Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-04 17:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,707 Commits 44 Branches 348 Tags
Commit Graph

8707 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Grandja
a5117506a5 Next Development Version 2021-04-12 14:43:21 -04:00
Joe Grandja
26c6570b10 Revert "Lock Dependencies" 
This reverts commit b3250c06a922f74c8d77589b3c9a5768fe345f8c.
 2021-04-12 14:42:38 -04:00
Joe Grandja
dd4e8eb36f Release 5.3.9.RELEASE 5.3.9.RELEASE 2021-04-12 14:24:06 -04:00
Joe Grandja
b3250c06a9 Lock Dependencies 2021-04-12 14:19:19 -04:00
Joe Grandja
aa0edfa1c7 Update to Spring Boot 2.2.13 
Closes gh-9614
 2021-04-12 14:19:01 -04:00
佚名
22d7043d01
Add null check in CsrfFilter and CsrfWebFilter 
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.

When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.

ZiQiang Zhao<1694392889@qq.com>

Closes gh-9561
 2021-04-09 21:55:30 -06:00
Rob Winch
2009b5faf0 Next Development Version 2021-02-11 13:39:20 -06:00
Rob Winch
71f9876c48 Revert "Lock dependencies" 
This reverts commit dca4858d812e2beb1263cac4d85be01416178f3d.
 2021-02-11 13:38:50 -06:00
Rob Winch
461f1f6b38 Release 5.3.8.RELEASE 5.3.8.RELEASE 2021-02-11 13:00:32 -06:00
Rob Winch
dca4858d81 Lock dependencies 2021-02-11 13:00:32 -06:00
Rob Winch
419839d05c Optimize HttpSessionSecurityContextRepository 
Closes gh-9387
 2021-02-11 13:00:31 -06:00
Rob Winch
38e9e8ca52 Optimize HttpSessionSecurityContextRepository 
Closes gh-9387
 2021-02-11 13:00:31 -06:00
Rob Winch
996ccc08a4 Next Development Version 2021-02-11 09:52:42 -06:00
Rob Winch
ec8f6014d4 Revert "Lock dependencies" 
This reverts commit fa5f789bebe26da0e9b49dde0b0563755b43a25d.
 2021-02-11 09:51:54 -06:00
Rob Winch
b3815dfc20 Release 5.3.7.RELEASE 5.3.7.RELEASE 2021-02-11 08:54:19 -06:00
Rob Winch
fa5f789beb Lock dependencies 2021-02-11 08:53:40 -06:00
Josh Cummings
87cc4d4519
Fix Test Configuration 
- Typo in PlaceholderConfig was causing Windows builds to
resolve the CLASSPATH environment variable

Closes gh-9421
 2021-02-10 11:36:44 -07:00
Josh Cummings
10946e8153
Polish Tests 
Issue gh-9331
 2021-02-03 09:30:27 -07:00
happier233
3cb98ebed0
Configure CurrentSecurityContextArgumentResolver BeanResolver 
Closes gh-9331
 2021-02-03 09:24:22 -07:00
Joe Grandja
e7acd1219d Allow null or empty authorities for DefaultOAuth2User 
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken

Closes gh-9366
 2021-02-02 04:35:39 -05:00
Josh Cummings
84b560919c
Change Example Name 
Closes gh-9379
 2021-01-28 11:24:19 -07:00
Rob Winch
c23b0da607 Use spring-build-conventions:0.0.37 2021-01-25 20:44:27 -06:00
Benjamin Faal
0f7360e8fa Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:46:07 -05:00
Josh Cummings
d722ac7757
Fix SAML 2.0 Sample Test 
Issue gh-9362
 2021-01-22 15:13:02 -07:00
Josh Cummings
2985d805b0
Migrate SAML 2.0 Test and Docs to PCFOne 
Issue gh-9362
 2021-01-22 15:12:31 -07:00
Josh Cummings
e974c93f72
Migrate SAML 2.0 Samples to PCFOne 
Closes gh-9362
 2021-01-22 11:50:49 -07:00
Josh Cummings
7aeda7c8d8
Fix SAML 2.0 Javaconfig Sample 
Issue gh-9362
 2021-01-22 11:33:40 -07:00
Eleftheria Stein
02e13dc93e Provide artifactoryUsername/Password in docs and schema jobs 2021-01-22 14:55:14 +01:00
Eleftheria Stein
5315b2eeca Resolve artifacts from Maven Central first 
- Use spring-build-conventions:0.0.36
- Add https://repo.spring.io/release to reference

