Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,759 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

8759 Commits

Author SHA1 Message Date
Rob Winch cf142ef024 Delay AuthenticationPrincipalArgumentResolver Creation 
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
 2020-05-29 16:51:23 -05:00
Markus Engelbrecht 258bd8fa09 Fix typos in BCryptPasswordEncoder documentation 
Closes gh-8586
 2020-05-27 10:37:46 -05:00
Spencer Gilson 30736184ca Fixing typo in README 
Closes gh-8581
 2020-05-27 07:57:29 -05:00
Eleftheria Stein 2ebbb6f80a Mock request with non-standard HTTP method in test 
Fixes gh-8594
 2020-05-26 15:38:53 -04:00
justmehyp 5bcfaaf94d Remove unused field 'digester' in Md4PasswordEncoder 
`private Digester digester;`  defined in Md4PasswordEncoder is never used. So remove it.

Closes gh-8553
 2020-05-21 11:19:28 -05:00
Mazharul Islam e1f01c6d77 mentioning the default strength of BCryptPasswordEncoder 
Fixes gh-8542
 2020-05-21 11:16:12 -05:00
Thomas Turrell-Croft c1f737c842 Polish JDBC Authentication Doc 
* Correct documented default schema to match default schema exposed as classpath resource
* Fix Java example of adding users to JdbcUserDetailsManager

Fixes gh-8550
 2020-05-21 11:10:06 -05:00
Maksim Vinogradov 892f2f8843 Prevent StackOverflowError for AccessControlEntryImpl.hashCode 
Getting StackOverflowError when invoke AclImpl.hashCode because of
cross-references between AclImpl and AccessControlEntryImpl

Remove from AccessControlEntryImpl.hashCode method invocation of
acl.hashCode

fixes gh-5401
 2020-05-21 10:07:20 -05:00
Andreas Volkmann 5eeeac8e51 Update index.adoc 2020-05-20 08:02:50 -05:00
Dávid Kovács 8399375a86 Object ID Identicy conversion to long fails on old schema 
This change fixed a bug which tried to convert non-string object as string

Fixes gh-7621
 2020-05-19 13:44:57 -05:00
cbornet b6efd5ba76 Create the CSRF token on the bounded elactic scheduler 
The CSRF token is created with a call to UUID.randomUUID which is blocking.
This change ensures this blocking call is done on the bounded elastic scheduler which supports blocking calls.

Fixes gh-8128
 2020-05-18 11:05:50 -05:00
Rob Winch e945b3414a Try Reactor BUILD-SNAPSHOTs 
Issue gh-8531
 2020-05-15 13:51:49 -05:00
Rob Winch bf88065002 Try Reactor SNAPSHOTs 
Trying to determine if this is related to reactor/reactor-core#2152

Issue gh-8531
 2020-05-15 13:45:41 -05:00
Artyom Tarynin 9e665388d2 Update AntPathRequestMatcher.java 
Fixes gh-8512
 2020-05-13 17:07:45 -04:00
Dávid Kovács d6f827c50d Document NoOpPasswordEncoder will not be removed 
This commit adds extension to deprecation notice.

Fixes gh-8506
 2020-05-13 12:54:56 -05:00
Rob Winch 0f13c5e44d AbstractUserDetailsReactiveAuthenticationManager uses boundidElastic() 
Some JVMs have blocking operations when accessing SecureRandom and thus
this needs to be performed in a pool that is larger than the number of
CPUs

Closes gh-7522
 2020-05-12 13:23:07 -05:00
Rob Winch 06a02ed4bb Fix non-standard HTTP method for CsrfWebFilter 
Closes gh-8452
 2020-05-11 17:28:40 -05:00
Joe Grandja 716583f9bb Next development version 2020-05-06 15:51:37 -04:00
Joe Grandja 413dfc8679 Unlock dependencies 
This reverts commit a61145f74c.
 2020-05-06 15:29:45 -04:00
Joe Grandja 532e546355 Release 5.3.2.RELEASE 2020-05-06 15:07:10 -04:00
Joe Grandja a61145f74c Lock dependencies for 5.3.2.RELEASE 2020-05-06 15:06:08 -04:00
Eleftheria Stein a1a20f0d06 Temporarily build against Framework 5.2.x snapshot 
Issue: gh-8489
 2020-05-06 13:05:01 -04:00
Eleftheria Stein 1fcac58caa Update SAML2 errors in integration tests 2020-05-06 13:03:28 -04:00
Eleftheria Stein fd3907110a Clean up Javadoc 
Fixes gh-8480
 2020-05-05 17:33:00 -04:00
Josh Cummings 0db9cd075d Polish OpenSamlAuthenticationProvider 
- Use type-safe CriteriaSet
- Keep Assertion immutable

Closes gh-8471
 2020-05-05 16:34:14 -04:00
Andrii Hrytsiuk 4ef2a7984f Fix typos in documentation 
Closes gh-8454
 2020-05-05 10:46:27 -05:00
Stav Shamir 6f2359ccae Support update when saving with JdbcOAuth2AuthorizedClientService 
Before this commit, JdbcOAuth2AuthorizedClientService threw DuplicateKeyException when re-authorizing or when authorizing the same user from a different client.

