Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,992 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

2268 Commits

Author SHA1 Message Date
Marcus Da Coregio c7912c551b Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:51:53 -03:00
Marcus Da Coregio 0aac515737 Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:35:41 -03:00
Marcus Da Coregio 3826fca567 Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:33:08 -03:00
Rob Winch 888c65a936 Add DeferHttpSession*Tests 
Closes gh-6125
 2022-08-18 17:38:03 -05:00
Rob Winch 81d6b6df6c Add Explicit SessionAuthenticationStrategy Option 
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.

This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.

Closes gh-11455
 2022-08-18 17:38:03 -05:00
Rob Winch 1de810a565 Add DeferHttpSession*Tests 
Closes gh-6125
 2022-08-18 17:00:47 -05:00
Rob Winch 89f8310d6c Add Explicit SessionAuthenticationStrategy Option 
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.

This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.

Closes gh-11455
 2022-08-18 17:00:47 -05:00
Yuriy Savchenko 63d2f19e2a Remove default value for access parameter 
Closes gh-10957
 2022-08-18 15:22:08 -03:00
Marcus Da Coregio af3d70f130 Remove GlobalMethodSecurityRuntimeHints 
Closes gh-11714
 2022-08-17 08:07:28 -03:00
Evgeniy Cheban ba50c50b4b
Add remaining methods from ExpressionUrlAuthorizationConfigurer to MessageMatcherDelegatingAuthorizationManager 
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11509
 2022-08-16 15:14:08 -06:00
Evgeniy Cheban 5ecd513a57 Add remaining methods from ExpressionUrlAuthorizationConfigurer to MessageMatcherDelegatingAuthorizationManager 
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11509
 2022-08-16 15:12:47 -06:00
Rob Winch 5cf42b1f2e Defer CsrfFilter Session Access 
Closes gh-11456
 2022-08-16 13:48:20 -05:00
Rob Winch 8ad20b1768 Add CsrfFilter.csrfRequestAttributeName 
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.

This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.

Issue gh-11699
 2022-08-16 13:47:31 -05:00
Rob Winch 5b64526ba9 Add CsrfFilter.csrfRequestAttributeName 
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.

This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.

Issue gh-11699
 2022-08-15 17:07:02 -05:00
Rob Winch faf9fb7337 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:46 -05:00
Rob Winch 9f00045638 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:30 -05:00
Rob Winch 002a770f13 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:12 -05:00
Rob Winch ce778b0e20 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:25:15 -05:00
Rob Winch 425b3501b7 Remove `@Configuration` from `@Enable*` Annotations 
This removes `@Configuration` from all `@Enable` Annotations and explicitly
adds `@Configuration` to wherever the `@Enable*` Annotations are used.

Closes gh-11653
 2022-08-09 17:00:24 -05:00
Rob Winch a5069d7e35 Fix Add @Configuration to @Enable*Security Usage 
Issue gh-6613
 2022-08-09 17:00:16 -05:00
Igor Bolic 2e66b9f6cc Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:44:01 -05:00
Igor Bolic efaee4e56b Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:35:49 -05:00
Josh Cummings ed58ac7d78
Add Conditions to Generating AuthnRequest 
Closes gh-11657
 2022-08-03 17:49:48 -06:00
Josh Cummings 9e8a04d414
Polish Tests 
Issue gh-11657
 2022-08-03 17:49:46 -06:00
Josh Cummings c2d79fcbd6
Add Conditions to Generating AuthnRequest 
Closes gh-11657
 2022-08-03 17:34:31 -06:00
Josh Cummings aa225943d2
Polish Tests 
Issue gh-11657
 2022-08-03 17:34:26 -06:00
Marcus Da Coregio f8971742f2 Remove FilterSecurityInterceptor from WebSecurity 
Closes gh-11325
 2022-08-02 15:34:02 -03:00
Joshua Sattler 040111ae9e Remove Configuration meta-annotation from Enable* annotations 
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.