Closes gh-9367
 2021-01-22 13:54:47 +01:00
Rob Winch
e6d6b39767 Constant Time Comparison for CSRF tokens 
Closes gh-9291
 2021-01-20 16:17:25 -06:00
Rob Winch
b08075a721 Fix CsrfWebFilter error message when expected CSRF not found 
Closes gh-9337
 2021-01-12 11:30:12 -06:00
Josh Cummings
0fc80a6a65
Renew Sample Certificate 
Closes gh-9320
 2021-01-04 12:12:29 -07:00
Ovidiu Popa
7d31837af3 OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray or JSONObject 
ObjectToListStringConverter and ObjectToMapStringObjectConverter were checking if the source object is of type List or Map and if the first element or key is a String. If we have a JSONArray containing Strings the above check will pass, meaning that a JSONArray will be returned which is not serializable (same applies to JSONObject)

With this change, even if the check is passing a new List or Map will be returned.

Closes gh-9210
 2020-12-03 11:20:11 -05:00
Josh Cummings
17276ad787
Next Development Version 2020-12-02 19:32:48 -07:00
Josh Cummings
7c2010f507
Revert "Lock Dependencies for 5.3.6" 
This reverts commit a153012056d4678109a0085ae43b1b146d203fa6.
 2020-12-02 19:32:03 -07:00
Josh Cummings
2975923a1d
Release 5.3.6.RELEASE 5.3.6.RELEASE 2020-12-02 16:31:52 -07:00
Josh Cummings
a153012056
Lock Dependencies for 5.3.6 2020-12-02 16:31:52 -07:00
Josh Cummings
a8fe846e7f
Update to Google App Engine 1.9.83 
Closes gh-9247
 2020-12-02 16:31:46 -07:00
Josh Cummings
02a9ee54a2
Update to Spring Boot 2.2.11 
Closes gh-9246
 2020-12-02 16:31:40 -07:00
Rob Winch
0f76a16ae5 Provide artifactoryUsername/Password 2020-11-17 08:52:38 -06:00
Rob Winch
82ba28ac74 Fix Snapshot Versions 2020-11-16 17:28:40 -06:00
Rob Winch
78f0f7bd33 Use artifactoryUsername/Password for plugin repositories 2020-11-16 17:11:28 -06:00
Rob Winch
ad4ed45cd7 Provide artifactoryUsername/Password 2020-11-16 17:11:20 -06:00
Rob Winch
0f9de738df Update to spring-build-conventions:0.0.35.RELEASE 2020-11-16 17:09:01 -06:00
Hideaki Matsunami
3ba441ef50
add white space before strong notation. 2020-10-30 15:50:44 -06:00
Ayush Kohli
9ab21f88cd
Closes gh-8196 
Add leveloffset
 2020-10-28 15:05:29 -06:00
Josh Cummings
93c37e6b15
Update Test Controllers 
Closes gh-9121
 2020-10-12 18:08:52 -06:00
Josh Cummings
2dcfda7fac
Revert "Lock Dependencies for 5.3.5.RELEASE" 
This reverts commit 846a5a962c1bb9de82e8ddbbc995ce4c83830f6e.
 2020-10-07 16:39:28 -06:00
Josh Cummings
8525ae0410
Next Development Version 2020-10-07 14:05:07 -06:00
Josh Cummings
989a162051
Release 5.3.5.RELEASE 5.3.5.RELEASE 2020-10-07 13:18:01 -06:00