Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,469 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

16469 Commits

Author SHA1 Message Date
Josh Cummings 94431d1650
Add Internal OpenSAML API 
This will be useful for exposing OpenSAML functionality at
a higher level. Each OpenSAML major version release should
provide a new implementation.

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Josh Cummings 54a4792b7a
Remove Unneeded OpenSAML 4 References 
This will reduce the number of components that need to be
duplicated between the OpenSAML 4 and 5 support

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Josh Cummings ab842b74b9
Use OpenSAML ParserPool Defaults 
Originally, Spring Security turned off various features
XML parsing feature for the underlying DocumentBuilderFactory
that OpenSAML uses.

Both OpenSAML 4 and 5 set these values by default, so we
can safely accept the defaults at this point.

Issue gh-11658
 2024-08-06 18:14:09 -06:00
Daniel Garnier-Moiroux bc8ba7f3b7 Inline CSS for default login and logout page 
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
  in air-gapped or offline scenarios, and no dependency on an external CDN that may
  go away some day.
 2024-08-05 09:27:18 -05:00
github-actions[bot] c2fdc752aa Merge branch '6.2.x' into 6.3.x 2024-08-05 01:29:19 +00:00
github-actions[bot] 1b708a1aec Merge branch '5.8.x' into 6.2.x 2024-08-05 01:29:19 +00:00
github-actions[bot] 66efb63dba Merge branch '6.3.x' 2024-08-05 01:29:19 +00:00
dependabot[bot] e9e0ec89fb Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 18:28:27 -07:00
github-actions[bot] 0d017f1413 Merge branch '6.2.x' into 6.3.x 2024-08-05 01:14:00 +00:00
github-actions[bot] 154a540682 Merge branch '5.8.x' into 6.2.x 2024-08-05 01:14:00 +00:00
github-actions[bot] 3db1ba28e4 Merge branch '6.3.x' 2024-08-05 01:14:00 +00:00
dependabot[bot] 596c5f9b0c Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 18:13:16 -07:00
github-actions[bot] 3bd295f002 Merge branch '6.2.x' into 6.3.x 2024-08-05 00:41:15 +00:00
github-actions[bot] 0706959853 Merge branch '6.3.x' 2024-08-05 00:41:15 +00:00
dependabot[bot] a1e08a302d Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:40:47 -07:00
dependabot[bot] a6c4031b6b Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:40:29 -07:00
dependabot[bot] 999a3bb879 Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.12.0 to 1.13.0.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:36:29 -07:00
dependabot[bot] d8e3a64c33 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:33:53 -07:00
github-actions[bot] 2f1d758538 Merge branch '6.2.x' into 6.3.x 2024-08-05 00:32:53 +00:00
github-actions[bot] dd61619cbc Merge branch '6.3.x' 2024-08-05 00:32:53 +00:00
dependabot[bot] fd8bc579d3 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:32:11 -07:00
dependabot[bot] 64b938ad80 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.11 to 1.0.0-alpha.12.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.11...v1.0.0-alpha.12)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 17:31:57 -07:00
Josh Cummings 37a2812d1a
Mimic Annotation Fallback Logic 
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
 2024-07-31 16:17:42 -06:00
Josh Cummings 77bce14462
Polish Annotation Test 
This new arrangement of the test better matches the class
hierarchy described by the original ticket.

Issue gh-13234
 2024-07-31 16:17:42 -06:00
Josh Cummings 90335bd0a6
Polish Annotation Test 
This test was made more effective by having it focus on the real
scenario of resolving annotations from the standpoint of a bean
 2024-07-31 16:17:42 -06:00
Josh Cummings b743d8f7a1
Merge branch '6.3.x' 2024-07-31 16:17:15 -06:00
Josh Cummings f20ae1a71c
Revert gh-13783 
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
 2024-07-31 16:16:34 -06:00
Steve Riesenberg b710b666d0
Merge branch '6.3.x' 2024-07-31 17:04:36 -05:00
Steve Riesenberg f059c05c93
Merge branch '6.2.x' into 6.3.x 2024-07-31 17:04:22 -05:00
Steve Riesenberg d2ebde2418
Revert merged file 
Issue gh-15503
 2024-07-31 17:04:09 -05:00
Steve Riesenberg 4595bb6ae7
Merge branch '6.3.x' 2024-07-31 17:01:01 -05:00
Steve Riesenberg ce26b42f97
Merge branch '6.2.x' into 6.3.x 2024-07-31 17:00:37 -05:00
Steve Riesenberg 5895f19a73
Merge branch '5.8.x' into 6.2.x 2024-07-31 17:00:07 -05:00
Steve Riesenberg 5d335ccf8d
Fix job dependencies 
Issue gh-15503
 2024-07-31 16:59:35 -05:00
Josh Cummings d47e0d46b2
Merge branch '6.3.x' 2024-07-31 15:56:21 -06:00
Josh Cummings eac8bc24aa
Merge branch '6.2.x' into 6.3.x 2024-07-31 15:56:08 -06:00
Josh Cummings 8d43f1bd7d
Merge branch '5.8.x' into 6.2.x 2024-07-31 15:48:44 -06:00
Josh Cummings 5cdcdc9bcb
Suppress Node Files From Nohttp Analysis 
Given that we have no control over the contents of
third-party code, it isn't helpful to have nohttp
generate errors for the usage of http:// in that code.
 2024-07-31 15:48:28 -06:00
Steve Riesenberg 6c43f357b7
Merge branch '6.3.x' 
Closes gh-15506
 2024-07-31 15:46:37 -05:00
Steve Riesenberg f00a5db132
Merge branch '6.2.x' into 6.3.x 
Closes gh-15505
 2024-07-31 15:45:31 -05:00
Steve Riesenberg dae2674dbe
Merge branch '5.8.x' into 6.2.x 
Closes gh-15504
 2024-07-31 15:42:08 -05:00
Steve Riesenberg a5b1dec99a
Migrate slack notifications to GChat 
Closes gh-15503
 2024-07-31 14:59:04 -05:00
Josh Cummings ef35c4a64a
Merge branch '6.3.x' 2024-07-29 15:10:50 -06:00
Josh Cummings 97a49e18b9
Merge branch '6.2.x' into 6.3.x 2024-07-29 15:10:32 -06:00
Josh Cummings e51507e32d Polish Inline Code Formatting 2024-07-29 14:08:01 -07:00
Junhyunny bfee6927c2 Correct Explanation for HttpSessionCsrfTokenRepository 2024-07-29 14:08:01 -07:00
Josh Cummings 78f2c15f0d
Merge branch '6.3.x' 2024-07-29 15:06:41 -06:00
Josh Cummings abaab2ef55
Merge branch '6.2.x' into 6.3.x 
Closes gh-15495
 2024-07-29 15:06:27 -06:00
Josh Cummings 9a83986b91
Merge branch '5.8.x' into 6.2.x 
Closes gh-15494
 2024-07-29 15:04:49 -06:00
Roman Zabaluev ea2ec04633 Clarify url Parameter Usage in AD Provider 
Closes gh-7760
 2024-07-29 14:04:13 -07:00