Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,694 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

16694 Commits

Author SHA1 Message Date
Max Batischev 81e4c7273a Add One-Time Token Login support to Kotlin DSL 
Closes gh-15698
 2024-09-04 09:13:38 -03:00
github-actions[bot] 820e3f5750 Merge branch '6.2.x' into 6.3.x 2024-09-04 03:56:14 +00:00
github-actions[bot] 3b2afd7a06 Merge branch '6.3.x' 2024-09-04 03:56:14 +00:00
dependabot[bot] c44eed0d15 Bump org-eclipse-jetty from 11.0.23 to 11.0.24 
Bumps `org-eclipse-jetty` from 11.0.23 to 11.0.24.

Updates `org.eclipse.jetty:jetty-server` from 11.0.23 to 11.0.24

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.23 to 11.0.24

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-03 20:55:25 -07:00
github-actions[bot] ff65f5edb6 Merge branch '6.3.x' 2024-09-04 03:53:37 +00:00
dependabot[bot] 01a32c4e10 Bump org-eclipse-jetty from 11.0.23 to 11.0.24 
Bumps `org-eclipse-jetty` from 11.0.23 to 11.0.24.

Updates `org.eclipse.jetty:jetty-server` from 11.0.23 to 11.0.24

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.23 to 11.0.24

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-03 20:53:01 -07:00
dependabot[bot] f4ac42e7fe Bump org-eclipse-jetty from 11.0.23 to 11.0.24 
Bumps `org-eclipse-jetty` from 11.0.23 to 11.0.24.

Updates `org.eclipse.jetty:jetty-server` from 11.0.23 to 11.0.24

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.23 to 11.0.24

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-03 20:52:56 -07:00
dependabot[bot] 7ad6f38d5b Bump org-eclipse-jetty from 9.4.55.v20240627 to 9.4.56.v20240826 
Bumps `org-eclipse-jetty` from 9.4.55.v20240627 to 9.4.56.v20240826.

Updates `org.eclipse.jetty:jetty-server` from 9.4.55.v20240627 to 9.4.56.v20240826

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.55.v20240627 to 9.4.56.v20240826

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-03 20:40:27 -07:00
Josh Cummings db04b5a248
Merge branch '6.3.x' 2024-09-03 16:34:09 -06:00
Josh Cummings ff41521e1e
Merge branch '6.2.x' into 6.3.x 2024-09-03 16:33:46 -06:00
Josh Cummings b22061d0b6
Merge branch '5.8.x' into 6.2.x 2024-09-03 16:33:22 -06:00
Josh Cummings 97cefa6830 Update Formatting 
Issue gh-15714
 2024-09-03 15:32:59 -07:00
tugjg f836efb912 Address unnecessary method invocation 
Closes gh-15714
 2024-09-03 15:32:59 -07:00
Xi Minghui 0b98eb4139 Correct ObservationRegistry Type Reference 2024-09-03 14:28:00 -07:00
Tran Ngoc Nhan febe5e6ddf docs: update 2024-09-03 13:51:47 -07:00
Xi Minghui d23f283598 Corrected AuthenticationEventPublisher Type 2024-09-03 13:24:09 -07:00
Marcus Hert Da Coregio 00e4a8fb54 Add support for One-Time Token Login 
Closes gh-15114
 2024-09-03 10:07:56 -03:00
Marcus Hert Da Coregio 5c56bddbdd Polish log message 2024-09-03 09:43:37 -03:00
Florian Bernard 008cbc2cae Add cookie customizer to CookieRequestCache and CookieServerRequestCache 
Issue gh-15204
 2024-09-03 09:41:30 -03:00
Marcus Hert Da Coregio 820ce4ea7a Merge branch '6.3.x' 2024-09-02 09:00:11 -03:00
Marcus Hert Da Coregio 25ddc2acfc Merge branch '6.2.x' into 6.3.x 2024-09-02 09:00:01 -03:00
Bryan Kelly 69231c5853 Avoid running the VerifyDependenciesVersionsTask and CheckExpecedBranchVersionTask when inputs are stable #15713 2024-09-02 08:45:48 -03:00
Yanming Zhou f0f47b54ec Improve warning message 2024-08-31 16:48:59 -07:00
Josh Cummings add5c56136
Update AuthorizeReturnObject Jackson Docs 
Now instructs to use MethodAuthorizationDeniedHandler

Issue gh-14601
 2024-08-30 11:43:47 -06:00
DingHao fd05c5ad76 Remove Advised Methods from Authorization Proxy Objects 
Closes gh-15561
 2024-08-30 10:40:25 -07:00
Josh Cummings ecf6cace82
Re-Enable Disabled OpenSAML Tests 
Issue gh-15395
 2024-08-30 10:21:32 -06:00
Josh Cummings c9d083717f
Apply OpenSAML Test Fix to Remaining Test 
There was one test that wasn't converted and now it is.