Closes gh-6613

Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
 2022-07-30 03:48:42 +02:00
Steve Riesenberg 99f768bab9 Polish HttpSecurity 2022-07-29 17:43:00 -05:00
Steve Riesenberg 984355e637 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:43:00 -05:00
Steve Riesenberg 09173c95d6 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:43:00 -05:00
Steve Riesenberg 07ea139ebf Polish HttpSecurity 2022-07-29 17:42:39 -05:00
Steve Riesenberg 67544f36f9 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:42:39 -05:00
Steve Riesenberg 05725af4d8 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:42:39 -05:00
Steve Riesenberg 15f525c614 Polish HttpSecurity 2022-07-29 17:42:20 -05:00
Steve Riesenberg 0c0c75ce22 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:42:20 -05:00
Steve Riesenberg 9861769b02 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:42:20 -05:00
Marcus Da Coregio 7f2c797086 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:39:56 -03:00
Marcus Da Coregio e5ae35ab71 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:39:33 -03:00
Marcus Da Coregio a996dfc55b Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:38:50 -03:00
Marcus Da Coregio d66ad22652 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:32:44 -03:00
Marcus Da Coregio 1f26f8c419 Update spring-data-jpa to 3.0.0-M5 
Closes gh-11540
 2022-07-15 14:37:24 -03:00
Anbu Sampath 0c14a36ad6 Update Kotlin to 1.7.10 
Closes gh-11374, gh-11534
 2022-07-15 14:10:52 -03:00
Josh Cummings d27322c9e0
Polish HttpSecurity Formatting 
Issue gh-11360
 2022-07-14 13:00:08 -06:00
Evgeniy Cheban c4b0e9bd74
Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer 
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
 2022-07-14 13:00:07 -06:00
Josh Cummings 5dff157755
Polish HttpSecurity Formatting 
Issue gh-11360
 2022-07-14 12:50:40 -06:00
Evgeniy Cheban 400cd60368 Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer 
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
 2022-07-14 12:48:39 -06:00
Joe Grandja 42683693c0 Remove deprecated CustomUserTypesOAuth2UserService 
Closes gh-11511
 2022-07-14 14:28:41 -04:00
Josh Cummings 35fc437559
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-14 09:25:49 -06:00
Josh Cummings 9b43316f4d
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-14 09:25:16 -06:00
Joe Grandja a3326fc0ee Remove deprecated implicit authorization grant type 
Closes gh-11506
 2022-07-14 10:05:15 -04:00
Josh Cummings 624fdfa731
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-13 17:58:16 -06:00
Josh Cummings 51475e2583
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-13 17:57:38 -06:00
Steve Riesenberg d3b8bacc3c
Polish InterceptMethodsBeanDefinitionDecorator 2022-07-13 11:38:50 -05:00
Joe Grandja d85abc7bbb Update javadoc in CommonOAuth2Provider 
Closes gh-11490
 2022-07-13 11:20:04 -04:00
Marcus Da Coregio 7abea4a964 Add RuntimeHints suffix for RuntimeHintsRegistrar 
Closes gh-11497
 2022-07-13 10:14:43 -03:00
Joe Grandja 177baba8c9 RuntimeHintsPredicates moved to predicate package 2022-07-12 16:00:50 -04:00
Marcus Da Coregio 6455e98745 FilterSecurityInterceptor applies to every request by default 
Closes gh-11466
 2022-07-12 10:53:03 -03:00
Josh Cummings 60652afb32
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:54:59 -06:00
Josh Cummings 7560a32460
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:39:41 -06:00
Rob Winch d2d5313bba Fix Formatting 
Issue gh-11327
 2022-07-08 09:21:53 -05:00
Josh Cummings c9a3d21b9b
Add Configuration Test 
Issue gh-11327
 2022-07-07 14:46:37 -06:00
Josh Cummings e8a7b654b4
Add Configuration Test 
Issue gh-11327
 2022-07-07 14:42:07 -06:00
Josh Cummings 01ffc93062
Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 14:40:53 -06:00
Josh Cummings ec8c13392c
Clarify variable names 
Issue gh-11327
 2022-07-07 14:26:40 -06:00
Josh Cummings d27d431bbc
Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 13:52:36 -06:00
Josh Cummings cdafa4ee21
Clarify variable names 
Issue gh-11327
 2022-07-07 13:38:42 -06:00
Steve Riesenberg 0c48b6bc7f
Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:03:20 -05:00
Steve Riesenberg 696da87478 Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:00:04 -05:00
Josh Cummings 148c926de0
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 13:01:57 -06:00
Josh Cummings 74a007dc91
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 12:54:05 -06:00
Igor Bolic d96b4a0463 Set the useTrailingSlashMatch to true for tests 
The Spring MVC changed the default behavior for trailing slash match
with https://github.com/spring-projects/spring-framework/issues/28552.
This causes failures in Spring Security's tests.

