Commit Graph

10172 Commits

Author SHA1 Message Date
Josh Cummings 8a03d1fcec Add AuthorizationManager to Messaging
Closes gh-11076
2022-05-27 12:20:48 -06:00
Evgeniy Cheban 495028eb85 Some Security Expressions cause NPE when used within Query annotation
Added trustResolver, roleHierarchy, permissionEvaluator, defaultRolePrefix
fields to SecurityEvaluationContextExtension along with setter methods to override defaults.

Closes gh-11196
2022-05-26 14:35:40 -05:00
Juny Tse 16664dcdbd
Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 11:43:50 -06:00
Josh Cummings 53e509f0c6
Remove duplicate check
Closes gh-11192
2022-05-23 16:00:15 -06:00
Josh Cummings b51c71c3b3
Use original query string to verify signature
Closes gh-11235
2022-05-23 13:56:28 -06:00
Josh Cummings 5adb6e25a3
Correctly encode query parameters
Issue gh-11235
2022-05-20 17:46:40 -06:00
Evgeniy Cheban 362f15534e createEvaluationContext should defer lookup of Authentication
- Added createEvaluationContext method that accepts Supplier<Authentication>
- Refactored classes that use EvaluationContext to use lazy initialization of Authentication

Closes gh-9667
2022-05-18 17:34:14 -06:00
Rob Winch 7d97839235 StrictHttpFirewall allows CJKV characters
Closes gh-11264
2022-05-18 09:53:29 -05:00
Ulrich Grave 9b874bcde2 Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest
Closes gh-11195
2022-05-17 16:21:54 -06:00
Rob Winch 538252cf07 AntRegexRequestMatcher Optimization
Closes gh-11234
2022-05-16 10:22:30 -05:00
Rob Winch 04ca7ef91b Extract rejectNonPrintableAsciiCharactersInFieldName
Closes gh-11234
2022-05-16 10:22:30 -05:00
Josh Cummings ffaf5b4e61
Polish WebExpressionAuthorizationManager
- Add support for request variables
- Added additional tests

Issue gh-11105
2022-05-13 13:53:38 -06:00
Evgeniy Cheban 07b0be3f42 Add AuthorizationManager that uses ExpressionHandler
Closes gh-11105
2022-05-13 13:52:49 -06:00
Evgeniy Cheban 3f861f7f20
Polish gh-11188 2022-05-12 16:20:43 -05:00
Marcus Da Coregio 032fdcefdf Point to samples branch 5.8.x
Closes gh-11203
2022-05-12 11:16:23 -03:00
Marcus Da Coregio b544159226 Use properties in the checkSamples job
Issue gh-10344
2022-05-11 16:12:36 -03:00
Marcus Da Coregio 723648af00 Add initScripts and projectProperties to IncludeCheckRemotePlugin
Issue gh-10344
2022-05-11 16:12:36 -03:00
Evgeniy Cheban 9f669c5e3c
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager
Closes gh-11188
2022-05-09 16:05:04 -06:00
Marcus Da Coregio 18c220c870 Update copyright headers
Issue gh-10956
2022-05-06 14:26:29 -03:00
Marcus Da Coregio 18345feeed Fix mvcMatchers overriding previous paths
Closes gh-10956
2022-05-06 14:26:29 -03:00
Marcus Da Coregio ce86f4e4b5 Polish ServerWebExchangeDelegatingServerHttpHeadersWriter
Issue gh-11073
2022-05-06 09:51:28 -03:00
David Herberth 57cededd49 Add DelegatingServerHttpHeadersWriter
Servlet Spring Security has DelegatingRequestMatcherHeaderWriter
the reactive world of Spring Security was missing a class to
conditionally write headers.

