Josh Cummings
c4a0dfe838
Merge remote-tracking branch 'origin/6.3.x' into 6.4.x
2025-05-01 12:03:05 -06:00
Soumik Sarker
bcef6ed74f
Reformatted lines in x509 overview documentation
...
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-05-01 12:02:45 -06:00
Josh Cummings
d0a97917ad
Merge branch '6.4.x'
2025-04-29 13:39:00 -06:00
Josh Cummings
d76ccc6856
Merge branch '6.3.x' into 6.4.x
2025-04-29 13:38:41 -06:00
Yanming Zhou
9c76ab69f0
Use proper configuration key
...
the getter method is `getOpaquetoken()` not `getOpaqueToken()`
See c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-04-29 13:37:51 -06:00
Yanming Zhou
ce5a12b2f7
Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector
...
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-04-23 14:10:02 -06:00
Josh Cummings
61d6fbc2a9
Update Documentation for PathPatternRequestMatcher
...
Issue gh-16765
2025-04-23 12:11:09 -06:00
Steve Riesenberg
15c2b156f1
Update Client Authentication examples
...
Closes gh-16925
987d9c9788ba0343f543083c87613fb5
2025-04-11 15:10:05 -05:00
Josh Cummings
6438603cb6
Pick Up TargetVisitor Beans
...
Closes gh-16923
2025-04-10 15:48:09 -06:00
Josh Cummings
3869b13e68
Add ResponseAuthenticationConverter
...
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.
Closes gh-12136
2025-04-09 17:38:24 -06:00
Josh Cummings
3e686abf50
Add ResponseValidator
...
Issue gh-14264
Closes gh-16915
2025-04-09 17:32:40 -06:00
Michael Samborski
bfb4878e29
Update kotlin.adoc to add required spread operator(*)
...
Signed-off-by: Michael Samborski <msamborski@orbiscommunications.com>
2025-04-08 14:12:09 -05:00
Josh Cummings
a283700ef8
Add CacheSaml2AuthenticationRequestRepository
...
Closes gh-14793
2025-04-03 17:43:48 -06:00
Josh Cummings
91b0936189
Add AssertionValidator
...
- Ships with support for customizing the OpenSAML validators to use
- Or, you can supply your own instance of SAML20AssertionValidator
Closes gh-15578
2025-04-02 17:44:40 -06:00
Tran Ngoc Nhan
ee84d37435
Use SpringCacheBasedTicketCache
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-31 13:54:48 -06:00
Hao
6159e089d4
Fix inline code formatting in documentation
...
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-26 21:51:52 -06:00
Hao
8c7d2e8922
Fix typo in multitenancy documentation
...
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-26 21:51:52 -06:00
Josh Cummings
3aec6c2f6e
Deprecate Access API in ACL
...
Issue gh-11302
2025-03-25 12:21:13 -06:00
Josh Cummings
05fdcd6a08
Deprecate MvcRequestMatcher
...
Closes gh-16631
2025-03-24 22:03:22 -06:00
Josh Cummings
f910d47c67
Merge branch '6.4.x'
2025-03-21 14:47:33 -06:00
Josh Cummings
db8b6322e2
Merge branch '6.3.x' into 6.4.x
2025-03-21 14:47:24 -06:00
Bragolgirith
72554f7f36
Update authorize-http-requests.adoc
...
Fix patterns in the Security Matchers documentation
Signed-off-by: Bragolgirith <6455473+Bragolgirith@users.noreply.github.com>
2025-03-21 14:46:53 -06:00
Steve Riesenberg
6745576186
Polish basic.adoc
...
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
2025-03-21 15:05:22 -05:00
Steve Riesenberg
eb510ab59d
Polish gh-16280
2025-03-21 15:05:22 -05:00
Martin Emrich
21fb5f92cf
Explain behaviour with XMLHttpRequest on 401 response
...
Relates to / Closes gh-16103
2025-03-21 15:05:22 -05:00
nobletrout
555fe1f147
Update anonymous.adoc
...
make the example code return the same thing for the do and don't do.
Signed-off-by: nobletrout <nobletrout@gmail.com>
2025-03-20 15:17:35 -05:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x'
...
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x
...
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
af40d7e35a
Fix typo
...
