7813a9ba26
Use default PathPatternParser instance
2023-07-17 09:12:28 -03:00
b3ad2b0dc5
Don't Mock OAuth2AuthorizedClientRepository
...
Issue gh-13542
Issue gh-13546
2023-07-14 18:44:35 -06:00
b0022a0ae8
Update Mockito Usage
...
Issue gh-13542
2023-07-14 18:44:34 -06:00
cf79af2386
Update Kotlin Test Usage
...
Issue gh-13539
2023-07-14 18:38:58 -06:00
6c3636d780
Update Removed Usages
...
Issue gh-13544
2023-07-14 18:38:58 -06:00
30d09c5192
Merge branch '6.1.x'
...
Closes gh-13495
2023-07-12 14:31:56 -03:00
f62c9d3be6
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13494
2023-07-12 14:31:45 -03:00
933b302979
Fix once-per-request="true" not taking any effect
...
Closes gh-13491
2023-07-12 14:30:18 -03:00
8d0e426654
Generate Shared Test SAML Response
...
Issue gh-13433
2023-07-11 10:36:06 -06:00
f2f19270da
Update to OpenSAML 4.3.0
...
Closes gh-13433
2023-07-10 17:56:42 -06:00
a0540f5c65
Deprecate AbstractConfiguredSecurityBuilder#apply
...
Closes gh-13436
2023-06-30 11:53:47 -03:00
1ff5eb6b57
Add with() method to apply SecurityConfigurerAdapter
...
This method is intended to replace .apply() because it will not be possible to chain configurations when .and() gets removed
Closes gh-13204
2023-06-29 14:52:30 -03:00
4855290a76
Merge branch '6.1.x'
2023-06-29 10:31:25 -06:00
87e07d59da
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13199
2023-06-29 10:08:10 -06:00
1abfd2c801
Only Register as Advisor in Proxy Mode
...
Now that https://github.com/spring-projects/spring-framework/issues/30689
is addressed.
Closes gh-13198
2023-06-29 10:07:11 -06:00
618847418f
Automatically enable .cors() if CorsConfigurationSource bean is present
...
Closes gh-5011
2023-06-23 09:51:46 -03:00
52e12ad64b
Replace deprecated methods
2023-06-22 13:19:55 -06:00
8efdc5c926
Polish Contribution
...
Issue gh-13215
2023-06-22 16:00:47 -03:00
401058d5ff
Implemented AuthorizeHttpRequestsConfigurer to consider GrantedAuthorityDefaults for custom rolePrefix
...
Closes gh-13215
2023-06-22 16:00:46 -03:00
c5461b17de
EnableMethodSecurity annotation does not get imported when defined as a meta-annotation
...
Closes gh-12870
2023-06-22 15:15:25 -03:00
208fb62db9
Update Deprecated Usage
...
Issue gh-12629
2023-06-22 11:24:25 -06:00
9b603b99ab
Using modern Java features
2023-06-22 11:24:25 -06:00
7e01ebdd92
Remove LazyCsrfTokenRepository usage
...
Closes gh-13194
2023-06-22 11:23:35 -06:00
fb910e2997
Prepare for Spring Security 6.2
...
Closes gh-14316
2023-06-22 11:03:28 -06:00
acf1d34d94
Merge branch '6.0.x'
2023-06-19 11:13:57 -03:00
2686af0c4d
Revert "Only Register as Advisor in Proxy Mode"
...
This reverts commit 35ad1f85
2023-06-19 11:13:39 -03:00
a939fa63a1
Merge branch '6.0.x'
...
Closes gh-13282
2023-06-05 16:04:27 -03:00
4e3517e03a
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13281
2023-06-05 16:03:58 -03:00
b47420f8a2
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13280
2023-06-05 16:02:30 -03:00
7250abc185
Does not apply a Configurer when disabled from another DSL
...
Closes gh-13203
2023-06-05 16:01:20 -03:00
537e10cf9c
Improve javadoc adding how to stick with defaults and link to documentation
...
Closes gh-13273
2023-06-02 15:05:17 -03:00
f566ed0afd
Update Symlink for 6.1
...
Issue gh-13131
2023-05-24 14:44:42 -06:00
ff0c82b019
Merge branch '6.0.x'
2023-05-24 14:41:55 -06:00
71703dc371
Update Symlink for 6.0
...
