5de6da890b
Merge branch '5.8.x'
...
Closes gh-dry-run
2022-10-04 11:18:00 -05:00
475b3bb6bb
Add deferred CsrfTokenRepository.loadDeferredToken
...
* Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken>
* Move RepositoryDeferredCsrfToken to top-level and make package-private
* Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse)
* Update CsrfFilter
* Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler
Issue gh-11892
Closes gh-11918
2022-10-03 17:10:54 -05:00
7c3cc1e386
Merge branch '5.8.x'
2022-10-03 14:29:51 -05:00
0e215a21ad
Add X-Xss-Protection headerValue to XML config
...
Issue gh-9631
2022-10-03 14:29:34 -05:00
ad2abd39dc
Merge branch '5.8.x'
...
Closes gh-11347 in 6.0.x
Closes gh-11945
2022-10-03 16:02:18 -03:00
039e0328e1
Simplify Java Configuration RequestMatcher Usage
...
If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity
Closes gh-11347
Closes gh-9159
2022-10-03 15:55:20 -03:00
bf59d7c374
Update What's New for 5.8
2022-10-03 10:05:25 -05:00
43a1f8249c
Update What's New for 6.0
2022-09-29 15:57:48 -05:00
4d62621094
Merge branch '5.8.x'
2022-09-29 14:09:21 -05:00
7b1158ddb7
Merge branch '5.7.x' into 5.8.x
2022-09-29 14:09:10 -05:00
70c61dc1dd
Merge branch '5.6.x' into 5.7.x
2022-09-29 14:08:17 -05:00
c44230ba24
switch to offical Antora plugin for Gradle
...
- lock version to latest release of Antora 3.1
- rename properties on extension block
- use Node.js version provided by plugin
- remove package.json file
- assign environment variables using environments property on extension block
- use single quotes where possible in build script
- use default setting for log format
2022-09-29 14:05:09 -05:00
6c6aedf772
Update What's New for 6.0
2022-09-26 10:07:50 -05:00
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
c0e784b16d
Update What's New for 6.0
2022-09-26 09:48:52 -05:00
bcb21c9384
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
2022-09-23 15:39:43 -05:00
46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver
...
Closes gh-11896
2022-09-23 15:09:00 -05:00
0efe26c1fd
Merge branch '5.8.x'
...
Closes gh-11894
2022-09-22 13:47:04 -05:00
d94677f87e
CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
...
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.
Closes gh-11892
2022-09-22 11:09:44 -05:00
70460ca009
Adjust OAuth2 Resource Server packaging
...
Closes gh-7349
2022-09-20 17:44:05 -06:00
61c80bcac5
Move Saml2 Authentication Filters
...
Closes gh-8819
2022-09-20 17:18:05 -06:00
48e31f87e4
Remove Deprecated OpenSAML 3 Support
...
Closes gh-10556
2022-09-20 16:57:38 -06:00
983ca6ea27
Update What's New for 5.8
2022-09-20 08:33:38 -03:00
2b4a3a85f9
Update What's New for 6.0
2022-09-20 08:33:11 -03:00
9564f1b5e4
Next development version
2022-09-19 16:55:17 +00:00
009032e03c
Next development version
2022-09-19 15:47:44 +00:00
dcbe900ff8
Release 5.8.0-M3
2022-09-19 15:24:11 +00:00
a0a92b81f7
Release 6.0.0-M7
2022-09-19 15:23:23 +00:00
8f44f74d44
Update What's New for 5.8
2022-09-14 15:13:41 -05:00
70eea8dc67
Update What's New for 5.8
2022-09-14 14:58:48 -05:00
2431dd1103
Merge branch '5.8.x'
2022-09-13 17:38:10 -05:00
355ef21117
Polish gh-11665
2022-09-13 16:45:39 -05:00
1efb63387f
Add authentication converter for introspected tokens
...
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).
The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).
The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.
Closes gh-11661
2022-09-13 16:45:36 -05:00
3387149a0f
repurpose 5.6.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:41:12 -05:00
3e42119f84
repurpose 5.7.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:37:13 -05:00
ab9ed26ad2
repurpose 5.8.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 14:40:56 -05:00
d22ee32c7d
reconfigure branch for local builds and as scheduler for docs workflows
...