Setting the `useTrailingSlashMatch` to `true` ensures that Spring
Security will work for users who have modified the default configuration.
Specifing the request mapper with trailing slash path ensures that the tests
are successful when default behavior is used.

Closes gh-11451
 2022-07-05 11:29:36 -06:00
Josh Cummings 05b788d1ac
Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:33:05 -06:00
Josh Cummings 03a5c3b08a
Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:32:05 -06:00
Josh Cummings d24a89ad53
Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 15:07:16 -06:00
Josh Cummings e8723f1f43
Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 14:58:53 -06:00
Josh Cummings a218d3e140
Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:56:55 -06:00
Josh Cummings 27de315e5e
Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:46:52 -06:00
Josh Cummings 83b3bb3209
Add SecurityContextHolderStrategy to Pre-authenticated scenarios 
Issue gh-11060
Issue gh-11061
 2022-06-28 12:10:07 -06:00
Josh Cummings 97cb2a7d91
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-28 12:09:56 -06:00
Josh Cummings 98995f2225
Add SecurityContextHolderStrategy to Pre-authenticated scenarios 
Issue gh-11060
Issue gh-11061
 2022-06-28 12:04:37 -06:00
Josh Cummings b3be35da31
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-28 12:04:37 -06:00
Josh Cummings 944f565c16
Use SecurityContextHolderStrategy for Remember-me 
Issue gh-11060
Isuse gh-11061
 2022-06-28 11:09:38 -06:00
Josh Cummings 4a2d77d3f2
Use SecurityContextHolderStrategy for Remember-me 
Issue gh-11060
Isuse gh-11061
 2022-06-28 11:08:57 -06:00
Josh Cummings b316a3217b
Add SecurityContextHolderStrategy for Jaas 
Issue gh-11060
Issue gh-11061
 2022-06-28 09:35:54 -06:00
Josh Cummings ee66850aed
Add SecurityContextHolderStrategy for Jaas 
Issue gh-11060
Issue gh-11061
 2022-06-28 09:26:05 -06:00
Josh Cummings bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:24:27 -06:00
Josh Cummings 484f35ca39
Add SecurityContextHolderStrategy Java Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:17:29 -06:00
Josh Cummings 74167d62b1
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 15:55:28 -06:00
Josh Cummings 9292a13146
Add SecurityContextHolderStrategy Java Configuration for Messaging 
Issue gh-11061
 2022-06-27 15:55:28 -06:00
Josh Cummings 5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:40:55 -06:00
Josh Cummings 74d646f569
Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:17:46 -06:00
Josh Cummings ef29d3944e
Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:17:44 -06:00
Josh Cummings c29b91cec7
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:17:43 -06:00
Josh Cummings 652c35db2f
Add SecurityContextHolderStrategy XML Configuration for OAuth2 
Issue gh-11061
 2022-06-27 13:05:13 -06:00
Josh Cummings 1d22316574
Add SecurityContextHolderStrategy Java Configuration for OAuth2 
Issue gh-11061
 2022-06-27 13:05:13 -06:00
Josh Cummings 6c16ac101a
Add SecurityContextHolderStrategy XML Configuration for Saml2 
Issue gh-11061
 2022-06-27 13:05:12 -06:00
Josh Cummings 97253c9293
Add SecurityContextHolderStrategy Java Configuration for Saml2 
Issue gh-11061
 2022-06-27 13:05:11 -06:00
Josh Cummings 9cd7c7b046
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:05:07 -06:00
Josh Cummings da57bac061
Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:03:11 -06:00
Josh Cummings fa0086d3b0
Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:01:22 -06:00
Josh Cummings 8d681b3b80
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:00:20 -06:00
Marcus Da Coregio a8c30f79e6 Add Core, MVC and MethodSecurity runtime hints 
Closes gh-11431
 2022-06-27 09:25:49 -03:00
Josh Cummings 150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 12:21:10 -06:00
Josh Cummings ce218c78f9
Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:58:38 -06:00
Josh Cummings 2a70707c35 Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Josh Cummings 2c09a300b6 Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Steve Riesenberg 79c2b8709b
Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 14:05:55 -05:00
Steve Riesenberg a061191bd2 Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 13:42:06 -05:00
Steve Riesenberg d18291676f
Update copyright year 
Issue gh-11372
 2022-06-15 13:14:07 -05:00
Steve Riesenberg c7df39a3e6
Fix tests using root cause for exception messages 
Closes gh-11372
 2022-06-14 17:12:15 -05:00
Jared Rufer 3ca4b06612
Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:56:16 -06:00
Jared Rufer 89989722d0 Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:50:33 -06:00
Houssem BELHADJ AHMED f4049c18b1 add SAML authentication request support to login configurer 
Closes gh-8873
 2022-06-06 08:05:33 -06:00
Marcus Da Coregio 4d65d96b8a Fix saml2Tests always running after a single test 
This commit makes the check task depend on the saml2Tests task.
The test task was also configured to run after saml2Tests, to make sure that the
compileTestJava runs after the compileSaml2TestJava

