Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,313 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

2099 Commits

Author SHA1 Message Date
Josh Cummings 35fc437559
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-14 09:25:49 -06:00
Josh Cummings 9b43316f4d
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-14 09:25:16 -06:00
Joe Grandja a3326fc0ee Remove deprecated implicit authorization grant type 
Closes gh-11506
 2022-07-14 10:05:15 -04:00
Josh Cummings 624fdfa731
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-13 17:58:16 -06:00
Josh Cummings 51475e2583
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-13 17:57:38 -06:00
Steve Riesenberg d3b8bacc3c
Polish InterceptMethodsBeanDefinitionDecorator 2022-07-13 11:38:50 -05:00
Joe Grandja d85abc7bbb Update javadoc in CommonOAuth2Provider 
Closes gh-11490
 2022-07-13 11:20:04 -04:00
Marcus Da Coregio 7abea4a964 Add RuntimeHints suffix for RuntimeHintsRegistrar 
Closes gh-11497
 2022-07-13 10:14:43 -03:00
Joe Grandja 177baba8c9 RuntimeHintsPredicates moved to predicate package 2022-07-12 16:00:50 -04:00
Marcus Da Coregio 6455e98745 FilterSecurityInterceptor applies to every request by default 
Closes gh-11466
 2022-07-12 10:53:03 -03:00
Josh Cummings 60652afb32
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:54:59 -06:00
Josh Cummings 7560a32460
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:39:41 -06:00
Rob Winch d2d5313bba Fix Formatting 
Issue gh-11327
 2022-07-08 09:21:53 -05:00
Josh Cummings c9a3d21b9b
Add Configuration Test 
Issue gh-11327
 2022-07-07 14:46:37 -06:00
Josh Cummings e8a7b654b4
Add Configuration Test 
Issue gh-11327
 2022-07-07 14:42:07 -06:00
Josh Cummings 01ffc93062
Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 14:40:53 -06:00
Josh Cummings ec8c13392c
Clarify variable names 
Issue gh-11327
 2022-07-07 14:26:40 -06:00
Josh Cummings d27d431bbc
Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 13:52:36 -06:00
Josh Cummings cdafa4ee21
Clarify variable names 
Issue gh-11327
 2022-07-07 13:38:42 -06:00
Steve Riesenberg 0c48b6bc7f
Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:03:20 -05:00
Steve Riesenberg 696da87478 Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:00:04 -05:00
Josh Cummings 148c926de0
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 13:01:57 -06:00
Josh Cummings 74a007dc91
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 12:54:05 -06:00
Igor Bolic d96b4a0463 Set the useTrailingSlashMatch to true for tests 
The Spring MVC changed the default behavior for trailing slash match
with https://github.com/spring-projects/spring-framework/issues/28552.
This causes failures in Spring Security's tests.

Setting the `useTrailingSlashMatch` to `true` ensures that Spring
Security will work for users who have modified the default configuration.
Specifing the request mapper with trailing slash path ensures that the tests
are successful when default behavior is used.