- set up placeholder and trigger for Deploy Docs workflow in docs-build branch
- set up placeholder and trigger for Rebuild Search Index workflow in docs-build branch
- remove obsolete Deploy Reference workflow
- upgrade Antora to 3.1
- reconfigure docs build for local build only
- add patch to support using linked worktree as Antora content source
- remove Antora extensions only needed for the production docs build
2022-09-09 12:57:00 -05:00
5ae492b1c1
Add What's New @WithMockUser Supported as Merged Annotation
2022-09-08 09:49:00 -05:00
d996c2a2c6
Remove unsafe/deprecated `Encryptors.querableText(CharSequence,CharSequence)`
...
This method is insecure. Users should instead encrypt with their database.
Closes gh-8980
2022-09-07 13:51:58 -05:00
ed41a60aae
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
# config/src/test/resources/org/springframework/security/config/http/DeferHttpSessionTests-Explicit.xml
# web/src/main/java/org/springframework/security/web/csrf/CsrfFilter.java
2022-09-06 11:51:55 -05:00
86fbb8db07
Add new interfaces for CSRF request processing
...
Issue gh-4001
Issue gh-11456
2022-09-06 11:43:33 -05:00
e17989d92d
Merge branch '5.8.x'
2022-09-01 09:39:33 -03:00
ff6fd78d64
Merge branch '5.7.x' into 5.8.x
2022-09-01 09:39:10 -03:00
0a08a23423
Merge branch '5.6.x' into 5.7.x
2022-09-01 09:38:33 -03:00
8b74bf9742
Updated reference to architecture page
...
In the context of Servlet Authentication page, "Architecture" should probably link to "Servlet Authentication Architecture" page
2022-09-01 09:38:10 -03:00
8474acebf2
Merge branch '5.8.x'
2022-08-29 15:12:48 -05:00
568277f8bc
Mistake in Kotlin code representation is fixed
2022-08-29 15:11:10 -05:00
b1fd9af723
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-26 16:01:40 -06:00
0f58620643
Add AspectJ AuthorizationManager Support
...
Closes gh-11326
2022-08-26 15:59:08 -06:00
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-25 14:46:48 -06:00
070dce1baf
Document ReactiveMethodSecurity improvements
...
Issue gh-9401
2022-08-25 14:36:03 -06:00
27ce5936cf
Add Caveat about Spring Security's co-routine support
...
Closes gh-10920
2022-08-25 14:36:02 -06:00
81d6b6df6c
Add Explicit SessionAuthenticationStrategy Option
...
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.
This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.
Closes gh-11455
2022-08-18 17:38:03 -05:00
89f8310d6c
Add Explicit SessionAuthenticationStrategy Option
...
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.
This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.
Closes gh-11455
2022-08-18 17:00:47 -05:00
13feb87171
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:36 -06:00
d93bde7465
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:06 -06:00
e3d85881e9
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:48:14 -06:00
9f6d9c2b84
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:44:34 -06:00
8ad20b1768
Add CsrfFilter.csrfRequestAttributeName
...
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.
This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.
Issue gh-11699
2022-08-16 13:47:31 -05:00
5b64526ba9
Add CsrfFilter.csrfRequestAttributeName
...
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.
This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.
Issue gh-11699
2022-08-15 17:07:02 -05:00
1510460a1a
Next development version
2022-08-15 16:14:19 +00:00
db74e9d128
Next development version
2022-08-15 16:07:33 +00:00
c188b70c88
Next development version
2022-08-15 16:06:45 +00:00
4559d269e0
Release 5.6.7
2022-08-15 15:25:05 +00:00
173d74d693
Release 5.7.3
2022-08-15 15:24:54 +00:00
063e56ce8b
Release 5.8.0-M2
2022-08-15 15:24:27 +00:00
425b3501b7
Remove `@Configuration` from `@Enable*` Annotations
...
This removes `@Configuration` from all `@Enable` Annotations and explicitly
adds `@Configuration` to wherever the `@Enable*` Annotations are used.
