Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,600 Commits 34 Branches 337 Tags
Commit Graph

1533 Commits

Author SHA1 Message Date
Joe Grandja
413dfc8679 Unlock dependencies 
This reverts commit a61145f74c1b39dc3bc0620da3988daa9a02bb85.
 2020-05-06 15:29:45 -04:00
Joe Grandja
a61145f74c Lock dependencies for 5.3.2.RELEASE 2020-05-06 15:06:08 -04:00
Dávid Kovács
a89e3d385f Add ROLE_INFRASTRUCTURE to infrastructure beans 
Closes gh-8407
 2020-04-27 09:02:33 -05:00
Rob Winch
f6ddba8cd8 Logout defaults to use Global SecurityContextServerLogoutHandler 
Closes gh-8375
 2020-04-13 16:37:29 -05:00
Eleftheria Stein
2d71297b7e Fix HttpSecurity Javadoc 
Fixes gh-4404
 2020-04-02 11:40:07 -04:00
Joe Grandja
a78872f268 Unlock dependencies for 5.3.1.RELEASE 
This reverts commit 88c02684bb54effb483d460031f5007610851f80.
 2020-03-31 17:53:13 -04:00
Joe Grandja
88c02684bb Lock dependencies for 5.3.1.RELEASE 2020-03-31 17:28:36 -04:00
Rob Winch
0e6e2b2a21 Fix HttpServlet3RequestFactory Logout Handlers 
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.

This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.

Closes gh-4760
 2020-03-30 20:50:12 -05:00
Rob Winch
f82d59a1e5 SpringTestContext returns ConfigurableWebApplicationContext 
Closes gh-8233
 2020-03-30 20:50:12 -05:00
Joe Grandja
0230827335 oauth2Login WebFlux does not auto-redirect for XHR request 
Fixes gh-8118
 2020-03-26 05:08:58 -04:00
Eleftheria Stein
699fed7f98 Fix rsocket test 
Request route that exists; add additional error message verification

Fixes gh-8154
 2020-03-20 08:39:43 -04:00
Erik van Paassen
82dbce47b1
Fix typo in Javadoc of HttpSecurity#csrf() 
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
 2020-03-17 13:35:28 -06:00
Markus Engelbrecht
e6ad3d5508
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 11:00:18 -06:00
Josh Cummings
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7e449e1e8347f9a0b3959c7abf095dc.
 2020-03-04 12:02:48 -07:00
Josh Cummings
147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings
c729fee7bc
Malformed Bearer Token Returns 401 for WebFlux 
Fixes gh-7668
 2020-03-03 15:42:02 -07:00
Joe Grandja
c111099640 Polish client-registration xsd attributes 
Issue gh-4557
 2020-03-02 15:02:46 -05:00
Josh Cummings
e97396b9c7 Add Resource Server XML Support 
Fixes gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings
f1a2d69968 Add AuthenticationProvider List Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings
34b40deb38 Add By-RequestMatcher Exception Handling 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings
98a2ca3bbc Add Csrf Ignore Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings
19584884b3
Register Authentication Provider in Init Phase 
Fixes gh-8031
 2020-02-28 15:32:27 -07:00
Filip Hanik
3257349045 Support POST binding for AuthNRequest 
Has been tested with

- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
 2020-02-28 09:15:26 -08:00
Rob Winch
727fee1e12 Polish HeaderWriterSpec 
Assert.notNull(Object,Supplier) is for when then message passed in
requires concatenation and avoids doing extra work. Since this does
not require concatenation, we can use Assert.notNull(Object,String)

Issue gh-7636
 2020-02-27 07:57:51 -06:00
Ankur Pathak
480c5bc87e Custom ServerHttpHeadersWriter to HeaderSpec 
Add the ability to have a custom ServerHttpHeadersWriter to HeaderSpec
Fixes gh-7636
 2020-02-27 07:55:30 -06:00
Eleftheria Stein
2fb3d3d5a2 Add hasRole to authorizeRequests in Kotlin DSL 
Fixes: gh-8023
 2020-02-25 08:29:26 -05:00
Joe Grandja
4cd89b584f Polish gh-5184 2020-02-20 21:25:17 -05:00
Joe Grandja
8a4ff4452b Add XML namespace support for oauth2-client 
Fixes gh-5184
 2020-02-20 20:05:48 -05:00
Eleftheria Stein
171e0d048f Fix typo in WebSecurityConfigurer Javadoc 
Fixes: gh-7876
 2020-02-14 11:00:45 +01:00
Joe Grandja
ff8002eb2e Polish gh-4557 2020-02-12 15:47:57 -05:00
Ruby Hartono
71a5c9521c Add XML namespace support for oauth2-login 
Fixes gh-4557
 2020-02-12 15:26:17 -05:00
Joe Grandja
40c0a452d7 Define oauth2-login xsd elements 
Issue gh-4557
 2020-02-12 15:26:17 -05:00
Eleftheria Stein
fde3ccb8b3 Add marker to make Kotlin DSL type safe 
Fixes: gh-7971
 2020-02-12 11:35:45 +01:00
Eleftheria Stein
1d6fdd249b Add missing Javadoc to Kotlin class 2020-02-11 18:09:30 +01:00
Eleftheria Stein
f37a4557e6 Fix typo in Kotlin Javadoc 2020-02-11 18:09:30 +01:00
Josh Cummings
5bdf57d1e5
Remove Groovy and Spock Dependencies 
Fixes gh-4939
 2020-02-10 10:38:40 -07:00
Eleftheria Stein
a5210aaf9b Support custom filter in Kotlin DSL 
Fixes: gh-7951
 2020-02-10 12:03:32 +01:00
Stephane Maldini
851be025e9 Don't force downcasting of RequestAttributes to ServletRequestAttributes 
Fixes gh-7952
 2020-02-07 20:44:19 -05:00
Eleftheria Stein
8c0b754a49 Fix credentials precedence over introspector in Kotlin 
Fixes: gh-7878
 2020-02-06 11:01:42 +01:00
Eleftheria Stein
1fed688f05 Fix JWK Set URI precedence over decoder in Kotlin 
Fixes: gh-7877
 2020-02-06 10:48:42 +01:00
Eleftheria Stein
84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef077cf23028d64b61b1452be0ec9eb1.
 2020-02-05 15:53:04 +01:00
Eleftheria Stein
064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Rob Winch
1d7208f8ef Add RSocket Authentication Extension Support 
Fixes gh-7935
 2020-02-04 23:36:47 -06:00
Josh Cummings
209c81d65d
Add BadOpaqueTokenException 
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.

Fixes gh-7902
 2020-02-04 17:33:08 -07:00
Josh Cummings
0c3754c811
Add BadJwtException 
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.

Fixes gh-7885
 2020-02-04 17:33:08 -07:00
Josh Cummings
3e07b35611
Polish Bearer Token Error Handling 
Issue gh-7822
Issue gh-7823
 2020-02-03 17:54:39 -07:00
James
ee6df1701b
Polish SessionManagementConfigurer 2020-01-31 11:24:36 -07:00
Josh Cummings
cb9fd09150
Change AuthenticationWebFilter's constructor 
Fixes gh-7872
 2020-01-31 09:31:28 -07:00
Eleftheria Stein
a512789a93 Fix requiresAuthenticationMatcher not being used 
The custom server requiresAuthenticationMatcher was not always picked up

Fixes: gh-7863
 2020-01-27 16:12:27 +01:00
Eleftheria Stein
29377545d9 Fix authenticationFailureHandler not being used 
The custom server authenticationFailureHandler was not always picked up

Fixes: gh-7782
 2020-01-27 13:10:03 +01:00