Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,200 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

1694 Commits

Author SHA1 Message Date
Marcus Hert Da Coregio f8ff056eb6 Update Max Sessions on WebFlux 
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler

Issue gh-6192
 2024-02-28 10:06:45 -03:00
Marcus Hert Da Coregio a5ce8ae87f Polish Max Sessions on WebFlux 
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry

Issue gh-6192
 2024-02-27 11:12:50 -03:00
Josh Cummings 4d039e515f
Merge branch '6.2.x' 2024-02-22 13:21:22 -07:00
Josh Cummings 9c48546883
Merge branch '6.1.x' into 6.2.x 2024-02-22 13:21:14 -07:00
Josh Cummings 7f106f0419
Merge branch '5.8.x' into 6.1.x 2024-02-22 13:20:29 -07:00
Christian Becker 5f80468de3 Updated copyright date 2024-02-22 13:19:05 -07:00
Christian Becker 2f762fefe1 Allow tab in HTTP header values. 
Closes gh-14573
 2024-02-22 13:19:05 -07:00
Marcus Hert Da Coregio 21580fd27d Merge branch '6.2.x' 2024-02-16 13:31:20 -03:00
Marcus Hert Da Coregio 15306c1007 Merge branch '6.1.x' into 6.2.x 2024-02-16 13:21:15 -03:00
Rob Winch 750cb30ce4 Add AuthenticationTrustResolver.isAuthenticated 2024-02-16 13:08:29 -03:00
Josh Cummings aa8178af65
Merge branch '6.2.x' 2024-02-07 08:53:16 -07:00
Josh Cummings 0cadabfa89
Merge branch '6.1.x' into 6.2.x 
Closes gh-14568
 2024-02-07 08:52:47 -07:00
Josh Cummings 75fdcd10f7
Use synchronized 
Closes gh-14445
 2024-02-07 08:48:49 -07:00
Marcus Hert Da Coregio 915d68e216 Remove includeExpiredSessions parameter 
The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter

Issue gh-6192
 2024-02-06 10:43:00 -03:00
Federico Herrera c1adeef0da Add validation IpAddressMatcher 
Closes gh-13621
 2024-01-30 17:16:18 -07:00
Nermin Karapandzic 6e1bcfed11 Add argument resolver for SecurityContext 
Closes gh-13425
 2024-01-29 17:30:38 -07:00
ahmd-nabil a808c139ad Enhance IpAddressMatcher performance 
Closes gh-14493

Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>
 2024-01-29 17:28:19 -07:00
sonallux 6df9ef5ba6 Fix wrong class name in JavaDoc 
In the `ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder` class the JavaDoc comments mention the wrong class name. This commit fixes this.
 2024-01-19 09:29:07 -07:00
Marcus Hert Da Coregio 06278157fa Merge branch '6.2.x' 
Closes gh-14471
 2024-01-17 16:16:40 -03:00
Marcus Hert Da Coregio 148e0b41d2 Merge branch '6.1.x' into 6.2.x 
Closes gh-14470
 2024-01-17 16:16:27 -03:00
Marcus Hert Da Coregio ce5f5e6e33 Add native hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken 
Closes gh-14397
 2024-01-17 16:14:59 -03:00
Josh Cummings d7a9a19161
Merge branch '6.2.x' 2023-12-18 11:47:39 -07:00
Josh Cummings 03e48905c7
Merge branch '6.1.x' into 6.2.x 
Closes gh-14346
 2023-12-18 11:47:23 -07:00
Josh Cummings b855ccdb09
Merge branch '5.8.x' into 6.1.x 
Closes gh-14345
 2023-12-18 11:46:04 -07:00
Josh Cummings eaaa813ede
Fix header value typo 
Closes gh-11948
 2023-12-18 10:42:50 -07:00
Josh Cummings 8a34e32a24 Polish IpAddressAuthorizationManager 
Closes gh-10577
 2023-12-15 16:54:58 -07:00
brunodmartins ea7c720ce7 Add hasIpAddress to Kotlin DSL 
Closes gh-10577
 2023-12-15 16:54:58 -07:00
Rob Winch 465642828a Merge branch '6.2.x' 
Add HandlerMappingIntrospector Caching