Closes gh-11653
2022-08-09 17:00:24 -05:00
a5069d7e35
Fix Add @Configuration to @Enable*Security Usage
...
Issue gh-6613
2022-08-09 17:00:16 -05:00
2e66b9f6cc
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:44:01 -05:00
efaee4e56b
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:35:49 -05:00
040111ae9e
Remove Configuration meta-annotation from Enable* annotations
...
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
2022-07-30 03:48:42 +02:00
a72c5a55db
Revert "Remove @Configuration from webflux config examples"
...
This reverts commit aec9effb88
2022-07-26 16:46:01 -05:00
aec9effb88
Remove @Configuration from webflux config examples
2022-07-26 16:34:10 -05:00
0d3c3c676d
"Well-Know" should be "Well-Known"
2022-07-26 15:45:27 -05:00
06aa3362dd
"Well-Know" should be "Well-Known"
2022-07-26 15:44:41 -05:00
3b9f5ac77b
"Well-Know" should be "Well-Known"
2022-07-26 15:41:38 -05:00
2a336d4f49
"Well-Know" should be "Well-Known"
2022-07-26 15:41:05 -05:00
0c549ee147
Use SHA256 by default in Remember Me
...
Closes gh-11520
2022-07-25 10:33:12 -03:00
0f64d4c091
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 14:04:16 -03:00
7c7751635d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:56:41 -03:00
5322352427
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:49:21 -03:00
db9d60e82d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:47:07 -03:00
bf138c5154
Next development version
2022-07-18 17:05:25 +00:00
79912a0a44
Release 6.0.0-M6
2022-07-18 13:29:25 -03:00
860c669666
Revert "Release 6.0.0-M6"
...
This reverts commit c8fa238cfc
2022-07-18 13:18:34 -03:00
8d147100ee
Next development version
2022-07-18 16:00:47 +00:00
c8fa238cfc
Release 6.0.0-M6
2022-07-18 15:27:55 +00:00
8d3586f949
Release 5.8.0-M1
2022-07-18 15:25:10 +00:00
f45c4d4b8e
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:41:03 -03:00
dda98f333c
Polish
...
Make encodingAlgorithm final and add it to the constructor
Add since tags
Add more tests
2022-07-15 10:34:36 -03:00
e17fe8ced9
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:34:36 -03:00
35fc437559
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-14 09:25:49 -06:00
9608eaa138
Clarify authorize-http-requests docs
...
Issue gh-11467
2022-07-14 10:19:31 -03:00
64ba31aebb
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 10:08:19 -03:00
57d6ab7134
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 09:13:46 -03:00
624fdfa731
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-13 17:58:16 -06:00
6455e98745
FilterSecurityInterceptor applies to every request by default
...
Closes gh-11466
2022-07-12 10:53:03 -03:00
ce67fb08fd
Clearly end sentence in note before next sentence
2022-07-11 17:38:44 -06:00
6e63278ab9
Use Collection<ConfigAttribute> in examples
...
To match `org.springframework.security.access.ConfigAttribute`.
2022-07-11 17:38:44 -06:00
2c0a4337a8
Clearly end sentence in note before next sentence
2022-07-11 17:36:30 -06:00
9f4b0ca8b5
Use Collection<ConfigAttribute> in examples
...
To match `org.springframework.security.access.ConfigAttribute`.
2022-07-11 17:36:30 -06:00
148c926de0
Support AuthorizationManager for intercept-methods Element
...
Closes gh-11328
2022-07-06 13:01:57 -06:00
74a007dc91
Support AuthorizationManager for intercept-methods Element
...
Closes gh-11328
2022-07-06 12:54:05 -06:00
bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging
...
Issue gh-11061
2022-06-27 16:24:27 -06:00
74167d62b1
Add SecurityContextHolderStrategy XML Configuration for Messaging
...
Issue gh-11061
2022-06-27 15:55:28 -06:00
5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security
...
Issue gh-11061
2022-06-27 13:40:55 -06:00
9cd7c7b046
Add SecurityContextHolderStrategy XML Configuration for Method Security
...
