Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,048 Commits 32 Branches 333 Tags 111 MiB
Commit Graph

7048 Commits

Author SHA1 Message Date
Rob Winch a02b0c17f8 Add InMemoryReactiveClientRegistrationRepository 
Issue: gh-4807
 2018-05-11 04:19:50 -05:00
Rob Winch ca9cd20832 Add DelegatingServerAuthenticationSuccessHandler 
Fixes: gh-5332
 2018-05-11 04:19:50 -05:00
Rob Winch d874c4954e AuthenticationWebFilter handle empty Authentication 
Fixes: gh-5333
 2018-05-11 04:19:50 -05:00
Rob Winch c696640276 OAuth2AuthorizationResponseUtils uses MultiMap 
Fixes: gh-5331
 2018-05-11 04:19:50 -05:00
Rob Winch 8fa6dd0f5b Revert "Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677" 
This reverts commit d4e459874a.
 2018-05-11 04:19:50 -05:00
Rob Winch e78457d3a1 Fix checkstyle for CsrfServerLogoutHandlerTests 
Issue: gh-4840
 2018-05-11 04:16:48 -05:00
Eric Deandrea 26f53a20b3 Add CsrfServerLogoutHandler 
Create a CsrfServerLogoutHandler which invalidates the current CsrfToken

Fixes gh-4840
 2018-05-11 04:16:48 -05:00
Eric Deandrea 21750242cf Add HttpStatusReturningServerLogoutSuccessHandler 
An HttpStatusReturningServerLogoutSuccessHandler is missing on the
reactive side - essentially the reactive equivalent of
HttpStatusReturningLogoutSuccessHandler.

Fixes gh-5081
 2018-05-11 04:03:21 -05:00
Eric Deandrea bc9f8ec430 Add HttpStatusServerEntryPoint 
An HttpStatusServerEntryPoint is missing on the
reactive side - essentially the reactive equivalent of
HttpStatusEntryPoint.

Fixes gh-5082
 2018-05-11 04:00:49 -05:00
Rob Winch 53850978b2 Fixes: gh-5319 2018-05-08 08:54:57 -05:00
Rob Winch a7a8ac756a Update to Spring Data Kay SR7 
Fixes: gh-5318
 2018-05-08 08:54:47 -05:00
Rob Winch cf4e139aa0 Update to Spring 5.0.6 
Fixes: gh-5290
 2018-05-08 08:35:36 -05:00
Artyom Emelyanenko 902fc0f657 Fixed confused word in the class javadoc 2018-05-07 16:54:40 -05:00
Johnny Lim b91ebf7090 Fix @since for MockEventListener 2018-05-07 16:53:26 -05:00
이경욱 26bc6be850 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
이경욱 6adbe8dae0 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
Robert Roth 4bfce2a591 Fixed typo in acl database schema appendix. 
Fixes gh-5204
 2018-05-07 16:44:32 -05:00
Robert Roth fddc28ba3b Fixed typo in CSRF documentation. 
Fixes gh-4792
 2018-05-07 16:44:32 -05:00
Denys Ivano fed15f2b01 Add accessDeniedHandler method to ExceptionHandlingSpec 
This allows to configure accessDeniedHandler in ExceptionTranslationWebFilter through ServerHttpSecurity.

Issue: gh-5257
 2018-05-07 16:22:29 -05:00
Eric Deandrea b3c5bfe4db CookieServerCsrfTokenRepository fails when cookie is null/empty 
The CookieServerCsrfTokenRepository fails with an IllegalArgumentException
 when a cookie is present but the value is null or empty.

Fixes gh-5315
 2018-05-07 16:16:51 -05:00
Johnny Lim 9b42831c70 Suppress deprecation warnings in spring-security-crypto 2018-05-04 21:02:57 -05:00
Johnny Lim 2a0f529ee4 Use spring-projects for organization in GitHub URLs 2018-05-04 21:01:39 -05:00
Rob Winch 3ba15a16bf Polish CookieServerCsrfTokenRepository 
- Only do work if subscribed to
- use test naming conventions
- Refactor tests to avoid extracting
  - Uses String for member names which are not type safe
  - Uses long argument list which makes assertions difficult to read

Issue: gh-5083
 2018-05-04 16:54:48 -05:00
Rob Winch 37b1136c0c Remove CookieServerCsrfTokenRepository builder methods 
This is inconsistent with the rest of the code base.