Issue gh-15395
 2024-08-30 10:21:32 -06:00
Josh Cummings 626610a975
Polish Annotation API 
Rename to a class that isn't focused on the synthesis implementation detail.
Also add Security to the front of the name to clarify that it is only intended
for security annotations, reminiscent of SecurityMetadataSource.

Refine method signatures to better articulate supported use cases.

Issue gh-15286
 2024-08-30 08:51:49 -06:00
Josh Cummings cc6de8fa5d
Hide MergedAnnotation Implementation Details 
Issue gh-15286
 2024-08-29 17:27:14 -06:00
Ilpyo-Yang 095929f6e8 Include FilterChain in SessionInformationExpiredEvent 
Closes gh-14077
 2024-08-29 13:12:27 -03:00
dependabot[bot] 3117feff61 Bump org.seleniumhq.selenium:selenium-java from 4.23.1 to 4.24.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.23.1 to 4.24.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.24.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-28 20:50:27 -07:00
dependabot[bot] 373508bd20 Bump org.mockito:mockito-bom from 5.12.0 to 5.13.0 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.12.0 to 5.13.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.12.0...v5.13.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-27 20:23:49 -07:00
DingHao 84fc5a70ee Fix variable targetClassToUse not used 
Closes gh-15567
 2024-08-26 15:49:22 -07:00
Xi Minghui e39b39dada Corrected Reference to HttpServletRequest#authenticate 2024-08-26 15:35:13 -07:00
Josh Cummings d2e8c19789
Merge branch '6.3.x' 2024-08-26 16:33:04 -06:00
Josh Cummings 279cb89eac
Merge branch '6.2.x' into 6.3.x 2024-08-26 16:32:58 -06:00
Hero Wanders 2ba9b6821a Fix OIDC Logout Code Snippets 2024-08-26 15:32:35 -07:00
Hero Wanders f372f5cf52 Replace OidcSessionStrategy References with OidcSessionRegistry 2024-08-26 15:32:35 -07:00
Josh Cummings f0f04e490e
Merge branch '6.3.x' 2024-08-26 16:25:27 -06:00
Josh Cummings 6ea33ceaea
Merge branch '6.2.x' into 6.3.x 2024-08-26 16:25:12 -06:00
Junhyunny 47723f6d39 Fix code format in OIDC Logout docs 2024-08-26 15:14:02 -07:00
github-actions[bot] 52b6de262a Merge branch '6.3.x' 2024-08-26 19:41:36 +00:00
github-actions[bot] 2041d30201 Merge branch '6.2.x' into 6.3.x 2024-08-26 19:41:36 +00:00
dependabot[bot] 5c84d505d9 Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api 
Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases)
- [Commits](https://github.com/eclipse-ee4j/jstl-api/commits)

---
updated-dependencies:
- dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 12:40:57 -07:00
dependabot[bot] c3a5cf54d4 Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api 
Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases)
- [Commits](https://github.com/eclipse-ee4j/jstl-api/commits)

---
updated-dependencies:
- dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 12:40:49 -07:00
dependabot[bot] aef2068f76 Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api 
Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases)
- [Commits](https://github.com/eclipse-ee4j/jstl-api/commits)

---
updated-dependencies:
- dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-26 12:40:27 -07:00
Josh Cummings 78fd8bf3b7
Specify Labels for npm Updates 
This brings the labels in line with the other dependency updates that
aren't of interest for the release notes. It also avoids adding labels
that aren't already defined by the project.
 2024-08-26 13:37:04 -06:00
Josh Cummings b91f10825e
Disable Flaky Tests 
There was another flaky failure. While it seems clear what
needs to be done to repair it, this commit disables these
tests for now while the CI on a separate branch confirms
after a few days that the tests are stable again.

Issue gh-15395
 2024-08-26 08:58:38 -06:00
Josh Cummings 561c786726
Repair Flaky Tests 
The issue turned out to be that OpenSAML first sends two HEAD
requests before sending a GET to retrieve the metadata. The way
the MockWebServer dispatcher was configured, it would send back
the metadata on each request. This created a situation where sockets
were being closed by the client before the server had sent all the
response, resulting in a broken pipe.

The tests would succeed most of the time due to lucky timing between
the client closing the socket and the server having sent all of its
(unrequested) data.

This version sends an expected HEAD response when requested.

Issue gh-15395
 2024-08-23 15:55:56 -06:00
dependabot[bot] e90a6b66fe Bump com.gradle.develocity from 3.17.6 to 3.18 
Bumps com.gradle.develocity from 3.17.6 to 3.18.

---
updated-dependencies:
- dependency-name: com.gradle.develocity
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-22 20:17:45 -07:00