Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,966 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

317 Commits

Author SHA1 Message Date
Marcus Hert Da Coregio 5938f7cdee Merge branch '6.1.x' into 6.2.x 
Closes gh-14468
 2024-01-17 08:47:36 -03:00
Marcus Hert Da Coregio fccd9379d5 WebTestUtilsTestRuntimeHints implements RuntimeHintsRegistrar 
Closes gh-14399
 2024-01-17 08:47:28 -03:00
Marcus Hert Da Coregio d385b53e3c Merge branch '6.1.x' into 6.2.x 2023-12-26 15:58:39 -03:00
Marcus Hert Da Coregio 92af758f1f Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive 
Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state.

Issue gh-14362
 2023-12-26 15:58:16 -03:00
Marcus Hert Da Coregio f95cda6be7 Merge branch '6.1.x' into 6.2.x 
Closes gh-14377
 2023-12-26 10:42:37 -03:00
Marcus Hert Da Coregio 364bc10e78 Add hints for CompositeFilterChainProxy 
Closes gh-14359
 2023-12-26 10:41:56 -03:00
Steve Riesenberg 9db33f33c7
Revert unnecessary merges on 6.0.x 
This commit removes unnecessary main-branch merges starting from
8750608b5b and adds the following
needed commit(s) that were made afterward:

- 5dce82c48b
 2023-10-31 15:11:45 -05:00
Marcus Da Coregio 07b6c451fd Merge branch '6.1.x' 
Closes gh-13884
 2023-09-29 11:47:38 -03:00
Marcus Da Coregio 92c82191c9 Merge branch '5.8.x' into 6.0.x 
Closes gh-13882
 2023-09-29 11:46:00 -03:00
Marcus Da Coregio 64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Steve Riesenberg d6ff58bb7f
Update Mockito to 5.5.0 
Closes gh-13810
 2023-09-19 10:39:03 -05:00
Tim te Beek 9df9cb5aed refactor: AssertJ best practices 
Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D

Co-authored-by: Moderne <team@moderne.io>
 2023-09-12 16:18:14 -06:00
Kevin Park 02aa052fc7 Fix typo in method name 2023-08-08 17:32:01 -06:00
Laurent MARTELLI 5a7eb108c8 Fix Javadoc 2023-06-22 11:22:15 -06:00
Josh Cummings 590e9e23d9
Merge branch '5.8.x' into 6.0.x 
Closes gh-13253
 2023-05-31 15:42:41 -06:00
Josh Cummings 79f1cf799d
Merge branch '5.7.x' into 5.8.x 
Closes gh-13252
 2023-05-31 15:31:31 -06:00
Josh Cummings bcc1cfc28a
Restore OAuth2AuthorizedClientRepository Test Instrumentation 
Closes gh-13113
 2023-05-31 15:30:03 -06:00
Marcus Da Coregio e3cc8d13e8 Merge branch '5.8.x' into 6.0.x 2023-04-19 11:29:49 -03:00
Marcus Da Coregio 744b74f4c9 Merge branch '5.7.x' into 5.8.x 2023-04-19 11:27:08 -03:00
Amal Krishna 8bec14009e Fix typo in SecurityMockMvcResultMatchers.java 
Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication
 2023-04-19 11:25:55 -03:00
Marcus Da Coregio 1a4a2a9055 Merge branch '5.8.x' into 6.0.x 2023-04-14 13:32:10 -03:00
Marcus Da Coregio 54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Marcus Da Coregio 52ed165476 Move classpath checks to class member variable 
Closes gh-11437
 2023-02-07 09:25:06 -03:00
Marcus Da Coregio c15f45d9ee Only register hints for servlet applications 
Closes gh-12622
 2023-02-03 16:37:33 -03:00
Marcus Da Coregio 1648151dd2 Register hints for @WithSecurityContext on class level 
Issue gh-12215
 2022-11-17 10:18:15 -03:00
Marcus Da Coregio 177e11fbd7 Add WebTestUtils test runtime hints 
Closes gh-12216
 2022-11-16 11:16:20 -03:00
Marcus Da Coregio 7094ee3710 Add runtime hints for annotations using @WithSecurityContext 
Closes gh-12215
 2022-11-16 10:02:34 -03:00
Rob Winch 9cb668aec2 SessionManagementConfigurer properly defaults SecurityContextRepository 
Previously the default was an HttpSessionSecurityContextRepository which
meant that if a stateless authentication occurred the SecurityContext would
be lost on ERROR dispatch.