Issue gh-10816
 2022-06-03 11:22:46 -03:00
Marcus Da Coregio 3dd54bcda7 Run SAML 2.0 tests in an exclusive task 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 23903b5f18 Use Reflection to instantiate OpenSAML4 classes 
Because the OpenSAML4 classes are compiled using Java 11, we have to rely on reflection to instante those classes since the config module should be compatible with Java 8

Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio ccb1f68bfe Fix member variable using Java 9+ feature 
This causes compile errors when trying to build using JDK 8

Issue gh-10695
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 4c2401a576 Revert "Make source code compatible with JDK 8" 
This reverts commit 60ed3602f6.
 2022-06-02 19:24:42 +02:00
Josh Cummings 9683856956
Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:05:17 -06:00
Josh Cummings 38d481eba6
Make Internal Class Package-Private 
Issue gh-11305
 2022-05-31 16:04:26 -06:00
Josh Cummings d994ddc9b8
Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:04:02 -06:00
Josh Cummings 2afa9313eb
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 16:01:41 -06:00
Josh Cummings 9dbd1f3e25
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 15:10:00 -06:00
Josh Cummings e125a76687
Fix rnc typo 
Issue gh-11076
 2022-05-27 17:06:02 -06:00
Josh Cummings 7c0ba58019
Fix rnc typo 
Issue gh-11076
 2022-05-27 16:59:23 -06:00
Josh Cummings f4c0fcb5ef
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 13:35:19 -06:00
Josh Cummings 8a03d1fcec Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 12:20:48 -06:00
Juny Tse 649428b49a
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:06:27 -06:00
Juny Tse d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:02:13 -06:00
Juny Tse 16664dcdbd
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:43:50 -06:00
Juny Tse f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:42:54 -06:00
Josh Cummings 5cbc1a47da
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 15:30:07 -06:00
Josh Cummings 88f9529329
Correctly encode query parameters 
Issue gh-11235
 2022-05-23 15:30:01 -06:00
Josh Cummings b51c71c3b3
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 13:56:28 -06:00
Josh Cummings 5adb6e25a3
Correctly encode query parameters 
Issue gh-11235
 2022-05-20 17:46:40 -06:00
Josh Cummings 0814136ee8
Polish WebExpressionAuthorizationManager 
- Add support for request variables
- Added additional tests

