Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 08:58:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,296 Commits 34 Branches 337 Tags
Commit Graph

10296 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Elias Lousseief
a17cf9e814
Refactored OpenSaml4AuthenticationProviderTests 
Factored out repeatedly used code for signing a request.
 2022-03-15 13:06:31 -06:00
Rob Winch
c49d47d9fa Fix docs SecurityContextHolder Diagram 
Issue gh-9635
 2022-03-12 13:44:12 -06:00
Rob Winch
972039e65c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-12 13:31:04 -06:00
Rob Winch
f9619cef68 Extract createSecurityContextRepository() 
Extract out method in preparation for adding SecurityContextHolderFilter
configuration.

Issue gh-9635
 2022-03-12 13:23:47 -06:00
Rob Winch
cbba7ea4de AbstractAuthenticationProcessingFilter.securityContextRepository 
Issue gh-10953
 2022-03-12 13:23:47 -06:00
Rob Winch
ae7d56d65b Add Persistence to documentation 
Closes gh-10962
 2022-03-11 13:43:11 -06:00
Norbert Nowak
abd33389be Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:49:29 -07:00
Rob Winch
28c7a4be11 Add SecurityContextRepository to all Authentication Filters 
Closes gh-10949
 2022-03-09 15:48:03 -06:00
Rob Winch
9b380582dc BearerTokenAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Rob Winch
4462b73fd9 AbstractPreAuthenticatedProcessingFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Rob Winch
ba7fb0cb14 DigestAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Rob Winch
09e730734b BasicAuthenticationFilter.setSecurityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Rob Winch
d909d3bc40 RememberMeAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Rob Winch
7c5b939bbd AuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Marcus Da Coregio
8c94c2e15a AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains 
Closes gh-10950
 2022-03-09 15:21:14 -03:00
Lijamaija
660da6f4a0 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 17:49:43 +01:00
Steve Riesenberg
5f37ee2f64 Add missing output and checkout 
Issue gh-10928
 2022-03-09 10:47:48 -06:00
Rob Winch
2abeff2089 HttpSessionSecurityContextRepository saves with original response 
Previously, the HttpSessionSecurityContextRepository unnecessarily required
the HttpServletResponse from the HttpReqeustResponseHolder passed into
loadContext. This meant code that wanted to save a SecurityContext had to
have a reference to the original HttpRequestResponseHolder. Often that
implied that the code that saves the SecurityContext must also load the
SecurityContext.

This change allows any request / response to be used to save the
SecurityContext which means any code can save the SecurityContext not just
the code that loaded it. This sets up the code to be permit requiring
explicit saves. Using the request/response from the
HttpRequestResponseHolder is only necessary for implicit saves.

Closes gh-10947
 2022-03-09 10:21:51 -06:00
Marcus Da Coregio
1762a4ce70 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 10:48:34 -03:00
Marcus Da Coregio
1cbe7a75d3 Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 10:40:26 -03:00
Steve Riesenberg
aa0005b1e1 Update CI process to create GitHub releases with release notes 
Closes gh-10928
 2022-03-08 17:41:57 -06:00
Rob Winch
bab5d252a2 Add RequestAttributeSecurityContextRepository 
Closes gh-10918
 2022-03-08 15:00:22 -06:00
Josh Cummings
87828df9d5 Polish EntityDescriptor Customizer 
Issue gh-10839
 2022-03-04 10:40:30 -07:00
Ulrich Grave
3602eff1ac Add method to customize EntityDescriptor 
Closes gh-10839
 2022-03-04 10:40:30 -07:00
Josh Cummings
346038d66c Polish Formatting 
Issue gh-10799
 2022-03-02 16:36:23 -07:00
Sander van Schouwenburg
c734b4b39e Preserve order of RelyingPartRegistration credentials 
Issue gh-10799
 2022-03-02 16:36:23 -07:00
Josh Cummings
5b9a45de01 Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:30:21 -07:00
Josh Cummings
0b59e7797d Use RFC2045 Encoding for SAML 2.0 Logout 
Closes gh-10923
 2022-03-02 16:30:21 -07:00
Josh Cummings
68e2586f06 Move UnmodifiableMapDeserializer 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Josh Cummings
4ede1feae5 Polish Saml2 Jackson Support 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Ulrich Grave
2334610fa9 Add Jackson Support for Saml2 Module 
Closes gh-10905
 2022-03-01 14:17:17 -07:00
Eleftheria Stein
8c95ed6568 Update release pipeline to push next milestone 
- Check that all associated issues are closed
- Update gradle.properties and push change

Issue gh-10451
 2022-03-01 16:10:25 +01:00
Talerngpong Virojwutikul
acda921fe9 Update PasswordEncoder declaration 
Closes gh-10910
 2022-03-01 07:49:25 -07:00
Eleftheria Stein
6f35364c5d Default next milestone when checking for open issues 
Closes gh-10921
 2022-03-01 15:38:03 +01:00
Eleftheria Stein
eb31913b2b Rearrange env variables in release pipeline 
Issue gh-10451
 2022-03-01 15:37:25 +01:00
Eleftheria Stein
e472cc1cc8 Update release time to 1pm UTC 
Issue gh-10451
 2022-03-01 15:37:05 +01:00
Eleftheria Stein
d644f32baa Add gradle task to update project version 
Closes gh-10455
 2022-03-01 09:48:35 +01:00
Eleftheria Stein
f8675343e6 Extract IO Utils in buildSrc 
Issue gh-10455
 2022-03-01 09:48:35 +01:00
m0k045e
8cc18fa9dc OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager 
Closes gh-10846
 2022-02-28 15:31:22 -07:00
Filip Hanik
6e5bb71466 Change HashSet to LinkedHashSet 
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
 2022-02-28 15:01:58 -07:00
Josh Cummings
20d21f8eeb Invert Log Messages 
Closes gh-10909
 2022-02-28 13:16:06 -07:00
Josh Cummings
6dbd88a5a4 Remove WantAssertionsSigned 
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
 2022-02-22 08:14:05 -07:00
Marcus Da Coregio
eca32b4812 Upgrade to Kotlin 1.6.20-M1 
Closes gh-10687
 2022-02-22 08:51:27 -03:00
Marcus Da Coregio
7faa2d4e70 Upgrade to AspectJ 1.9.8 
Closes gh-10349
 2022-02-22 08:37:38 -03:00
Rob Winch
8be80c00a6 Add .sdkmanrc 2022-02-18 13:50:07 -06:00
Talerngpong Virojwutikul
386e8a86a1 add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:54:04 -03:00
Eleftheria Stein
606bd120fb Deprecate WebSecurityConfigurerAdapter 
Closes gh-10822
 2022-02-17 12:25:14 +01:00
Josh Cummings
b451ede189 Add Skipping Decryption Error Message 
Closes gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings
c6e5781679 Correct Test 
Issue gh-10220
 2022-02-16 16:43:31 -07:00
Josh Cummings
5cda362c47 Collect All Validation Errors 
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
 2022-02-16 16:43:31 -07:00