Issue gh-11061
2022-06-27 13:05:07 -06:00
11a74a2926
Fix method call example on documentation
2022-06-24 17:05:31 -06:00
d3a024786b
Next Development Version
2022-06-20 15:05:30 -04:00
fa4c5449e7
Release 5.6.6
2022-06-20 14:50:24 -04:00
6f275deb55
Next Development Version
2022-06-20 12:37:13 -04:00
c40f65f5a2
Release 5.7.2
2022-06-20 12:17:25 -04:00
150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults
...
Issue gh-11061
2022-06-17 12:21:10 -06:00
2a70707c35
Add SecurityContextHolderStrategy XML Configuration for Defaults
...
Issue gh-11061
2022-06-17 11:28:10 -06:00
a3e996a66b
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 17:33:41 -05:00
953b54f63d
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 15:15:03 -05:00
6b1d5ec6ae
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 15:13:06 -05:00
aca3fc2412
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:51:44 -03:00
0c31cb21dc
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:50:56 -03:00
24701b547f
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:49:47 -03:00
b9acdd5058
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 13:43:42 +02:00
2afa9313eb
Use AuthorizationManager in <http>
...
Closes gh-11305
2022-05-31 16:01:41 -06:00
9dbd1f3e25
Use AuthorizationManager in <http>
...
Closes gh-11305
2022-05-31 15:10:00 -06:00
d7077b441a
Correct access(String) reference
...
Closes gh-11280
2022-05-27 15:00:15 -06:00
292585080a
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:59:06 -06:00
0abc54c7de
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:52:20 -06:00
ff0d85e2ac
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:51:45 -06:00
f4c0fcb5ef
Add AuthorizationManager to Messaging
...
Closes gh-11076
2022-05-27 13:35:19 -06:00
101f11ba94
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 13:12:56 -06:00
18b903f6e3
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 13:12:56 -06:00
038266a94f
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 13:12:55 -06:00
bbff945b95
Restore missing link text
...
Issue gh-10934
2022-05-27 13:00:20 -06:00
8690accd57
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:57:57 -06:00
e3c15260e7
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:57:57 -06:00
9625382b22
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:57:56 -06:00
dda026b5fc
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:57:02 -06:00
2363dbb4e4
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:56:57 -06:00
23cc1eb32b
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:56:51 -06:00
ff0b1712b6
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:46:36 -06:00
0a64579b1e
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:46:27 -06:00
416f94f979
Update Junit5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:46:04 -06:00
8a03d1fcec
Add AuthorizationManager to Messaging
...
Closes gh-11076
2022-05-27 12:20:48 -06:00
0355e960d7
Next development version
2022-05-18 11:52:05 -05:00
fdad14af63
Release 5.6.5
2022-05-18 11:03:25 -05:00
07841794c5
Next development version
2022-05-18 16:02:48 +00:00
8eb235d36e
Release 6.0.0-M5
2022-05-18 10:37:41 -05:00
14bbf33658
Revert "Release 6.0.0-M5"
...
This reverts commit 6513f3ce71
2022-05-18 10:37:07 -05:00
6513f3ce71
Release 6.0.0-M5
2022-05-18 15:26:59 +00:00
4caf53e96d
Next Development Version
2022-05-18 10:06:25 -05:00
22a1c99b9e
Release 5.7.1
2022-05-18 10:00:11 -05:00
3a5eb47d0c
Next development version
2022-05-16 19:13:07 +00:00
eaac43a179
Release 6.0.0-M4
2022-05-16 13:42:14 -05:00
cd024bdb80
Revert "Release 6.0.0-M4"
...
This reverts commit 49a5f972be
2022-05-16 13:25:42 -05:00
49a5f972be
Release 6.0.0-M4
2022-05-16 12:51:47 -05:00
dc648cf79f
Next Developement Version
2022-05-16 11:51:06 -05:00
5155719877
Next Development Version
2022-05-16 11:44:53 -05:00
c2d2914a4f
Release 5.6.4
2022-05-16 11:36:26 -05:00
3497b0ed68
Release 5.7.0
2022-05-16 11:35:18 -05:00
806e05855c
Replace removed context-related operators
...
