spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-23 18:59:46 +00:00

Author	SHA1	Message	Date
Josh Cummings	da182a2d7c	Remove Deprecated OpenSaml Components Closes gh-17306	2025-07-09 14:06:51 -06:00
Rob Winch	e48fdd5ed4	Use UserWebTestClientConfigurer Closes gh-17496	2025-07-07 15:15:51 -05:00
Tran Ngoc Nhan	a439bc65d6	Remove EnableWebMvcSecurity Closes gh-17294 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-07 13:46:03 -06:00
Josh Cummings	19e88f5e35	Polish Tests Issue gh-17298	2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan	242956a63c	Remove deprecated elements from DaoAuthenticationProvider Closes gh-17298 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan	e52987d03c	Remove RoleHierarchyImpl Deprecations Closes gh-17297 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-07 13:22:22 -06:00
Matt Magoffin	62252c1232	Default to XorCsrfChannelInterceptor in XML Change WebSocketMessageBrokerSecurityBeanDefinitionParser to use XorCsrfChannelInterceptor by default, so WebSocket XML configuration matches the default Xor-based configuration already in WebSocketMessageBrokerSecurityConfiguration. Closes gh-17260 Signed-off-by: Matt Magoffin <matt@solarnetwork.net>	2025-07-07 13:02:15 -06:00
Josh Cummings	a9636c72d1	Merge branch '6.5.x'	2025-07-07 12:54:26 -06:00
Josh Cummings	bc20bd6340	Merge branch '6.4.x' into 6.5.x Closes gh-17495	2025-07-07 12:53:59 -06:00
Josh Cummings	8461feb028	Merge branch '6.3.x' into 6.4.x Closes gh-17494	2025-07-07 12:53:47 -06:00
Josh Cummings	4f5b17334e	Pick Up csrfChannelInterceptor in XML Closes gh-17493	2025-07-07 12:53:27 -06:00
Josh Cummings	42283a5c1d	Add Missing File Issue gh-17484	2025-07-07 11:18:57 -06:00
Josh Cummings	5ae1b73bae	Fix Cyclic Bean Dependency Closes gh-17484	2025-07-07 10:32:56 -06:00
Tran Ngoc Nhan	d8043dc8a7	Remove PrePostTemplateDefaults Closes gh-17296 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan	21036c94b4	Remove Nimbus(Reactive)OpaqueTokenIntrospector Closes gh-17302 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan	519ae241f4	Fix Mock for Spring(Reactive)OpaqueTokenIntrospector Issue gh-17302 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan	9312fb7004	Remove Deprecated AuthorizationDecision Elements Closes gh-17299 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-03 14:32:49 -06:00
Josh Cummings	d3e9e3138d	Remove AntPath and MvcRequestMatcher Closes gh-16886 Closes gh-16887	2025-07-03 13:37:50 -06:00
Josh Cummings	919ae1d636	Use PathPatternRequestMatcher in oauth2 Issue gh-16887	2025-07-03 13:37:49 -06:00
Josh Cummings	7da352129c	Use PathPatternRequestMatcher in saml2 Issue gh-16887	2025-07-03 13:37:48 -06:00
Josh Cummings	3e53cc2c4a	Use PathPatternRequestMatcher in config This commit changes the config module to use PathPatternRequestMatcher in favor of MvcRequestMatcher and AntPathRequestMatcher. This allows removing several HandlerMappingIntrospector support classes as well which were in place to support MvcRequestMatcher. Issue gh-16886 Issue gh-16887	2025-07-03 13:37:47 -06:00
Josh Cummings	98686a5139	Standardize Mock Request Paths Closes gh-17449	2025-07-03 13:37:47 -06:00
Josh Cummings	d5f986f733	Deprecate createMvcMatchers Issue gh-16631	2025-07-03 13:37:46 -06:00
Tran Ngoc Nhan	4d524b1fe1	Remove RelyingPartyRegistration Deprecations Closes gh-17309 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-07-03 13:15:44 -06:00
Soumik Sarker	526f8a6200	Removed deprecated class BearerTokenAuthenticationToken Issue gh-17309 Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>	2025-07-03 12:44:06 -06:00
Soumik Sarker	edb7a642c7	Removed deprecated class ObjectPostProcessor Issue gh-17309 Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>	2025-07-03 12:44:06 -06:00
Joe Grandja	e869bcdfa3	Remove deprecated implementations of OAuth2AccessTokenResponseClient Closes gh-16909	2025-07-03 14:23:23 -04:00