This commit ensures that the RequestAttributeSecurityContextRepository is
also consulted by default.

Closes gh-12070
 2022-10-20 10:57:47 -05:00
Steve Riesenberg 2a2051cd7b
Default to Xor CSRF tokens in CsrfFilter 
Issue gh-11960
 2022-10-13 09:39:55 -05:00
Steve Riesenberg 7c872cf7fd
Merge branch '5.8.x' 2022-10-12 15:02:40 -05:00
Steve Riesenberg 440748ec65
Add test support for Xor CSRF tokens 
Issue gh-4001
 2022-10-12 15:02:15 -05:00
Marcus Da Coregio 398f5dee7f Remove deprecated RequestMatcher methods from Java Configuration 
Closes gh-11939
 2022-10-07 15:26:46 -03:00
Marcus Da Coregio 35f7e46d05 Remove WebSecurityConfigurerAdapter 
Closes gh-10902
 2022-10-04 15:13:04 -03:00
Steve Riesenberg 5de6da890b
Merge branch '5.8.x' 
Closes gh-dry-run
 2022-10-04 11:18:00 -05:00
Steve Riesenberg 475b3bb6bb
Add deferred CsrfTokenRepository.loadDeferredToken 
* Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken>
* Move RepositoryDeferredCsrfToken to top-level and make package-private
* Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse)
* Update CsrfFilter
* Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler

Issue gh-11892
Closes gh-11918
 2022-10-03 17:10:54 -05:00
Rob Winch 4479cefade Default Require Explicit Session Management = true 
Closes gh-11763
 2022-09-30 21:49:05 -05:00
Steve Riesenberg bcb21c9384
Merge branch '5.8.x' 
# Conflicts:
#	config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
 2022-09-23 15:39:43 -05:00
Steve Riesenberg 46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver 
Closes gh-11896
 2022-09-23 15:09:00 -05:00
Rob Winch 0efe26c1fd Merge branch '5.8.x' 
Closes gh-11894
 2022-09-22 13:47:04 -05:00
Rob Winch d94677f87e CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler 
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.

Closes gh-11892
 2022-09-22 11:09:44 -05:00
Steve Riesenberg 306a3bc20a
Merge branch '5.8.x' 2022-09-12 10:49:40 -05:00
aSemy 6e2e8c41b5
typo fitler -> filter 2022-09-12 10:43:41 -05:00
aSemy e7880b1815
Javadoc typo 'sue' -> 'use' 2022-09-12 10:43:03 -05:00
Rob Winch 0248421df1 Merge branch '5.8.x' 2022-09-08 10:15:24 -05:00
mariusz b478e5bc93 gh-6899: @WithMockUser as metaannotation 2022-09-08 09:44:32 -05:00
Joshua Sattler 040111ae9e Remove Configuration meta-annotation from Enable* annotations 
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.

Closes gh-6613

Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
 2022-07-30 03:48:42 +02:00
Steve Riesenberg 206c6ffb54
Remove deprecation warnings with Context.putAll 
Closes gh-11476
 2022-07-08 16:03:45 -05:00
Igor Bolic d96b4a0463 Set the useTrailingSlashMatch to true for tests 
The Spring MVC changed the default behavior for trailing slash match
with https://github.com/spring-projects/spring-framework/issues/28552.
This causes failures in Spring Security's tests.

Setting the `useTrailingSlashMatch` to `true` ensures that Spring
Security will work for users who have modified the default configuration.
Specifing the request mapper with trailing slash path ensures that the tests
are successful when default behavior is used.

Closes gh-11451
 2022-07-05 11:29:36 -06:00
Josh Cummings 6ac9366657
Add SecurityContextHolderStrategy Test Support 
Issue gh-11061
Issue gh-11444
 2022-06-27 13:17:45 -06:00
Josh Cummings f86992a0af
Add SecurityContextHolderStrategy Test Support 
Issue gh-11061
Issue gh-11444
 2022-06-27 13:02:11 -06:00