3138 Commits

Author SHA1 Message Date
Marcus Da Coregio
54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Rob Winch
20b0156d5a Merge branch '6.0.x'
Closes gh-12984
2023-04-10 11:26:01 -05:00
Rob Winch
9c3f91a2d3 Merge branch '5.8.x' into 6.0.x
Closes gh-12983
2023-04-10 11:25:32 -05:00
Rob Winch
16dcfd1cfe Merge branch '5.7.x' into 5.8.x
Closes gh-12982
2023-04-10 11:25:01 -05:00
Yuanhang Guo
c69df9fba0 Fix javadoc typo in ReactiveAuthorizationManager
Closes gh-12978
2023-04-10 11:24:49 -05:00
Josh Cummings
25ff3d69bd
Polish WebFlux Observation contextualName
Issue gh-12156
2023-04-04 13:15:44 -06:00
Marcus Da Coregio
5e2dd0351d Merge branch '6.0.x'
Closes gh-12964
2023-04-04 10:21:52 -03:00
Petr Svoboda
44c4a4ae86 Add new DaoAuthenticationProvider constructor
Add a new constructor to the DaoAuthenticationProvider, which allows
providing a custom PasswordEncoder to prevent instantiation of the
default delegating PasswordEncoder in the default constructor.

This provides a way to instantiate the DaoAuthenticationProvider on JDKs
where the default delegating PasswordEncoder cannot be instantiated due
to limited JCE providers for compliance reasons (e.g., FIPS).

Closes gh-12874
2023-04-04 10:21:22 -03:00
Josh Cummings
607e40d366 Polish ObservationConvention Configuration
Change to setObservationConvention so that it reads more clearly
when used, for example `authenticationManager.setObservationConvention`
is clearer than `authenticationManager.setConvention`.

Change unit test names to follow team conventions.

Issue gh-12534
2023-03-28 15:01:26 -06:00
Josh Cummings
f1b14de3ba Format ObservationConvention Configuration
Issue gh-12534
2023-03-28 15:01:26 -06:00
Braunson
8d933fcb03 Support Customizing Observation Conventions
Closes gh-12534
2023-03-28 15:01:26 -06:00
Josh Cummings
a7562ad950
Update io.spring.javaformat to 0.0.38
Closes gh-12891
2023-03-20 10:44:35 -06:00
Josh Cummings
f588f9fa9a
Merge branch '6.0.x' 2023-03-03 15:02:51 -07:00
Josh Cummings
acf48721cd
Merge branch '5.8.x' into 6.0.x 2023-03-03 15:02:34 -07:00
Josh Cummings
ebabcaa51a
Merge branch '5.7.x' into 5.8.x 2023-03-03 15:02:07 -07:00
bist
094bf1b527 Validate hasRole Input
There are no check for role prefix in AuthorizeHttpRequestsConfigurer#XXXrole
methods. This PR adds check for the same. Now the configuration
will fail if role/s start with prefix for hasRole and hasAnyRole methods.