Closes gh-16776
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-20 14:38:09 -05:00
Tran Ngoc Nhan
daf8cfe8d2
Fix Spring Framework reference link
...
Closes gh-16699
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-20 14:38:08 -05:00
ayoub anbara
8167022ada
Update data.adoc
...
No need to declare the method that create a bean as a public, and no need to declare interface that extends PagingAndSortingRepository with @Repository
Signed-off-by: ayoub anbara <anbara.ayoub@gmail.com>
2025-03-20 12:47:33 -06:00
Josh Cummings
bb438578cb
Deprecate SecurityMetadataSource
...
- Updated FAQ to replace SecurityMetadataSource recommendation with
AuthorizationManager
Issue gh-16772
2025-03-19 17:41:00 -06:00
Josh Cummings
a884c3c906
Address XsdDocumentedTests Errors
...
Issue gh-16775
2025-03-19 16:39:27 -06:00
Josh Cummings
e6008b6067
Add RedirectToHttps to XML
...
Closes gh-16775
2025-03-19 15:26:05 -06:00
mgreene57005
56d255018c
Fix ordering for security filter configuration
...
Signed-off-by: Matthew Greene <mgreene57005@gmail.com>
Signed-off-by: mgreene57005 <mgreene57005@gmail.com>
2025-03-07 14:00:22 -07:00
Juha-1
19a5a9c970
Update logout.adoc
...
typos
Signed-off-by: Juha-1 <52188855+Juha-1@users.noreply.github.com>
2025-03-07 13:59:05 -07:00
Josh Cummings
be23268c37
Add redirectToHttps DSL Configurer
...
Closes gh-16679
2025-02-28 09:38:07 -07:00
Josh Cummings
ab43a660b9
Add RFC 9068 Support
...
Closes gh-13185
2025-02-27 12:40:01 -07:00
Josh Cummings
ba273aba43
Merge branch '6.4.x'
2025-02-24 12:54:21 -07:00
Olivier
71e12bb42e
Fix @PostResult example in method-security
...
Replace @PreFilter with @Postfilter in example
Signed-off-by: Olivier <Kuba15@users.noreply.github.com>
2025-02-24 12:54:05 -07:00
Josh Cummings
55b83a0346
Merge branch '6.4.x'
2025-02-24 12:50:11 -07:00
Josh Cummings
d607364b50
Merge branch '6.3.x' into 6.4.x
2025-02-24 12:49:42 -07:00
Tran Ngoc Nhan
a0cfb2777c
Fix typo
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-24 12:49:18 -07:00
Josh Cummings
588220a020
Add PathPatterRequestMatcher
...
Closes gh-16429
Clsoes gh-16430
2025-02-21 13:40:23 -07:00
Tran Ngoc Nhan
92c2e21522
Use Spring Framework Url attribute
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-14 09:56:22 -07:00
Tran Ngoc Nhan
396b04f355
Update reference Spring Framwork links
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-14 09:56:22 -07:00
Daniel Garnier-Moiroux
238f47ce5e
One Time Token login registers the default login page
...
closes gh-16414
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-02-10 09:55:51 -06:00
Steve Riesenberg
54a6a19e05
Polish gh-16214
...
This commit applies the following changes:
* Added local Content-Security-Policy with script-src nonce directive
* Removed form-redirect.js and associated changes
* Renamed to FormPostRedirectStrategy
* Removed HtmlUtils usage
* Moved to same package as DefaultRedirectStrategy
2025-02-03 14:52:30 -06:00
Craig Andrews
58534e7f60
Add FormRedirectStrategy to enable POST OIDC Logout
...
FormRedirectStrategy redirects using an autosubmitting HTML form using the POST method versus DefaultRedirectStrategy which redirects using the GET method.
Can be used to implement POST binding for relying party initiated OIDC logout by setting FormRedirectStrategy as the redirection strategy on OidcClientInitiatedLogoutSuccessHandler.
Closes gh-13002
Signed-off-by: Craig Andrews <candrews@integralblue.com>
2025-02-03 14:52:30 -06:00
Max Batischev
474b5e151a
Add Support GenerateOneTimeTokenRequestResolver
...
Closes gh-16291
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-22 17:09:55 -06:00