Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-03 16:02:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,964 Commits 56 Branches 376 Tags
Commit Graph

2359 Commits

Author SHA1 Message Date
Spring Buildmaster
d1669b909f Release 4.2.4.RELEASE 2018-01-24 23:19:40 +00:00
Rob Winch
6f74162a1f Test Jackson HashMap in Whitelist 
Issue: gh-4889
 2018-01-03 16:08:57 -06:00
Chris Burrell
99a0baadfa Add HashMap to Jackson whitelist 
Issue: gh-4889
 2018-01-03 16:08:28 -06:00
Rob Winch
82168faf9d Update to jsonassert 1.4.0 
Fixes gh-4783
 2017-11-02 16:19:58 -05:00
Rob Winch
9d0f8977a9 Update to slfj4 1.7.25 
Fixes gh-4782
 2017-11-02 16:19:16 -05:00
Rob Winch
5ae615f3b4 Update Jackson to 2.8.10 
Fixes gh-4781
 2017-11-02 16:18:31 -05:00
Rob Winch
092c5aecf7 Update to Ehcache 2.10.4 
Fixes gh-4779
 2017-11-02 16:13:43 -05:00
Rob Winch
a5d56d8724 Update to Aspectj 1.8.12 
Fixes gh-4778
 2017-11-02 16:12:39 -05:00
Rob Winch
0f546dcb07 Update to Spring 4.3.12 
Fixes gh-4776
 2017-11-02 16:08:50 -05:00
Rob Winch
cb576d16e1 DelegatingApplicationListener uses CopyOnWriteArrayList 
Fixes gh-4417
 2017-11-02 14:41:20 -05:00
Greg Turnquist
3b4df40f47 Fix UsernamePasswordAuthenticationTokenMixin to handle null credentials/details 
Fixes gh-4773
 2017-11-02 14:41:20 -05:00
Gajendra kumar
6cbf71bd72 Allow inject Map into SessionRegistryImpl 
As principals and sessionIds are set in class itself so one can't share
user session count across nodes(Cluster). Using constructor for setting
principals and sessionIds we can pass Cache map to constructor which can
enable common session count in cluster otherwise user would be allowed to
logged in with multiple sessions. There is no point keeping principals
and sessionIds completely internal.

Fixes gh-4772
 2017-11-02 14:41:20 -05:00
Antoine
be50cd8ada Polish more AssertJ assertions 
Issue gh-4770
 2017-11-02 14:40:53 -05:00
Antoine
21efbb6ba7 Polish AssertJ assertions 
Fixes gh-4770
 2017-11-02 14:40:53 -05:00
Frank Pavageau
6cc0f6c054 Deserialize the principal in a neutral way 
When the principal of the Authentication is an object, it is not necessarily
an User: it could be another implementation of UserDetails, or even a
completely unrelated type. Since the type of the object is serialized as a
property and used by the deserialization anyway, there's no point in
enforcing a stricter type.
 2017-10-31 16:42:50 -05:00
Frank Pavageau
22ea835643 Map values directly from the JSON nodes 
Not only is it more efficient without converting to an intermediate String,
using JsonNode.toString() may not even produce valid JSON according to its
Javadoc (ObjectMapper.writeValueAsString() should be used).
 2017-10-31 16:42:50 -05:00
Spring Buildmaster
9e8994a2b7 Release version 4.2.3.RELEASE 2017-06-08 04:34:34 +00:00
Rob Winch
8b2faff7ad Update to Spring 4.3.9.RELEASE 
Fixes gh-4375
 2017-06-07 22:52:58 -05:00
Rob Winch
947d11f433 Update SecurityJackson2Modules 
Fixes gh-4370
 2017-06-07 22:52:58 -05:00
Rob Winch
d2524eadfc Update poms to new to SNAPSHOT version 2017-03-02 09:20:34 -06:00
Spring Buildmaster
081f0c4d94 Release version 4.2.2.RELEASE 2017-03-02 07:29:42 +00:00
pkovacs
f99fe36e02 Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl 
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.

