8a28a27225
Formatting Polish
2016-04-19 14:24:11 -05:00
1dbd3f5906
Fix NPE in OnCommittedResponseWrapper trackContentLength ( #3824 )
...
OnCommittedResponseWrapper trackContentLength will throw a
NullPointerException when the content length passed in is null.
This commit properly tracks the null value as a length of 4.
Fixes gh-3823
2016-04-19 14:58:56 -04:00
a5a8aeb550
Message SecurityExpressionHandler is post processed ( #3820 )
...
Previously the SecurityExpressionHandler for message based configuration
did not have a beanResolver set.
This commit post processes the default message SecurityExpressionHandler
to ensure the beanResolver is set.
Fixes gh-3797
2016-04-19 13:21:58 -04:00
c872a77ad1
RoleHiearchy Bean used in GlobalMethodSecurity ( #3394 )
...
Previously it required quite a bit of extra work to use RoleHiearchy
within Java Based Spring Security configuration.
Now if a single RoleHiearchy Bean is defined it will automatically
be picked up and used by method security.
Fixes gh-3394
2016-04-19 12:47:38 -04:00
933a7e8363
Remove duplicate words
...
Fixes gh-3826
2016-04-18 23:21:20 -05:00
fb5776cb5c
Support Camel case URI variables ( #3814 )
...
Perviously there were issues with case insenstive patterns and URI
variables that contained upper case characters. For example, the pattern
"/user/{userId}" could not resolve the variable #userId Instead it was
forced to lowercase and #userid was used.
Now if the pattern is case insensitive then so is the variable. This means
that #userId will work as will #userid.
Fixes gh-3786
2016-04-18 17:54:48 -04:00
b01437281d
Bouncy Castle 1.47 Support
...
This forces us to avoid using CipherOutputStream, and instead use the
BlockCiphers directly. As an extra measure for correctness, test the
equivalence of the BC implementations against data sizes from 1 to 2048
bytes.
Fixes gh-2917
2016-04-18 08:35:57 -05:00
81c9fa805f
Fix AuthenticationPrincipalArgumentResolver xml doc
...
Fixes gh-3771
2016-04-15 16:06:17 -05:00
337a7ed35e
Fix HeaderWriterFilter Javadoc
...
Fixes the formatting and spelling in HeaderWriterFilter Javadoc
Issue gh-3813
2016-04-15 08:56:58 -05:00
cad81d0e18
Update TestNG
...
This commit updates the TestNG dependency to 6.8.21. This
is the last JDK 1.6 supporting version. The update of TestNG
makes it possible to run the integration tests from within
Intellij allowing for easier debugging and troubleshooting.
Issue gh-3811
2016-04-15 08:55:15 -05:00
eb26095ca9
Fix HpkpHeaderWriter Javadoc format
2016-04-15 08:41:43 -05:00
44fa624b6b
Refactor test assumptions about JCE to common class. ( #3817 )
...
Apply assumptions directly to test methods instead of checking for key
length in crypto.gradle.
2016-04-14 17:02:31 -05:00
b6800bdb4d
Update ExpressionUrlAuthorizationConfigurer Error Message
...
Update error message
2016-04-14 15:33:48 -05:00
40208127e8
Skip tests when AesBytesEncryptor can't be created in CBC or GCM mode. ( #3816 )
...
Tests would fail in cases where JCE unlimited strength was available but
GCM wasn't, like on JDK7.
2016-04-14 15:21:20 -05:00
59db9413aa
Add SpEL Bean reference test ( #3815 )
...
Issue gh-3797
2016-04-14 12:11:40 -05:00
63b2cfe1cf
Bouncy Castle implementations of AES-256
...
Adds "AES/CBC/PKCS5Padding" and "AES/GCM/NoPadding"
Fixes gh-2917
2016-04-13 16:28:55 -05:00
6f169267c4
HttpSecurity comparitor->comparator
...
Rename HttpSecurity's comparitor to comparator
Fixes gh-3810
2016-04-13 15:04:22 -05:00
a7fb6d2e58
Add HttpSecurity.addFilterAt ( #3809 )
...
Fixes gh-3784
2016-04-13 16:01:25 -04:00
2ef3da1b47
Documents the new @AuthenticationPrincipal in more detail.
...
Fixes gh-3771
2016-04-13 12:27:23 -04:00
95a3e30d9f
Polish Pbkdf2PasswordEncoder
...
Fixes gh-2158
Fixes gh-51
2016-04-12 17:16:38 -05:00
0ab7126e64
Added PBKDF2PasswordEncoder.
...
- Also moved some logic into a new class, AbstractPasswordEncoder.
