Commit Graph

2694 Commits

Author SHA1 Message Date
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer f5cd0ec302 Use try-with-resources instead of try-finally 2019-08-06 15:33:04 -05:00
Jeffrey Morlan a17d66463d Fix race condition in SessionRegistryImpl
Adding/removing sessions from principals wasn't atomic. If one thread
removed the last session from a principal while another thread added a
new one, the addition could be lost.

Fixes gh-3189
2019-08-06 13:45:50 -05:00
Lars Grefer 2056834432 Cleanup unnecessary unboxing
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
2019-08-06 10:17:38 -04:00
Lars Grefer 2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00
Lars Grefer 776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Lars Grefer 09a119978c Migrate VersionsResourceTasks groovy->java
Issue: gh-4939
2019-08-02 15:53:49 -04:00
Eddú Meléndez Gonzales 8e6e975e86 Prevent authentication when user is inactive for reactive apps
Currently, reactive applications doesn't perform validation when user
is locked, disabled or expired. This commit introduces these validations.

Fixes gh-7113
2019-07-29 11:03:05 -04:00
Pavel Horal be0ad673c2 Make RoleHierarchyImpl internals a bit simpler.
Issue: gh-7035
2019-07-12 18:42:44 +02:00
Karel Maxa d3eaef66fc Fix infinite loop in role hierarchy resolving
Issue: gh-7035
2019-07-11 15:43:26 +02:00
Karel Maxa 2d36062846 Remove unnecessary authority comparison.
Issue: gh-7035
2019-07-11 15:37:34 +02:00
Pei-Tang Huang 0fea2fb256 Add Chinese Traditional localized messages. 2019-07-10 12:01:22 -05:00
Lars Grefer 3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Lars Grefer 43737a56bd Use foreach where possible 2019-07-09 06:11:45 -06:00
Lars Grefer 7dc28ff376 Use contains() instead of indexOf() != -1 2019-07-09 06:07:42 -06:00
Bagyoni Attila 878d262a26 Reimplement some hashCodes according to the currently recommended pattern.
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
2019-06-18 12:44:57 -06:00
joos-edia 0e7462272f Move log statement
Moved after removeSessionInformation() is called for comprehensible output to log file. The log statements are now written in correct order. Before the change, this could be confusing when debugging an application, since it seemed that the registered session was immediately removed when only looking at the logs.
2019-06-13 11:19:51 -05:00
Rafiullah Hamedy f6ed1db702 Introduced ReactiveAuthenticationManagerResolver
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
2019-06-13 08:52:19 -06:00
Fan Zhang 78cde52194 FIX #6954(RoleHierarchy Comments are misleading) 2019-06-12 10:14:31 -05:00
Tadaya Tsuyukubo 71dc4f39be Allow configuring scheduler on ReactiveAuthenticationManagerAdapter
Currently, authentication logic will be performed on hardcoded elastic
scheduler in ReactiveAuthenticationManagerAdapter.
This commit makes the authentication logic scheduler configureable.
2019-06-12 09:54:32 -05:00
Rob Winch 1f7ba47ce9 Test Javadoc for RoleHiearchy
Issue gh-6954
2019-06-07 10:59:42 -05:00
Clement Ng e66369f6c6 Added null checks and tests to constructors
RequestKey, JaasGrantedAuthority, and SwitchUserGrantedAuthority
assume certain final members are non-null.

Issue: gh-6892
2019-05-29 16:10:36 -06:00
Akane Shimamuko 59a9feda7d Add messages_ja.properties 2019-05-13 11:43:32 -05:00
Wessel Nieboer 6f5fa1b610 Make AccountStatusUserDetailsChecker implement MessageSourceAware
Fixes: gh-3980
2019-05-01 08:57:25 -05:00
Maksim Vinogradov 59acda04cf Fix NPE ExpressionBasedPreInvocationAdviceTests
Getting NPE if @PreFilter argument filterType is not provided
and method accept more then one argument.

