Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,606 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

5606 Commits

Author SHA1 Message Date
Kamill Sokol 9c3db557dd Add missing # in SpEL expression doc 
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.

Fixes gh-3781
 2016-04-01 10:21:17 -05:00
Rob Winch f49cd5faba Polish Codestyle 2016-04-01 09:53:32 -05:00
Rob Winch d900c78f11 Perform null check on super.getAsyncContext() 
Fixes gh-3780
 2016-04-01 09:53:32 -05:00
Rob Winch 14fb2276e2 Merge pull request #3773 from jgrandja/master 
Includes reference to https://report-uri.io/ in CSP and HPKP docs
 2016-03-30 13:23:24 -05:00
Joe Grandja 9e5cdbd133 Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation. 
Fixes gh-3772
 2016-03-30 12:12:43 -04:00
Shazin Sadakath 1bc7060c93 Add AuthenticationSuccessHandler support to AbstractPreAuthenticatedProcessingFilter 
Fixes gh-3389
 2016-03-25 09:46:16 -05:00
Spring Buildmaster 008b721a20 Next development version 2016-03-23 07:15:45 -07:00
Spring Buildmaster 044acf7e27 Release version 4.1.0.RC1 2016-03-23 07:15:15 -07:00
Rob Winch b3d26ed5d6 Add changelog in What's New 
Issue gh-3768
 2016-03-22 22:40:58 -05:00
Rob Winch bf9a837b9a Polish What's New 
Issue gh-3768
 2016-03-22 22:37:52 -05:00
Rob Winch 40b7fa5b72 Update Issues Link 
Issue gh-3333
 2016-03-22 22:37:52 -05:00
Rob Winch 3e47531b19 Polish CSP reference 
Issue gh-3763
 2016-03-22 22:37:51 -05:00
Rob Winch e04f685747 Fix Typo in @WithUserDetails reference 
Issue gh-3346
 2016-03-22 22:37:41 -05:00
Joe Grandja 2f7f2ff589 Adds support for Content Security Policy 
Fixes gh-2342
 2016-03-22 21:59:13 -05:00
Rob Winch 4cb9b202f8 Remove subversion from reference 
Fixes gh-3766
 2016-03-22 16:37:39 -05:00
Rob Winch 683d751902 Polish What's New 
Fixes gh-3768
 2016-03-22 16:33:25 -05:00
Rob Winch 4b650dc58d Allow AuthenticationProvider Bean in Java Config 
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.

Fixes gh-3091
 2016-03-22 16:17:25 -05:00
Rob Winch 533a5f0905 Fix <password-encoder> when authentication-manager@id specified 
When <authentication-manager> specifies an id, the <password-encoder> is
not used because the parser changes the bean id without aliasing it to
BeanIds.AUTHENTICATION_MANAGER which is used by
AuthenticationManagerBeanDefinitionParser to look up the
AuthenticationManager bean.

This commit updates AuthenticationManagerBeanDefinitionParser to ensure
there is an alias to BeanIds.AUTHENTICATION_MANAGER when the id is
specified.

Fixes gh-3296
 2016-03-21 22:48:49 -05:00
Rob Winch 7bf014f678 Path Variables fail with different case 
Fixes gh-3329
 2016-03-21 10:09:50 -05:00
Rob Winch cf66487d3a Add Java Configuration Test 
Issue SEC-2256
 2016-03-18 14:03:47 -05:00
Eddú Meléndez 41c6a797c3 Add RememberMeConfigurer set domain 
Fixes gh-3408
 2016-03-17 08:30:18 -05:00
Rob Winch ce20cfcb98 Revert "Remove MaxPermSize" 
Continue to support older JDK versions

This reverts commit d27abdb168.
 2016-03-15 15:20:03 -05:00
Rob Winch 988b54ec3d Remove invalid ` from docs 
Fixes gh-3751
 2016-03-15 14:38:23 -05:00
Rob Winch 134a0a7f96 Move FAQ to appendix 
Fixes gh-3761
 2016-03-15 14:37:35 -05:00
Rob Winch 0f2a3b18ce Merge pull request #3759 from rwinch/gh-2953 
Cache Control only written if not set
 2016-03-15 13:03:58 -05:00
Rob Winch 242b831f20 Cache Control only written if not set 
Previously Spring Security always wrote cache control headers and relied
on the application to override the values. This can cause problems with
cache control. For example, applications may only set cache control if
the header is not already set. Additionally, setting of Cache-Control
should disable writing of Pragma.

