Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,205 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

2044 Commits

Author SHA1 Message Date
Eric Haag 30bc2634d7 Optimize configuration of project repositories 
This change applies repository content filtering to configured
repositories, reducing the time spent during dependency resolution.

This fixes an issue where requests for 'org.opensaml',
'net.shibboleth.utilities' and 'net.minidev' dependencies were being
made in the Spring releases repositories, resulting in many failed
requests during dependency resolution and increased resolution times.

Closes gh-13582
 2023-08-07 09:51:42 -05:00
Josh Cummings c4f061c63d
Do Not Re-register Method Security Advisors 
Closes gh-13572
 2023-07-24 11:24:03 -06:00
Josh Cummings bb46a54270
Add DispatcherServlet to Tests 
Issue gh-13551
 2023-07-17 10:58:30 -06:00
Josh Cummings df239b6448
Improve RequestMatcher Validation 
Closes gh-13551
 2023-07-17 08:41:30 -06:00
Marcus Da Coregio a939f17890 Merge branch '5.7.x' into 5.8.x 2023-07-17 09:15:56 -03:00
Marcus Da Coregio fe9bc26bdc Merge branch '5.6.x' into 5.7.x 2023-07-17 09:13:28 -03:00
Marcus Da Coregio 7813a9ba26 Use default PathPatternParser instance 2023-07-17 09:12:28 -03:00
Marcus Da Coregio b47420f8a2 Merge branch '5.7.x' into 5.8.x 
Closes gh-13280
 2023-06-05 16:02:30 -03:00
Marcus Da Coregio 7250abc185 Does not apply a Configurer when disabled from another DSL 
Closes gh-13203
 2023-06-05 16:01:20 -03:00
Josh Cummings 73cb9862ad
Update Symlink for 5.8 
Issue gh-13131
 2023-05-24 14:37:18 -06:00
Josh Cummings 62ede47d86
Merge branch '5.7.x' into 5.8.x 
Closes gh-13207
 2023-05-22 15:42:36 -06:00
Josh Cummings 1eefd433b6
Add spring-security.xsd symlink 
Closes gh-13131
 2023-05-22 15:42:02 -06:00
Josh Cummings 35ad1f857e
Only Register as Advisor in Proxy Mode 
Closes gh-13160
 2023-05-19 16:33:46 -06:00
lukasz.migdalek f4915890cc
Use Spec Order for Verifying Signatures 
Closes gh-12346
 2023-05-15 17:24:22 -06:00
Josh Cummings e9a02bc6e9
RememberMeConfigurer Picks Up SecurityContextRepository 
Closes gh-13104
 2023-05-02 16:46:35 -06:00
Josh Cummings f261242db1
Merge branch '5.7.x' into 5.8.x 2023-04-24 16:33:29 -06:00
Ruslan Stelmachenko caa4093619 Fix javadoc for migration from WebSecurityConfigurerAdapter 2023-04-24 16:32:16 -06:00
Marcus Da Coregio 6cf8c53aaa Merge branch '5.7.x' into 5.8.x 2023-04-17 07:16:47 -03:00
Marcus Da Coregio 2d52fb8e4b Clear Repository on Logout 2023-04-17 06:47:57 -03:00
Marcus Da Coregio 54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Marcus Da Coregio fd65dc6756 Merge branch '5.7.x' into 5.8.x 2023-03-22 10:08:17 -03:00
Martin Tarjányi 5eefe9dcff Fix typo in SessionManagementConfigurer javadoc 2023-03-22 10:07:44 -03:00
Marcus Da Coregio 97ba596ca3 Merge branch '5.7.x' into 5.8.x 
Closes gh-12776
 2023-02-23 15:17:04 -03:00
Marcus Da Coregio 1c3ce1e401 Fix entity-id ignored in RelyingPartyRegistration XML config 
Closes gh-11898
 2023-02-23 15:16:40 -03:00
Josh Cummings 0baf650f38
Merge branch '5.7.x' into 5.8.x 
Closes gh-12686
 2023-02-16 14:55:22 -07:00
Leonid Rozenblyum 000b4bc495 Fix NPE in HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter 
Before the fix, these methods would throw a NPE in case when the filter class passed as the second parameter, is not registered yet.

In particular, this exception can occur when mixing standard and custom DSL to register filters.

