Marcus Da Coregio
a484044591
Merge branch '5.8.x' into 6.0.x
2023-04-17 07:29:42 -03:00
Marcus Da Coregio
6cf8c53aaa
Merge branch '5.7.x' into 5.8.x
2023-04-17 07:16:47 -03:00
Marcus Da Coregio
2d52fb8e4b
Clear Repository on Logout
2023-04-17 06:47:57 -03:00
Josh Cummings
4813ec1e09
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13000
2023-04-11 17:08:54 -06:00
Josh Cummings
dad1fba1bf
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12999
2023-04-11 17:02:16 -06:00
Christian Marck
442faccb5f
Avoid NPE in FilterInvocation
...
Handle unknown headers in dummy request wrapper.
Closes gh-12998
2023-04-11 17:01:59 -06:00
Josh Cummings
6db2b0dcd0
Align Filter Chain Observability Lineage
...
Closes gh-12849
2023-03-27 16:30:32 -06:00
Marcus Da Coregio
177514b6c5
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12919
2023-03-22 08:54:57 -03:00
Marcus Da Coregio
8d664bc4c2
DelegatingSecurityContextRepository should call loadContext
...
Closes gh-12314
2023-03-22 08:53:19 -03:00
Josh Cummings
3fbb64db96
Fix javax package
2023-03-20 16:28:52 -06:00
Josh Cummings
229325a0bb
Merge branch '5.8.x' into 6.0.x
2023-03-20 16:22:23 -06:00
Josh Cummings
a74008cc79
Merge branch '5.7.x' into 5.8.x
2023-03-20 16:20:46 -06:00
twosom
3d7e22a4e9
Add test to SimpleUrlAuthenticationSuccessHandlerTests
2023-03-20 16:20:30 -06:00
Josh Cummings
6935045172
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12909
2023-03-20 16:10:35 -06:00
twosom
abd51f7b63
Polished DefaultLoginPageGeneratingFilterTests Validation
...
Closes gh-12694
2023-03-20 15:31:59 -06:00
Marcus Da Coregio
cdc0fa0e5b
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12836
2023-03-07 13:28:31 -03:00
Marcus Da Coregio
2e92dad761
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12835
2023-03-07 13:27:57 -03:00
Marcus Da Coregio
84cca81edf
Use HttpSessionSecurityContextRepository by default in SwitchUserFilter
...
Closes gh-12834
2023-03-07 13:27:18 -03:00
Josh Cummings
c06e604278
Address Observability Thread Safety
...
Closes gh-12829
2023-03-06 12:46:23 -07:00
Josh Cummings
8ca726f4fa
Specify query string
...
Issue gh-12665
2023-02-14 08:24:07 -07:00
Josh Cummings
e7d65966fd
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12671
2023-02-14 08:01:31 -07:00
Josh Cummings
0d4c619648
Include continue in query string
...
Closes gh-12665
2023-02-14 08:00:19 -07:00
Steve Riesenberg
1363a4eece
Merge branch '5.8.x' into 6.0.x
2023-01-26 15:44:47 -06:00
Steve Riesenberg
c306df9b46
Add XorCsrfChannelInterceptor
...
Issue gh-12378
2023-01-23 16:00:35 -06:00
Josh Cummings
4d2dab9b6b
Lookup Parent Observation
...
Closes gh-12524
2023-01-11 10:13:33 -07:00
Steve Riesenberg
4e80338a9b
Polish gh-12466
2023-01-10 11:31:51 -06:00
Wellington Domiciano
2c8854bb7f
Adjusts setRequestHandler javadoc in CsrfFilter
...
Adjusts setRequestHandler method javadoc in CsrfFilter class to reflect
changes in 6.0.
In 6.0, the default CsrfTokenRequestHandler changed to
XorCsrfTokenRequestAttributeHandler, however, the javadoc for the
setRequestHandler method still said it was
CsrfTokenRequestAttributeHandler.
This change adjusts the information to make it more accurate, because,
although XorCsrfTokenRequestAttributeHandler is a subclass of
CsrfTokenRequestAttributeHandler, the behavior is quite different.
