Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 13:53:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,571 Commits 55 Branches 348 Tags
Commit Graph

8571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
James
ee6df1701b
Polish SessionManagementConfigurer 2020-01-31 11:24:36 -07:00
Josh Cummings
cb9fd09150
Change AuthenticationWebFilter's constructor 
Fixes gh-7872
 2020-01-31 09:31:28 -07:00
Josh Cummings
7550907e03
Polish OAuth2AccessTokenResponse converters 
Since these converters no longer have a direct reference to the HTTP
stack, it would be better to move them into another package. Also, now
that the converters are public, we should follow the prevailing
converter naming convention, which is to call it STConverter for an
implementation of Converter<S, T>.
 2020-01-30 16:42:44 -07:00
Nikita Konev
704f98688d
Make OAuth2AccessTokenResponse converters public 2020-01-30 16:42:44 -07:00
Josh Cummings
d22b476983
Polish ProviderManager 
Updated copyright date range and adjusted constructor order to better
match DelegatingReactiveAuthenticationManager

Fixes gh-7713
 2020-01-30 16:08:01 -07:00
Thomas Vitale
ace89e12f2 Make code cleaner in ProviderManagerTests 2020-01-30 16:07:24 -07:00
Thomas Vitale
5ce60022d3 ProviderManager should have a varargs constructor 
- Added varargs constructor to ProviderManager.
- Added check for null values in AuthenticationProvider list.
- Updated ProviderManagerTests to test for null values using both constructors.

Fixes gh-7713
 2020-01-30 16:07:24 -07:00
Josh Cummings
df8feb8919
Update JettyCasService 
Align with changes to Jetty's SslContextFactory

Issue gh-7874
 2020-01-30 11:25:44 -07:00
Josh Cummings
50d8200348
Update cas-server-webapp to 4.0.7 
Did not update to the latest as there is some work involved in
aligning the casserver sample's XML configuration with the latest
cas-server-webapp.

Fixes gh-7874
 2020-01-30 11:24:16 -07:00
Eleftheria Stein
a512789a93 Fix requiresAuthenticationMatcher not being used 
The custom server requiresAuthenticationMatcher was not always picked up

Fixes: gh-7863
 2020-01-27 16:12:27 +01:00
Eleftheria Stein
29377545d9 Fix authenticationFailureHandler not being used 
The custom server authenticationFailureHandler was not always picked up

Fixes: gh-7782
 2020-01-27 13:10:03 +01:00
Peter Keller
e62fb755e8 Set charset of BasicAuthenticationFilter converter 
Allow BasicAuthenticationFilter to pick up the given credentials charset.

Fixes: gh-7835
 2020-01-23 15:34:35 +01:00
Eleftheria Stein
a2fb2c91c2 Kotlin examples in documentation 
Issue: gh-5558
 2020-01-22 14:36:34 +01:00
Eleftheria Stein
9740b5920b Load LDIF file from classpath in unboundId mode 
Fixes: gh-7833
 2020-01-21 09:52:30 -06:00
Eleftheria Stein
57fba90c0e Fix LDIF file example in LDAP docs 
Fixes: gh-7832
 2020-01-20 10:24:20 +01:00
Rob Winch
e93fb9904e Update to Gradle 6.1 2020-01-17 19:22:13 -06:00
Rob Winch
a03bfe63fd Remove in favor of ManagementConfigurationPlugin 2020-01-17 19:22:13 -06:00
Johannes Edmeier
bdc60a9128 Don't cache requests with Accept: text/event-stream by default. 
The eventstream requests is typically not directly invoked by the browser.
And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..
 2020-01-17 10:42:16 -08:00
Rob Winch
1ae3ec3f8a Revert "Update to Gradle 6.1" 
This reverts commit 7f9715d9513280339065a329f52dbc09b0b2aad3.
 2020-01-16 19:32:46 -06:00
Phil Clay
e5fca61810 Introduce Reactive OAuth2Authorization success/failure handlers 
All ReactiveOAuth2AuthorizedClientManagers now have authorization success/failure handlers.
A success handler is provided to save authorized clients for future requests.
A failure handler is provided to remove previously saved authorized clients.

ServerOAuth2AuthorizedClientExchangeFilterFunction also makes use of a
failure handler in the case of unauthorized or forbidden http status code.

The main use cases now handled are
- remove authorized client when an authorization server indicates that a refresh token is no longer valid (when authorization server returns invalid_grant)
- remove authorized client when a resource server indicates that an access token is no longer valid (when resource server returns invalid_token)

Introduced ClientAuthorizationException to capture details needed when removing an authorized client.
All ReactiveOAuth2AccessTokenResponseClients now throw a ClientAuthorizationException on failures.

Created AbstractWebClientReactiveOAuth2AccessTokenResponseClient to unify common logic between all ReactiveOAuth2AccessTokenResponseClients.