Closes gh-11194
2022-05-10 14:58:02 -03:00
4ebd37ae77
Add 5.8 Support
2022-05-03 09:04:34 -06:00
1f43733749
Add 5.7.x branch to playbook
2022-05-03 09:03:51 -06:00
0e9228d10a
Prepare for Spring Security 5.8
2022-05-02 16:34:23 -06:00
a0232ed135
Add shouldFilterAllDispatcherTypes to Kotlin DSL
...
Closes gh-11153
2022-04-28 08:34:48 -03:00
e94adedb94
Add shouldFilterAllDispatcherTypes to Kotlin DSL
...
Closes gh-11153
2022-04-28 08:19:20 -03:00
6c8f64d2bd
Next Development Version
2022-04-18 14:55:35 -05:00
e80b3cc5a2
Release 5.7.0-RC1
2022-04-18 14:50:15 -05:00
2a2c2dd209
Next development version
2022-04-18 13:27:01 -03:00
fa0e06ebdc
Release 5.6.3
2022-04-18 11:59:42 -03:00
9a9a43a0c0
ForceEagerSessionCreationFilter
...
Closes gh-11109
2022-04-15 14:18:25 -05:00
aaf78330b1
ForceEagerSessionCreationFilter
...
Closes gh-11109
2022-04-15 14:16:35 -05:00
5367524030
Change the default of shouldFilterAllDispatchTypes to true
...
Closes gh-11107
2022-04-14 16:30:42 -03:00
84b5c76a7b
Add Option to Filter All Dispatcher Types
...
Closes gh-11092
2022-04-14 16:10:36 -03:00
7fea639a43
Add Option to Filter All Dispatcher Types
...
Closes gh-11092
2022-04-14 15:58:00 -03:00
86c3ce7efc
Update What's New
2022-04-13 11:24:36 -03:00
39b0620a84
Add DisableUrlRewritingFilter
...
Closes gh-11084
2022-04-08 16:13:44 -05:00
7be32872e9
Add DisableUrlRewritingFilter
...
Closes gh-11084
2022-04-08 16:13:24 -05:00
b71d9bfdc2
Fix typo
2022-04-06 11:09:41 +02:00
ed8887e0fc
Fix typo
2022-04-06 11:09:15 +02:00
4ee5800ec9
use okta as registration id
...
looks like `ping` is some registration id used in the past.
Closes gh-11034
2022-03-30 14:41:03 -06:00
d4931ecf2b
use okta as registration id
...
looks like `ping` is some registration id used in the past.
2022-03-30 14:40:25 -06:00
51a99701ad
use okta as registration id
...
looks like `ping` is some registration id used in the past.
2022-03-30 14:39:39 -06:00
ce720ad38e
Document Authorization Events
...
Issue gh-9288
2022-03-29 16:37:22 -06:00
04c483387e
Document Authorization Events
...
Issue gh-9288
2022-03-29 16:03:20 -06:00
759d983d62
Fix formatting in reference docs
2022-03-24 15:15:20 +01:00
d4d6ddbaae
Fix formatting in reference docs
2022-03-24 15:13:50 +01:00
0a2a327476
Fix reference documentation redirects
...
Closes gh-11018
2022-03-23 09:01:42 +01:00
8fe6ecb459
Update antora.yml
2022-03-21 15:27:40 -05:00
e2e1689d9d
Release 6.0.0-M2
2022-03-21 13:56:04 -05:00
7deaab8822
Next development version
2022-03-21 14:51:40 -03:00
ed0a323a71
Release 5.7.0-M3
2022-03-21 14:00:04 -03:00
28dd7dabfb
Update What's New for 5.7
2022-03-17 12:56:17 -05:00
c38c722473
Update What's New for 5.7
2022-03-17 09:56:45 -05:00
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
428216b322
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:50:25 -05:00
4a8219d16c
Update whats-new.adoc with gh-9812
2022-03-17 04:41:33 -04:00
54b033078b
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:36:10 -04:00
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
fabeabd2db
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:45 -06:00
c49d47d9fa
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:12 -06:00
972039e65c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-12 13:31:04 -06:00
87ed31a99c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-11 17:22:23 -06:00
ae7d56d65b
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:43:11 -06:00
6e45a376cd
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:42:38 -06:00
e4f1826622
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:41:19 -06:00
b71b2f81e1
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:41:19 -06:00
9967078059
Antora 3.0.0
...