Add related exception message.

fixes gh-6803
2019-04-26 14:40:19 -06:00
JokerSun 19e823f8d3 AuthorityUtils Null Check
Fixes: gh-6773
2019-04-18 16:13:31 -06:00
Josh Cummings 1c25fe26c9 Introduce Support for Reading RSA Keys
Fixes: gh-6494
2019-04-13 19:39:11 -06:00
Dan Zheng 22c8f63390 review phase2 2019-04-13 19:22:44 -06:00
Dan Zheng 570eb01733 review phase1 2019-04-13 19:22:44 -06:00
Dan Zheng 678e0b19e0 Introduce @CurrentSecurityContext for method arguments 2019-04-13 19:22:44 -06:00
Josh Cummings 9c1eac79e2
Align Code with Javadoc
Fixes: gh-6734
2019-04-02 09:17:26 -06:00
Josh Cummings e5249bd746 Introduce AuthenticationManagerResolver
Suitable for multi-tenant applications needing to branch
authentication strategies based on request details.

Fixes: gh-6722
2019-03-29 15:00:48 -06:00
Spring Operator 3b89754926 URL Cleanup
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.

* http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated:
   ([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html) result ClosedChannelException).
* http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated:
   ([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html) result SSLHandshakeException).
* http://cujojs.com/ (200) with 1 occurrences could not be migrated:
   ([https](https://cujojs.com/) result SSLHandshakeException).
* http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated:
   ([https](https://erik.eae.net/archives/2007/07/27/18.54.15/) result SSLHandshakeException).
* http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated:
   ([https](https://javascript.nwbox.com/IEContentLoaded/) result SSLHandshakeException).
* http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated:
   ([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html) result SSLHandshakeException).
* http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated:
   ([https](https://monkeymachine.co.uk/) result SSLHandshakeException).
* http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated:
   ([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/) result SSLHandshakeException).
* http://somesite.com/login (200) with 3 occurrences could not be migrated:
   ([https](https://somesite.com/login) result AnnotatedConnectException).
* http://someurl.com/ (200) with 2 occurrences could not be migrated:
   ([https](https://someurl.com/) result SSLHandshakeException).
* http://sscce.org/ (200) with 1 occurrences could not be migrated:
   ([https](https://sscce.org/) result SSLHandshakeException).
* http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated:
   ([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf) result 404).
* http://www.example.com:80/ (200) with 1 occurrences could not be migrated:
   ([https](https://www.example.com:80/) result NotSslRecordException).
* http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated:
   ([https](https://www.faqs.org/qa/rfcc-1940.html) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated:
   ([https](https://www.faqs.org/rfcs/rfc1945.html) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated:
   ([https](https://www.faqs.org/rfcs/rfc3548.html) result AnnotatedConnectException).
* http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated:
   ([https](https://www.zytrax.com/books/ldap/) result AnnotatedConnectException).
* http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated:
   ([https](https://blindsignals.com/index.php/2009/07/jquery-delay/) result SSLHandshakeException).
* http://www.faqs.org/ (301) with 1 occurrences could not be migrated:
   ([https](https://www.faqs.org/) result AnnotatedConnectException).
* http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated:
   ([https](https://sam.zoy.org/wtfpl/) result SSLHandshakeException).
* http://hey.openid.com/ (302) with 1 occurrences could not be migrated:
   ([https](https://hey.openid.com/) result SSLHandshakeException).
* http://iharder.net/base64 (303) with 2 occurrences could not be migrated:
   ([https](https://iharder.net/base64) result AnnotatedConnectException).
* http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated:
   ([https](https://jaspan.com/improved_persistent_login_cookie_best_practice) result AnnotatedConnectException).

# Fixed URLs

## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.