Joe Grandja	cfe38957d7	Remove Resource Owner Password Credentials grant Closes gh-17446	2025-07-03 14:23:23 -04:00
Kevin Yue	7de4217469	Don't cache WebSocket request PR gh-16741 Signed-off-by: Kevin Yue <yuezk001@gmail.com>	2025-06-27 15:47:05 -05:00
Rob Winch	00ead7f24d	Update to Kotlin 2.2	2025-06-26 17:29:12 -05:00
Tran Ngoc Nhan	e686ac6b11	Remove AbstractSecurityWebSocketMessageBrokerConfigurer Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-06-24 12:56:05 -06:00
Tran Ngoc Nhan	a74ce06dae	Remove JwtIssuer(Reactive)AuthenticationManagerResolver deprecations Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-06-24 12:33:00 -06:00
Josh Cummings	08cbdb4640	Merge remote-tracking branch 'origin/6.5.x'	2025-06-20 14:43:25 -06:00
Josh Cummings	9f88ef83eb	Polish Post-Processor Test Issue gh-17175 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2025-06-20 14:41:58 -06:00
Maciej Kowalski	46283b3452	Relax ObjectPostProcessor Type Constraints Closes gh-17175 Signed-off-by: Maciej Kowalski <f.kowal@gmail.com>	2025-06-20 14:41:58 -06:00
Josh Cummings	a4c338f8a5	Format authorizeExchange Blocks This commit formats authorizeExchange blocks to use a common variable name and ensure the variable and reference are on the same line. Issue gh-13067	2025-06-20 10:46:52 -06:00
Josh Cummings	da6c7b8759	Format Lambda Usage This commit updates Lambda DSL usage to favor having the variable and reference on the same line Issue gh-13067	2025-06-20 10:46:52 -06:00
Josh Cummings	777447e1d9	Format authorizeHttpRequests Blocks This commit formats authorizeHttpRequests blocks to use the same parameter name and places the reference on the same line as the parameter. Issue gh-13067	2025-06-20 10:46:51 -06:00
Josh Cummings	cf6b52d6f7	Format authorizeRequests Blocks This commit changes all auhorizeRequests declarations to use the same variable name and declare the lambda parameter and reference on the same line. Issue gh-13067	2025-06-20 10:46:51 -06:00
Josh Cummings	5dd40a7f10	Remove ServerHttpSecurity and() DSL Methods This commit removes all and() DSL methods with the exception of featurePolicy, which will be removed as a whole at another time. Closes gh-13067	2025-06-20 10:46:43 -06:00
Josh Cummings	f789abc87f	Use ServerHttpSecurity Lambda DSL in JavaDoc Issue gh-13067	2025-06-20 10:41:32 -06:00
Josh Cummings	461f00ed38	Use ServerHttpSecurity Lambda DSL in Config Issue gh-13067	2025-06-20 10:41:31 -06:00
Josh Cummings	9fcfacf283	Use ServerHttpSecurity Lambda DSL in Tests Issue gh-13067	2025-06-20 10:41:31 -06:00
Josh Cummings	1a7b1fcc7c	Remove HttpSecurity and() DSL Methods This commit removes all and() methods that have been deprecated in the HttpSecurity DSL with the exception of featurePolicy, which will be removed when that feature is removed. Note that since featurePolicy does not have a lambda equivalent, the and support needs to remain for the moment. Issue gh-13067	2025-06-20 10:41:31 -06:00
Josh Cummings	45a1447e9b	Use HttpSecurity Lambda DSL in JavaDoc Issue gh-13067	2025-06-20 10:41:30 -06:00
Josh Cummings	1435e0f3d3	Use HttpSecurity Lambda DSL in Config Tests Issue gh-13067	2025-06-20 10:41:30 -06:00
Josh Cummings	6ddb964c61	Remove ApacheDS Support Closes gh-13852	2025-06-19 11:55:34 -06:00
Josh Cummings	42e24aa53c	Fix Formatting	2025-06-17 16:55:22 -06:00
evga7	06ed6ef342	Simplify Csrf Processor Decision Logic Replaces repeated if-else string comparisons with a Set.contains() check for known WebSocket handshake handler class names in MessageSecurityPostProcessor. Improves readability and maintainability without changing behavior. Signed-off-by: Wonpyo Hong <evga7@naver.com>	2025-06-17 16:55:22 -06:00
Tran Ngoc Nhan	c2c84c4243	Update HttpSecurity javadoc Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-06-17 13:31:24 -05:00

1 2 3 4 5 ...

3088 Commits