Issue: gh-5083
 2018-05-04 16:54:48 -05:00
Eric Deandrea 1eaecc12ec Add CookieServerCsrfTokenRepository 
A cookie implementation of ServerCsrfTokenRepository (like CookieCsrfTokenRepository)
is missing. In this implementation it would be nice to allow the setting of the domain as well.

Fixes: gh-5083
 2018-05-04 16:54:48 -05:00
Alexander Münch 0570cebbce Avoid unnecessary grow of ArrayList 
Adapted ArrayList size in CacheControlHeadersWriter::createHeaders()
 2018-05-04 14:23:31 -05:00
XYUU 3740d33e64 The HttpHeader's ContentLength is a byte unit 2018-05-04 14:18:03 -05:00
XYUU 23dd136efb The HttpHeader's ContentLength is a byte unit 2018-05-04 14:18:03 -05:00
Johnny Lim 44b22e7208 Fix 'attributes' deprecation warning in spring-security-docs-guides 2018-05-04 14:12:14 -05:00
Kazuki Shimizu 8d716f75a4 Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:49:25 -05:00
Joe Grandja fff64db0e2 Improve ClaimAccessor getClaimAsInstant 
Fixes gh-5250
 2018-05-03 21:03:45 -04:00
Joe Grandja 2356749cc3 Add test NimbusUserInfoResponseClient sets Accept header to JSON 
Issue gh-5294
 2018-05-03 20:18:41 -04:00
Joe Grandja b8f225c49e NimbusUserInfoResponseClient sets Accept header to JSON 
Fixes gh-5294
 2018-05-03 16:34:38 -04:00
Rob Winch 0a5da93640 Improve PasswordEncoder deprecated notices 
Fixes: gh-5296
 2018-05-03 15:13:06 -05:00
Rob Winch 948e650a0e Add update-dependencies.sh 
Fixes: gh-5276
 2018-05-03 14:59:16 -05:00
Rob Winch bc0c3a5b69 Update to Spring Framework 5.0.6.BUILD-SNAPSHOT 
Issue: gh-5290

# Conflicts:
#	gradle/dependency-management.gradle
 2018-05-03 14:10:09 -05:00
Rob Winch 618e0ab98d Update to selenium 3.11.0 
Fixes: gh-5289
 2018-05-03 14:09:15 -05:00
Rob Winch bc017a62ca Update to mockito-core:2.18.3 
Fixes: gh-5284
 2018-05-03 14:09:15 -05:00
Rob Winch e971490605 Update to htmlunit:2.30 
Fixes: gh-5283
 2018-05-03 14:09:15 -05:00
Rob Winch 58b02364c2 Update to aspectj 1.9.1 
Fixes: gh-5282
 2018-05-03 14:09:12 -05:00
Rob Winch ef9279dd7c Update to javax.servlet-api:4.0.1 
Fixes: gh-5281
 2018-05-03 14:08:25 -05:00
Rob Winch ba5986f9b1 Update to oauth2-oidc-sdk:5.61 
Fixes: gh-5280
 2018-05-03 14:08:25 -05:00
Rob Winch 332aee8dd5 Update to nimbus-jose-jwt:5.10 
Fixes: gh-5279
 2018-05-03 14:08:25 -05:00
Rob Winch c0813b7448 Update Spring Boot 2.0.1.RELEASE 
Fixes: gh-5278

# Conflicts:
#	gradle.properties
 2018-05-03 14:08:18 -05:00
Rob Winch dc75c3e011 Update GAE 1.9.63 
Fixes: gh-5277
 2018-05-03 14:06:52 -05:00
Joe Grandja 4cc5705ae5 HttpSessionOAuth2AuthorizationRequestRepository removes empty Map from session 
Fixes gh-5263
 2018-05-02 11:07:26 -04:00
Joe Grandja 49b63e260d OAuth2LoginAuthenticationFilter should handle null ClientRegistration 
Fixes gh-5251
 2018-05-02 09:16:42 -04:00
Josh Cummings 2273839aad
FormLoginConfigTests groovy->java 
Issue: gh-4939
 2018-05-01 08:11:04 -06:00
Rob Winch 9bb841ac67 ExceptionTranslationFilter does not handle committed responses 
Fixes: gh-5273
 2018-04-30 16:49:51 -05:00
Rob Winch eb067bc3a1 DefaultWebSecurityExpressionHandler uses PermissionEvaluator Bean 
The default instance of DefaultWebSecurityExpressionHandler uses the
PermissionEvaluator Bean by default.

Fixes: gh-5272
 2018-04-30 12:15:50 -05:00