Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,854 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

1359 Commits

Author SHA1 Message Date
Eddú Meléndez 50adb6abcb Fix javadoc 2019-07-31 15:36:30 -04:00
Sam Simmons e88c5c0eee Fix CSRF session authentication strategy since version 2019-07-31 07:45:51 -05:00
Eleftheria Stein 0b4502b2c5 Remove exceptions from lambda security configuration 
Fixes: gh-7128
 2019-07-30 08:31:37 -05:00
Joe Grandja c05b0765c1 Introduce OAuth2AuthorizedClient Manager/Provider 
Fixes gh-6845
 2019-07-25 11:12:54 -04:00
Eleftheria Stein 7e845409f1 Fix Javadoc for headers configurer methods 
Fixes: gh-7123
 2019-07-24 09:11:44 -04:00
Eleftheria Stein a288ce4b00 Support nested builder in DSL for reactive apps 
Fixes: gh-7107
 2019-07-23 15:57:10 -05:00
Eleftheria Stein d5e5ac0503 Add JavaDoc to reactive oauth2ResourceServer 2019-07-18 10:48:47 -04:00
Eleftheria Stein fbf6d22343 Add JavaDoc to reactive oauth2Login 2019-07-18 08:49:08 -04:00
Édouard Hue e8dd1325fd Fixed misleading OAuth2 error messages 
Error messages sent by BearerTokenAccessDeniedHandler included
information about the scopes of the rejected token instead of
the scopes required by the resource.
* Removal of token scopes from error_description attribute.
* Removal of scope attribute from WWW-Authenticate response header.

Fixes gh-7089
 2019-07-18 07:01:33 -04:00
Eleftheria Stein b153d92b23 Fix JavaDoc for formLogin in ServerHttpSecurity 2019-07-18 06:23:04 -04:00
Michael Vitz 09e8ae42ed Allow configuration of SessionAuthenticationStrategy for CSRF 
Closes gh-5300
 2019-07-16 07:47:13 -05:00
Rob Winch ea54d9014d
DSL nested builder for HTTP security 
DSL nested builder for HTTP security

Fixes gh-5557
 2019-07-12 16:09:19 -05:00
Eleftheria Stein 7961b819aa Allow configuration of session fixation and concurrency through nested builder 
Issue: gh-5557
 2019-07-12 13:53:55 -04:00
Clement Ng 28855e9cd6 Changed docs to reflect that init should apply configurers 2019-07-10 11:54:56 -05:00
Lars Grefer 3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Eleftheria Stein 4b2539df10 Allow configuration of oauth2 resource server through nested builder 
Issue: gh-5557
 2019-07-09 16:11:26 -04:00
Eleftheria Stein 415760838f Allow configuration of oauth2 client through nested builder 
Issue: gh-5557
 2019-07-09 16:03:46 -04:00
Eleftheria Stein e47389e60b Allow configuration of oauth2 login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein bf1bbd14e9 Allow configuration of openid login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein c3dad06ea6 Allow configuration of request matchers through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 1ad9f15e19 Allow configuration of requires channel through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein ae8e12f049 Allow configuration of anonymous through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein a5943fbafb Allow configuration of servlet api through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 04e0dcfe61 Allow configuration of security context through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 81d3cf1e7b Allow configuration of authorize requests through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 1445d1b012 Allow configuration of request cache through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein fcb119b94e Allow configuration of remember me through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein ae9eb6f56b Allow configuration of x509 through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein bfc9538da1 Allow configuration of jee through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 86f0f84740 Allow configuration of port mapper through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 6fbea88e1e Allow configuration of session management through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 6fd515813c Allow configuration of cors through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein a9a1f8ee53 Allow configuration of form login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein 758397f102 Allow configuration of headers through nested builder 
Issue: gh-5557
 2019-07-09 15:35:37 -04:00
Eleftheria Stein 6986cf3ef3 Allow configuration of csrf through nested builder 
Issue: gh-5557
 2019-07-09 10:14:18 -04:00
Eleftheria Stein 1a31376dda Allow configuration of exception handling through nested builder 
Issue: gh-5557
 2019-07-09 10:14:18 -04:00
Eleftheria Stein 92314b0956 Allow configuration of logout through nested builder 
Issue: gh-5557
 2019-07-09 10:14:18 -04:00
Eleftheria Stein d66d895e60 Migrate ServletApiConfigurerTests groovy->java 
Issue: gh-4939
 2019-07-04 12:14:49 -04:00
Clement Ng 491da9db03 Added OAuth2TokenAttributes to wrap attributes 
To simplify access to OAuth 2.0 token attributes

Fixes gh-6498
 2019-07-02 07:45:56 -06:00
Josh Cummings ee8182dceb
NamespaceSessionManagementTests groovy->java 
Issue: gh-4939
 2019-07-02 07:34:36 -06:00
Tadaya Tsuyukubo 7782e29a58 Allow custom ReactiveAuthenticationManager for basic and form auth 
Prior to this change, "HttpBasicSpec#authenticationManager" and
"FormLoginSpec#authenticationManager" were always overridden by
"ServerHttpSecurity#authenticationManager".

This commit makes sure override only happens when custom authentication
manager was not specified.

Fixes: gh-5660
 2019-06-28 11:04:21 -05:00
Eleftheria Stein 39ba1006ba Migrate FormLoginConfigurerSpec groovy->java 
Issue: gh-4939
 2019-06-27 11:53:32 -04:00
Eleftheria Stein 3c240d0ce3 Migrate DefaultLoginPageConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-24 10:38:20 -04:00
Eleftheria Stein 12da990b6b Allow configuration of HTTP basic through nested builder 
Issue: gh-5557
Fixes: gh-6885
 2019-06-20 13:58:13 -05:00
Joe Grandja 6e76df8f1d Revert OAuth2AuthorizationCodeGrantWebFilter works with /{action}/ 
Issue #5856
Commit 385bdfc055

NOTE: This commit 'partially' reverts #5856. Only the ServerWebExchangeMatcher for OAuth2LoginSpec is reverted.

Fixes gh-6890
 2019-06-19 16:06:38 -04:00
Joe Grandja 06943d2d39 Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests 
Issue #5915
Commit 93ca455405

Fixes gh-6890
 2019-06-19 16:06:38 -04:00
Rafiullah Hamedy f6ed1db702 Introduced ReactiveAuthenticationManagerResolver 
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
 2019-06-13 08:52:19 -06:00
Eleftheria Stein 759e47ba84 Migrate OpenIDLoginConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-12 15:23:47 -04:00
Eleftheria Stein e6ace0891f Migrate X509ConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-11 17:31:53 -04:00