ca5e303308
Fix Test Configuration
...
- Typo in PlaceholderConfig was causing Windows builds to
resolve the CLASSPATH environment variable
Closes gh-9421
2021-02-10 11:31:30 -07:00
8c8fef0918
Revert "Use plugins-release"
...
This reverts commit 9a2c184c9f
2021-02-10 11:00:39 -07:00
9a2c184c9f
Use plugins-release
2021-02-10 09:45:57 -07:00
c836c716fe
Fix typo in reactive CSRF docs
2021-02-08 15:02:16 +01:00
10dce79c07
Update saml2-login.adoc
...
Fix example on registering custom marshaller for saml request
2021-02-04 10:06:39 -07:00
9b42495afa
Constrain Nimbus Dependencies
...
Closes gh-9400
2021-02-03 13:33:25 -07:00
107f38fff9
Polish Tests
...
Issue gh-9331
2021-02-03 09:05:31 -07:00
873b9bdbca
Configure CurrentSecurityContextArgumentResolver BeanResolver
...
Closes gh-9331
2021-02-03 09:05:31 -07:00
75706f118c
Allow null or empty authorities for DefaultOAuth2User
...
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken
Closes gh-9366
2021-02-01 17:09:07 -05:00
041e4aa22f
Change Example Name
...
Closes gh-9379
2021-01-28 11:22:02 -07:00
3e1616c311
Remove BearerTokenAuthenticationWebFilter
...
Closes gh-9377
2021-01-26 10:23:17 -07:00
c03ba45122
Use spring-build-conventions:0.0.37
2021-01-25 20:24:10 -06:00
d85a7cfc4a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:02:58 -05:00
76229cfab7
Migrate SAML 2.0 Tests and Docs to PCFOne
...
Issue gh-9362
2021-01-22 15:14:03 -07:00
cde728e173
Migrate SAML 2.0 Samples to PCFOne
...
Closes gh-9362
2021-01-22 11:19:33 -07:00
8533312c6b
Fix SAML 2.0 Javaconfig Sample
...
Issue gh-9362
2021-01-22 11:19:08 -07:00
56db058fd0
Fix NullPointerException
...
- Caused by a malformed WWW-Authenticate value
2021-01-21 16:18:23 -07:00
793781fb67
Add manual trigger to CI workflow
...
Closes gh-9360
2021-01-21 14:02:54 +01:00
43a071a89e
Add WebFlux oauth2Login with formLogin test
...
Closes gh-9326
2021-01-20 15:04:06 -05:00
ad4497fb72
Add https://repo.spring.io/release to reference
2021-01-19 22:50:43 -06:00
51ee0de3fd
Use spring-build-conventions:0.0.36
2021-01-19 17:20:12 -06:00
c421b3f635
spring-build-conventions:0.0.35.RELEASE
2021-01-19 17:20:12 -06:00
3db112cc20
Spring Boot 2.4.0
2021-01-19 17:20:12 -06:00
77484018bb
Reconsider AntPathRequestMatcher matching logic
...
Closes gh-9285
2021-01-19 12:02:06 -07:00
f36e2fca59
Remove SingleKeyJWSKeySelector
...
Closes gh-9348
2021-01-15 22:15:56 -07:00
65d3b0d71c
Add ResourceKeyConverterAdapter
...
Simplifies publishing RsaKeyConverters with
@ConfigurationPropertiesBinding
Issue gh-9316
2021-01-15 22:15:56 -07:00
06b748c9c2
Update Gradle Enterprise Gradle Plugin
2021-01-13 12:44:03 -06:00
f4d78d00ef
Extend CorsDsl with CorsConfigurationSource property
...
Issue: gh-9314
2021-01-13 10:22:07 +01:00
0201c31deb
Fix Checkstyle for CsrfWebFilter
...
Issue gh-9337
2021-01-12 11:37:12 -06:00
a1083d9a5c
Fix CsrfWebFilter error message when expected CSRF not found
...
Closes gh-9337
2021-01-12 11:18:29 -06:00
160a4a3676
Reformat MvcRequestMatcher
...
- Moved related private methods together
Issue gh-9284
2021-01-11 08:28:59 -07:00
8449df9fd2
Consider Aligning MvcRequestMatcher's matching methods
...
Closes gh-9284
2021-01-09 21:42:16 +03:00
6499a235b0
Suppress Compiler Warnings
2021-01-08 11:30:28 -07:00
8cefc8a792
Fix bug with multiple AuthenticationManager beans
...
Closes gh-9256
2021-01-06 16:26:26 +01:00
7dde7cffda
Add Status Check
...
Closes gh-8955
2021-01-05 17:32:47 -07:00
337d24e6db
Update Copyright Messages
...
Issue gh-9202
2021-01-05 15:30:51 -07:00
c907838440
Make max-session configurable
...
Closes gh-9202
2021-01-05 15:30:51 -07:00
6d59b1044a
Add Revved up by Gradle Enterprise badge to README
...
Similar to: https://github.com/spring-projects/spring-boot/pull/24640
2021-01-05 11:00:41 -07:00
cb10c9cfb6
Renew Sample Certificate
...
Closes gh-9320
2021-01-04 12:06:55 -07:00
848bd44837
Remove unused code
...
Issue gh-9203
2020-12-18 11:49:52 -07:00
40e027c56d
Constant Time Comparison for CSRF tokens
...
Closes gh-9291
2020-12-17 15:01:43 -06:00
c066e23a86
Add @since attributes
...
Issue gh-8900
2020-12-16 15:58:53 -07:00
34b4b1054f
Add AuthorizationManager
...
Closes gh-8900
2020-12-16 15:58:36 -07:00
5306d4c4d5
Minor cleanup on Ant / Regex Request Matchers
...
- Removed duplicative code for transforming String into HttpMethod
- Removed an unnecessary array initialization
2020-12-14 14:19:23 +01:00
6be25df1db
Introduced DispatcherType request matcher
...
Created a DispatcherTypeRequestMatcher and corresponding methods
for configuring an HttpSecurity object. This enables filtering of
security rules based on the dispatcher type of the incoming servlet
request.
Closes gh-9205
2020-12-14 14:19:23 +01:00
2566abec31
Add Type Parameter
...
Closes gh-8412
2020-12-11 10:20:18 -07:00
54d3839f63
Add permissionsPolicy http header
2020-12-11 12:32:18 +01:00
48ef27b80a
Make assertion messages in CookieCsrfTokenRepository clearer
...
Changes assertion message format from 'X is not null' to
'X cannot be null' since this is more meaningful when the error
occurs and the message is printed in the logs.
Closes gh-9195
2020-12-09 10:45:22 -06:00
76e117a67a
Allow maximum age of csrf cookie to be configured
...
Allows maxAge of the generated cookie by CookieCsrfTokenRepository
to be configurable.
Prior to this commit, maximum age was set with a value of -1.
After this commit, it will be configured by the user with an either
positive or negative value. If the user does not provide a value,
it will be set -1.
An IllegalArgumentException will be thrown when
this value is set to zero.
Closes gh-9195
2020-12-09 10:45:22 -06:00
90b48554e4
Fix Custom DSL sample in docs
2020-12-09 10:48:15 +01:00
Josh Cummings
Eleftheria Stein
kavi87
happier233
Mayur Patel
Rob Winch
Benjamin Faal
tristanessquare
Ihor Ilkevych
Evgeniy Cheban
Nelson Osacky
Ivan Pavlov
Mazen Aissa
Zeeshan Adnan
Rob Winch
Nick McKinney
Christophe Gilles
Serdar Kuzucu