* http://www.relaxng.org/ (301) with 1 occurrences migrated to:
  https://relaxng.org/ ([https](https://www.relaxng.org/) result SSLHandshakeException).
* http://www.relaxng.org (301) with 1 occurrences migrated to:
  https://relaxng.org/ ([https](https://www.relaxng.org) result SSLHandshakeException).
* http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to:
  https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options) result ReadTimeoutException).
* http://foo.test.com (302) with 2 occurrences migrated to:
  https://www.test.com ([https](https://foo.test.com) result SSLHandshakeException).
* http://abc.test.com (302) with 2 occurrences migrated to:
  https://www.test.com ([https](https://abc.test.com) result SSLHandshakeException).
* http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to:
  https://192.168.1:8080 ([https](https://192.168.1:8080) result ConnectTimeoutException).
* http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page) result ConnectTimeoutException).
* http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to:
  https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd) result ReadTimeoutException).
* http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to:
  https://axschema.org/ ([https](https://axschema.org/) result UnknownHostException).
* http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to:
  https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to:
  https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to:
  https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to:
  https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException).
* http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
  https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder) result UnknownHostException).
* http://default (UnknownHostException) with 12 occurrences migrated to:
  https://default ([https](https://default) result UnknownHostException).
* http://endpoint (UnknownHostException) with 4 occurrences migrated to:
  https://endpoint ([https](https://endpoint) result UnknownHostException).
* http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
  https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token) result UnknownHostException).
* http://example.com&param1=value1&param2=value2 (UnknownHostException) with 1 occurrences migrated to:
  https://example.com&param1=value1&param2=value2 ([https](https://example.com&param1=value1&param2=value2) result UnknownHostException).
* http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to:
  https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah) result UnknownHostException).
* http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
  https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder) result UnknownHostException).
* http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to:
  https://id.openid.zz ([https](https://id.openid.zz) result UnknownHostException).
* http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to:
  https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token) result UnknownHostException).
* http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to:
  https://invalid-provider.com/user ([https](https://invalid-provider.com/user) result UnknownHostException).
* http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to:
  https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json) result UnknownHostException).
* http://issuer/certs (UnknownHostException) with 1 occurrences migrated to:
  https://issuer/certs ([https](https://issuer/certs) result UnknownHostException).
* http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/) result UnknownHostException).
* http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to:
  https://joe.myopenid.com/ ([https](https://joe.myopenid.com/) result UnknownHostException).
* http://logout (UnknownHostException) with 2 occurrences migrated to:
  https://logout ([https](https://logout) result UnknownHostException).
* http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
  https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token) result UnknownHostException).
* http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to:
  https://openid.aol.com/ ([https](https://openid.aol.com/) result UnknownHostException).
* http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to:
  https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server) result UnknownHostException).
* http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to:
  https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue) result UnknownHostException).
* http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to:
  https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to:
  https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to:
  https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException).
* http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to:
  https://some.site.org/index.html ([https](https://some.site.org/index.html) result UnknownHostException).
* http://something/ (UnknownHostException) with 1 occurrences migrated to:
  https://something/ ([https](https://something/) result UnknownHostException).
* http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to:
  https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0) result UnknownHostException).
* http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to:
  https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select) result UnknownHostException).
* http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to:
  https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules) result UnknownHostException).
* http://www.faqs (UnknownHostException) with 1 occurrences migrated to:
  https://www.faqs ([https](https://www.faqs) result UnknownHostException).
* http://www.test123.com (UnknownHostException) with 1 occurrences migrated to:
  https://www.test123.com ([https](https://www.test123.com) result UnknownHostException).
* http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29) result 400).
* http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to:
  https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html) result 404).
* http://example.com/auth (404) with 2 occurrences migrated to:
  https://example.com/auth ([https](https://example.com/auth) result 404).
* http://example.com/info (404) with 2 occurrences migrated to:
  https://example.com/info ([https](https://example.com/info) result 404).
* http://example.com/jwkset (404) with 2 occurrences migrated to:
  https://example.com/jwkset ([https](https://example.com/jwkset) result 404).
* http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to:
  https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id) result 404).
* http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to:
  https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2) result 404).
* http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to:
  https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d) result 404).
* http://example.com/pkp-report (404) with 5 occurrences migrated to:
  https://example.com/pkp-report ([https](https://example.com/pkp-report) result 404).
* http://example.com/token (404) with 2 occurrences migrated to:
  https://example.com/token ([https](https://example.com/token) result 404).
* http://example.net/pkp-report (404) with 7 occurrences migrated to:
  https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404).
* http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to:
  https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/) result 404).
* http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to:
  https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js) result 404).
* http://json.org/json2.js (404) with 1 occurrences migrated to:
  https://json.org/json2.js ([https](https://json.org/json2.js) result 404).
* http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to:
  https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/) result 404).
* http://provider.com/user (302) with 2 occurrences migrated to:
  https://provider.com/user ([https](https://provider.com/user) result 404).
* http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to:
  https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0) result 404).
* http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to:
  https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello) result 404).
* http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to:
  https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true) result 404).
* http://www.example.com/identity (404) with 1 occurrences migrated to:
  https://www.example.com/identity ([https](https://www.example.com/identity) result 404).
* http://www.example.com/login/openid (404) with 2 occurrences migrated to:
  https://www.example.com/login/openid ([https](https://www.example.com/login/openid) result 404).
* http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to:
  https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld) result 404).
* http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to:
  https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html) result 404).
* http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to:
  https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar) result 404).
* http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to:
  https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html) result 404).
* http://www.example.com/realm (404) with 1 occurrences migrated to:
  https://www.example.com/realm ([https](https://www.example.com/realm) result 404).
* http://www.example.com/redirect (404) with 1 occurrences migrated to:
  https://www.example.com/redirect ([https](https://www.example.com/redirect) result 404).
* http://www.example.org/do/something (404) with 4 occurrences migrated to:
  https://www.example.org/do/something ([https](https://www.example.org/do/something) result 404).
* http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to:
  https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/) result 404).
* http://www.json.org/json2.js (404) with 1 occurrences migrated to:
  https://www.json.org/json2.js ([https](https://www.json.org/json2.js) result 404).
* http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to:
  https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5) result 404).