Issue gh-10962
2022-03-11 13:41:19 -06:00
abd33389be
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:49:29 -07:00
ac9c29b2a0
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:23:35 -07:00
660da6f4a0
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 17:49:43 +01:00
bc2bb8cb96
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 16:18:09 +01:00
1762a4ce70
Add SAML 2.0 Single Logout XML Support
...
Closes gh-10842
2022-03-09 10:48:34 -03:00
1cbe7a75d3
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 10:40:26 -03:00
93d4fd3559
Add SAML 2.0 Single Logout XML Support
...
Closes gh-10842
2022-03-09 09:18:01 -03:00
73f839312d
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 09:18:01 -03:00
440ffce2eb
Update PasswordEncoder declaration
...
Closes gh-10910
2022-03-01 07:50:55 -07:00
acda921fe9
Update PasswordEncoder declaration
...
Closes gh-10910
2022-03-01 07:49:25 -07:00
ff15bec02d
update PasswordEncoder declaration
2022-03-01 07:48:31 -07:00
344ab1814c
Next development version
2022-02-21 11:56:40 -03:00
2426989441
Release 5.7.0-M2
2022-02-21 11:00:07 -03:00
1a32b399e6
Next development version
2022-02-21 10:49:06 -03:00
e9f3da94fc
Release 5.6.2
2022-02-21 10:04:41 -03:00
386e8a86a1
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:54:04 -03:00
45a88fc391
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:49:27 -03:00
8a56e4f35e
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:46:20 -03:00
a2d1965c25
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:30:45 +01:00
c6b185465d
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:24:23 +01:00
f64181ab41
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 17:18:48 +01:00
77ba94e1db
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 11:07:42 +01:00
015036741b
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:16:47 +01:00
d0faff62df
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:01:43 +01:00
4142f06259
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 18:10:58 +01:00
4492e5b667
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 16:12:10 +01:00
85e531ec74
Fix typo in role hierarchy docs
...
Closes gh-10804
2022-02-04 16:32:47 +01:00
27ecae2545
Fix typo in role hierarchy docs
...
Closes gh-10804
2022-02-04 16:31:19 +01:00
28b363551e
Use lambda DSL in logout header docs
2022-02-04 16:26:51 +01:00
7c9de7d0ff
Use lambda DSL in logout header docs
2022-02-04 16:26:18 +01:00
ac990afa5d
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:47:35 -06:00
c1dfe407bc
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:27 -06:00
51fc4a4ca3
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:05 -06:00
55cccbf727
Fix broken link to SAML2 login example
2022-02-03 10:20:45 -06:00
e5def290a1
Fix broken link to SAML2 login example
2022-02-03 10:10:04 -06:00
13d8b69ee4
Fix broken link to SAML2 login example
2022-02-03 09:42:21 -06:00
a095ea75a2
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:52:54 +01:00
8aa3f291b7
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:42:08 +01:00
f465403a99
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:30:43 +01:00
99c488c6ae
Polish LDAP reference docs
...
Issue gh-10789
2022-01-28 17:15:37 +01:00
869fc8c96c
Use LDAP AuthenticationManager factory in reference docs
...
Closes gh-10789
2022-01-28 17:13:04 +01:00
e280061538
Polish LDAP reference docs
...
Issue gh-10789
2022-01-28 17:04:39 +01:00
d5824521e8
Use LDAP AuthenticationManager factory in reference docs
...
Closes gh-10789
2022-01-28 17:03:56 +01:00
5a2556879a
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 16:18:33 -07:00
d538423f98
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 15:09:45 -07:00
f94090a59b
Remove spring-security-openid
...
Closes gh-10773
2022-01-21 16:55:19 -06:00
55cf7c9683
Remove default display_version
2022-01-18 13:26:39 -06:00
c4812b17ee
Default antora displayVersion
...
