Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,323 Commits 29 Branches 320 Tags 104 MiB
Commit Graph

22 Commits

Author SHA1 Message Date
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Filip Hanik 9d26f12e86 Add an example of Base64 encoding that failed with java.util.Base64 
Revert usage to Apache Commons Codec (dependency by OpenSaml)
 2020-01-01 15:45:10 -08:00
Filip Hanik af415948b1 Allow configuration of AuthenticationManagerResolver in saml2Login() 
Fixes gh-7654

https://github.com/spring-projects/spring-security/issues/7654
 2019-12-17 13:34:27 -08:00
Eleftheria Stein da3f18017d Polish SAML2 principal classes 
Update @since

Issue: gh-7681
 2019-12-12 20:22:58 +01:00
Clement Stoquart 31b999e9b4 fix: make Saml2Authentication serializable 2019-12-12 17:11:00 +01:00
Clement Stoquart 0c47bfb1e3 Remove empty relay state from redirect url 2019-12-10 09:49:54 -08:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Mike Truso a4430aa21b Fix variable reference in sample code 2019-10-29 14:04:05 -06:00
Filip Hanik 0f14844acf We will not validate IP addresses as part of assertion validation 
Fixes gh-7514

https://github.com/spring-projects/spring-security/issues/7514
 2019-10-28 20:08:42 -07:00
Brendt Lucas 8ebfba3019 Support configuration of protocol binding for authentication requests 2019-10-15 15:57:45 -05:00
Filip Hanik 83b5f5c7ae Improve the Saml2AuthenticationRequest object 
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
 2019-09-30 11:01:34 -07:00
Filip Hanik 9731386de5 Correctly set "Destination" in AuthNRequest message 
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
 2019-09-30 11:01:34 -07:00
Filip Hanik 69eacac514 Fix javadoc for RelyingPartyRegistrationRepository 2019-09-30 09:22:36 -07:00
Filip Hanik 7adb4da3ef Always require signature on either response or assertion 
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
 2019-09-30 09:22:36 -07:00
Filip Hanik 22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
 2019-09-27 09:07:25 -07:00
Filip Hanik b6a057a925 OpenSAML expects type `long` representing millis for response time validation skew 
Fixes gh-7448

https://github.com/spring-projects/spring-security/issues/7448
 2019-09-27 09:07:25 -07:00
Filip Hanik adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7, reversing
changes made to 45a1490d5d.
 2019-09-24 16:05:09 -07:00
Filip Hanik d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Filip Hanik 20033ffd4a OpenSAML expects type `long` representing millis for response time validation skew 
Fixes gh-7448

https://github.com/spring-projects/spring-security/issues/7448
 2019-09-24 14:40:39 -07:00
Filip Hanik 438ae215f8 Upgrade to OpenSAML 3.4.3 
Fixes gh-7392
 2019-09-06 08:04:15 -07:00
Josh Cummings c716b400a1
Update to OpenSaml 3.3.1 
Fixes gh-7388
 2019-09-06 07:20:13 -06:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code 
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
 2019-09-05 14:40:08 -07:00