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to:
  https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html) result 200).
* http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to:
  https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282) result 200).
* http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to:
  https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359) result 200).
* http://claimid.com/ with 2 occurrences migrated to:
  https://claimid.com/ ([https](https://claimid.com/) result 200).
* http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to:
  https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to:
  https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to:
  https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to:
  https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html) result 200).
* http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to:
  https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html) result 200).
* http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to:
  https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html) result 200).
* http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to:
  https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html) result 200).
* http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
  https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/) result 200).
* http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html) result 200).
* http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html) result 200).
* http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/) result 200).
* http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/) result 200).
* http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/) result 200).
* http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html) result 200).
* http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html) result 200).
* http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html) result 200).
* http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to:
  https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking) result 200).
* http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to:
  https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing) result 200).
* http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to:
  https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery) result 200).
* http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to:
  https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting) result 200).
* http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep) result 200).
* http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to:
  https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) result 200).
* http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) result 200).
* http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to:
  https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) result 200).
* http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern) result 200).
* http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to:
  https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record) result 200).
* http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy) result 200).
* http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to:
  https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation) result 200).
* http://example.com with 8 occurrences migrated to:
  https://example.com ([https](https://example.com) result 200).
* http://example.com/ with 1 occurrences migrated to:
  https://example.com/ ([https](https://example.com/) result 200).
* http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to:
  https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice) result 200).
* http://flywaydb.org/ with 1 occurrences migrated to:
  https://flywaydb.org/ ([https](https://flywaydb.org/) result 200).
* http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to:
  https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css) result 200).
* http://gradle.org with 1 occurrences migrated to:
  https://gradle.org ([https](https://gradle.org) result 200).
* http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to:
  https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/) result 200).
* http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to:
  https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html) result 200).
* http://jquery.com/ with 1 occurrences migrated to:
  https://jquery.com/ ([https](https://jquery.com/) result 200).
* http://knockoutjs.com/ with 1 occurrences migrated to:
  https://knockoutjs.com/ ([https](https://knockoutjs.com/) result 200).
* http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to:
  https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools) result 200).
* http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to:
  https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html) result 200).
* http://openid.net with 1 occurrences migrated to:
  https://openid.net ([https](https://openid.net) result 200).
* http://openid.net/ with 1 occurrences migrated to:
  https://openid.net/ ([https](https://openid.net/) result 200).
* http://openid.net/certification/ with 4 occurrences migrated to:
  https://openid.net/certification/ ([https](https://openid.net/certification/) result 200).
* http://openid.net/connect/ with 4 occurrences migrated to:
  https://openid.net/connect/ ([https](https://openid.net/connect/) result 200).
* http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to:
  https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html) result 200).
* http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to:
  https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html) result 200).
* http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to:
  https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html) result 200).
* http://sizzlejs.com/ with 2 occurrences migrated to:
  https://sizzlejs.com/ ([https](https://sizzlejs.com/) result 200).
* http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to:
  https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time) result 200).
* http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to:
  https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/) result 200).
* http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to:
  https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/) result 200).
* http://spring.io/projects with 1 occurrences migrated to:
  https://spring.io/projects ([https](https://spring.io/projects) result 200).
* http://spring.io/services with 1 occurrences migrated to:
  https://spring.io/services ([https](https://spring.io/services) result 200).
* http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to:
  https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security) result 200).
