Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 00:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,491 Commits 34 Branches 337 Tags
Commit Graph

1261 Commits

Author SHA1 Message Date
jujunChen
9f6d9c2b84 Modify words 
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
 2022-08-16 14:44:34 -06:00
Rob Winch
8ad20b1768 Add CsrfFilter.csrfRequestAttributeName 
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.

This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.

Issue gh-11699
 2022-08-16 13:47:31 -05:00
Rob Winch
425b3501b7 Remove @Configuration from @Enable* Annotations 
This removes `@Configuration` from all `@Enable` Annotations and explicitly
adds `@Configuration` to wherever the `@Enable*` Annotations are used.

Closes gh-11653
 2022-08-09 17:00:24 -05:00
Rob Winch
a5069d7e35 Fix Add @Configuration to @Enable*Security Usage 
Issue gh-6613
 2022-08-09 17:00:16 -05:00
Igor Bolic
2e66b9f6cc Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:44:01 -05:00
Joshua Sattler
040111ae9e Remove Configuration meta-annotation from Enable* annotations 
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.

Closes gh-6613

Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
 2022-07-30 03:48:42 +02:00
Steve Riesenberg
a72c5a55db
Revert "Remove @Configuration from webflux config examples" 
This reverts commit aec9effb88f70151912971b2f8b05dc4a9afaa2f.
 2022-07-26 16:46:01 -05:00
Joshua Sattler
aec9effb88 Remove @Configuration from webflux config examples 2022-07-26 16:34:10 -05:00
Desmond Silveira
3b9f5ac77b
"Well-Know" should be "Well-Known" 2022-07-26 15:41:38 -05:00
Marcus Da Coregio
0c549ee147 Use SHA256 by default in Remember Me 
Closes gh-11520
 2022-07-25 10:33:12 -03:00
Yuriy Savchenko
db9d60e82d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:47:07 -03:00
github-actions[bot]
bf138c5154 Next development version 2022-07-18 17:05:25 +00:00
github-actions[bot]
79912a0a44 Release 6.0.0-M6 2022-07-18 13:29:25 -03:00
Marcus Da Coregio
860c669666 Revert "Release 6.0.0-M6" 
This reverts commit c8fa238cfc5c9052efac7fdcb873d3748c227340.
 2022-07-18 13:18:34 -03:00
github-actions[bot]
c8fa238cfc Release 6.0.0-M6 2022-07-18 15:27:55 +00:00
Marcus Da Coregio
dda98f333c Polish 
Make encodingAlgorithm final and add it to the constructor
Add since tags
Add more tests
 2022-07-15 10:34:36 -03:00
Marcus Da Coregio
e17fe8ced9 Add SHA256 as an algorithm option for Remember Me token hashing 
Closes gh-8549
 2022-07-15 10:34:36 -03:00
Josh Cummings
35fc437559
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-14 09:25:49 -06:00
Marcus Da Coregio
9608eaa138 Clarify authorize-http-requests docs 
Issue gh-11467
 2022-07-14 10:19:31 -03:00
Marcus Da Coregio
64ba31aebb Improve docs on dispatcherTypeMatcher 
Closes gh-11467
 2022-07-14 10:08:19 -03:00
Marcus Da Coregio
6455e98745 FilterSecurityInterceptor applies to every request by default 
Closes gh-11466
 2022-07-12 10:53:03 -03:00
Tim te Beek
2c0a4337a8
Clearly end sentence in note before next sentence 2022-07-11 17:36:30 -06:00
Tim te Beek
9f4b0ca8b5
Use Collection<ConfigAttribute> in examples 
To match `org.springframework.security.access.ConfigAttribute`.
 2022-07-11 17:36:30 -06:00
Josh Cummings
148c926de0
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 13:01:57 -06:00
Josh Cummings
bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:24:27 -06:00
Josh Cummings
5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:40:55 -06:00
Vinícius Hashimoto
11a74a2926 Fix method call example on documentation 2022-06-24 17:05:31 -06:00
Josh Cummings
150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 12:21:10 -06:00
sKai.fun
6b1d5ec6ae Fix title render issue of Digest Authentication document 
Closes gh-11272
 2022-06-01 15:13:06 -05:00
André Luis Gomes
b9acdd5058 Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 13:43:42 +02:00
Josh Cummings
2afa9313eb
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 16:01:41 -06:00
Josh Cummings
ff0d85e2ac
Correct access(String) reference 
Closes gh-11280
 2022-05-27 14:51:45 -06:00
Josh Cummings
f4c0fcb5ef
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 13:35:19 -06:00
Josh Cummings
bbff945b95
Restore missing link text 
Issue gh-10934
 2022-05-27 13:00:20 -06:00
Josh Cummings
ff0b1712b6
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:46:36 -06:00
Josh Cummings
0a64579b1e
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:46:27 -06:00
nor-ek
416f94f979 Update Junit5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:46:04 -06:00
github-actions[bot]
07841794c5 Next development version 2022-05-18 16:02:48 +00:00
github-actions[bot]
8eb235d36e
Release 6.0.0-M5 2022-05-18 10:37:41 -05:00
Steve Riesenberg
14bbf33658
Revert "Release 6.0.0-M5" 
This reverts commit 6513f3ce714aa58f1f663a67e91728725f9f0363.
 2022-05-18 10:37:07 -05:00
github-actions[bot]
6513f3ce71 Release 6.0.0-M5 2022-05-18 15:26:59 +00:00
github-actions[bot]
3a5eb47d0c Next development version 2022-05-16 19:13:07 +00:00
Steve Riesenberg
eaac43a179
Release 6.0.0-M4 2022-05-16 13:42:14 -05:00
Steve Riesenberg
cd024bdb80
Revert "Release 6.0.0-M4" 
This reverts commit 49a5f972bea8bfec601e7bd197459dd660ec7744.
 2022-05-16 13:25:42 -05:00
Steve Riesenberg
49a5f972be
Release 6.0.0-M4 2022-05-16 12:51:47 -05:00
Marcus Da Coregio
806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Josh Cummings
4ebd37ae77
Add 5.8 Support 2022-05-03 09:04:34 -06:00
Josh Cummings
1f43733749
Add 5.7.x branch to playbook 2022-05-03 09:03:51 -06:00
Marcus Da Coregio
a0232ed135 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:34:48 -03:00
Rob Winch
9a9a43a0c0 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:18:25 -05:00