Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,638 Commits 34 Branches 334 Tags 115 MiB
Commit Graph

2040 Commits

Author SHA1 Message Date
Maksim Mednik eacd212a5a Adding Map support to DefaultMethodSecurityExpressionHandler 2020-04-04 15:46:07 -04:00
Markus Engelbrecht d81321bc29
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 10:54:14 -06:00
Eleftheria Stein 5850a4cd73 Fix security version test 2020-03-06 18:46:00 -05:00
Eleftheria Stein b2ea0ba775 Polish SessionIdChangedEvent 
Add AbstractSessionEvent; clean up license headers and Javadocs

Fixes: gh-5438
 2020-03-06 12:04:49 -05:00
Venkata Jaswanth 5fc6414377 SessionRegistryImpl is now aware of SessionIdChangedEvent 2020-03-06 12:04:01 -05:00
Attoumane AHAMADI bfc2832c6c
Authentication Event Publisher Mappings 
Fixes gh-7824
 2020-02-21 12:49:04 -07:00
Josh Cummings 653400edfa
Polish DefaultAuthenticationEventPublisher 
Simplified the constructor selection logic.

Issue gh-7825
 2020-02-06 14:13:05 -07:00
Zeeshan Adnan 51b9b2f693
DefaultAuthenticationEventPublisher Default Event 
Fixes gh-7825
 2020-02-06 14:13:04 -07:00
Josh Cummings fbdecdafb8
Add Mapping to Invalid Bearer Token 
Fixes gh-7793
 2020-02-04 17:33:08 -07:00
Joe Grandja 04f3fe8af9 Add Jackson support for oauth2-client session related classes 
Fixes gh-4886
 2020-02-04 09:01:12 -05:00
Josh Cummings d22b476983
Polish ProviderManager 
Updated copyright date range and adjusted constructor order to better
match DelegatingReactiveAuthenticationManager

Fixes gh-7713
 2020-01-30 16:08:01 -07:00
Thomas Vitale 5ce60022d3 ProviderManager should have a varargs constructor 
- Added varargs constructor to ProviderManager.
- Added check for null values in AuthenticationProvider list.
- Updated ProviderManagerTests to test for null values using both constructors.

Fixes gh-7713
 2020-01-30 16:07:24 -07:00
Daniel Bustamante Ospina 150b66824d Make MethodSecurityEvaluationContext Delegate to MethodBasedEvaluationContext 
Spring Security's MethodSecurityEvaluationContext should delegate to Spring Framework's
MethodBasedEvaluationContext

Fixes: gh-6224
 2020-01-03 19:49:41 -05:00
Matthias Stock 5fde3044f7 Resolve JavaType only once for whitelisted class 2020-01-02 10:30:51 -05:00
Tao Sun 156fc294bf Deserialize details field in UsernamePasswordAuthenticationToken 
Before this commit, the details field was set to a JsonNode, but now it is deserialized correctly.

Fixes gh-7482
 2019-12-18 17:35:51 +01:00
Rob Winch 17449cbf60 Fix next development version 2019-11-27 08:16:23 -06:00
LeeHainie 4b4c6e612b Remove unnecessary instantiation in root 
Fixes: gh-7635
 2019-11-07 10:26:02 +01:00
Josh Cummings 5f17032ffd Restore Removed Throws Clauses 
In a recent clean-up, certain exceptions were removed from various
throws clauses.

This PR re-introduces throws clauses that are important for one of the
following reasons:

1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.

Fixes gh-7541
 2019-10-30 12:13:54 -06:00
Isaac Cummings 1081066d60 Polish AuthorityUtils 
Changed parameter name to authorities
Added JavaDoc