Both PBKDF2PasswordEncoder and the now-simplified
StandardPasswordEncoder extend AbstractPasswordEncoder.
- Added tests for PBKDF2PasswordEncoder
Issue gh-2158
2016-04-12 17:16:38 -05:00
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
e9cb92bb74
Add GitHub Pull Request template
...
Added a Pull Request template for GitHub
2016-04-12 16:08:16 -05:00
b82df4ecf3
Add alwaysRemember to RememberMe Java Config
...
Allow setting alwaysRemember from RememberMeConfigurer
Fixes gh-180
2016-04-12 13:37:44 -05:00
bd0c8a7baa
Fix HttpSecurity logout JavaDoc
...
Removed error provoking extra logout() from example code
2016-04-12 13:24:40 -05:00
1d271184c9
Fix Documentation Formatting
...
Fix corrupted character and add formatting per the duplicated text
block
Fixes gh-193
2016-04-12 13:07:07 -05:00
8f7cf28435
Fix typos in documentation
...
Fixes gh-196
Fixes gh-3109
2016-04-12 12:59:21 -05:00
fe94d654ed
Fix typos ( #228 )
2016-04-12 11:11:51 -05:00
c57dba6b77
Fix typo in setMessageExpessionHandler ( #3803 )
2016-04-12 11:08:52 -05:00
b90242f2fa
Updates all POM versions to 4.1.0 snapshot build.
...
Fixes gh-3804
2016-04-12 10:35:43 -04:00
849c62b870
Disables doclint in Java 8 to prevent build error from javadoc task.
...
Fixes gh-3767
2016-04-11 18:19:30 -04:00
945a21a3fb
Use xml / javaconfig folders for samples
...
Fixes gh-3752
2016-04-11 09:47:06 -05:00
2c85fb05d0
Remove duplicate test.
...
Remove duplicate test with `trailingWildcardWithVariableMatchesCorrectly()`.
Fixes gh-183
2016-04-08 13:36:45 -05:00
4fd9fd2939
Update ISSUE_TEMPLATE.md
2016-04-08 09:30:50 -05:00
5bba6c9111
Create ISSUE_TEMPLATE.md
2016-04-08 09:29:44 -05:00
a5a5d9a1a9
Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities ( #3793 )
...
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)
Fixes gh-3791
2016-04-08 08:55:53 -05:00
d05fe8ec07
Fix typo in xsd
...
Fixes gh-3229
2016-04-05 09:47:48 -05:00
8abb882927
Rename poorly named withUser variable
...
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.
This commit renames the variables to withSecurityContext.
Fixes gh-3775
2016-04-01 10:27:14 -05:00
9c3db557dd
Add missing # in SpEL expression doc
...
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.
Fixes gh-3781
2016-04-01 10:21:17 -05:00
f49cd5faba
Polish Codestyle
2016-04-01 09:53:32 -05:00
d900c78f11
Perform null check on super.getAsyncContext()
...
Fixes gh-3780
2016-04-01 09:53:32 -05:00
14fb2276e2
Merge pull request #3773 from jgrandja/master
...
Includes reference to https://report-uri.io/ in CSP and HPKP docs
2016-03-30 13:23:24 -05:00
9e5cdbd133
Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation.
...
Fixes gh-3772
2016-03-30 12:12:43 -04:00
1bc7060c93
Add AuthenticationSuccessHandler support to AbstractPreAuthenticatedProcessingFilter
...
Fixes gh-3389
2016-03-25 09:46:16 -05:00
008b721a20
Next development version
2016-03-23 07:15:45 -07:00
044acf7e27
Release version 4.1.0.RC1
2016-03-23 07:15:15 -07:00
b3d26ed5d6
Add changelog in What's New
...
Issue gh-3768
2016-03-22 22:40:58 -05:00
bf9a837b9a
Polish What's New
...
Issue gh-3768
2016-03-22 22:37:52 -05:00
40b7fa5b72
Update Issues Link
...
Issue gh-3333
2016-03-22 22:37:52 -05:00
3e47531b19
Polish CSP reference
...
Issue gh-3763
2016-03-22 22:37:51 -05:00
Rob Winch
Rob Winch
Johnny Lim
Will Tran
Joe Grandja
Simon Olofsson
Marten Deinum
Andrew NS Yeow
Matthias Merdes
Joe Grandja
Rob Worsnop
Vedran Pavić
Leon Radley
Jeffrey Walraven
Art O Cathain
Soeun Park
Nicolai Ehemann
Eddú Meléndez Gonzales
Quinten De Swaef
Kamill Sokol
Shazin Sadakath
Spring Buildmaster