This commit makes JdbcOAuth2AuthorizedClientService's saveAuthorizedClient method consistent with that of InMemoryOAuth2AuthorizedClientService.

Fixes gh-8425
 2020-04-29 09:18:54 -04:00
Dávid Kovács a89e3d385f Add ROLE_INFRASTRUCTURE to infrastructure beans 
Closes gh-8407
 2020-04-27 09:02:33 -05:00
Dávid Kovács 4f8a4a9a3b Document description error 
Fixes gh-8119
 2020-04-21 09:19:46 -04:00
Josh Cummings af433fdbdf
Polish OpenSamlAuthenticationProviderTests 
- Add missing assertion

Issue gh-6019
 2020-04-17 09:51:29 -06:00
Souphorn 2289ad5e35 Fix typo with correct capitalization 
Closes gh-8406
 2020-04-17 10:57:25 -04:00
Rob Winch f6ddba8cd8 Logout defaults to use Global SecurityContextServerLogoutHandler 
Closes gh-8375
 2020-04-13 16:37:29 -05:00
Rob Winch 566c25aa10 Fix example in javadoc of FilterChainProxy 
Closes gh-8344
 2020-04-08 09:12:56 -05:00
Alan Czajkowski d1909ec9c8 BCryptPasswordEncoder rawPassword cannot be null 
Closes gh-8317
 2020-04-07 13:45:49 -05:00
Eleftheria Stein 2d71297b7e Fix HttpSecurity Javadoc 
Fixes gh-4404
 2020-04-02 11:40:07 -04:00
Rob Winch df983b5a75 Update to aspectj-plugin:4.1.6 
Closes gh-8305
 2020-04-01 17:13:09 -05:00
Joe Grandja b01dc73275 Next development version 2020-03-31 17:55:27 -04:00
Joe Grandja a78872f268 Unlock dependencies for 5.3.1.RELEASE 
This reverts commit 88c02684bb.
 2020-03-31 17:53:13 -04:00
Joe Grandja 8bd60e60bc Release 5.3.1.RELEASE 2020-03-31 17:29:08 -04:00
Joe Grandja 88c02684bb Lock dependencies for 5.3.1.RELEASE 2020-03-31 17:28:36 -04:00
Rob Winch 0e6e2b2a21 Fix HttpServlet3RequestFactory Logout Handlers 
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.

This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.

Closes gh-4760
 2020-03-30 20:50:12 -05:00
Rob Winch f82d59a1e5 SpringTestContext returns ConfigurableWebApplicationContext 
Closes gh-8233
 2020-03-30 20:50:12 -05:00
Ruby Hartono 45eb34c9a6 Improve OAuth2LoginAuthenticationProvider 
1. update OAuth2LoginAuthenticationProvider to use
OAuth2AuthorizationCodeAuthenticationProvider
2. apply fix gh-5368 for OAuth2AuthorizationCodeAuthenticationProvider
to return additionalParameters value from accessTokenResponse

Fixes gh-5633
 2020-03-30 21:08:59 -04:00
Joe Grandja 4c040e9e8e Revert "Fix links in oauth2 doc" 
This reverts commit 138e676b45.
 2020-03-30 13:40:44 -04:00
wassan128 138e676b45 Fix links in oauth2 doc 2020-03-27 16:57:38 -05:00
Josh Cummings 034c23d46c
SwitchUserFilter Defaults to POST 
Fixes gh-4183
 2020-03-27 14:25:28 -06:00
Josh Cummings 0bde3c5c8f
Clarify ServerBearerExchangeFilterFunction Docs 
Fixes gh-8220
 2020-03-27 13:25:46 -06:00
Eleftheria Stein 4e8c177652 Update Encryptors documentation 
Fixes gh-8208
 2020-03-27 10:09:25 -04:00
Martin Nemec dfc25dc245 OAuth2 ClientRegistrations NPE fix when userinfo missing 
Fixes gh-8187
 2020-03-27 06:13:50 -04:00
Joe Grandja 0230827335 oauth2Login WebFlux does not auto-redirect for XHR request 
Fixes gh-8118
 2020-03-26 05:08:58 -04:00