Issue gh-10765
2022-01-18 12:55:46 -06:00
c9a9087454
Add 6.0.* tag to antora-playbook
2022-01-17 14:45:31 -03:00
3834268008
Next development version
2022-01-17 13:08:59 -03:00
816831746f
Release 6.0.0-M1
2022-01-17 11:22:05 -03:00
20c252982e
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-14 15:29:50 -07:00
7efbc9d5f7
Next Development Version
2022-01-14 12:51:23 -06:00
a8457b518f
Release 5.7.0-M1
2022-01-14 12:16:08 -06:00
525f40490c
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:59:14 -05:00
214cfe807e
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:42:10 -05:00
96e5e67737
Update to Antora 3.0.0
2022-01-05 11:22:34 -06:00
005d7465b0
Add fix for 5.6.1 version
2022-01-04 17:03:32 -06:00
783a43ea35
Add CheckAntoraVersionPlugin
2022-01-04 15:52:05 -06:00
07a176d11e
Update antora to 5.6.2
2022-01-04 15:52:05 -06:00
9b6c7af526
Add CheckAntoraVersionPlugin
2022-01-04 15:33:24 -06:00
6884a16726
Add CheckAntoraVersionPlugin
2022-01-04 15:29:14 -06:00
45b7fed884
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 13:14:12 -07:00
6b54afe9a3
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 12:54:22 -07:00
2471e3296d
Fix xsd tests
2021-12-13 17:38:22 -06:00
2fb056b5c1
Merge Clean up Reference Documentation
...
Closes gh-9668
2021-12-13 16:57:36 -06:00
0beb725259
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-08 11:07:09 +01:00
65426a40ec
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-07 17:23:06 +01:00
32ec8c3ae4
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:58:24 +01:00
7ec3b55ab3
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:48:11 +01:00
1896a5e669
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-06 13:05:50 +01:00
f1ca42e501
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:14:05 -03:00
bb99d7d95a
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:13:12 -03:00
04161b9288
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 10:38:04 -03:00
16a21264d0
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:36:31 -07:00
739cdc1a4c
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:36:10 -07:00
2dac210cac
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:32:36 -07:00
1c0f092176
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:26:53 -07:00
02cd1dd3c4
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:26:25 -07:00
9316241c01
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:24:59 -07:00
32d79f3f4e
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:42 -07:00
b7cc667d21
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:27 -07:00
879b2d089f
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:29:23 -07:00
088a24cf59
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:18:42 -07:00
3fb1565cc0
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:17:37 -07:00
5913501e1a
#10505 Fix jwtDecoder
...
Fixed jwtDecoder(JWTProcessor jwtProcessor, OAuth2TokenValidator<Jwt> jwtValidator)
2021-11-16 14:05:43 -07:00
7b15098570
Update Spring Security to 5.7
...
Closes gh-10509
2021-11-15 17:10:00 -07:00
6b6f473a1b
Added authorizeHttpRequests Docs
...
Closes gh-10442
2021-11-15 16:23:18 -07:00
e398fbf2a7
Include 5.6.0 Release in docs
2021-11-15 16:37:47 -06:00
7236f2c5f2
Added authorizeHttpRequests Docs
...
Closes gh-10442
2021-11-15 15:35:23 -07:00
29a4b2bc9b
Next Development Version
2021-11-15 16:13:45 -06:00
fa628f7491
Release 5.6.0
2021-11-15 16:13:12 -06:00
4f185724a3
Polish gh-10479
2021-11-12 15:09:50 -05:00
eceb9ed479
Polish gh-10479
2021-11-12 15:08:11 -05:00
Steve Riesenberg
Daniel Garnier-Moiroux
Marcus Da Coregio
Dan Allen
Rob Winch
Josh Cummings
github-actions[bot]
ch4mpy
Underground Hill
he1ex-tG
jujunChen
Igor Bolic
Joshua Sattler
Desmond Silveira
Yuriy Savchenko
Tim te Beek
Vinícius Hashimoto
Joe Grandja
sKai.fun
André Luis Gomes
nor-ek
Pascal Verdage
Johannes Graf
Eleftheria Stein
Lijamaija
Talerngpong Virojwutikul
giger85
Ken Dombeck
Henning Poettker
Jeff Maxwell