a87f7aa2e1
Polish CoreSecurityHintsTests
...
Use ParameterizedTest to simplify repetitive test setup
Issue gh-11431
2022-07-06 15:21:45 -03:00
459003e1b3
Use SecurityContextHolderStrategy for Context Propagation
...
Issue gh-11060
2022-06-30 11:19:33 -06:00
38cb6c3172
Use SecurityContextHolderStrategy for Context Propagation
...
Issue gh-11060
2022-06-30 11:18:07 -06:00
b316a3217b
Add SecurityContextHolderStrategy for Jaas
...
Issue gh-11060
Issue gh-11061
2022-06-28 09:35:54 -06:00
ee66850aed
Add SecurityContextHolderStrategy for Jaas
...
Issue gh-11060
Issue gh-11061
2022-06-28 09:26:05 -06:00
ec1bfa12f0
Use SecurityContextHolderStrategy for Database Support
...
Issue gh-11060
2022-06-28 09:15:56 -06:00
52d8e10ace
Use SecurityContextHolderStrategy for Database Support
...
Issue gh-11060
2022-06-28 09:08:42 -06:00
7a9c873d7d
Add SecurityContextHolderStrategy to Method Security
...
Issue gh-11060
2022-06-27 13:17:45 -06:00
25c74896d1
Add SecurityContextHolderStrategy to Method Security
...
Issue gh-11060
2022-06-27 13:02:59 -06:00
a8c30f79e6
Add Core, MVC and MethodSecurity runtime hints
...
Closes gh-11431
2022-06-27 09:25:49 -03:00
d32f74d19d
SecurityContextHolder Deferred SecurityContext
...
Closes gh-10913
2022-06-17 17:03:19 -05:00
b6d43e58c0
SecurityContextHolder Deferred SecurityContext
...
Closes gh-10913
2022-06-17 16:59:09 -05:00
a31a99b591
Add SecurityContextHolderStrategy to Default Components
...
Issue gh-11060
2022-06-17 11:58:36 -06:00
31e25b115e
Add SecurityContextHolderStrategy to Default Components
...
Issue gh-11060
2022-06-17 11:28:10 -06:00
4c2401a576
Revert "Make source code compatible with JDK 8"
...
This reverts commit 60ed3602f6
2022-06-02 19:24:42 +02:00
5eadcba7d1
Add RoleHierarchy to AuthorityAuthorizationManager
...
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.
Closes gh-11304
2022-06-01 09:00:08 -06:00
d557d2d0eb
Add RoleHierarchy to AuthorityAuthorizationManager
...
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.
Closes gh-11304
2022-06-01 08:28:16 -06:00
d124fa2858
Fix typo in comment for changePassword method
2022-05-25 12:34:55 -06:00
5540bbcf0b
createEvaluationContext should defer lookup of Authentication
...
- Added createEvaluationContext method that accepts Supplier<Authentication>
- Refactored classes that use EvaluationContext to use lazy initialization of Authentication
Closes gh-9667
2022-05-18 17:36:17 -06:00
362f15534e
createEvaluationContext should defer lookup of Authentication
...
- Added createEvaluationContext method that accepts Supplier<Authentication>
- Refactored classes that use EvaluationContext to use lazy initialization of Authentication
Closes gh-9667
2022-05-18 17:34:14 -06:00
2b4794475e
Polish gh-11188
2022-05-12 16:32:11 -05:00
3f861f7f20
Polish gh-11188
2022-05-12 16:20:43 -05:00
e01b1e7f38
Polish gh-11188
2022-05-12 16:19:48 -05:00
806e05855c
Replace removed context-related operators
...
Closes gh-11194
2022-05-10 14:58:02 -03:00
dbd96a9e3f
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager
...
Closes gh-11188
2022-05-09 16:05:52 -06:00
9f669c5e3c
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager
...
Closes gh-11188
2022-05-09 16:05:04 -06:00
89019fb340
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager
...
Closes gh-11188
2022-05-09 16:03:25 -06:00
286e95893a
@EnableMethodSecurity doesn't resolve Method Security annotations on interfaces through a Proxy
...
Removed proxy unwrapping in case of resolving Method Security annotations,
this cause an issue when interfaces which are implemented by the proxy was skipped,
resulting in a missing security checks on those methods.
Closes gh-11175
2022-05-03 13:19:35 -05:00
66bbfc7a50
@EnableMethodSecurity doesn't resolve Method Security annotations on interfaces through a Proxy
...
Removed proxy unwrapping in case of resolving Method Security annotations,
this cause an issue when interfaces which are implemented by the proxy was skipped,
resulting in a missing security checks on those methods.
Closes gh-11175
2022-05-03 13:17:23 -05:00
9193e46800
@EnableMethodSecurity doesn't resolve Method Security annotations on interfaces through a Proxy
...