Issue gh-13131
2023-05-24 14:40:50 -06:00
90b37d6d07
Merge branch '5.8.x' into 6.0.x
2023-05-24 14:38:23 -06:00
73cb9862ad
Update Symlink for 5.8
...
Issue gh-13131
2023-05-24 14:37:18 -06:00
be409ada10
Merge branch '6.0.x'
...
Closes gh-13209
2023-05-22 15:43:43 -06:00
7c54c0e4fa
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13208
2023-05-22 15:43:27 -06:00
62ede47d86
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13207
2023-05-22 15:42:36 -06:00
1eefd433b6
Add spring-security.xsd symlink
...
Closes gh-13131
2023-05-22 15:42:02 -06:00
31f1604f66
Merge branch '6.0.x'
...
Closes gh-13199
2023-05-19 16:44:18 -06:00
7efa275abc
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13198
2023-05-19 16:43:57 -06:00
35ad1f857e
Only Register as Advisor in Proxy Mode
...
Closes gh-13160
2023-05-19 16:33:46 -06:00
49366907e2
Merge branch '6.0.x'
...
Closes gh-13183
2023-05-15 17:31:48 -06:00
b438bc5384
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13182
2023-05-15 17:30:14 -06:00
f4915890cc
Use Spec Order for Verifying Signatures
...
Closes gh-12346
2023-05-15 17:24:22 -06:00
5814f614c7
Merge branch '6.0.x'
...
Closes gh-13128
2023-05-02 16:56:37 -06:00
46ad9c122e
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13127
2023-05-02 16:56:06 -06:00
e9a02bc6e9
RememberMeConfigurer Picks Up SecurityContextRepository
...
Closes gh-13104
2023-05-02 16:46:35 -06:00
45efd48b93
Merge branch '6.0.x'
...
Closes gh-13122
2023-05-02 10:13:24 -03:00
69338ecdfa
Only Observe AuthenticationManager if it is not null
...
Closes gh-13084
2023-05-02 10:12:46 -03:00
a44e91d044
fix javadoc typo
2023-04-24 16:41:17 -06:00
f261242db1
Merge branch '5.7.x' into 5.8.x
2023-04-24 16:33:29 -06:00
caa4093619
Fix javadoc for migration from WebSecurityConfigurerAdapter
2023-04-24 16:32:16 -06:00
dd14bbb365
Merge branch '6.0.x'
2023-04-18 12:42:55 -06:00
1e25756ee6
Fix Import Order
2023-04-18 12:42:25 -06:00
68b198f091
Merge branch '6.0.x'
2023-04-18 12:20:44 -06:00
64542b4059
Polish X509 SecurityContextRepository
...
Like Basic and Bearer authentication, X509 is
stateless by default. As such, it is better to not
pick up the global SecurityContextRepository bean.
The better fix is to change the default from
HttpSessionSecurityContextRepository to
RequestAttributeSecurityContextRepository.
Issue gh-13008
2023-04-18 12:18:20 -06:00
c79f04cd11
Merge branch '6.0.x'
...
Closes gh-13063
2023-04-17 17:07:32 -06:00
c3479ddb45
Pick Up SecurityContextRepository
...
Closes gh-13008
2023-04-17 17:06:06 -06:00
04b3d07319
Merge branch '6.0.x'
2023-04-17 07:30:54 -03:00
a484044591
Merge branch '5.8.x' into 6.0.x
2023-04-17 07:29:42 -03:00
6cf8c53aaa
Merge branch '5.7.x' into 5.8.x
2023-04-17 07:16:47 -03:00
2d52fb8e4b
Clear Repository on Logout
2023-04-17 06:47:57 -03:00
82a149207d
Deprecate .and() and non lambda DSL methods
...
Closes gh-12629
2023-04-14 15:50:58 -03:00
1a4a2a9055
Merge branch '5.8.x' into 6.0.x
2023-04-14 13:32:10 -03:00
54117d7d27
Fix test suffix to align with checkstyle
2023-04-14 13:29:15 -03:00
01d1e20dc3
Deprecate shouldFilterAllDispatcherTypes
...
