
 2022-04-28 14:47:18 +02:00
Eleftheria Stein
d40c15e09e Update remember me Javadocs 
Describe the new behaviour for retrieving the UserDetailsService

Issue gh-11170
 2022-04-28 14:13:52 +02:00
Marcus Da Coregio
e94adedb94 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:19:20 -03:00
Eleftheria Stein
8e34cedcfe Detect UserDetailsService bean in remember me 
Closes gh-11170
 2022-04-28 12:43:13 +02:00
nor-ek
a3e7e54b70 Security Context Dsl 
Closes gh-11039
 2022-04-26 17:34:44 +02:00
Marcus Da Coregio
23594b3d01 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:42:00 -03:00
Rob Winch
aaf78330b1 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:16:35 -05:00
Marcus Da Coregio
7fea639a43 Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 15:58:00 -03:00
Josh Cummings
147ab42440
Revert "Pick up AuthorizationManager Bean" 
This reverts commit 32b83aae63db382d3107ad3eb68259715bbd88da.

Issue gh-11067
 2022-04-12 09:32:09 -06:00
Rob Winch
39b0620a84 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:44 -05:00
Josh Cummings
32b83aae63
Pick up AuthorizationManager Bean 
Closes gh-11067
Closes gh-11068
 2022-04-08 10:08:33 -06:00
Josh Cummings
b39f213e64
Revert "Add AuthorizationManager to Messaging" 
This reverts commit 77a6e014a9c3da916559ae7d1707b09db3ab1194.
 2022-04-07 17:39:34 -06:00
Josh Cummings
77a6e014a9
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-04-07 17:39:10 -06:00
Josh Cummings
66213e5b2e
Add Default Test to HttpBasicConfigurerTests 
Issue gh-10973
 2022-04-05 17:11:39 -06:00
Josh Cummings
47c8676be7
Polish Saml2LoginConfigurerTests 
Issue gh-10973
 2022-04-05 17:11:38 -06:00
Josh Cummings
c175118f62
Use RequestMatcherEntry 
Closes gh-11046
 2022-03-30 14:31:11 -06:00
Josh Cummings
061f69eb70
Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:03:19 -06:00
Josh Cummings
a43677d36a
Simplify PrePostMethodSecurityConfiguration 
Issue gh-9288
 2022-03-29 15:44:16 -06:00
Rob Winch
67fd46bfa6 Add SecurityContextRepository.loadContext(HttpServletRequest) 
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
 2022-03-25 14:21:52 -05:00
Yuriy Savchenko
446ab5047c
Add authorizeHttpRequests to Kotlin DSL 
Closes gh-10481
 2022-03-22 09:39:06 -06:00
Yuriy Savchenko
3016ed0067
Fix typos in Kotlin DSL docs 
Issue gh-10481
 2022-03-22 08:27:29 -06:00
Rob Winch
87ed31a99c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-11 17:22:23 -06:00
Rob Winch
dbcb5004b4 Extract createSecurityContextRepository() 
Extract out method in preparation for adding SecurityContextHolderFilter
configuration.

Issue gh-9635
 2022-03-11 17:21:49 -06:00
Norbert Nowak
ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:23:35 -07:00
Marcus Da Coregio
93d4fd3559 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 09:18:01 -03:00
Marcus Da Coregio
73f839312d Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 09:18:01 -03:00
Josh Cummings
7a02bd14c1 Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:19:03 -07:00
m0k045e
3aa7a65cb4 OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager 
Closes gh-10846
 2022-02-28 15:30:19 -07:00
Eleftheria Stein
e97c643870 Deprecate WebSecurityConfigurerAdapter 
Closes gh-10822
 2022-02-17 12:13:50 +01:00
Eleftheria Stein
c2635ba6bf Apply configurers from spring.factories to HttpSecurity bean 
Closes gh-10814
 2022-02-09 14:40:57 +01:00
Josh Cummings
cbd87fac89 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 14:50:28 -07:00
Manuel Jordan
01ed617d5f Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 14:50:19 -07:00
Josh Cummings
d538423f98 Add Saml2AuthenticationRequestResolver 
Closes gh-10355
 2022-01-24 15:09:45 -07:00
Eleftheria Stein
a537b636c1 Add LDAP factory beans 
Issue gh-10138
 2022-01-18 15:11:30 +01:00
Josh Cummings
75f25bff82 Polish multiple RequestRejectedHandlers support 
Issue gh-10603
 2022-01-14 16:49:38 -07:00
Adam Ostrožlík
4ea57f3e3f Support multiple RequestRejectedHandler beans 
Closes gh-10603
 2022-01-14 16:46:15 -07:00
Marcus Da Coregio
60ed3602f6 Make source code compatible with JDK 8 
Closes gh-10695
 2022-01-11 09:19:41 -03:00
heowc
1ab0705b47 Fix typo 2022-01-10 16:17:42 +01:00
Marcus Da Coregio
18427b6411 Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2021-12-13 08:57:30 -03:00
Josh Cummings
cd8983d4e5 Polish enableSessionUrlRewriting Clarification 
Closes gh-7644
 2021-12-09 12:14:40 -07:00
James Howe
5598688fa6 Clarify behaviour of enableSessionUrlRewriting 
See #3087
 2021-12-09 12:06:30 -07:00
Marcus Da Coregio
65426a40ec Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-07 17:23:06 +01:00