Fixes gh-4163.
 2017-03-02 00:09:14 -06:00
stonio
901a4e183a Update SecurityContextHolder.java 
Use StringUtils.hasText
 2017-03-01 23:54:04 -06:00
Rob Winch
b64cdb5765 Fix RoleHiearchyUtilsTests on Windows 
Fixes gh-4228
 2017-03-01 23:27:11 -06:00
Rob Winch
9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Spring Buildmaster
7a7ce11ebb Release version 4.2.1.RELEASE 2016-12-21 17:23:28 +00:00
Rob Winch
6bec625e68 Update to Spring 4.3.5.RELEASE 
Fixes gh-4167
 2016-12-21 09:04:16 -06:00
Spring Buildmaster
24fcb6c45a Release version 4.2.0.RELEASE 2016-11-09 23:42:11 +00:00
Rob Winch
a9024de734 Polish Spring Version Update 
Fix related tests.

Issue gh-4123
 2016-11-09 17:05:25 -06:00
Rob Winch
f97f38fd57 jacksonDatavindVersion->jacksonDatabindVersion 
Issue gh-4122
 2016-11-09 16:46:38 -06:00
Rob Winch
f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Spring Buildmaster
97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch
e62596f36d Polish PasswordEncoderUtils do not leak length 
Fix possible / 0 if expected is empty String.

Issue gh-255
 2016-10-24 12:50:46 -05:00
Rob Winch
d3685d89c5 Polish PasswordEncoderUtils do not leak length 
Issue gh-255
 2016-10-24 11:26:43 -05:00
avri-schneider
a98389fa98 PasswordEncoderUtils do not leak length 
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
 2016-10-24 11:26:34 -05:00
Rob Winch
dc9f9b140f Polish PasswordEncoderUtilsTests 
* Add more tests
* Smaller tests
* Follow new naming convention
 2016-10-24 11:24:24 -05:00
Rob Winch
f432c04111 Create UserBuilder 
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
 2016-10-21 16:42:03 -05:00
Rob Winch
08c1f500a7 Version bumps for Spring 5 
Issue gh-4080
 2016-10-17 17:00:17 -05:00
Jitendra Singh
48ff518a41 Fix Jackson 2.7+ 
UnmodifiableSetDeserializer added which will ensure
Collection$UnmodifiableSet deserialize properly with jackson-databind 2.7+

Fixes gh-4073
 2016-10-13 07:42:07 -05:00
Spring Buildmaster
c1b8150439 Release version 4.2.0.M1 2016-09-23 19:39:33 +00:00
Rob Winch
b443baef04 Polish GrantedAuthorityDefaults 
* Move GrantedAuthorityDefaults to config module
* Move setting of default role into config module vs
  ApplicationContextAware

Issue gh-3701
 2016-09-22 15:13:05 -05:00
Eddú Meléndez
eabeaf35d6 Make single definition of defaultRolePrefix and rolePrefix 
Previous to this commit, role prefix had to be set in every class
causing repetition. Now, bean `GrantedAuthorityDefaults` can be used to
define the role prefix in a single point.

Fixes gh-3701
 2016-09-21 14:55:41 -05:00
Joe Grandja
c75a5b7279 Polish RoleHierarchyUtils and add tests 2016-09-19 14:07:34 -04:00
Thomas Darimont
06c67070a6 Add convenience method for constructing RoleHierarchy from Map. 
Introduced `RoleHierarchyUtils` which enables convenient
construction of `RoleHierarchy` from map based representation.
Where the map key is the role name and the map value is a list
of implied role names.

Here is a small example for that in action:
https://gist.github.com/thomasdarimont/ee9fffdef1adb9243b12ad247478aad4

Fixes #3990.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
 2016-09-19 14:07:34 -04:00
Rob Winch
92a59e0df7 Fix checkstyle 
Issue gh-3736
 2016-09-02 12:02:39 -05:00
Rob Winch
8ad0003456 Polish Whitespace 
Issue gh-3736
 2016-09-02 11:37:21 -05:00
Rob Winch
3531cc93c2 JSON tests ObjectMapper Cleanup 
* Move to @Setup
* Consistently extend from AbstractMixinTests and reuse ObjectMapper

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
bd925313af Improve Readablility of JSON test strings 
This improves the readability of the JSON strings used for
testing JSON serialize / deserialize of Spring Security

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
d4c48dd3e1 Remove MockitoJUnitRunner from JSON tests 
Previously the JSON tests unnecessarily had MockitoJUnitRunner.

This commit removes MockitoJUnitRunner from the JSON tests.

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch
df613ed4cc JSON UserDetails deserializes null 
JSON UserDetails null use to be treated as "".

This changes null to be treated as a null

Issue gh-3736
 2016-09-02 11:37:16 -05:00