Closes gh-11451
 2022-07-05 11:29:36 -06:00
Josh Cummings 05b788d1ac
Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:33:05 -06:00
Josh Cummings 03a5c3b08a
Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:32:05 -06:00
Josh Cummings d24a89ad53
Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 15:07:16 -06:00
Josh Cummings e8723f1f43
Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 14:58:53 -06:00
Josh Cummings a218d3e140
Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:56:55 -06:00
Josh Cummings 27de315e5e
Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:46:52 -06:00
Josh Cummings 83b3bb3209
Add SecurityContextHolderStrategy to Pre-authenticated scenarios 
Issue gh-11060
Issue gh-11061
 2022-06-28 12:10:07 -06:00
Josh Cummings 97cb2a7d91
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-28 12:09:56 -06:00
Josh Cummings 98995f2225
Add SecurityContextHolderStrategy to Pre-authenticated scenarios 
Issue gh-11060
Issue gh-11061
 2022-06-28 12:04:37 -06:00
Josh Cummings b3be35da31
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-28 12:04:37 -06:00
Josh Cummings 944f565c16
Use SecurityContextHolderStrategy for Remember-me 
Issue gh-11060
Isuse gh-11061
 2022-06-28 11:09:38 -06:00
Josh Cummings 4a2d77d3f2
Use SecurityContextHolderStrategy for Remember-me 
Issue gh-11060
Isuse gh-11061
 2022-06-28 11:08:57 -06:00
Josh Cummings b316a3217b
Add SecurityContextHolderStrategy for Jaas 
Issue gh-11060
Issue gh-11061
 2022-06-28 09:35:54 -06:00
Josh Cummings ee66850aed
Add SecurityContextHolderStrategy for Jaas 
Issue gh-11060
Issue gh-11061
 2022-06-28 09:26:05 -06:00
Josh Cummings bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:24:27 -06:00
Josh Cummings 484f35ca39
Add SecurityContextHolderStrategy Java Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:17:29 -06:00
Josh Cummings 74167d62b1
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 15:55:28 -06:00
Josh Cummings 9292a13146
Add SecurityContextHolderStrategy Java Configuration for Messaging 
Issue gh-11061
 2022-06-27 15:55:28 -06:00
Josh Cummings 5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:40:55 -06:00
Josh Cummings 74d646f569
Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:17:46 -06:00
Josh Cummings ef29d3944e
Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:17:44 -06:00
Josh Cummings c29b91cec7
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:17:43 -06:00
Josh Cummings 652c35db2f
Add SecurityContextHolderStrategy XML Configuration for OAuth2 
Issue gh-11061
 2022-06-27 13:05:13 -06:00
Josh Cummings 1d22316574
Add SecurityContextHolderStrategy Java Configuration for OAuth2 
Issue gh-11061
 2022-06-27 13:05:13 -06:00
Josh Cummings 6c16ac101a
Add SecurityContextHolderStrategy XML Configuration for Saml2 
Issue gh-11061
 2022-06-27 13:05:12 -06:00
Josh Cummings 97253c9293
Add SecurityContextHolderStrategy Java Configuration for Saml2 
Issue gh-11061
 2022-06-27 13:05:11 -06:00
Josh Cummings 9cd7c7b046
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:05:07 -06:00
Josh Cummings da57bac061
Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:03:11 -06:00
Josh Cummings fa0086d3b0
Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:01:22 -06:00
Josh Cummings 8d681b3b80
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:00:20 -06:00
Marcus Da Coregio a8c30f79e6 Add Core, MVC and MethodSecurity runtime hints 
Closes gh-11431
 2022-06-27 09:25:49 -03:00
Josh Cummings 150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 12:21:10 -06:00
Josh Cummings ce218c78f9
Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:58:38 -06:00
Josh Cummings 2a70707c35 Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Josh Cummings 2c09a300b6 Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Steve Riesenberg 79c2b8709b
Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 14:05:55 -05:00
Steve Riesenberg a061191bd2 Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 13:42:06 -05:00
Steve Riesenberg d18291676f
Update copyright year 
Issue gh-11372
 2022-06-15 13:14:07 -05:00
Steve Riesenberg c7df39a3e6
Fix tests using root cause for exception messages 
Closes gh-11372
 2022-06-14 17:12:15 -05:00
Jared Rufer 3ca4b06612
Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:56:16 -06:00
Jared Rufer 89989722d0 Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:50:33 -06:00
Houssem BELHADJ AHMED f4049c18b1 add SAML authentication request support to login configurer 
Closes gh-8873
 2022-06-06 08:05:33 -06:00
Marcus Da Coregio 4d65d96b8a Fix saml2Tests always running after a single test 
This commit makes the check task depend on the saml2Tests task.
The test task was also configured to run after saml2Tests, to make sure that the
compileTestJava runs after the compileSaml2TestJava