Closes gh-14333
 2023-12-14 16:11:08 -06:00
Rob Winch 6dd29520b0 Merge branch '6.1.x' into 6.2.x 
Add HandlerMappingIntrospector Caching

Closes gh-14332
 2023-12-14 16:10:50 -06:00
Rob Winch 70dfb3d391 Add HandlerMappingIntrospector Caching 
Closes gh-14128
 2023-12-14 16:08:36 -06:00
Marcus Da Coregio 57ab15127a Add Max Sessions on WebFlux 
Closes gh-6192
 2023-12-11 09:48:34 -03:00
Josh Cummings cad6689659
Merge remote-tracking branch 'origin/6.1.x' 2023-11-15 09:28:28 -07:00
Josh Cummings 187ef0e1a8
Merge branch '6.0.x' into 6.1.x 
Closes gh-14146
 2023-11-15 09:26:59 -07:00
Josh Cummings 18530c8dcd
Add PhasedObservation 
Observation itself does not protect against start and stop being called
multiple times. This commit aligns all observation instances to instead
use an implementation that does have these guards in place.

Closes gh-14082
 2023-11-15 09:22:41 -07:00
Marcus Hert Da Coregio e920bfb3a2 Merge branch '6.1.x' 
Closes gh-14138
 2023-11-14 10:56:57 -03:00
Marcus Hert Da Coregio 921afba134 Use addCookie instead of addHeader in CookieCsrfTokenRepository 
By using addCookie we make sure that configured Tomcat's CookieProcessors are invoked

Closes gh-14131
 2023-11-14 10:56:24 -03:00
Josh Cummings 621ab3e7cb
Merge remote-tracking branch 'origin/6.1.x' 2023-11-07 17:33:09 -07:00
Josh Cummings bcef8f98aa
Merge branch '6.0.x' into 6.1.x 
Closes gh-14117
 2023-11-07 17:32:51 -07:00
Josh Cummings 4990373cf9
Merge branch '5.8.x' into 6.0.x 
Closes gh-14116
 2023-11-07 17:22:36 -07:00
Josh Cummings 52675c80b3
Check For Null Exception Message 
Closes gh-13768
 2023-11-07 17:19:35 -07:00
Steve Riesenberg d0a5ada2da
Fix formatting 2023-10-31 15:38:44 -05:00
Steve Riesenberg 447f40949c
Revert unnecessary merges on 6.1.x 
This commit removes unnecessary main-branch merges starting from
9f8db22b77 and adds the following
needed commit(s) that were made afterward:

- 4d6ff49b9d
- ed6ff670d1
- c823b00794
- 44fad21363
 2023-10-31 15:22:15 -05:00
Steve Riesenberg 9db33f33c7
Revert unnecessary merges on 6.0.x 
This commit removes unnecessary main-branch merges starting from
8750608b5b and adds the following
needed commit(s) that were made afterward:

- 5dce82c48b
 2023-10-31 15:11:45 -05:00
Martin Lukas 318dec845a Update obsolete comment reference (former name of the class) 2023-10-31 09:48:43 -03:00
Josh Cummings ed6ff670d1 Add Test 
Issue gh-13660
 2023-10-30 17:49:58 -06:00
Duje 4d6ff49b9d Removed dash from micrometer metric label 
Closes gh-13660
 2023-10-30 17:49:58 -06:00
Josh Cummings 5dce82c48b
Close Both Observations 
Depending on when a request is cancelled, the before and after observation
starts and stops may be called out of order due to the order in
which their doOnCancel handlers are invoked.

To address this, the before filter-wrapper now always closes both the
before observation and the after observation. Since the before filter-
wrapper wraps the entire request, this ensures that either that was
started is stopped, and either that has not been started yet cannot
inadvertently be started by any unexpected ordering of events that
follows.

Closes gh-14031
 2023-10-30 16:32:11 -06:00
Mark Chesney d9399dfda0 Allow redirect status code to be customized 
Closes gh-12797
 2023-10-16 13:55:52 -06:00
Mark Chesney 2638555e53 Allow redirect strategy to be customized 
Closes gh-12795
 2023-10-16 13:55:52 -06:00
Marcus Da Coregio 7e9d707c7d Allow customize the AuthenticationConverter in BasicAuthenticationFilter 
Closes gh-13988
 2023-10-11 08:42:45 -03:00