Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-14 14:23:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,795 Commits 46 Branches 348 Tags
Commit Graph

6795 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
a06f1e3936 Update Spring Boot 2.0.1.RELEASE 
Fixes: gh-5278
 2018-05-03 11:01:37 -05:00
Rob Winch
b296d2eaa5 Update GAE 1.9.63 
Fixes: gh-5277
 2018-05-03 11:01:37 -05:00
Rob Winch
11a8c76991 Add update-dependencies.sh 
Fixes: gh-5276
 2018-05-03 11:01:37 -05:00
Rob Winch
2f441f18e6 Make MIN_SPRING_VERSION Dynamic 
Fixes: gh-5065

# Conflicts:
#	core/src/main/java/org/springframework/security/core/SpringSecurityCoreVersion.java
 2018-05-03 11:01:27 -05:00
Joe Grandja
a7de1e363f OAuth2LoginAuthenticationFilter should handle null ClientRegistration 
Fixes gh-5251
 2018-05-02 20:31:59 -04:00
Rob Winch
32f5fb5eb2 ExceptionTranslationFilter does not handle committed responses 
Fixes: gh-5273
 2018-04-30 16:50:02 -05:00
Rob Winch
f7f6798f71 DefaultWebSecurityExpressionHandler uses PermissionEvaluator Bean 
The default instance of DefaultWebSecurityExpressionHandler uses the
PermissionEvaluator Bean by default.