Issue gh-11105
 2022-05-13 14:14:42 -06:00
Evgeniy Cheban c4766e64fe
Add AuthorizationManager that uses ExpressionHandler 
Closes gh-11105
 2022-05-13 14:05:34 -06:00
Josh Cummings ffaf5b4e61
Polish WebExpressionAuthorizationManager 
- Add support for request variables
- Added additional tests

Issue gh-11105
 2022-05-13 13:53:38 -06:00
Evgeniy Cheban 07b0be3f42 Add AuthorizationManager that uses ExpressionHandler 
Closes gh-11105
 2022-05-13 13:52:49 -06:00
Rob Winch f34ea188e2 RequestRejectedException is 400 by Default 
Closes gh-7568
 2022-05-12 10:32:27 -05:00
Marcus Da Coregio 806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Marcus Da Coregio dc2bd2b4f8 Update copyright headers 
Issue gh-10956
 2022-05-06 14:33:59 -03:00
Marcus Da Coregio de9b7b4fb8 Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:33:59 -03:00
Marcus Da Coregio 18c220c870 Update copyright headers 
Issue gh-10956
 2022-05-06 14:26:29 -03:00
Marcus Da Coregio 18345feeed Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:26:29 -03:00
Marcus Da Coregio e45dcb3ab2 Update copyright headers 
Issue gh-10956
 2022-05-06 14:18:42 -03:00
Marcus Da Coregio d3a451fffb Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:18:36 -03:00
Marcus Da Coregio d86ed6f523 Update copyright headers 
Issue gh-10956
 2022-05-06 14:14:16 -03:00
Marcus Da Coregio 1959c25a03 Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:11:37 -03:00
Marcus Da Coregio 995b2918bb Remove SAML Deprecations 
Closes gh-11077
 2022-05-06 10:15:42 -03:00
Rob Winch 7b6fd598d0 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:57:22 -05:00
Rob Winch 6420cf28a9 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:52:22 -05:00
Rob Winch dec0d97ef0 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:50:56 -05:00
Josh Cummings 4ebd37ae77
Add 5.8 Support 2022-05-03 09:04:34 -06:00
Josh Cummings 397ccbc1c8
Add 5.7 Schema 2022-05-03 09:03:50 -06:00
Josh Cummings 0e9228d10a
Prepare for Spring Security 5.8 2022-05-02 16:34:23 -06:00
Eleftheria Stein 48ac100a92 Remove WebSecurityConfigurerAdapter from Kotlin tests 
Issue gh-10902
 2022-04-28 16:13:35 +02:00
Eleftheria Stein 736f439bb5 Detect UserDetailsService bean in X509 configuration 
Closes gh-11174
 2022-04-28 14:48:40 +02:00
Eleftheria Stein 9dd393cb9c Update remember me Javadocs 
Describe the new behaviour for retrieving the UserDetailsService

Issue gh-11170
 2022-04-28 14:48:29 +02:00
Eleftheria Stein 5ac5edc2e6 Detect UserDetailsService bean in X509 configuration 
Closes gh-11174
 2022-04-28 14:47:18 +02:00
Eleftheria Stein d40c15e09e Update remember me Javadocs 
Describe the new behaviour for retrieving the UserDetailsService