Removed proxy unwrapping in case of resolving Method Security annotations,
this cause an issue when interfaces which are implemented by the proxy was skipped,
resulting in a missing security checks on those methods.
Closes gh-11175
2022-05-03 13:15:53 -05:00
0e9228d10a
Prepare for Spring Security 5.8
2022-05-02 16:34:23 -06:00
33ee3058d4
Add missing insufficientAuthentication property in messages_*.properties
2022-04-29 10:38:42 +02:00
da2a68e182
Add missing untranslated properties in messages_lt
2022-04-29 10:38:42 +02:00
5832202a4d
Fixed bad property name in messages_it
2022-04-29 10:38:42 +02:00
22dac674da
Remove unnecessary dots from messages_cs_CZ
2022-04-29 10:38:42 +02:00
8b06a4bbe2
Remove trailing space from messages_ru
2022-04-29 10:38:42 +02:00
47c4b0426d
Add missing badLdapConnection property in messages_*.properties
2022-04-29 10:38:42 +02:00
61c0a25bcd
Add default strategy constructor
...
Closes gh-11059
2022-04-05 17:32:14 -06:00
057f4a86d5
Add default strategy constructor
...
Closes gh-11059
2022-04-05 17:29:47 -06:00
bdd5f86526
Polish Authorization Event Support
...
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support
Issue gh-9288
2022-03-29 16:37:21 -06:00
990831db85
Add authorization events
...
Closes gh-9288
2022-03-29 16:22:43 -06:00
061f69eb70
Polish Authorization Event Support
...
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support
Issue gh-9288
2022-03-29 16:03:19 -06:00
bd9434882f
Add authorization events
...
Closes gh-9288
2022-03-29 15:44:21 -06:00
8aa7029d07
Fix checkstyle errors
...
Issue gh-10989
2022-03-18 22:53:29 -05:00
abd33389be
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:49:29 -07:00
ac9c29b2a0
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:23:35 -07:00
4ede1feae5
Polish Saml2 Jackson Support
...
Issue gh-10905
2022-03-01 14:17:17 -07:00
2334610fa9
Add Jackson Support for Saml2 Module
...
Closes gh-10905
2022-03-01 14:17:17 -07:00
6c3d183a94
Polish Saml2 Jackson Support
...
Issue gh-10905
2022-03-01 13:56:02 -07:00
df84826c95
Add Jackson Support for Saml2 Module
...
Closes gh-10905
2022-03-01 12:07:55 -07:00
a2d1965c25
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:30:45 +01:00
c6b185465d
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:24:23 +01:00
70fa8b1fdb
Add Support for @Transient SecurityContext
...
Closes gh-9995
2022-02-03 09:45:51 -06:00
6f0029fc44
Add Support for @Transient SecurityContext
...
Closes gh-9995
2022-02-02 17:04:44 -06:00
f94090a59b
Remove spring-security-openid
...
Closes gh-10773
2022-01-21 16:55:19 -06:00
58090c37ea
jsr250-api -> jakarta.annotation-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
5902b46e9b
Remove jcl-over-slf4j
...
Issue gh-10499
# Conflicts:
# dependencies/spring-security-dependencies.gradle
2022-01-19 15:32:01 -06:00
44bc953a39
Remove jcl-over-slf4j
...
Issue gh-10499
2022-01-19 14:40:56 -06:00
678c386834
jsr250-api -> jakarta.annotation-api
...
Issue gh-10501
2022-01-19 14:34:32 -06:00
f8e14683f6
Remove jcl-over-slf4j
...
Issue gh-10499
2022-01-19 14:33:46 -06:00
e1cb375fbf
Make source code compatible with JDK 8
...
Closes gh-10695
2022-01-12 16:39:50 -03:00
60ed3602f6
Make source code compatible with JDK 8
...
Closes gh-10695
2022-01-11 09:19:41 -03:00
3935f4bffe
Fix the bug that the custom GrantedAuthority comparison fails
...
Closes gh-10566
2021-12-08 08:53:00 -03:00
86ed937a47
Fix the bug that the custom GrantedAuthority comparison fails
...
Closes gh-10566
2021-12-08 08:51:54 -03:00
22379e79e7
Fix the bug that the custom GrantedAuthority comparison fails
...
Closes gh-10566
2021-12-08 08:50:36 -03:00
a68411566e
Polish Memory Leak Mitigation
...
Issue gh-9841
2021-11-30 15:33:47 -07:00
2bc643d6c8
Address SecurityContextHolder memory leak
...
To get current context without creating a new context.
Creating a new context may cause ThreadLocal leak.
Closes gh-9841
2021-11-30 15:33:39 -07:00
78857c62f4
Polish Memory Leak Mitigation
...
Issue gh-9841
2021-11-30 14:29:18 -07:00
809ff883b0
Address SecurityContextHolder memory leak
...