Closes gh-12138
2023-04-13 15:05:10 -03:00
57e134cc5f
Merge branch '6.0.x'
2023-03-22 10:12:28 -03:00
67645b32f4
Merge branch '5.8.x' into 6.0.x
2023-03-22 10:12:11 -03:00
fd65dc6756
Merge branch '5.7.x' into 5.8.x
2023-03-22 10:08:17 -03:00
5eefe9dcff
Fix typo in SessionManagementConfigurer javadoc
2023-03-22 10:07:44 -03:00
ca9139b68f
Merge branch '6.0.x'
2023-03-20 17:02:15 -06:00
cbb4e40166
fix typo in RequestCacheResultMatcher
2023-03-20 17:02:00 -06:00
a4bc0a6f3c
Polish
...
- Add POST /login assertion
- Rearrange test and config class
Issue gh-12552
2023-03-20 14:31:13 -06:00
e2332d9620
Add disable to FormLoginDsl
...
Closes gh-12552
2023-03-20 14:31:13 -06:00
a7562ad950
Update io.spring.javaformat to 0.0.38
...
Closes gh-12891
2023-03-20 10:44:35 -06:00
3ad6c6ce06
Use EntityId-lookup Components
...
Closes gh-12880
2023-03-17 18:00:02 -06:00
46452c0cae
Add saml2Metadata
...
Closes gh-11828
2023-03-17 18:00:02 -06:00
e0284a4503
Fix CAS packages for 4.0.1 and Jasig references
...
Issue gh-11674
2023-03-01 17:21:24 -03:00
b4d3ac6665
Revert "Remove CAS module"
...
This reverts commit caf4c471
2023-03-01 17:21:23 -03:00
f5a4b520d1
Merge branch '6.0.x'
...
Closes gh-12781
2023-02-24 11:04:03 -07:00
bbd31f0e33
Defer ObservationRegistry Lookup
...
Closes gh-12780
2023-02-24 11:03:32 -07:00
963a18a27f
Merge branch '6.0.x'
...
Closes gh-12778
2023-02-23 15:17:47 -03:00
7d22e02593
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12777
2023-02-23 15:17:25 -03:00
97ba596ca3
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12776
2023-02-23 15:17:04 -03:00
1c3ce1e401
Fix entity-id ignored in RelyingPartyRegistration XML config
...
Closes gh-11898
2023-02-23 15:16:40 -03:00
afb5a4ae2c
Merge branch '6.0.x'
...
Closes gh-12688
2023-02-16 14:56:55 -07:00
cedb9fd199
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12687
2023-02-16 14:56:32 -07:00
0baf650f38
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12686
2023-02-16 14:55:22 -07:00
000b4bc495
Fix NPE in HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter
...
Before the fix, these methods would throw a NPE in case when the filter class passed as the second parameter, is not registered yet.
In particular, this exception can occur when mixing standard and custom DSL to register filters.
The fix doesn't change the situation that standard DSL for registration of filters cannot refer to filters that are registered via custom DSL even though those calls were done earlier.
It just provides more user-friendly error handling for this and most likely other scenarios of calls of HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter.
The error handling is implemented similarly to HttpSecurity#addFilter.
Closes gh-12637
2023-02-16 14:54:44 -07:00
cef13a6a16
Fix Javadoc Type Parameter
2023-02-15 15:31:09 -07:00
c79dac49ca
Fix Typo
2023-02-15 15:31:09 -07:00
d91837eadc
Merge branch '6.0.x'
...
Closes gh-12641
2023-02-07 12:46:42 -07:00
7dd5cc6082
Pick Up Custom SecurityContextRespository
...
Closes gh-12579
2023-02-07 12:46:12 -07:00
c66370c092
Update javadoc in EnableWebSecurity
2023-02-07 12:45:23 -07:00
eb35d3055f
Merge branch '6.0.x'
...
Closes gh-12640
2023-02-07 09:25:33 -03:00
52ed165476
Move classpath checks to class member variable
...
Closes gh-11437
2023-02-07 09:25:06 -03:00
da28a426f2
Merge branch '6.0.x'
...
Closes gh-12625
2023-02-03 14:35:08 -03:00
3572111cf5
Add JwtDecoder hint for oauth2Login
...
Closes gh-12615
2023-02-03 14:34:32 -03:00
Marcus Da Coregio
Josh Cummings
Claudio Nave
kandaguru17
Evgeniy Cheban
Krzysztof Krason
lukasz.migdalek
SeasonPan
Ruslan Stelmachenko
Martin Tarjányi
twosom
Clayton Walker
hdeadman
Leonid Rozenblyum
Tobias Meurer