Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,466 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

2500 Commits

Author SHA1 Message Date
mibo 60e3bf4093 Add Anonymous Support to AuthenticatedReactiveAuthorizationManager 
Fixes: gh-6235
 2018-12-12 15:48:17 -06:00
ir73 9a357f8cb6 Moved CachingUserDetailsService to spring-core 
Made CachingUserDetailsService constructor public and moved to spring-core to make it easier to configure caching in UserDetailsService

Fixes gh-4139
 2018-12-11 13:22:08 -06:00
Eric Deandrea 4178c92741 Add Reactive Support for UserDetailsChecker 
Integrate UserDetailsChecker into ReactiveAuthenticationManager and
OAuth2 resource server authentication converters.

Fixes gh-6219
 2018-12-11 13:07:40 -06:00
Zhanwei Wang 12ab2cca31 Improve error message for Chinese. 2018-12-06 11:57:21 -06:00
Robbie Martinus 090000c3d2 SessionRegistryImpl uses computeIfAbsent 
Fixes: gh-5834
 2018-12-05 10:26:07 -06:00
dperezcabrera 898d005a53 InMemoryUserDetailsManager.updatePassword case-insenstive 
Previously updatePassword was case sensitive which was
inconsistent with the rest of the class.

This commit updates updatePassword to be case insensitive.

Fixes: gh-6039
 2018-11-09 11:39:58 -06:00
Josh Cummings 7d3302f52b
Polish Test Name 
So that it adheres to methodNameWhenConditionThenVerification naming
convention.

Issue: gh-3743
 2018-10-30 10:20:37 -06:00
Karl Goffin 50d26c9d28
Polish Logging and Tests 
Removing debug statements which would have prematurely terminated the
stream, changing to AssertJ, and adding another test.

Issue: gh-3743
 2018-10-30 10:18:16 -06:00
Karl Goffin 92e68a589a
PostFilter Support for Streams 
Users can return a Stream from a @PostFilter-annotated method.

Fixes: gh-3743
 2018-10-30 10:17:16 -06:00
Joe Grandja 8ef65ce5c5 Set AuthenticationEventPublisher on each AuthenticationManagerBuilder 
Fixes gh-6009
 2018-10-23 14:08:23 -04:00
Joe Grandja 7a94931514 Polish javadoc 2018-10-23 08:45:06 -04:00
Drummond Dawson 818a3506fe Remove unnecessary concatenation of sql in JdbcUserDetailsManager 2018-10-19 15:30:03 -05:00
Joe Grandja 0b3aa2ce24 Update Security version to 5.2 2018-10-17 14:52:06 -04:00
Johnny Lim 68ffa0fece Add a missing space in Secured.value() signature 2018-10-03 14:47:48 -04:00
John Lin 69b71ee0ed Remove unused variables in ConsensusBased and UnanimousBased 2018-09-21 08:12:40 -05:00
John Lin f5e2ca1b6e Fix truncated javadoc for Secured 
Fixes: gh-5861
 2018-09-18 21:34:02 -05:00
Vedran Pavic cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
Johnny Lim 68878a1675 Replace isEqualTo(null) with isNull() 2018-08-09 18:04:48 -06:00
Rob Winch d595098823 Rename @TransientAuthentication to @Transient 
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
 2018-07-16 11:31:10 -05:00
Rob Winch ed3ed5e64c Rename @TransientAuthentication to @Transient 
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
 2018-07-16 11:17:08 -05:00
Josh Cummings 3c46727be1 Transient Authentication Tokens 
This commit introduces support for transient authentication tokens
which indicate to the filter chain, specifically the
HttpSessionSecurityContextRepository, whether or not the token ought
to be persisted across requests.

To leverage this, simply annotate any Authentication implementation
with @TransientAuthentication, extend from an Authentication that uses
this annotation, or annotate a custom annotation.