To get current context without creating a new context.
Creating a new context may cause ThreadLocal leak.
Closes gh-9841
2021-11-30 14:29:18 -07:00
bbeca7cd65
Polish LDAP serialization
...
Closes gh-9263
2021-11-29 18:03:15 +01:00
3c18278123
Start with LDAP Jackson2 mixins
...
Issue gh-9263
2021-11-29 18:03:03 +01:00
4f8c1b34af
Polish LDAP serialization
...
Closes gh-9263
2021-11-29 17:59:24 +01:00
7cfd415cb5
Start with LDAP Jackson2 mixins
...
Issue gh-9263
2021-11-29 17:49:57 +01:00
7b15098570
Update Spring Security to 5.7
...
Closes gh-10509
2021-11-15 17:10:00 -07:00
5a0f1d51c3
Drop EhCache2 support
...
Issue gh-10363
2021-11-01 09:02:42 -03:00
db60df2f9c
Update to Spring Framework 6.0
...
Issue gh-10360
2021-11-01 09:02:42 -03:00
b2e6c60d94
Remove remoting technologies support
...
Closes gh-10366
2021-11-01 09:02:42 -03:00
010f719344
Upgrade to JDK 17
...
Closes gh-10343
2021-11-01 09:02:42 -03:00
12f3e908b0
Update to Spring Security 6.0
2021-11-01 09:02:41 -03:00
e0821f2a99
DaoAuthenticationProviderTests#avg returns fraction
2021-10-28 09:35:52 -06:00
5e091b94a9
Deprecate RemoteAuthentication* for 5.6
...
Closes gh-10430
2021-10-21 11:39:11 -05:00
a188138715
Javadocs author tag doesn't work in methods
2021-10-21 11:47:04 +02:00
f836897190
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-18 21:03:35 -05:00
7fa39c8807
Deprecate EhCache2 support
...
Since EhCache 3 is fully JSR-107 compliant, we should remove EhCache2 support and provide JCache implementations
Closes gh-10362
2021-10-14 14:51:27 -03:00
86c24da38b
Improve Method Security logging
...
Closes gh-10247
2021-10-08 14:22:09 -03:00
ef01124eb9
Add reasons to AuthorizationDecisions
...
Closes gh-9287
2021-10-08 14:22:09 -03:00
570092c467
Remove trace logs for PrePostAnnotationSecurityMetadataSource
...
Those logs were producing too much noise on the console without adding much value.
Issue gh-10247
2021-10-08 14:22:09 -03:00
02b2fcc6f0
Restore ManagementConfigurationPlugin
...
Issue gh-9615
2021-10-05 11:23:29 -03:00
d2e5f2ae0d
Update Gradle to 7.2
...
Closes gh-9615
2021-10-04 15:19:40 -03:00
8c74d6cea5
Fix isAssignable order
...
Closes gh-10236
2021-09-30 13:56:37 -06:00
84d173c310
Fix typo
2021-09-27 10:55:18 -03:00
658aff501c
Assert Error-Messages already includes dashes
...
When the cert-content is not valid, the assert output message is not correct.
Because it outputs too many dashes .The const X509- and PKCS8-PEM_HEADER already includes the dashes.
I took the output message via copy and paste, but it was still not valid ;-(
Only the output is affected, the checks itself is correct.
2021-09-27 09:53:55 -03:00
7b73b94198
Fix typo
2021-09-22 16:29:50 -06:00
5da55448f9
Polish SecurityContextChangedEvent
...
- Changed methods to getOldContext and getNewContext
Closes gh-10249
2021-09-13 16:04:36 -06:00
3e87ef84ae
Replace SecurityContextHolder#addListener
...
Closes gh-10226
2021-09-13 15:57:06 -06:00
6f3e346b76
Add SecurityContextHolder#addListener
...
Closes gh-10032
2021-08-11 17:12:13 -06:00
b8d51725c7
Immutable SecurityContext
...
Issue gh-10032
2021-08-11 17:12:13 -06:00
f73f213f50
Remove DependencySetPlugin
...
Closes gh-10070
2021-07-12 15:31:38 -05:00
01af7877ea
Polish RsaKeyConverters
...
- Remove potential for returning null
- Remove potential for parsing more than one header
Issue gh-9736
2021-07-12 14:21:23 -06:00
5f7d871258
Add X.509 Certificate Support
...
Closes gh-9736
2021-07-12 14:21:08 -06:00
Marcus Da Coregio
Josh Cummings
Rob Winch
Evgeniy Cheban
James
Emil Sierżęga
Parikshit Dutta
Steve Riesenberg
Norbert Nowak
Ulrich Grave
Eleftheria Stein
Guirong Hu
Hiroshi Shirosaki
Markus Heiden
Emil Sierżęga
Alexander Furer
heowc
OllisGit
shazin