Issue gh-11170
 2022-04-28 14:13:52 +02:00
Marcus Da Coregio a0232ed135 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:34:48 -03:00
Marcus Da Coregio e94adedb94 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:19:20 -03:00
Eleftheria Stein ac06057cf6 Detect UserDetailsService bean in remember me 
Closes gh-11170
 2022-04-28 12:44:27 +02:00
Eleftheria Stein 8e34cedcfe Detect UserDetailsService bean in remember me 
Closes gh-11170
 2022-04-28 12:43:13 +02:00
Eleftheria Stein 7dc4364f43 Fix Kotlin mockk test compatibility 
Issue gh-11039
 2022-04-26 18:13:29 +02:00
nor-ek 558bb161c5 Security Context Dsl 
Closes gh-11039
 2022-04-26 17:38:00 +02:00
nor-ek a3e7e54b70 Security Context Dsl 
Closes gh-11039
 2022-04-26 17:34:44 +02:00
Marcus Da Coregio 9a57b42786 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:53:20 -03:00
Marcus Da Coregio 9d378103b0 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:43:50 -03:00
Marcus Da Coregio 23594b3d01 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:42:00 -03:00
Rob Winch e79b6b3ac8 Default SecurityContextHolderFilter 
Closes gh-11110
 2022-04-15 14:59:38 -05:00
Rob Winch 9a9a43a0c0 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:18:25 -05:00
Rob Winch aaf78330b1 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:16:35 -05:00
Marcus Da Coregio 5367524030 Change the default of shouldFilterAllDispatchTypes to true 
Closes gh-11107
 2022-04-14 16:30:42 -03:00
Marcus Da Coregio 84b5c76a7b Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 16:10:36 -03:00
Marcus Da Coregio 7fea639a43 Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 15:58:00 -03:00
Josh Cummings c6ad72004e
Revert "Pick up AuthorizationManager Bean" 
This reverts commit 4ca5346871.

Issue gh-11067
 2022-04-12 09:58:30 -06:00
Josh Cummings 147ab42440
Revert "Pick up AuthorizationManager Bean" 
This reverts commit 32b83aae63.

Issue gh-11067
 2022-04-12 09:32:09 -06:00
Marcus Da Coregio 50f8df6f07 Use HttpStatusCode 
Closes gh-11091
 2022-04-11 09:19:56 -03:00
Rob Winch 39b0620a84 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:44 -05:00
Rob Winch 7be32872e9 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:24 -05:00
Josh Cummings 4ca5346871
Pick up AuthorizationManager Bean 
Closes gh-11067
Closes gh-11068
 2022-04-08 11:42:37 -06:00
Josh Cummings 32b83aae63
Pick up AuthorizationManager Bean 
Closes gh-11067
Closes gh-11068
 2022-04-08 10:08:33 -06:00
Josh Cummings b39f213e64
Revert "Add AuthorizationManager to Messaging" 
This reverts commit 77a6e014a9.
 2022-04-07 17:39:34 -06:00
Josh Cummings 77a6e014a9
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-04-07 17:39:10 -06:00
Josh Cummings be434e1540
Add Default Test to HttpBasicConfigurerTests 
Issue gh-10973
 2022-04-05 17:32:13 -06:00
Josh Cummings f09652d447
Polish Saml2LoginConfigurerTests 
Issue gh-10973
 2022-04-05 17:32:13 -06:00
Josh Cummings 66213e5b2e
Add Default Test to HttpBasicConfigurerTests 
Issue gh-10973
 2022-04-05 17:11:39 -06:00
Josh Cummings 47c8676be7
Polish Saml2LoginConfigurerTests 
Issue gh-10973
 2022-04-05 17:11:38 -06:00
Josh Cummings 1edfa07d27
Use RequestMatcherEntry 
Closes gh-11046
 2022-03-30 14:40:06 -06:00
Josh Cummings c175118f62
Use RequestMatcherEntry 
Closes gh-11046
 2022-03-30 14:31:11 -06:00
Josh Cummings bdd5f86526
Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:37:21 -06:00
Josh Cummings fa574c8785
Simplify PrePostMethodSecurityConfiguration 
Issue gh-9288
 2022-03-29 16:22:42 -06:00
Josh Cummings 061f69eb70
Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:03:19 -06:00
Josh Cummings a43677d36a
Simplify PrePostMethodSecurityConfiguration 
Issue gh-9288
 2022-03-29 15:44:16 -06:00
Rob Winch e176d764ba Add SecurityContextRepository.loadContext(HttpServletRequest) 
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
 2022-03-25 14:38:37 -05:00
Rob Winch 67fd46bfa6 Add SecurityContextRepository.loadContext(HttpServletRequest) 
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
 2022-03-25 14:21:52 -05:00
Yuriy Savchenko 446ab5047c
Add authorizeHttpRequests to Kotlin DSL 
Closes gh-10481
 2022-03-22 09:39:06 -06:00