Implementations of SecurityContextRepository may choose to not persist
tokens that are marked with @TransientAuthentication in the same way
that HttpSessionSecurityContextRepository does.

Fixes: gh-5481
 2018-07-16 10:40:45 -05:00
Rob Winch a66b945ab7 Configuration for ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:08:06 -05:00
Rob Winch 72a267a311 UserDetailsRepositoryReactiveAuthenticationManager uses ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:08:01 -05:00
Rob Winch ed8218a2b0 ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:07:53 -05:00
Rob Winch 7aaf70d582 DaoAuthenticationProvider supports password upgrades 
Issue: gh-2778
 2018-07-15 14:56:45 -05:00
Rob Winch cabd0a5579 UserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 14:54:20 -05:00
Rob Winch 86b5150d88 Spring Version null for NullPointerException 2018-07-14 22:21:10 -05:00
Rob Winch d9d9879909 Add JdbcUserDetailsManager(DataSource) constructor 
Fixes: gh-5512
 2018-07-13 15:59:13 -05:00
Rob Winch 4d1c8f26c5 Add DelegatingReactiveAuthenticationManager 
Fixes: gh-5448
 2018-06-18 16:03:41 -05:00
Rob Winch bb11a81857 Add UserDetailsRepositoryReactiveAuthenticationManager.setScheduler 
Fixes: gh-5417
 2018-06-11 14:30:29 -05:00
Rob Winch 8fa6dd0f5b Revert "Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677" 
This reverts commit d4e459874a.
 2018-05-11 04:19:50 -05:00
이경욱 26bc6be850 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
이경욱 6adbe8dae0 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
Kazuki Shimizu 8d716f75a4 Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:49:25 -05:00
Rob Winch 0a5da93640 Improve PasswordEncoder deprecated notices 
Fixes: gh-5296
 2018-05-03 15:13:06 -05:00
Joe Grandja d4e459874a Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:38:37 -04:00
Rob Winch fb7394c1de Polish Javadoc 
Fixes: gh-5186
 2018-03-29 15:33:57 -05:00
Christoph Dreis d07cfe655d Use Supplier variants of Assert methods 2018-03-27 10:58:55 -05:00
Rob Winch b1d013e8f0 Fix JDK 9 
Issue: gh-5160
 2018-03-27 09:30:56 -05:00
Alter Ego 0e37c0912e Update User.java 
fixed a typo; replaced "User.witUsername("user")" with "User.withUsername("user")"
 2018-03-22 08:19:44 -05:00
Rob Winch 67d793ae5f Delay lookup of managedVersions 
Fixes: gh-5127
 2018-03-16 13:55:17 -05:00
Rob Winch efaf2b080f Make MIN_SPRING_VERSION Dynamic 
Fixes: gh-5065
 2018-03-16 13:53:40 -05:00
Josh Cummings 776b378a1d Authorities authenticate TestingAuthenticationToken 
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5073
 2018-03-09 13:21:47 -06:00
ylombardi 1d0e97880d Add the BadCredentialsExceptionMixin to help Jackson serialization of BadCredentialsException 2018-03-08 16:55:57 -06:00
Joe Grandja 5b023d0abc Fix Security version tests -> 5.1 2018-03-02 16:29:22 -05:00
Johnny Lim d316803596 Polish DaoAuthenticationProviderTests 2018-03-02 08:55:37 -06:00
Rob Winch 8d75554b6b Lazily Create Throwables 
Fixes: gh-5040
 2018-02-26 16:24:40 -06:00
Rob Winch 831399be16 Update to Spring Framework 5.0.4 
Fixes: gh-5027
 2018-02-19 22:00:33 -06:00
Rob Winch 7063a9e111 Issue: gh-5018 2018-02-16 16:50:14 -06:00
Rob Winch 964a14b224 Document Reactive Method security requires Publisher return types 
Fixes: gh-4988
 2018-02-07 16:43:18 -06:00