f8ff056eb6
Update Max Sessions on WebFlux
...
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler
Issue gh-6192
2024-02-28 10:06:45 -03:00
a5ce8ae87f
Polish Max Sessions on WebFlux
...
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry
Issue gh-6192
2024-02-27 11:12:50 -03:00
c639d0a514
Add AOP Integration Test
...
Closes gh-14637
2024-02-26 13:56:56 -07:00
4d383023cb
Add meta-annotation parameter support
...
Closes gh-14480
2024-02-26 10:50:35 -07:00
347eeb17d5
Merge branch '6.2.x'
2024-02-26 10:17:18 -07:00
2471df4d36
Merge branch '6.1.x' into 6.2.x
2024-02-26 10:17:04 -07:00
27cd9fa86c
Don't Use Deprecated Class
...
Issue gh-14628
2024-02-26 10:06:59 -07:00
093b5572af
Merge branch '6.2.x'
2024-02-22 12:15:42 -07:00
bb6045ebea
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14648
2024-02-22 12:15:17 -07:00
2fdd541ea5
Merge branch '5.8.x' into 6.1.x
...
Closes gh-14647
2024-02-22 12:15:00 -07:00
45c37c4454
Remove duplicate setSecurityContextHolderStrategy
...
Closes gh-14592
2024-02-22 12:14:35 -07:00
21580fd27d
Merge branch '6.2.x'
2024-02-16 13:31:20 -03:00
15306c1007
Merge branch '6.1.x' into 6.2.x
2024-02-16 13:21:15 -03:00
750cb30ce4
Add AuthenticationTrustResolver.isAuthenticated
2024-02-16 13:08:29 -03:00
7f0433c805
Merge branch '6.2.x'
2024-02-12 17:01:38 -07:00
2702a64be7
Use Localhost for Internal Logout Endpoint
...
Closes gh-14553
2024-02-12 17:00:58 -07:00
34526c3e01
Merge branch '6.2.x'
2024-02-12 12:54:29 -07:00
3ab323663a
Do Not Wire Default OidcSessionStrategy without OidcLogoutConfigurer
...
Closes gh-14558
2024-02-12 12:53:48 -07:00
ccb2f06d0d
Partially revert fc658d10
...
OpenIDAuthenticationFilter exists in versions < 6.0
Issue gh-14531
2024-02-07 10:13:34 -03:00
dea6d6b49c
Merge branch '6.2.x'
...
Closes gh-14566
2024-02-07 09:38:10 -03:00
ad96837e59
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14565
2024-02-07 09:38:02 -03:00
ba1068e368
Merge branch '5.8.x' into 6.1.x
...
Closes gh-14564
2024-02-07 09:37:52 -03:00
fc658d10d3
fix security filter sort in javadoc
...
Closes gh-14531
2024-02-07 09:37:01 -03:00
915d68e216
Remove includeExpiredSessions parameter
...
The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter
Issue gh-6192
2024-02-06 10:43:00 -03:00
a282887906
Merge branch '6.2.x'
2024-02-05 15:42:09 -07:00
b43b3b144e
Merge branch '6.1.x' into 6.2.x
2024-02-05 15:41:58 -07:00
ffe9577487
Merge branch '5.8.x' into 6.1.x
2024-02-05 15:41:35 -07:00
7c3a6a567e
Fix Compilation Errors
...
Issue gh-14525
2024-02-05 15:18:31 -07:00
07e0b1dc37
Saml2 LogoutFilter Is Placed Before Common LogoutFilter
...
Closes gh-14525
2024-02-05 15:18:31 -07:00
3a53422478
Fix Failing Test
...
Closes gh-14467
2024-01-29 17:14:30 -07:00
27ebeefb14
Fix Failing Test
...
Closes gh-14467
2024-01-26 11:24:00 -07:00
bdc0bd6b78
Add usernameParameter and passwordParameter to FormLoginDsl
...
Closes gh-14474
2024-01-24 09:56:38 -03:00
3f65f600de
Use AuthorizationEventPublisher Bean
...
- For Jsr250MethodInterceptor and SecuredMethodInterceptor
Closes gh-14401
2024-01-17 17:40:38 -07:00
1daa9e27e2
Merge branch '6.2.x'
2024-01-05 15:17:01 -03:00
e2bab7b7ef
Add .serialized suffix and consider them as binary in Git
...
Issue gh-3737
2024-01-05 15:14:22 -03:00
85177c0178
Merge branch '6.2.x'
...
Closes gh-14408
2024-01-05 14:22:49 -03:00
4fb6a33d36
Verify Serializable Objects Are Deserializable Between Minor Versions
...
This commit introduces a test that verifies that Spring Security domain classes that implements Serializable and have the same serialVersionUID as SpringSecurityCoreVersion#SERIAL_VERSION_UID can be deserialized between minor versions.
This commit also introduces another test that should be used to generate the files containing the serialized content of the objects.
Closes gh-3737
2024-01-05 12:00:02 -03:00
eeb2f5d108
Merge branch '6.2.x'
2023-12-28 12:56:52 -06:00
428a3a2703
Merge branch '6.1.x' into 6.2.x
2023-12-28 12:56:36 -06:00
3beb583207
Merge branch '5.8.x' into 6.1.x
2023-12-28 12:56:25 -06:00
16dc6be3c8
Update copyright year
...
Issue gh-14329
2023-12-28 12:54:29 -06:00
c88aaedb48
Updated broken documentation link in javadocs
2023-12-28 12:54:29 -06:00
707588f870
Merge branch '6.2.x'
2023-12-26 15:58:51 -03:00
d385b53e3c
Merge branch '6.1.x' into 6.2.x
2023-12-26 15:58:39 -03:00
92af758f1f
Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive
...
Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state.
Issue gh-14362
2023-12-26 15:58:16 -03:00
778a63a763
Revert "Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing"
...
This reverts commit 8a93178da7
2023-12-26 15:10:15 -03:00
5ad34d1f92
Merge branch '6.2.x'
...
Closes gh-14381
2023-12-26 11:20:51 -03:00
dd20f0694d
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14380
2023-12-26 11:20:41 -03:00
7cd626fe25
Fix FilterChainProxy cannot be found when @EnableWebSecurity(debug = true)
...
Closes gh-14370
2023-12-26 11:20:09 -03:00
08d764dc84
Merge branch '6.2.x'
...
Closes gh-14378
2023-12-26 10:42:45 -03:00
Marcus Hert Da Coregio
Josh Cummings
DingHao
Rob Winch
Andreas Asplund
y-tomida
Steve Riesenberg
Geir Hedemark
DingHao