Closes gh-12464
2023-01-10 11:31:51 -06:00
Marcus Da Coregio
d1fc789ae2
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12511
2023-01-10 09:42:48 -03:00
Marcus Da Coregio
ae46032ced
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12510
2023-01-10 09:39:40 -03:00
Marcus Da Coregio
ffdb397830
Save the SecurityContext when switching user
...
Closes gh-12504
2023-01-10 09:27:56 -03:00
Josh Cummings
c308e4665a
Polish Event Name
...
Provide a name with no spaces separate from the human-friendly
one with spaces.
Closes gh-12490
2023-01-06 11:13:11 -07:00
Wellington Domiciano
27b3f4d403
Adjusts setRequestHandler javadoc in CsrfWebFilter
...
Adjusts setRequestHandler method javadoc in CsrfWebFilter class to reflect changes in 6.0.
In 6.0, the default ServerCsrfTokenRequestHandler changed to XorServerCsrfTokenRequestAttributeHandler, however, the javadoc for the setRequestHandler method still said it was ServerCsrfTokenRequestAttributeHandler.
This change adjusts the information to make it more accurate, because, although XorServerCsrfTokenRequestAttributeHandler is a subclass of ServerCsrfTokenRequestAttributeHandler, the behavior is quite different.
Closes gh-12465
2023-01-04 10:53:47 -07:00
Marcus Da Coregio
898c36287c
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12368
2022-12-12 16:55:14 -03:00
Marcus Da Coregio
99d6d21554
Apply SecurityContextHolderFilter to all dispatcher types
...
Closes gh-11962
2022-12-12 11:45:24 -08:00
Josh Cummings
701f754e37
Cast FilterChainObservationContext Safely
...
Closes gh-12268
2022-11-29 16:24:56 -07:00
Steve Riesenberg
fd547321e8
Default to XorCsrfTokenRequestAttributeHandler
...
As of gh-11960, Xor CSRF tokens are the default in 6.0. This commit
makes CsrfAuthenticationStrategy consistent with CsrfFilter.
Issue gh-11960
Closes gh-12235
2022-11-18 22:50:26 -06:00
Steve Riesenberg
5da78f44f2
Merge branch '5.8.x'
2022-11-18 14:54:33 -06:00
Steve Riesenberg
2ed7cff643
Check for existing token before clearing
...
Closes gh-12236
2022-11-18 13:12:59 -06:00
Josh Cummings
24860d9fb0
Observe Filter Start and Stop
...
Issue gh-11911
2022-11-17 15:11:29 -07:00
Josh Cummings
e08ed89403
Polish Span and Meter Names
...
Closes gh-12156
2022-11-17 15:09:52 -07:00
Marcus Da Coregio
063f06e7bf
Register FilterChainProxy for all dispatcher types
...
Closes gh-12180
2022-11-16 09:55:21 -03:00
Steve Riesenberg
1a3be83084
Merge branch '5.8.x'
...
Closes gh-12185
2022-11-09 12:28:37 -06:00
Steve Riesenberg
57b163bb78
Polish gh-12141
2022-11-09 12:19:43 -06:00
Marcus Da Coregio
2a261e0583
Add Jakarta WebSocket 2.1 test dependency to spring-security-web
...
Issue gh-12148
2022-11-08 09:54:34 -03:00
Marcus Da Coregio
3b5d19c8a4
Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1
...
Closes gh-12146
Closes gh-12148
2022-11-08 08:34:21 -03:00
Steve Riesenberg
36f668dd9c
Merge branch '5.8.x'
...
Closes gh-12142
2022-11-04 18:12:34 -05:00
Steve Riesenberg
6b0ed0205b
Re-generate tokens in CookieCsrfTokenRepository
...
Fixes support for re-generating tokens within a request such as when
CsrfAuthenticationStrategy removes a null token and saves an empty
cookie value on the response.
Closes gh-12141
2022-11-04 18:10:15 -05:00
Steve Riesenberg
801ceb0832
Merge branch '5.8.x'
2022-10-31 08:58:14 -05:00
Steve Riesenberg
66f2f1cde7
Merge branch '5.7.x' into 5.8.x
2022-10-31 08:55:03 -05:00
Steve Riesenberg
2915a70bf7
Merge branch '5.6.x' into 5.7.x
2022-10-28 13:05:48 -05:00