Issue gh-10816
 2022-06-03 11:22:46 -03:00
Marcus Da Coregio 3dd54bcda7 Run SAML 2.0 tests in an exclusive task 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 23903b5f18 Use Reflection to instantiate OpenSAML4 classes 
Because the OpenSAML4 classes are compiled using Java 11, we have to rely on reflection to instante those classes since the config module should be compatible with Java 8

Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio ccb1f68bfe Fix member variable using Java 9+ feature 
This causes compile errors when trying to build using JDK 8

Issue gh-10695
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 4c2401a576 Revert "Make source code compatible with JDK 8" 
This reverts commit 60ed3602f6.
 2022-06-02 19:24:42 +02:00
Josh Cummings 9683856956
Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:05:17 -06:00
Josh Cummings 38d481eba6
Make Internal Class Package-Private 
Issue gh-11305
 2022-05-31 16:04:26 -06:00
Josh Cummings d994ddc9b8
Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:04:02 -06:00
Josh Cummings 2afa9313eb
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 16:01:41 -06:00
Josh Cummings 9dbd1f3e25
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 15:10:00 -06:00
Josh Cummings e125a76687
Fix rnc typo 
Issue gh-11076
 2022-05-27 17:06:02 -06:00
Josh Cummings 7c0ba58019
Fix rnc typo 
Issue gh-11076
 2022-05-27 16:59:23 -06:00
Josh Cummings f4c0fcb5ef
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 13:35:19 -06:00
Josh Cummings 8a03d1fcec Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 12:20:48 -06:00
Juny Tse 16664dcdbd
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:43:50 -06:00
Juny Tse f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:42:54 -06:00
Josh Cummings 5cbc1a47da
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 15:30:07 -06:00
Josh Cummings 88f9529329
Correctly encode query parameters 
Issue gh-11235
 2022-05-23 15:30:01 -06:00
Josh Cummings b51c71c3b3
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 13:56:28 -06:00
Josh Cummings 5adb6e25a3
Correctly encode query parameters 
Issue gh-11235
 2022-05-20 17:46:40 -06:00
Josh Cummings 0814136ee8
Polish WebExpressionAuthorizationManager 
- Add support for request variables
- Added additional tests

Issue gh-11105
 2022-05-13 14:14:42 -06:00
Evgeniy Cheban c4766e64fe
Add AuthorizationManager that uses ExpressionHandler 
Closes gh-11105
 2022-05-13 14:05:34 -06:00
Josh Cummings ffaf5b4e61
Polish WebExpressionAuthorizationManager 
- Add support for request variables
- Added additional tests

Issue gh-11105
 2022-05-13 13:53:38 -06:00
Evgeniy Cheban 07b0be3f42 Add AuthorizationManager that uses ExpressionHandler 
Closes gh-11105
 2022-05-13 13:52:49 -06:00
Rob Winch f34ea188e2 RequestRejectedException is 400 by Default 
Closes gh-7568
 2022-05-12 10:32:27 -05:00
Marcus Da Coregio 806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Marcus Da Coregio dc2bd2b4f8 Update copyright headers 
Issue gh-10956
 2022-05-06 14:33:59 -03:00
Marcus Da Coregio de9b7b4fb8 Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:33:59 -03:00
Marcus Da Coregio 18c220c870 Update copyright headers 
Issue gh-10956
 2022-05-06 14:26:29 -03:00
Marcus Da Coregio 18345feeed Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:26:29 -03:00
Marcus Da Coregio 995b2918bb Remove SAML Deprecations 
Closes gh-11077
 2022-05-06 10:15:42 -03:00
Rob Winch 6420cf28a9 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:52:22 -05:00
Rob Winch dec0d97ef0 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:50:56 -05:00
Josh Cummings 4ebd37ae77
Add 5.8 Support 2022-05-03 09:04:34 -06:00