Fixes gh-4805

Co-authored-by: Everett Irwin <everettirwin77@gmail.com>
 2019-10-16 10:44:00 -06:00
Rob Winch b29106ea31 Use deamon thread for Schedulers.newParallel 
Fixes gh-7492
 2019-09-30 15:19:31 -05:00
Rob Winch 1bf0e70bd0 Revert "Dispose default Scheduler" 
This reverts commit 39600b901f.
 2019-09-30 15:19:31 -05:00
Rob Winch fc8a0184b0 Polish Dispose default Scheduler 2019-09-30 14:42:28 -05:00
Rob Winch e0414e5cbe Merge pull request #7493 from robotmrv/gh-7492 
Dispose default Scheduler
 2019-09-30 14:40:28 -05:00
Filip Hanik f832d08814 Upgrade Jackson JSON library to 2.10.0 2019-09-29 18:23:32 -07:00
Roman Matiushchenko 39600b901f Dispose default Scheduler 
AbstractUserDetailsReactiveAuthenticationManager creates parallel
Scheduler with daemon=false Threads. It is recommended to dispose such
Schedulers to be able exit the VM

Fixes gh-7492
 2019-09-29 20:23:05 +03:00
Josh Cummings 1630b3b1f3
CurrentSecurityContext JavaDoc 
Fixes gh-7489
 2019-09-27 16:23:33 -06:00
Rob Winch ff54eb878a Use Schedulers.boundedElastic() 
Fixes gh-7457
 2019-09-19 13:51:06 -05:00
Rob Winch cb5c58eeaa AbstractUserDetailsReactiveAuthenticationManager uses newParallel 
It is recommended to use newParallel to avoid impacting the timed
operations which all use parallel()

Fixes gh-7456
 2019-09-19 13:43:25 -05:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Onur Kagan Ozcan 034b5e9e93 Introduce LogoutSuccessEvent 
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
 2019-09-18 10:57:16 -05:00
kostya05983 f6c650db47
Replace Streams with Loops 
First version of replacing streams

fix wwwAuthenticate and codestyle

fix errors in implementation to pass tests

Fix review notes

Remove uneccessary final to align with cb

Short circuit way to authorize

Simplify error message, make code readably

Return error while duplicate key found

Delete check for duplicate, checkstyle issues

Return duplicate error

Fixes gh-7154
 2019-09-02 15:30:48 -06:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses 
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
 2019-08-23 01:03:54 +02:00
Angel Aguilera 11f423511d Add Catalan localization messages 2019-08-21 10:14:29 -05:00
Rob Winch 4166c6e493 Fix UserDetailsPasswordService Checkstyle 
Issue gh-7266
 2019-08-16 06:46:09 -05:00
Michael J. Simons 5903f2dd9b Fix UserDetailsPasswordService JavaDoc 
* Fix typo
* Clarify that `newPassword` is already an encoded password
 2019-08-16 06:45:28 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer bbefc491b2 unused imports 2019-08-09 16:59:07 -05:00
Lars Grefer 25c06be1eb Java 7: Identical 'catch' branches in 'try' statement 2019-08-09 16:59:07 -05:00
Lars Grefer 5e44a249f8 Java 5: while-loop replaceable with foreach 2019-08-09 16:59:07 -05:00
Lars Grefer d9c1f03b84 Unnecessary interface modifier 2019-08-09 00:42:35 +02:00
Lars Grefer 8d0ca14e55 Unnecessary conversion to String 2019-08-09 00:41:46 +02:00
Lars Grefer eddcd1622f Type parameter extends Object 
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
 2019-08-09 00:40:13 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Jeffrey Morlan a17d66463d Fix race condition in SessionRegistryImpl 
Adding/removing sessions from principals wasn't atomic. If one thread
removed the last session from a principal while another thread added a
new one, the addition could be lost.

Fixes gh-3189
 2019-08-06 13:45:50 -05:00
Lars Grefer 2056834432 Cleanup unnecessary unboxing 
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
 2019-08-06 10:17:38 -04:00
Eddú Meléndez Gonzales 8e6e975e86 Prevent authentication when user is inactive for reactive apps 
Currently, reactive applications doesn't perform validation when user
is locked, disabled or expired. This commit introduces these validations.

Fixes gh-7113
 2019-07-29 11:03:05 -04:00
Pavel Horal be0ad673c2 Make RoleHierarchyImpl internals a bit simpler. 
Issue: gh-7035
 2019-07-12 18:42:44 +02:00
Karel Maxa d3eaef66fc Fix infinite loop in role hierarchy resolving 
Issue: gh-7035
 2019-07-11 15:43:26 +02:00