Fixes gh-7699
 2020-01-16 15:24:55 -05:00
Rob Winch
7f9715d951 Update to Gradle 6.1 
Fixes gh-7838
 2020-01-16 11:18:01 -06:00
Rob Winch
a769f6a0c4 Polish LDAP Authentication 
Issue gh-7628
 2020-01-16 09:38:40 -06:00
Josh Cummings
f1f158b37e AuthenticationEventPublisher DSL Lookup 
Fixes gh-4400
 2020-01-14 12:07:46 -07:00
Josh Cummings
5579846263 AuthenticationEventPublisher Bean Lookup 
Issue gh-7793
Fixes gh-7515
 2020-01-14 12:07:46 -07:00
James Howe
fc9b97c94a Typo in doc 2020-01-14 08:32:26 -07:00
Josh Cummings
982f3f902c
Add oauth2Login Reactive Test Support 
Fixes gh-7828
 2020-01-13 17:49:52 -07:00
Rob Winch
841275e152 Polish Username Password Storage wording 
Issue gh-7801
 2020-01-13 16:40:12 -06:00
Rob Winch
c4a0ed0db5 Fix indentation of user-details-service.adoc 
Issue gh-7801
 2020-01-13 16:40:05 -06:00
Rob Winch
2e2974fc13 Add Dependency Versions to Asciidoctor 
Add dependency versions to asciidoctor and
spring-version -> spring-core-version

Issue gh-7801
 2020-01-13 16:39:57 -06:00
Rob Winch
38c2010d21 Remove println from springVersion 
Issue gh-7801
 2020-01-13 16:39:50 -06:00
Filip Hanik
6a28d9eee7 Use latest documentation plugin 2020-01-13 12:19:57 -08:00
Vincent Ricard
f0856c83a9 Migrate LDAP integration tests groovy->java 
This commit also removes BaseSpringSpec

Issue: gh-4939
 2020-01-13 14:18:25 +01:00
Onur Kağan Özcan
1f6381d970 Set secure on cookie when logging out 
Mark cookie secure flag to ensure cookie identity is the same
 2020-01-13 11:01:33 +01:00
Josh Cummings
8f1d0cf528
opaqueToken MockMvc Configuration Order 
Fixes gh-7800
 2020-01-10 16:47:31 -07:00
Rob Winch
ad7c44f7fd Add More role=primary/secondary 
Issue gh-7801
 2020-01-10 10:58:24 -06:00
Rob Winch
729da6463f Fix appendix-schema id 2020-01-10 10:58:24 -06:00
Eleftheria Stein
1e33627d87 Use standard lambda syntax in documentation 
Fixes: gh-7774
 2020-01-10 13:12:17 +01:00
Josh Cummings
a35ce77451
Add missing PowerMockIgnore annotation 
WebSecurityConfigurerAdapterPowermockTests needs to exclude
javax.xml.transform.* from Powermock configuration.
 2020-01-09 15:48:08 -07:00
Josh Cummings
ba21c156dd
Polish WebSecurityConfigurerAdapter tests 
Moved Powermock-dependent test over to
WebSecurityConfigurerAdapterPowermockTests.
 2020-01-09 13:51:19 -07:00
Rob Winch
ffccec953f Fix HttpHeaderWriterWebFilterTests 
Ensure setComplete() is subscribed to
 2020-01-09 14:24:35 -06:00
Rob Winch
3fb87d10e9 Add role=primary/secondary example 
Issue gh-7801
 2020-01-09 12:05:20 -06:00
Rob Winch
b85b4b8643 spring-build-conventions:0.0.28.BUILD-SNAPSHOT 
Fixes gh-7801
 2020-01-09 12:05:06 -06:00
Rob Winch
04b6096d19 Fix Asciidoctor Warnings 
Issue gh-7801
 2020-01-09 12:04:58 -06:00
Eleftheria Stein
fcc6457bef Unlock dependencies for next development version 
This reverts commit 93acf8f0f11e2811b7d4241b26f712674978f3f7.
 2020-01-08 22:15:17 +01:00
Eleftheria Stein
d68a82e716 Next Development Version 2020-01-08 22:10:35 +01:00
Eleftheria Stein
7af26f12dc Release 5.3.0.M1 5.3.0.M1 2020-01-08 21:42:46 +01:00
Eleftheria Stein
3cc9dfcd9f Disable locks in snapshot pipeline task 
Fixes: gh-7798
 2020-01-08 21:12:19 +01:00
Eleftheria Stein
c0d78a32f1 Allow disabling dependency locking 
Fixes: gh-7799
 2020-01-08 21:11:00 +01:00
Eleftheria Stein
93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Eleftheria Stein
2cf9e57fa4 Restrict cas-server version 
Issue: gh-7788
 2020-01-08 17:18:30 +01:00