spring-security

Commit Graph

Author	SHA1	Message	Date
Habin Song	fbb35a1e3d	Typo: Update ldap.adoc there is no word like 'byusing'. I fixed 'byusing' to 'by using'.	2024-01-31 09:50:51 -03:00
y-tomida	cb84efd06d	Fix command in CONTRIBUTING.adoc	2024-01-31 09:50:31 -03:00
Federico Herrera	c1adeef0da	Add validation IpAddressMatcher Closes gh-13621	2024-01-30 17:16:18 -07:00
Josh Cummings	d7599ab192	Polish setAttributesConverter - Add Tests - Add Reactive Support Issue gh-14186	2024-01-30 14:37:20 -07:00
ahmd-nabil	04f0f2597a	Polish DefaultOAuth2UserService Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>	2024-01-30 14:37:20 -07:00
ahmd-nabil	d9d22c75a2	Add support for nested username attribute in DefaultOAuth2User Closes gh-14186 Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>	2024-01-30 14:37:20 -07:00
Marcus Hert Da Coregio	93c2d1cc3c	Disable spring-security-rsa tests on Windows Issue gh-14202	2024-01-30 09:08:00 -03:00
Eric Haag	5b281eee77	Update Revved up by Develocity badge	2024-01-29 17:54:55 -07:00
Josh Cummings	77e193545d	Merge branch '6.2.x'	2024-01-29 17:45:28 -07:00
Josh Cummings	3b615c8c6d	Merge branch '6.1.x' into 6.2.x	2024-01-29 17:45:13 -07:00
Josh Cummings	ebfe8e3580	Merge branch '5.8.x' into 6.1.x	2024-01-29 17:45:04 -07:00
dependabot[bot]	7011930305	Bump gradle/gradle-build-action from 2 to 3 Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3. - [Release notes](https://github.com/gradle/gradle-build-action/releases) - [Commits](https://github.com/gradle/gradle-build-action/compare/v2...v3) --- updated-dependencies: - dependency-name: gradle/gradle-build-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 17:44:51 -07:00
Josh Cummings	0dcd7e79de	Merge branch '6.2.x'	2024-01-29 17:42:54 -07:00
Josh Cummings	810818bd21	Merge branch '6.1.x' into 6.2.x	2024-01-29 17:42:47 -07:00
Josh Cummings	b0fe1da98e	Merge branch '5.8.x' into 6.1.x	2024-01-29 17:42:29 -07:00
dependabot[bot]	8a75382b2d	Bump slackapi/slack-github-action from 1.24.0 to 1.25.0 Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.24.0 to 1.25.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v1.24.0...v1.25.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 17:41:43 -07:00
Nermin Karapandzic	6e1bcfed11	Add argument resolver for SecurityContext Closes gh-13425	2024-01-29 17:30:38 -07:00
ahmd-nabil	a808c139ad	Enhance IpAddressMatcher performance Closes gh-14493 Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>	2024-01-29 17:28:19 -07:00
Josh Cummings	ee45d6c685	Merge branch '6.2.x'	2024-01-29 17:21:30 -07:00
Josh Cummings	3a53422478	Fix Failing Test Closes gh-14467	2024-01-29 17:14:30 -07:00
Marcus Hert Da Coregio	6f7b9bbfde	Migrate spring-security-rsa into spring-security-crypto Closes gh-14202	2024-01-29 13:49:51 -03:00
Marcus Hert Da Coregio	45f8ab3401	Add permission to Edit Dependabot PR workflow Issue gh-14486	2024-01-29 10:01:10 -03:00
Josh Cummings	27ebeefb14	Fix Failing Test Closes gh-14467	2024-01-26 11:24:00 -07:00
Marcus Hert Da Coregio	602d2bebdc	Automatically assign milestone to Dependabot PR Issue gh-14486	2024-01-26 10:28:09 -03:00
Josh Cummings	01b7ad42ec	Merge branch '6.2.x'	2024-01-25 17:33:33 -07:00
Josh Cummings	84c45adc70	Merge branch '6.1.x' into 6.2.x Closes gh-14496	2024-01-25 17:33:15 -07:00
Josh Cummings	44f22ee5cf	Merge branch '5.8.x' into 6.1.x Closes gh-14495	2024-01-25 17:32:57 -07:00
Hans Lindner	ca10187fd1	Enhance JWT decoding error handling Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality. Closes gh-14467	2024-01-25 17:32:10 -07:00
y-tomida	bdc0bd6b78	Add usernameParameter and passwordParameter to FormLoginDsl Closes gh-14474	2024-01-24 09:56:38 -03:00
Marcus Hert Da Coregio	7a8f9b446e	Configure Dependabot for docs-build's build.gradle Issue gh-14482	2024-01-23 15:03:46 -03:00
Josh Cummings	7ee974445b	Update Checkstyle Issue gh-14178	2024-01-22 08:44:54 -07:00
Josh Cummings	04394a63cd	Update Formatting Issue gh-14178	2024-01-22 08:26:25 -07:00
sonallux	6df9ef5ba6	Fix wrong class name in JavaDoc In the `ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder` class the JavaDoc comments mention the wrong class name. This commit fixes this.	2024-01-19 09:29:07 -07:00
