Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 06:58:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,235 Commits 33 Branches 337 Tags
Commit Graph

10235 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
9f00045638 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:30 -05:00
Rob Winch
d8ae2c8763 GitHubMilestoneApiTests due_on Uses LocalDate 
`GitHubMilestoneApiTests` uses `Instant.now()` for `due_on`. Since
`Instant.now()` is UTC time based,
`isMilestoneDueTodayWhenDueTodayThenTrue` fails when the computer that runs
the test is not the same day as it is in UTC time.

To fix it, `due_on` should be set to an `Instant` based upon the timezone
of the current computer.

Closes gh-11706
 2022-08-15 13:03:10 -05:00
github-actions[bot]
c188b70c88 Next development version 2022-08-15 16:06:45 +00:00
github-actions[bot]
173d74d693 Release 5.7.3 5.7.3 2022-08-15 15:24:54 +00:00
Josh Cummings
66cb3e02d0
Update org.springframework.data to 2021.2.2 
Closes gh-11698
 2022-08-11 14:20:52 -06:00
Josh Cummings
74675ef793
Update org.springframework to 5.3.22 
Closes gh-11697
 2022-08-11 14:20:48 -06:00
Josh Cummings
a92ac82c4b
Update jsonassert to 1.5.1 
Closes gh-11696
 2022-08-11 14:20:45 -06:00
Josh Cummings
db638c2a77
Update org.jetbrains.kotlinx to 1.6.4 
Closes gh-11695
 2022-08-11 14:20:41 -06:00
Josh Cummings
f884527c1b
Update hibernate-entitymanager to 5.6.10.Final 
Closes gh-11694
 2022-08-11 14:20:38 -06:00
Josh Cummings
dbd174418f
Update org.eclipse.jetty to 9.4.48.v20220622 
Closes gh-11693
 2022-08-11 14:20:35 -06:00
Josh Cummings
2eeee99d2e
Update io.projectreactor to 2020.0.22 
Closes gh-11691
 2022-08-11 14:20:28 -06:00
Josh Cummings
e8c56420bf
Update mockk to 1.12.5 
Closes gh-11690
 2022-08-11 14:20:24 -06:00
Marcus Da Coregio
6a2ca52aae Consistently handle RequestRejectedException if it is wrapped 
Closes gh-11645
 2022-08-09 08:32:10 -03:00
Rob Winch
269c711a64 RequestAttributeSecurityContextRepository never null SecurityContext 
Previously loadContext(HttpServletRequest) could return a Supplier that
returned a null SecurityContext

This commit ensures that null is never returned by the Supplier by
returning SecurityContextHolder.createEmptyContext() instead.

Closes gh-11606
 2022-08-08 13:52:56 -05:00
Steve Riesenberg
99f768bab9 Polish HttpSecurity 2022-07-29 17:43:00 -05:00
Steve Riesenberg
984355e637 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:43:00 -05:00
Steve Riesenberg
09173c95d6 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:43:00 -05:00
Steve Riesenberg
24033be046
Skip workflows on forks of spring-security 2022-07-28 15:11:09 -05:00
Steve Riesenberg
47a5665767
Use cache and user.name system property on Windows 2022-07-28 15:11:08 -05:00
Steve Riesenberg
aad60cc6af
Only run prerequisites job if on upstream repo 2022-07-28 15:11:07 -05:00
Steve Riesenberg
13e94935ae
Simplify dependency graph 2022-07-28 15:11:06 -05:00
Steve Riesenberg
6c29007fac
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:11:05 -05:00
Steve Riesenberg
6ad567f0fa
Polish gh-11367 2022-07-28 15:11:05 -05:00
naveen
8c634f8a9d
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:11:04 -05:00
Marcus Da Coregio
a996dfc55b Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:38:50 -03:00
Rob Winch
ad9e737bf2 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:25:52 -05:00
Desmond Silveira
06aa3362dd
"Well-Know" should be "Well-Known" 2022-07-26 15:44:41 -05:00
Yuriy Savchenko
7c7751635d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:56:41 -03:00
Josh Cummings
bced37f6a7
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:41:55 -06:00
Steve Riesenberg
fbc5839890
Build only on branches 
Issue gh-11480
 2022-07-18 11:46:47 -05:00
Steve Riesenberg
d76c321f8c
Backport release automation and github actions 
Closes gh-11500
 2022-07-13 15:17:03 -05:00
Josh Cummings
37d856dca4
Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:38:04 -06:00
Rob Winch
c57853e5fa Document sagan Release tasks require read:org scope 
Closes gh-11423
 2022-06-21 14:49:06 -05:00
Joe Grandja
6f275deb55 Next Development Version 2022-06-20 12:37:13 -04:00
Joe Grandja
c40f65f5a2 Release 5.7.2 5.7.2 2022-06-20 12:17:25 -04:00
Joe Grandja
bca43af9bb Update org.opensaml:opensaml-core4 to 4.1.1 
Closes gh-11410
 2022-06-20 12:08:07 -04:00
Joe Grandja
d9b8882fa8 Update spring-ldap-core to 2.4.1 
Closes gh-11409
 2022-06-20 11:52:48 -04:00
Joe Grandja
7358c65a8c Update org.springframework.data to 2021.2.1 
Closes gh-11408
 2022-06-20 11:52:44 -04:00
Joe Grandja
e02d5f2dd7 Update org.springframework to 5.3.21 
Closes gh-11407
 2022-06-20 11:52:41 -04:00
Joe Grandja
91a965c6db Update org.jetbrains.kotlinx to 1.6.3 
Closes gh-11406
 2022-06-20 11:52:37 -04:00
Joe Grandja
0e88064942 Update hibernate-entitymanager to 5.6.9.Final 
Closes gh-11405
 2022-06-20 11:52:35 -04:00
Joe Grandja
641b9ef83b Update io.projectreactor to 2020.0.20 
Closes gh-11403
 2022-06-20 11:52:30 -04:00
Joe Grandja
6f43d234dc Update aspectj-plugin to 6.4.3.1 
Closes gh-11402
 2022-06-20 11:52:27 -04:00
Joe Grandja
d7819ea4da Update jackson-bom to 2.13.3 
Closes gh-11399
 2022-06-20 11:52:17 -04:00
Joe Grandja
37ee70ae86 Add dependency update exclusion for spring-javaformat-checkstyle 2022-06-20 11:16:37 -04:00
Joe Grandja
8ea37360ac Add dependency exclusion rules 2022-06-20 10:03:29 -04:00
Rob Winch
29db051f7a Cache SecurityContextRepository.loadContext(HttpServletRequest) Result 
Closes gh-11390
 2022-06-17 14:52:35 -05:00
Josh Cummings
f035c30edb
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:12:13 -06:00
Josh Cummings
d22277ce36
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:16:50 -06:00
Josh Cummings
bd60a0f8c9
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:16:49 -06:00