1a4a2a9055
Merge branch '5.8.x' into 6.0.x
2023-04-14 13:32:10 -03:00
54117d7d27
Fix test suffix to align with checkstyle
2023-04-14 13:29:15 -03:00
9c3f91a2d3
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12983
2023-04-10 11:25:32 -05:00
16dcfd1cfe
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12982
2023-04-10 11:25:01 -05:00
c69df9fba0
Fix javadoc typo in ReactiveAuthorizationManager
...
Closes gh-12978
2023-04-10 11:24:49 -05:00
44c4a4ae86
Add new DaoAuthenticationProvider constructor
...
Add a new constructor to the DaoAuthenticationProvider, which allows
providing a custom PasswordEncoder to prevent instantiation of the
default delegating PasswordEncoder in the default constructor.
This provides a way to instantiate the DaoAuthenticationProvider on JDKs
where the default delegating PasswordEncoder cannot be instantiated due
to limited JCE providers for compliance reasons (e.g., FIPS).
Closes gh-12874
2023-04-04 10:21:22 -03:00
acf48721cd
Merge branch '5.8.x' into 6.0.x
2023-03-03 15:02:34 -07:00
ebabcaa51a
Merge branch '5.7.x' into 5.8.x
2023-03-03 15:02:07 -07:00
094bf1b527
Validate hasRole Input
...
There are no check for role prefix in AuthorizeHttpRequestsConfigurer#XXXrole
methods. This PR adds check for the same. Now the configuration
will fail if role/s start with prefix for hasRole and hasAnyRole methods.
Closes #12581
2023-03-03 15:00:34 -07:00
52ed165476
Move classpath checks to class member variable
...
Closes gh-11437
2023-02-07 09:25:06 -03:00
4d2dab9b6b
Lookup Parent Observation
...
Closes gh-12524
2023-01-11 10:13:33 -07:00
f1824f8a5d
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12435
2022-12-19 10:45:25 -03:00
36d83f863a
Fix Javadoc since tag for class ExpressionAuthorizationDecision
...
Closes gh-12411
2022-12-19 10:44:36 -03:00
a76b1f7a51
Merge branch '5.8.x' into 6.0.x
2022-11-30 14:19:38 -07:00
68a344d238
Merge branch '5.7.x' into 5.8.x
2022-11-30 14:18:59 -07:00
e23c1cf7a7
Merge branch '5.6.x' into 5.7.x
2022-11-30 14:18:12 -07:00
14a48ea939
Fix formatting
...
Issue gh-12143
2022-11-29 20:15:13 -07:00
709de43e89
Fix typo in JavaDoc
...
Closes gh-12143
2022-11-29 20:15:12 -07:00
9d876fce82
Polish ExpressionAuthorizationDecision
...
Issue gh-11493
2022-11-17 15:09:52 -07:00
e08ed89403
Polish Span and Meter Names
...
Closes gh-12156
2022-11-17 15:09:52 -07:00
88e64bac0c
Polish Tests
...
Issue gh-11992
2022-11-17 15:09:52 -07:00
08948f2c37
Add Polish localization to error messages from ExceptionTranslationFilter
...
Issue gh-9315
2022-11-14 18:10:36 -07:00
a3d278380e
Add Polish localization to error messages from ExceptionTranslationFilter
2022-11-14 18:06:02 -07:00
bd43c1f28a
Merge branch '5.8.x'
...
# Conflicts:
# web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
# web/src/test/java/org/springframework/security/web/context/SecurityContextRepositoryTests.java
2022-10-17 19:35:27 -05:00
c75ca10900
Add DeferredSecurityContext
...
Issue gh-12023
2022-10-17 19:33:58 -05:00
db7f52db4e
Add hints to invoke SecurityContextImpl#getAuthentication
...
Closes gh-11987
2022-10-13 09:06:16 -03:00
d3d8f7d60f
Mark Observations with Security Context Events
...
Closes gh-11992
2022-10-12 20:32:23 -06:00
8c610684f3
Instrument Authentication and Authorization
...
Closes gh-11989
Closes gh-11990
2022-10-12 20:32:21 -06:00
827384e386
Add Micrometer Dependency
2022-10-12 19:26:21 -06:00
a453a71bed
Merge remote-tracking branch 'origin/5.8.x'
2022-10-10 12:37:15 -06:00
8d096554f8
Add AuthorizationEvent
...
Closes gh-11972
2022-10-10 12:28:57 -06:00
8f10deb602
Merge remote-tracking branch 'origin/5.8.x'
2022-09-30 17:01:22 -06:00
f054505d6d
Support Deferred Contexts
...
Closes gh-11817
Issue gh-10913
2022-09-30 16:49:47 -06:00
fc7f87feac
Removed unused test classes SomeDomainObject/Manager
2022-09-30 10:55:36 -05:00
ef879aadd6
Add native hint for the users JDBC schema
...
Closes gh-11907
2022-09-29 09:42:37 -03:00
e071c28e8a
Merge remote-tracking branch 'origin/5.8.x'
2022-09-20 16:25:45 -06:00
c1d27612af
Simplify AuthorizationManager composition
...
Closes gh-11625
2022-09-20 16:24:45 -06:00
46f402243b
Merge remote-tracking branch 'origin/5.8.x'
2022-09-20 16:11:16 -06:00
3f8503f1b4
Deprecate AccessDecisionManager et al
...
Closes gh-11302
2022-09-20 16:09:59 -06:00
b1fd9af723
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-26 16:01:40 -06:00
0f58620643
Add AspectJ AuthorizationManager Support
...
Closes gh-11326
2022-08-26 15:59:08 -06:00
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-25 14:46:48 -06:00
e990174c89
Polish ReactiveMethodSecurity Support
...
- Changed annotation property to useAuthorizationManager
to match related XML support
- Moved support found in bean post-processors back into
interceptors directly. This reduces the number of components to
maintain and simplifies ongoing support
- Added @Deprecated annotation to indicate that applications
should use AuthorizationManagerBeforeReactiveMethodInterceptor and
AuthorizationManagerAfterReactiveMethodInterceptor instead. While
true that the new support does not support coroutines, the existing
coroutine support is problematic since it cannot be reliably paired
with other method interceptors
- Moved expression handler configuration to the constructors
- Constrain all method security interceptors to require publisher types
- Use ReactiveAdapter to check for single-value types as well
Issue gh-9401
Polish
2022-08-25 14:36:03 -06:00
6fd23d2567
Add MockMethodInvocation Constructor
...
Issue gh-9401
2022-08-25 14:36:02 -06:00
cbb4f40f0c
ReactiveAuthorizationManager + Reactive Method Security
...
Closes gh-9401
2022-08-25 14:35:04 -06:00
670b71363d
Merge branch '5.8.x'
...
Closes gh-11749
2022-08-23 16:03:50 -05:00
2fb625db84
Remove mockito deprecations
...
Issue gh-11748
2022-08-23 15:59:52 -05:00
38c05ad31c
Add native hints for basic @PostAuthorize usage
...
Closes gh-11737
2022-08-23 15:17:14 -03:00
bd5a05dcdd
Polish CoreSecurityRuntimeHints
2022-08-23 15:06:07 -03:00
c4b0e9bd74
Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer
...
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous
Closes gh-11360
2022-07-14 13:00:07 -06:00
Marcus Da Coregio
Rob Winch
Yuanhang Guo
Petr Svoboda
Josh Cummings
bist
Guillaume Husta
Junsung Cho
Kacper Piasta
Steve Riesenberg
Emil Sierżęga
Evgeniy Cheban