Closes gh-11073
2022-05-06 09:51:28 -03:00
Josh Cummings 13795cdec1
Polish Relay State Resolver
Issue gh-11065
2022-05-05 17:28:30 -06:00
sebastiano 4dfc349914
Allow custom relay state
Closes gh-11065
2022-05-05 17:26:39 -06:00
Rob Winch 768267c131 Fix WebSessionReactiveSecurityRepository Supports Cache
Fix the checkstyle for this feature

Closes gh-8422
2022-05-03 21:09:41 -05:00
Rob Winch dbe7e37f2b WebSessionReactiveSecurityRepository Supports Cache 2022-05-03 16:40:51 -05:00
Rob Winch 6420cf28a9 Multiple <authentication-manager> Do Not Duplicate Alias
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
2022-05-03 14:52:22 -05:00
Evgeniy Cheban 66bbfc7a50 @EnableMethodSecurity doesn't resolve Method Security annotations on interfaces through a Proxy
Removed proxy unwrapping in case of resolving Method Security annotations,
this cause an issue when interfaces which are implemented by the proxy was skipped,
resulting in a missing security checks on those methods.

Closes gh-11175
2022-05-03 13:17:23 -05:00
Ulrich Grave 3cbb60750d Add Jackson Support for Saml2AuthenticationException
Closes gh-11169
2022-05-02 17:41:52 -05:00
Josh Cummings 0e9228d10a
Prepare for Spring Security 5.8 2022-05-02 16:34:23 -06:00
Eleftheria Stein 5ac5edc2e6 Detect UserDetailsService bean in X509 configuration
Closes gh-11174
2022-04-28 14:47:18 +02:00
Eleftheria Stein d40c15e09e Update remember me Javadocs
Describe the new behaviour for retrieving the UserDetailsService

Issue gh-11170
2022-04-28 14:13:52 +02:00
Marcus Da Coregio e94adedb94 Add shouldFilterAllDispatcherTypes to Kotlin DSL
Closes gh-11153
2022-04-28 08:19:20 -03:00
Eleftheria Stein 8e34cedcfe Detect UserDetailsService bean in remember me
Closes gh-11170
2022-04-28 12:43:13 +02:00
nor-ek a3e7e54b70 Security Context Dsl
Closes gh-11039
2022-04-26 17:34:44 +02:00
Marcus Da Coregio 23594b3d01 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator
Issue gh-10908
2022-04-25 09:42:00 -03:00
Marcus Da Coregio 97acbcc2d0 Exclude duplicate issues from changelog
Closes gh-11154
2022-04-20 09:02:55 -03:00
Rob Winch 6c8f64d2bd Next Development Version 2022-04-18 14:55:35 -05:00
Rob Winch e80b3cc5a2 Release 5.7.0-RC1 2022-04-18 14:50:15 -05:00
Rob Winch 8a54cea6f0 Revert to aspectj-plugin-6.4.1
There appears to be an issue with publication of aspectj plugin, so
this commit reverts to a previous working version.

See https://github.com/freefair/gradle-plugins/issues/511
2022-04-18 14:03:14 -05:00
Rob Winch 2b858f9371 Use gradlePluginPortal() 2022-04-18 14:02:21 -05:00
Rob Winch f52bf98350 Update org.springframework to 5.3.19
Closes gh-11152
2022-04-18 13:38:21 -05:00
Rob Winch e223d23e84 Update org.jetbrains.kotlinx to 1.6.1
Closes gh-11151
2022-04-18 13:38:19 -05:00
Rob Winch 6e5b2f23a9 Update org.jetbrains.kotlin to 1.6.20
Closes gh-11150
2022-04-18 13:38:17 -05:00
Rob Winch 0803a9e09d Update hibernate-entitymanager to 5.6.8.Final
Closes gh-11149
2022-04-18 13:38:14 -05:00
Rob Winch 359137dfae Update org.eclipse.jetty to 9.4.46.v20220331
Closes gh-11148
2022-04-18 13:38:12 -05:00
Rob Winch a62bdd15b4 Update org.aspectj to 1.9.9.1
Closes gh-11147
2022-04-18 13:38:10 -05:00
Rob Winch 694ceb3fb1 Update io.rsocket to 1.1.2
Closes gh-11146
2022-04-18 13:38:08 -05:00
Rob Winch 0989652a33 Update io.projectreactor to 2020.0.18
Closes gh-11144
2022-04-18 13:38:03 -05:00
Rob Winch 70aa33b914 Update aspectj-plugin to 6.4.2
Closes gh-11143
2022-04-18 13:38:01 -05:00