Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-04 04:29:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,232 Commits 49 Branches 370 Tags
Commit Graph

1354 Commits

Author SHA1 Message Date
Josh Cummings
efd5fc745c Invert Log Messages 
Closes gh-10909
 2022-02-28 13:10:06 -07:00
Josh Cummings
371389580b Update JavaDoc 
Issue gh-10564
 2022-02-15 12:57:32 -07:00
Yuriy Savchenko
0fb6840db3 Make WebAuthenticationDetails constructor public 
Closes gh-10564
 2022-02-15 12:57:32 -07:00
Josh Cummings
a09f6e15ad Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 15:22:49 -07:00
Manuel Jordan
7e0302be5c Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 15:22:49 -07:00
Josh Cummings
f53c65b3a0 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 15:07:29 -07:00
Manuel Jordan
0be772ff5b Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 15:07:29 -07:00
Josh Cummings
cbd87fac89 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 14:50:28 -07:00
Manuel Jordan
01ed617d5f Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 14:50:19 -07:00
Rob Winch
70fa8b1fdb Add Support for @Transient SecurityContext 
Closes gh-9995
 2022-02-03 09:45:51 -06:00
Marcus Da Coregio
893b651aea RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext 
Closes gh-10779
 2022-01-31 09:57:34 -03:00
Marcus Da Coregio
a041e7c943 RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext 
Closes gh-10779
 2022-01-31 09:50:17 -03:00
Marcus Da Coregio
1c10c10f73 RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext 
Closes gh-10779
 2022-01-31 09:43:18 -03:00
Josh Cummings
9baf1134c7 Add Request-based AuthenticationManagerResolvers 
Closes gh-6762
 2022-01-26 09:09:02 -07:00
Rob Winch
04f3bbcefa javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
c67ee6f2a8 javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
0e8c03401b javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api 
Issue gh-10501
 2022-01-19 14:34:16 -06:00
Rob Winch
8f64bb6c8c javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 14:33:53 -06:00
Juan Carlos
7435da6bbf Add serialVersionUID to DefaultSavedRequest and SavedCookie 
Closes gh-10594
 2022-01-18 09:26:56 -03:00
Josh Cummings
75f25bff82 Polish multiple RequestRejectedHandlers support 
Issue gh-10603
 2022-01-14 16:49:38 -07:00
Adam Ostrožlík
4ea57f3e3f Support multiple RequestRejectedHandler beans 
Closes gh-10603
 2022-01-14 16:46:15 -07:00
Josh Cummings
ca353d6781 Use noNullElements 
Collection#contains(null) does not work for all collection types

Closes gh-10703
 2022-01-14 15:19:13 -07:00
Josh Cummings
6c5ac0d8ec Use noNullElements 
Collection#contains(null) does not work for all collection types

Closes gh-10703
 2022-01-14 15:09:21 -07:00
Josh Cummings
aaaf7d3523 Use noNullElements 
Collection#contains(null) does not work for all collection types

Closes gh-10703
 2022-01-14 15:08:38 -07:00
heowc
1ab0705b47 Fix typo 2022-01-10 16:17:42 +01:00
Marcus Da Coregio
60595f2801 Fix @since tag 
Issue gh-10590, gh-10554
 2022-01-06 13:22:58 -03:00
Marcus Da Coregio
e7e3f06044 Fix @since tag 
Issue gh-10590, gh-10554
 2022-01-06 13:22:13 -03:00
Marcus Da Coregio
f04cd641b0 Fix @since tag 
Issue gh-10590, gh-10554
 2022-01-06 13:18:25 -03:00
Marcus Da Coregio
994e93741b Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2022-01-05 14:06:47 -03:00
Marcus Da Coregio
04e1a11e35 Add RequestMatcherEntry 2022-01-05 14:06:47 -03:00
Marcus Da Coregio
547056d5cc Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator 
Closes gh-10590
 2022-01-05 14:06:47 -03:00
Marcus Da Coregio
ba810e468f Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2022-01-05 14:01:57 -03:00
Marcus Da Coregio
40dfe8f259 Add RequestMatcherEntry 2022-01-05 14:00:47 -03:00
Marcus Da Coregio
b448954f43 Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator 
Closes gh-10590
 2022-01-05 13:57:36 -03:00
Marcus Da Coregio
18427b6411 Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2021-12-13 08:57:30 -03:00
Marcus Da Coregio
7e17a00197 Add RequestMatcherEntry 2021-12-13 08:57:30 -03:00
Marcus Da Coregio
53b8cff26f Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator 
Closes gh-10590
 2021-12-13 08:57:30 -03:00
Marcus Da Coregio
65426a40ec Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-07 17:23:06 +01:00
Steve Riesenberg
62e8799a8d Use BDD in tests 2021-12-02 17:44:47 -06:00
Steve Riesenberg
df0f6f83af Polish gh-9597 2021-12-02 17:44:47 -06:00
Karl Tinawi
925d531cbe Set details on authentication token created by HttpServlet3RequestFactory 
Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated.

This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource.

Closes gh-9579
 2021-12-02 17:44:46 -06:00
Steve Riesenberg
47b8860681 Update copyright year 
Issue gh-10557
 2021-12-01 17:36:52 -06:00
Steve Riesenberg
c7ffd2513a Update copyright year 
Issue gh-10557
 2021-12-01 17:36:19 -06:00
Steve Riesenberg
bb2d80fea3 Update copyright year 
Issue gh-10557
 2021-12-01 17:35:43 -06:00
Steve Riesenberg
828cac8889 Fix case sensitive headers comparison 
Closes gh-10557
 2021-12-01 15:19:33 -06:00
Steve Riesenberg
f49c286050 Fix case sensitive headers comparison 
Closes gh-10557
 2021-12-01 15:05:13 -06:00
Steve Riesenberg
b3e0f167ff Fix case sensitive headers comparison 
Closes gh-10557
 2021-12-01 15:01:06 -06:00
Josh Cummings
1251cde04c Add Missing Since 
Issue gh-10482
 2021-11-30 15:17:48 -07:00
Igor Pelesic
a3a9de1b9b PermitAllSupport supports AuthorizeHttpRequestsConfigurer 
PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown.

Closes gh-10482
 2021-11-30 15:17:22 -07:00
Steve Riesenberg
204f0b4599 Polish gh-10007 2021-11-30 15:27:58 -06:00