Josh Cummings	1e90bdfc0b	Update Copyright Issue gh-14178	2024-01-19 09:26:04 -07:00
Armin Krezović	9c352c4b4b	Support overriding RestOperations in OidcIdTokenDecoderFactory Closes gh-14178	2024-01-19 09:24:56 -07:00
Armin Krezović	0041c658de	Support overriding WebClient in ReactiveOidcIdTokenDecoderFactory Closes gh-14178	2024-01-19 09:24:56 -07:00
Sam Brannen	2b7d296994	Revise AuthorizationAnnotationUtils This commit revises AuthorizationAnnotationUtils as follows. - Removes code duplication by treating both Class and Method as AnnotatedElement. - Avoids duplicated annotation searches by processing merged annotations in a single Stream instead of first using the MergedAnnotations API to find possible duplicates and then again searching for a single annotation via AnnotationUtils (which effectively performs the same search using the MergedAnnotations API internally). - Uses `.distinct()` within the Stream to avoid the need for the workaround introduced in gh-13625. Note that the semantics here result in duplicate "equivalent" annotations being ignored. In other words, if @⁠PreAuthorize("hasRole('someRole')") is present multiple times as a meta-annotation, no exception will be thrown and the first such annotation found will be used. - Improves the error message when competing annotations are found by including the competing annotations in the error message. - Updates AuthorizationAnnotationUtilsTests to cover all known, supported use cases. - Configures correct role in @⁠RequireUserRole. Please note this commit uses `.map(MergedAnnotation::withNonMergedAttributes)` to retain backward compatibility with previous versions of Spring Security. However, that line can be deleted if the Spring Security team decides that it wishes to support merged annotation attributes via custom composed annotations. If that decision is made, the composedMergedAnnotationsAreNotSupported() test should be renamed and updated as explained in the comment in that method. See gh-13625 See https://github.com/spring-projects/spring-framework/issues/31803	2024-01-18 07:42:58 -07:00
DingHao	3f65f600de	Use AuthorizationEventPublisher Bean - For Jsr250MethodInterceptor and SecuredMethodInterceptor Closes gh-14401	2024-01-17 17:40:38 -07:00
Marcus Hert Da Coregio	06278157fa	Merge branch '6.2.x' Closes gh-14471	2024-01-17 16:16:40 -03:00
Marcus Hert Da Coregio	148e0b41d2	Merge branch '6.1.x' into 6.2.x Closes gh-14470	2024-01-17 16:16:27 -03:00
Marcus Hert Da Coregio	ce5f5e6e33	Add native hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken Closes gh-14397	2024-01-17 16:14:59 -03:00
Marcus Hert Da Coregio	a761042157	Merge branch '6.2.x'	2024-01-17 15:22:34 -03:00
Amit Mahato	237dd7799f	fix: typo in Authentication Architecture ProviderManager	2024-01-17 15:22:25 -03:00
Andreas Büchel	3346f2dd73	fix typo in anonymous.adoc	2024-01-17 15:22:06 -03:00
Marcus Hert Da Coregio	959ea70ec8	Merge branch '6.2.x'	2024-01-17 14:31:55 -03:00
Marcus Hert Da Coregio	c42234396e	Merge branch '6.1.x' into 6.2.x	2024-01-17 14:31:38 -03:00
Marcus Hert Da Coregio	2eba7eb672	Merge branch '5.8.x' into 6.1.x	2024-01-17 14:31:29 -03:00
dependabot[bot]	44b785bfb1	Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15. - [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases) - [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15) --- updated-dependencies: - dependency-name: io.spring.ge.conventions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-17 14:31:11 -03:00
dependabot[bot]	56f486588f	Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15. - [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases) - [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15) --- updated-dependencies: - dependency-name: io.spring.ge.conventions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-17 14:31:01 -03:00
dependabot[bot]	d03c82f6b9	Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15. - [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases) - [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15) --- updated-dependencies: - dependency-name: io.spring.ge.conventions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-17 14:30:50 -03:00

... 2 3 4 5 6 ...

15130 Commits All Branches Search

15130 Commits

All Branches