Closes #12581
2023-03-03 15:00:34 -07:00
Pascal Verdage
659b65a666 Fix javadox typo 2023-02-15 15:20:48 -07:00
Marcus Da Coregio
eb35d3055f Merge branch '6.0.x'
Closes gh-12640
2023-02-07 09:25:33 -03:00
Marcus Da Coregio
52ed165476 Move classpath checks to class member variable
Closes gh-11437
2023-02-07 09:25:06 -03:00
stillya
3229bfa40f Add empty authorities by default
Closes gh-12533
2023-01-30 15:37:10 -06:00
Josh Cummings
f9d674cb10
Merge branch '6.0.x'
Closes gh-12525
2023-01-11 10:14:01 -07:00
Josh Cummings
4d2dab9b6b
Lookup Parent Observation
Closes gh-12524
2023-01-11 10:13:33 -07:00
Evgeniy Cheban
782b792e7b SecuredAuthorizationManager should allow customizing underlying authorization manager
Closes gh-12233
2023-01-10 17:48:48 -07:00
Evgeniy Cheban
3369cf5fe9 Consider replacing SecurityExpressionRoot.AuthenticationSupplier with SingletonSupplier
Closes gh-12487
2023-01-06 11:21:33 -07:00
Evgeniy Cheban
1bbbd046c3 Polish gh-12231
- Update copyright header
- Use Set.of instead of HashSet in AuthorityAuthorizationManager
- Align roleHierarchy test name with other tests in AuthoritiesAuthorizationManagerTests
2023-01-05 10:50:52 -07:00
Evgeniy Cheban
e0d676c03f SecuredAuthorizationManager should cache annotation's value
Closes gh-12232
2023-01-05 10:50:52 -07:00
Marcus Da Coregio
25133a97f9 Merge branch '6.0.x'
Closes gh-12436
2022-12-19 10:45:49 -03:00
Marcus Da Coregio
f1824f8a5d Merge branch '5.8.x' into 6.0.x
Closes gh-12435
2022-12-19 10:45:25 -03:00
Guillaume Husta
36d83f863a Fix Javadoc since tag for class ExpressionAuthorizationDecision
Closes gh-12411
2022-12-19 10:44:36 -03:00
Evgeniy Cheban
855282ac3b Add Authority String AuthorizationManager
Closes gh-12231
2022-12-02 14:12:02 -07:00
Josh Cummings
6cbbf06456
Merge branch '6.0.x' 2022-11-30 14:20:01 -07:00
Josh Cummings
a76b1f7a51
Merge branch '5.8.x' into 6.0.x 2022-11-30 14:19:38 -07:00
Josh Cummings
68a344d238
Merge branch '5.7.x' into 5.8.x 2022-11-30 14:18:59 -07:00
Josh Cummings
e23c1cf7a7
Merge branch '5.6.x' into 5.7.x 2022-11-30 14:18:12 -07:00
Josh Cummings
14a48ea939
Fix formatting
Issue gh-12143
2022-11-29 20:15:13 -07:00
Junsung Cho
709de43e89
Fix typo in JavaDoc
Closes gh-12143
2022-11-29 20:15:12 -07:00
Josh Cummings
9bf2d3cd86
Polish JavaDoc
- Replace ampersand
- Correct since version

Issue gh-11510
2022-11-29 16:46:55 -07:00
Karthikeyan R
5fcbb9f4ed
Add AuthenticationTrustResolver#isFullyAuthenticated
Closes gh-11510
2022-11-29 16:46:54 -07:00
Marcus Da Coregio
4de92145e2 Update version on tag library and global serialization value 2022-11-23 13:12:48 -03:00
Josh Cummings
9d876fce82 Polish ExpressionAuthorizationDecision
Issue gh-11493
2022-11-17 15:09:52 -07:00
Josh Cummings
e08ed89403 Polish Span and Meter Names
Closes gh-12156
2022-11-17 15:09:52 -07:00
Josh Cummings
88e64bac0c Polish Tests
Issue gh-11992
2022-11-17 15:09:52 -07:00
Kacper Piasta
08948f2c37
Add Polish localization to error messages from ExceptionTranslationFilter
Issue gh-9315
2022-11-14 18:10:36 -07:00
Kacper Piasta
a3d278380e Add Polish localization to error messages from ExceptionTranslationFilter 2022-11-14 18:06:02 -07:00
Steve Riesenberg
bd43c1f28a
Merge branch '5.8.x'
# Conflicts:
#	web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
#	web/src/test/java/org/springframework/security/web/context/SecurityContextRepositoryTests.java
2022-10-17 19:35:27 -05:00
Steve Riesenberg
c75ca10900
Add DeferredSecurityContext
Issue gh-12023
2022-10-17 19:33:58 -05:00
Marcus Da Coregio
db7f52db4e Add hints to invoke SecurityContextImpl#getAuthentication
Closes gh-11987
2022-10-13 09:06:16 -03:00
Josh Cummings
d3d8f7d60f
Mark Observations with Security Context Events
Closes gh-11992
2022-10-12 20:32:23 -06:00
Josh Cummings
8c610684f3
Instrument Authentication and Authorization
Closes gh-11989
Closes gh-11990
2022-10-12 20:32:21 -06:00
Josh Cummings
827384e386
Add Micrometer Dependency 2022-10-12 19:26:21 -06:00