Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-30 16:52:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,002 Commits 38 Branches 345 Tags
Commit Graph

10002 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
3c45d46bd7 Polish LogoutRequest#EncryptedID Support 
Issue gh-10663
 2022-01-14 14:44:24 -07:00
Robert Stoiber
700cae8d3b Enabled SAML LogoutRequests with EncryptedID 
The OpenSamlLogoutRequestValidator validates the subject to be logged out.
Formerly this was done only using the NameID from the OpenSamlLogoutRequest.
Now the EncryptedID is also supported, Since the SAML2 Standard also allows
the EncryptedID as subject identifiers,

- added EncryptedID as valid subject in OpenSamlLogoutRequestValidator
- added test

Closes gh-10663
 2022-01-14 14:44:11 -07:00
Steve Riesenberg
7efbc9d5f7 Next Development Version 2022-01-14 12:51:23 -06:00
Steve Riesenberg
a8457b518f Release 5.7.0-M1 5.7.0-M1 2022-01-14 12:16:08 -06:00
Steve Riesenberg
4fd5c7ffa3 Update spring-ldap-core to 2.4.0-M1 
Closes gh-10732
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
ce35bee1bd Update org.springframework.data to 2021.2.0-M1 
Closes gh-10731
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
28ea347b5a Update org.springframework to 5.3.15 
Closes gh-10730
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
8aa7b5897a Update org.slf4j to 1.7.33 
Closes gh-10729
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
29bc6745e8 Update htmlunit-driver to 2.56.0 
Closes gh-10728
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
08bc7a53d6 Update junit-bom to 5.8.2 
Closes gh-10726
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
e5212926a1 Update org.jetbrains.kotlinx to 1.6.0 
Closes gh-10725
 2022-01-14 11:58:45 -06:00
Marcus Da Coregio
2ed93ec0cf Rename integrationTestCompile/Runtime configurations 
The kotlin-gradle-plugin is changing some configuration's properties from configurations that has the same prefix as the sourceSet.
It is enforcing the canBeResolved property to false. See https://youtrack.jetbrains.com/issue/KT-50748.
This commits changes the suffix to compile -> compileClasspath, runtime -> runtimeClasspath to workaround this issue.

Issue gh-10350
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
bb9d9d7f9d Update org.jetbrains.kotlin to 1.6.10 
Closes gh-10724
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
815891d6f0 Update cas-client-core to 3.6.4 
Closes gh-10723
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
5187bea5ea Update hibernate-entitymanager to 5.6.3.Final 
Closes gh-10722
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
c6c27d795b Update org.bouncycastle to 1.70 
Closes gh-10721
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
f8c8d049c3 Update assertj-core to 3.22.0 
Closes gh-10720
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
bb92dd3cc5 Update org.aspectj to 1.9.8.RC3 
Closes gh-10719
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
60653ddf19 Update htmlunit to 2.56.0 
Closes gh-10718
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
7c54f98944 Update io.r2dbc to 0.9.0.RELEASE 
Closes gh-10717
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
5cd7c71923 Update io.projectreactor to 2020.0.15 
Closes gh-10715
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
7d0185f051 Update mockk to 1.12.2 
Closes gh-10714
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
b91d38752a Update com.nimbusds to 9.22 
Closes gh-10713
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
9b12616913 Update jackson-bom to 2.13.1 
Closes gh-10710
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
08139cf9f4 Update logback-classic to 1.2.10 
Closes gh-10709
 2022-01-14 11:58:45 -06:00
Steve Riesenberg
801dcfdcb4 Allow milestones and release candidates in version upgrades 2022-01-14 11:58:45 -06:00
Steve Riesenberg
4939331501 Fix inconsistency in hasProperty check 2022-01-13 17:39:37 -06:00
Steve Riesenberg
8abd4e999f Add GitHubReleasePlugin with createGitHubRelease task 
Closes gh-10456
Closes gh-10457
 2022-01-13 17:39:36 -06:00
Josh Cummings
194eaf8491 Pull most recent Structure101 version 
Closes gh-10696
 2022-01-11 10:03:13 -07:00
Marcus Da Coregio
60ed3602f6 Make source code compatible with JDK 8 
Closes gh-10695
 2022-01-11 09:19:41 -03:00
Joe Grandja
214cfe807e Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:42:10 -05:00
heowc
1ab0705b47 Fix typo 2022-01-10 16:17:42 +01:00
Marcus Da Coregio
f04cd641b0 Fix @since tag 
Issue gh-10590, gh-10554
 2022-01-06 13:18:25 -03:00
Rob Winch
3bb82c4449 Antora prerelease: true for milestone and rc 2022-01-05 09:59:48 -06:00
Rob Winch
89366d0874 Update RELEASE.adoc for antora.yml 2022-01-04 15:51:03 -06:00
Rob Winch
6884a16726 Add CheckAntoraVersionPlugin 2022-01-04 15:29:14 -06:00
Josh Cummings
6b54afe9a3 Remove SAML 2.0 Logout Default 
Closes gh-10607
 2022-01-03 12:54:22 -07:00
Josh Cummings
b9453da343 Support No SingleLogoutServiceLocation 
Closes gh-10674
 2022-01-03 12:54:18 -07:00
Marcus Da Coregio
18427b6411 Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2021-12-13 08:57:30 -03:00
Marcus Da Coregio
7e17a00197 Add RequestMatcherEntry 2021-12-13 08:57:30 -03:00
Marcus Da Coregio
53b8cff26f Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator 
Closes gh-10590
 2021-12-13 08:57:30 -03:00
Josh Cummings
cd8983d4e5 Polish enableSessionUrlRewriting Clarification 
Closes gh-7644
 2021-12-09 12:14:40 -07:00
James Howe
5598688fa6 Clarify behaviour of enableSessionUrlRewriting 
See #3087
 2021-12-09 12:06:30 -07:00
Guirong Hu
22379e79e7 Fix the bug that the custom GrantedAuthority comparison fails 
Closes gh-10566
 2021-12-08 08:50:36 -03:00
Marcus Da Coregio
65426a40ec Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-07 17:23:06 +01:00
Steve Riesenberg
7ec3b55ab3 Fix Reactive OAuth2 Kotlin DSL examples 
Closes gh-10580
 2021-12-07 13:48:11 +01:00
Marcus Da Coregio
ed3b0fbaad Prevent using both authorizeRequests and authorizeHttpRequests 
Closes gh-10573
 2021-12-06 15:47:49 -03:00
Steve Riesenberg
62e8799a8d Use BDD in tests 2021-12-02 17:44:47 -06:00
Steve Riesenberg
df0f6f83af Polish gh-9597 2021-12-02 17:44:47 -06:00
Karl Tinawi
925d531cbe Set details on authentication token created by HttpServlet3RequestFactory 
Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated.

This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource.

Closes gh-9579
 2021-12-02 17:44:46 -06:00