Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,220 Commits 34 Branches 337 Tags
Commit Graph

10220 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
9cd7c7b046
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:05:07 -06:00
Josh Cummings
da57bac061
Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:03:11 -06:00
Josh Cummings
25c74896d1
Add SecurityContextHolderStrategy to Method Security 
Issue gh-11060
 2022-06-27 13:02:59 -06:00
Josh Cummings
f86992a0af
Add SecurityContextHolderStrategy Test Support 
Issue gh-11061
Issue gh-11444
 2022-06-27 13:02:11 -06:00
Josh Cummings
fa0086d3b0
Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:01:22 -06:00
Josh Cummings
772f29e063
Polish SecurityContextHolderStrategy for Defaults 
gh-11060
 2022-06-27 13:00:24 -06:00
Josh Cummings
8d681b3b80
Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:00:20 -06:00
Alonso Araya Calvo
1ac1271972 Adds the ability to set the CSRF Token cookie max age value 
Closes gh-11432
 2022-06-24 16:42:05 -06:00
Rob Winch
c85b7c6c17 Document sagan Release tasks require read:org scope 
Closes gh-11423
 2022-06-21 14:47:46 -05:00
Rob Winch
d32f74d19d SecurityContextHolder Deferred SecurityContext 
Closes gh-10913
 2022-06-17 17:03:19 -05:00
Rob Winch
591d1edc7d Cache SecurityContextRepository.loadContext(HttpServletRequest) Result 
Closes gh-11390
 2022-06-17 14:52:01 -05:00
Josh Cummings
2a70707c35 Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Josh Cummings
2c09a300b6 Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Josh Cummings
31e25b115e Add SecurityContextHolderStrategy to Default Components 
Issue gh-11060
 2022-06-17 11:28:10 -06:00
Josh Cummings
01513ab17e
Add placeholders to reactive post_logout_redirect_uri 
Now also supports baseScheme, baseHost, basePort, and basePath

Issue gh-11229
 2022-06-16 16:10:26 -06:00
Josh Cummings
6f69d85fcb
Reactive OAuth 2.0 logout handler resolves registrationId 
Closes gh-11378
 2022-06-16 16:09:57 -06:00
Josh Cummings
3f30de388a
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:09:56 -06:00
Michael
e4505ed6c8
Add placeholders to post_logout_redirect_uri 
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.

Closes gh-11229
 2022-06-16 16:09:56 -06:00
Steve Riesenberg
79c2b8709b
Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 14:05:55 -05:00
Josh Cummings
812bb0ead0
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:12:52 -06:00
Josh Cummings
bb9c7d1b6e
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:12:33 -06:00
Jared Rufer
3ca4b06612
Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:56:16 -06:00
j3graham
29ba67b6d7 Remove dependency on commons-codec by using java.util.Base64 
Closes gh-11318
 2022-06-09 06:50:01 -06:00
Zhivko Delchev
cf69cdf008 Reverse content type check 
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204
Closes gh-11205
 2022-06-06 15:46:28 -05:00
Rob Winch
f3590519c1 Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 14:08:55 -05:00
Rob Winch
66592c1e66 Enable BackportBot on 5.8.x 2022-06-06 13:53:58 -05:00
shirohoo
742d7535bb Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 13:52:17 -05:00
Houssem BELHADJ AHMED
fc653bb81a
make SAML authentication request uri configurable 
Closes gh-10840
 2022-06-06 12:49:29 -06:00
Kuby
759d799ddd Change phoneNumberVerified with type Boolean 
Closes: gh-11315
 2022-06-03 09:46:00 -05:00
Marcus Da Coregio
4d65d96b8a Fix saml2Tests always running after a single test 
This commit makes the check task depend on the saml2Tests task.
The test task was also configured to run after saml2Tests, to make sure that the
compileTestJava runs after the compileSaml2TestJava

Issue gh-10816
 2022-06-03 11:22:46 -03:00
Marcus Da Coregio
3dd54bcda7 Run SAML 2.0 tests in an exclusive task 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio
23903b5f18 Use Reflection to instantiate OpenSAML4 classes 
Because the OpenSAML4 classes are compiled using Java 11, we have to rely on reflection to instante those classes since the config module should be compatible with Java 8

Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio
e20323e0a8 Use Java 11 Toolchain for OpenSaml4 compile 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio
4631375270 Use Java 8 Toolchain for modules 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio
ccb1f68bfe Fix member variable using Java 9+ feature 
This causes compile errors when trying to build using JDK 8

Issue gh-10695
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio
4c2401a576 Revert "Make source code compatible with JDK 8" 
This reverts commit 60ed3602f6281d1a34c643484dfcb3440e2243d5.
 2022-06-02 19:24:42 +02:00
sKai.fun
953b54f63d Fix title render issue of Digest Authentication document 
Closes gh-11272
 2022-06-01 15:15:03 -05:00
Evgeniy Cheban
d557d2d0eb Add RoleHierarchy to AuthorityAuthorizationManager 
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.

Closes gh-11304
 2022-06-01 08:28:16 -06:00
André Luis Gomes
24701b547f Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:49:47 -03:00
Claudio Consolmagno
b1004aff4e
Use 'md:' prefix in EntityDescriptor XML 
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
 2022-05-31 17:07:18 -06:00
Josh Cummings
38d481eba6
Make Internal Class Package-Private 
Issue gh-11305
 2022-05-31 16:04:26 -06:00
Josh Cummings
d994ddc9b8
Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:04:02 -06:00
Josh Cummings
9dbd1f3e25
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 15:10:00 -06:00
Josh Cummings
7c0ba58019
Fix rnc typo 
Issue gh-11076
 2022-05-27 16:59:23 -06:00
Josh Cummings
0abc54c7de
Correct access(String) reference 
Closes gh-11280
 2022-05-27 14:52:20 -06:00
Josh Cummings
dda026b5fc
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:57:02 -06:00
Josh Cummings
2363dbb4e4
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:56:57 -06:00
nor-ek
23cc1eb32b
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:56:51 -06:00
Josh Cummings
8a03d1fcec Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 12:20:48 -06:00
Evgeniy Cheban
495028eb85 Some Security Expressions cause NPE when used within Query annotation 
Added trustResolver, roleHierarchy, permissionEvaluator, defaultRolePrefix
fields to SecurityEvaluationContextExtension along with setter methods to override defaults.

Closes gh-11196
 2022-05-26 14:35:40 -05:00