Fixes: gh-5272
 2018-04-30 12:16:34 -05:00
Joe Grandja
0b72f93027 WebSecurityConfigurationTests groovy->java 
Issue: gh-4939
 2018-04-30 11:43:30 -05:00
Rob Winch
5b751baf61 Fixes: gh-5190 2018-04-16 17:52:55 -05:00
Joe Grandja
ec9ab1965a Next Development Version 2018-04-04 13:36:28 -04:00
Joe Grandja
30aede82da Release 5.0.4.RELEASE 5.0.4.RELEASE 2018-04-04 13:03:55 -04:00
Joe Grandja
2686452b99 Update to aspectjtools:1.9.0 
Fixes gh-5211
 2018-04-04 13:00:46 -04:00
Joe Grandja
7e470ff5bd Update to aspectjrt:1.9.0 
Fixes gh-5210
 2018-04-04 12:59:09 -04:00
Joe Grandja
df6a6e5991 Update to Reactor Bismuth SR8 
Fixes gh-5209
 2018-04-04 12:53:54 -04:00
Joe Grandja
1500a22439 Update to Spring Data Kay SR6 
Fixes gh-5167
 2018-04-04 10:31:04 -04:00
Joe Grandja
64cb256bb9 Update to Spring Framework 5.0.5 
Fixes gh-5166
 2018-04-04 10:27:43 -04:00
Joe Grandja
e6d68acfd6 Fix NPE with exp claim in NimbusJwtDecoderJwkSupport 
Fixes gh-5168
 2018-04-04 09:02:05 -04:00
Joe Grandja
bc2a7ac394 ClaimAccessor.getClaimAsInstant() converts Long or Date 
Fixes gh-5191, Fixes gh-5192
 2018-04-04 04:57:36 -04:00
Joe Grandja
55019b2f0b Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:16:50 -04:00
Rob Winch
151b545ed0 Polish Javadoc 
Fixes: gh-5186
 2018-03-29 15:33:31 -05:00
Rob Winch
c67ce144b9 Polish HeadersSpec 
Fixes: gh-5187
 2018-03-29 15:33:31 -05:00
Rob Winch
6729c39905 Fix JDK 9 
Issue: gh-5160
 2018-03-28 15:00:41 -05:00
Rob Winch
197439f9e1 Update to mockito 2.17.0 
Fixes: gh-5181
 2018-03-28 14:42:43 -05:00
Rob Winch
70a11267fa Update to hibernate-validator:6.0.9.Final 
Fixes: gh-5180
 2018-03-28 14:42:35 -05:00
Rob Winch
4e0c165d47 Update to hibernate-entitymanager:5.2.16.Final 
Fixes: gh-5178
 2018-03-28 14:42:09 -05:00
Rob Winch
93844b1823 Update to assertj 2.9.1 
Fixes: gh-5177
 2018-03-28 14:32:49 -05:00
Rob Winch
a30b3321c4 Update to thymeleaf-layout-dialect:2.3.0 
Fixes: gh-5176
 2018-03-28 14:32:30 -05:00
Rob Winch
ffb8c1978a Update to unbounded 4.0.5 
Fixes: gh-5175
 2018-03-28 14:32:13 -05:00
Rob Winch
4722ab21bf Update to oauth2-oidc-sdk:5.57 
Fixes: gh-5179
 2018-03-28 14:32:07 -05:00
Rob Winch
335735e227 Update to nimbus-jose-jwt:5.9 
Fixes: gh-5174
 2018-03-28 14:31:47 -05:00
Rob Winch
501269a51f Update to appengine 1.9.63 
Fixes: gh-5173
 2018-03-28 14:30:57 -05:00
Rob Winch
6b58218256 Update to Jackson 2.9.5 
Fixes: gh-5172
 2018-03-28 14:30:48 -05:00
Rob Winch
de1137fc5e Update mockwebserver 3.10.0 
Fixes: gh-5171
 2018-03-28 14:30:36 -05:00
Rob Winch
e68657216c Fixes for SPR-16624 
Fixes: gh-5165
 2018-03-27 22:36:03 -05:00
Rob Winch
bfada59a1e CookieClearingLogoutHandler adds uses contextPath + "/" 
Fixes: gh-5140
 2018-03-19 16:50:48 -05:00
Rob Winch
bc17860cb6 Fix ReactorContextTestExecutionListener with custom SecurityContext 
Fixes: gh-5139
 2018-03-19 09:33:34 -05:00
Oleh Dokuka
5e351a4f75 ReactorContextTestExecutionListener with multiple Threads 
Fixes: gh-5138
 2018-03-19 09:32:36 -05:00
Rob Winch
0458ca88e6 Relax assertions in HeaderSpecTests 
Fixes: gh-5117
 2018-03-15 08:31:21 -05:00
Rob Winch
a7a71d6cef Fix @since on GlobalAuthenticationConfigurerAdapter 
Fixes: gh-5109
 2018-03-13 14:25:40 -05:00
Josh Cummings
a7f180b2c7 Authorities authenticate TestingAuthenticationToken 
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5098
 2018-03-09 13:26:36 -06:00
Josh Cummings
87f266133b Update to Spring Boot 2.0.0.RELEASE 
Fixes: gh-5091
 2018-03-09 09:45:20 -06:00
Rob Winch
8f8deac0f4 Fix StrictHttpFirewall rules 
Fixes: gh-5092
 2018-03-08 21:29:31 -06:00
Vedran Pavic
9830d01acc Upgrade Nimbus JOSE + JWT to 5.6 
Fixes: gh-5089
 2018-03-08 16:43:05 -06:00
Vedran Pavic
d8fea5c6f1 Upgrade Nimbus OAuth + OIDC SDK to 5.56 
Fixes: gh-5088
 2018-03-08 16:42:54 -06:00
Rob Winch
4d410b0b61 Polish Javadoc HttpStatusServerAccessDeniedHandler 2018-03-07 12:34:15 -06:00
Rob Winch
24a4fbfe56 HttpStatusServerAccessDeniedHandler use injected HttpStatus 
Fixes: gh-5078
 2018-03-07 12:28:45 -06:00
Josh Cummings
d5d1c30d1d Update to Gradle 4.6 
Only thing of interest really is that the Jacoco Gradle plugin was bumped
to 0.8.0, which requires org.ow2.asm:asm:6.0.

Fixes: gh-5077
 2018-03-06 20:27:31 -06:00
Johnny Lim
d316803596 Polish DaoAuthenticationProviderTests 2018-03-02 08:55:37 -06:00
Josh Cummings
1ed51033cc Migrate config-debug groovy->java 
All tests in `org.springframework.security.config.debug` are migrated.

Note that `SecurityDebugBeanFactoryPostProceessorTest` preserves the original structure-verifying strategy used in the Groovy test. Verifying debug behavior turns out to be fairly tricky since being behaviorally invisible is in its nature.

Issue: gh-4939
 2018-03-02 08:55:07 -06:00
Vedran Pavic
b8ae110b7b Upgrade Nimbus JOSE + JWT to 5.5 2018-03-02 08:48:16 -06:00