This commit delays writing headers until just before the response is
committed and only writes the Cache Control headers if they do not exist.

Fixes gh-2953
 2016-03-15 12:30:37 -05:00
Rob Winch 1fcc2fcd88 Make OnCommittedResponseWrapper public 
This is preparing for changes in gh-2953

Issues gh-2953
 2016-03-15 11:22:06 -05:00
Rob Winch ed01fedfde Add Travis Build 
Fixes gh-3753
 2016-03-15 08:37:51 -05:00
Rob Winch 1c008cd56e Disable DEBUG logs 
Fixes gh-3757
 2016-03-15 08:37:01 -05:00
Rob Winch 1382bd728b Clean up Javadoc log levels 
Issue gh-3757
 2016-03-15 08:37:01 -05:00
Rob Winch d27abdb168 Remove MaxPermSize 
Fixes gh-3578
 2016-03-15 08:37:00 -05:00
Rob Winch 36c381a06a Update to Java 1.6 
Fixes gh-3756
 2016-03-15 08:37:00 -05:00
Rob Winch e945c19d7a Update to latest Tomcat Gradle Plugin 
Fixes gh-3754
 2016-03-15 08:37:00 -05:00
Eddú Meléndez df65662bf0 Upgrade to Sonarqube plugin 2016-03-14 13:56:49 -05:00
Rob Winch d85c0395bb Fix checkstyle import into Eclipse 
Issue gh-3747
 2016-03-14 09:19:55 -05:00
Rob Winch ec4e6c7453 Update pom.xml to 4.1.0.BUILD-SNAPSHOT 2016-03-14 00:51:35 -05:00
Rob Winch 7de4e59167 Auto Import Eclipse Settings 
Fixes gh-3747
 2016-03-14 00:15:15 -05:00
Rob Winch 6bd16fc686 Extract ide.gradle 
Issue gh-3747
 2016-03-14 00:15:14 -05:00
Rob Winch b52ffe038e Add Checkstyle 
Fixes gh-3746
 2016-03-14 00:15:13 -05:00
Rob Winch f221920a19 Clean up code to conform to basic checkstyle 
Issue gh-3746
 2016-03-14 00:15:12 -05:00
Rob Winch 5775f7bd80 Update to Gradle 2.10 
Do not use Gradle 2.11 as it causes issues with
Eclipse import

Fixes gh-3745
 2016-03-13 20:11:29 -05:00
Rob Winch 35eff94e3d Add Both Config names to duplicate WebSecurityConfigurer order 
Previously the error message when multiple WebSecurityConfigurer with the
same Order did not include both WebSecurityConfigurer classes that were
involved in the duplicate Order. This made resolving errors difficult.

This commit ensures both WebSecurityConfigurers are include in the error
message.

Fixes gh-3380
 2016-03-11 12:12:55 -06:00
Shazin Sadakath e33e21fe6b Add Forward after authentication attempt config support 
Fixes gh-3728
 2016-03-11 10:49:30 -06:00
Rob Winch dbf73c4692 Update spring-security-config module description 
Include Java Configuration in the description.

Fixes gh-3298
 2016-03-10 10:45:15 -06:00
Rob Winch 5d6e8bc3c8 Remove SPR-11251 workaround from WebSecurityConfiguration 
Fixes gh-3348
 2016-03-09 16:48:24 -06:00
Rob Winch be36ddb614 Some formatting fixes for HttpSecurity Javadoc 2016-03-09 16:45:43 -06:00
Rob Winch 2f4610e8b7 Update HttpSecurity.requestMatcher() Javadoc 
Fixes gh-3365
 2016-03-09 16:45:29 -06:00
Rob Winch df5e3ba6ee Polish Imports 2016-03-09 16:24:50 -06:00
Rob Winch 835ac0a217 Add @WithUserDetails userDetailsServiceBeanName 
Fixes gh-3346
 2016-03-09 15:59:23 -06:00
Rob Winch 618b8a2d83 Fix WebTestUtils when no matching HttpSecurity found 
Previously a NullPointerException would be thrown if no HttpSecurity
matched on the request passed in. This was because findFilters would
return null rather than an empty List.

This commit returns null if findFilters gets a null result.

Fixes gh-3343
 2016-03-09 15:20:10 -06:00