The fix doesn't change the situation that standard DSL for registration of filters cannot refer to filters that are registered via custom DSL even though those calls were done earlier.

It just provides more user-friendly error handling for this and most likely other scenarios of calls of HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter.

The error handling is implemented similarly to HttpSecurity#addFilter.

Closes gh-12637
 2023-02-16 14:54:44 -07:00
Steve Riesenberg c306df9b46
Add XorCsrfChannelInterceptor 
Issue gh-12378
 2023-01-23 16:00:35 -06:00
Marcus Da Coregio 7aaa25b88e Merge branch '5.7.x' into 5.8.x 2022-12-05 14:40:54 -08:00
Marcus Da Coregio fc25b87967 Merge branch '5.6.x' into 5.7.x 2022-12-05 14:40:38 -08:00
Mitja Kotnik f39f215140 Replace javadoc with SecurityFilterChain bean definition 2022-12-05 14:40:05 -08:00
Guillaume Husta a5464ed819 Fix typo in DefaultLoginPageConfigurer Javadoc 
'isLogoutRequest' seems to have nothing to do here.
 2022-12-05 14:31:15 -08:00
Marcus Da Coregio e774bd480b Merge branch '5.7.x' into 5.8.x 
Closes gh-12261
 2022-11-21 10:25:43 -03:00
Marcus Da Coregio f561d3784e Improve deprecation notice in WebSecurityConfigurerAdapter 
Closes gh-12260
 2022-11-21 10:05:08 -03:00
Steve Riesenberg ea6ce05662
Add configurer tests for CookieCsrfTokenRepository 
Issue gh-12236
 2022-11-18 13:12:59 -06:00
Steve Riesenberg 2ed7cff643
Check for existing token before clearing 
Closes gh-12236
 2022-11-18 13:12:59 -06:00
Jan Marten 2301e8ca77
Fix Javadoc in EnableWebSocketSecurity 
Add missing method name in EnableWebSocketSecurity JavaDoc code example.
 2022-11-16 16:51:42 -06:00
Josh Cummings 3192618220
Add authenticationFailureHandler 
- To ServerHttpSecurity#httpBasic
- To ServerHttpSecurity#oauthResourceServer

Closes gh-12132
 2022-11-02 15:35:01 -06:00
Josh Cummings 6622e0135a
Merge branch '5.7.x' into 5.8.x 
Closes gh-12126
 2022-11-01 18:06:41 -06:00
Josh Cummings 6efac34ca7
Merge branch '5.6.x' into 5.7.x 
Closes gh-12125
 2022-11-01 18:06:01 -06:00
Koos Gadellaa 5c4362bbc4
Refresh parsers when not found 
Closes gh-3065
 2022-11-01 18:05:15 -06:00
Rob Winch d860775b45 Document Defer load CsrfToken 
Closes gh-12105
 2022-10-28 15:41:25 -05:00
mmoussa_mapfreusa bd4e0fb5db
Set LogoutRequestRepository on Saml2 LogoutSuccessHandler 
Closes gh-11363
 2022-10-26 16:44:23 -06:00
Steve Riesenberg c75ca10900
Add DeferredSecurityContext 
Issue gh-12023
 2022-10-17 19:33:58 -05:00
Steve Riesenberg 440748ec65
Add test support for Xor CSRF tokens 
Issue gh-4001
 2022-10-12 15:02:15 -05:00
Steve Riesenberg 37fa49b32d
Polish gh-11952 2022-10-07 17:40:12 -05:00
Steve Riesenberg f462134e87
Add reactive support for BREACH 
Closes gh-11959
 2022-10-07 16:34:17 -05:00
Steve Riesenberg f4ca90e719
Add reactive interfaces for CSRF request handling 
Issue gh-11959
 2022-10-07 16:34:16 -05:00
Marcus Da Coregio f3321c256c Add XML support for shouldFilterAllDispatcherTypes 
Closes gh-11492
 2022-10-07 10:20:32 -03:00
Marcus Da Coregio 8a5aed2983 Add deprecation warning to CsrfDsl#ignoringAntMatchers 
Issue gh-11347
 2022-10-06 13:50:38 -03:00
Marcus Da Coregio bc4ad52feb Add deprecation warning to mvcMatchers methods 
Issue gh-11347
 2022-10-06 13:21:27 -03:00