* http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to:
  https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html) result 200).
* http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to:
  https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797) result 200).
* http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to:
  https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469) result 200).
* http://vimeo.com/34436402 with 1 occurrences migrated to:
  https://vimeo.com/34436402 ([https](https://vimeo.com/34436402) result 200).
* http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to:
  https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/) result 200).
* http://www.ja-sig.org/cas (301) with 1 occurrences migrated to:
  https://www.apereo.org ([https](https://www.ja-sig.org/cas) result 200).
* http://ehcache.sourceforge.net (301) with 2 occurrences migrated to:
  https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net) result 200).
* http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to:
  https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/) result 200).
* http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to:
  https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt) result 200).
* http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to:
  https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt) result 200).
* http://www.liquibase.org/ with 1 occurrences migrated to:
  https://www.liquibase.org/ ([https](https://www.liquibase.org/) result 200).
* http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to:
  https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps) result 200).
* http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200).
* http://www.test.com with 9 occurrences migrated to:
  https://www.test.com ([https](https://www.test.com) result 200).
* http://www.thymeleaf.org with 25 occurrences migrated to:
  https://www.thymeleaf.org ([https](https://www.thymeleaf.org) result 200).
* http://www.thymeleaf.org/ with 3 occurrences migrated to:
  https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/) result 200).
* http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to:
  https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd) result 200).
* http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to:
  https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to:
  https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to:
  https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html) result 200).
* http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to:
  https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html) result 200).
* http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to:
  https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/) result 200).
* http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to:
  https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html) result 200).
* http://www.w3.org/TR/selectors/ with 3 occurrences migrated to:
  https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/) result 200).
* http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to:
  https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU) result 200).
* http://api.jquery.com/jQuery.browser with 1 occurrences migrated to:
  https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to:
  https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to:
  https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx) result 301).
* http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to:
  https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx) result 301).
* http://code.google.com/p/openid-selector/ with 3 occurrences migrated to:
  https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/) result 301).
* http://contributor-covenant.org with 1 occurrences migrated to:
  https://contributor-covenant.org ([https](https://contributor-covenant.org) result 301).
* http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to:
  https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/) result 301).
* http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to:
  https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/) result 301).
* http://docs.spring.io with 1 occurrences migrated to:
  https://docs.spring.io ([https](https://docs.spring.io) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html) result 301).
* http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to:
  https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971) result 301).
* http://help.github.com/set-up-git-redirect with 1 occurrences migrated to:
  https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect) result 301).
* http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to:
  https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_) result 301).
* http://jquery.org/license with 1 occurrences migrated to:
  https://jquery.org/license ([https](https://jquery.org/license) result 301).
* http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to:
  https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647) result 301).
* http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to:
  https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941) result 301).
* http://openid.net/get/ with 2 occurrences migrated to:
  https://openid.net/get/ ([https](https://openid.net/get/) result 301).
* http://openid.net/what/ with 2 occurrences migrated to:
  https://openid.net/what/ ([https](https://openid.net/what/) result 301).
* http://technorati.com/people/technorati/ with 2 occurrences migrated to:
  https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/) result 301).
* http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to:
  https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html) result 301).
* http://www.jasig.org/cas with 1 occurrences migrated to:
  https://www.jasig.org/cas ([https](https://www.jasig.org/cas) result 301).
* http://www.modernizr.com/ with 1 occurrences migrated to:
  https://www.modernizr.com/ ([https](https://www.modernizr.com/) result 301).
* http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to:
  https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php) result 301).
* http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to:
  https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads) result 301).
* http://www.springframework.org/security with 1 occurrences migrated to:
  https://www.springframework.org/security ([https](https://www.springframework.org/security) result 301).
* http://www.springsource.com/ with 2 occurrences migrated to:
  https://www.springsource.com/ ([https](https://www.springsource.com/) result 301).
* http://www.springsource.org with 1 occurrences migrated to:
  https://www.springsource.org ([https](https://www.springsource.org) result 301).
* http://www.springsource.org/sts with 1 occurrences migrated to:
  https://www.springsource.org/sts ([https](https://www.springsource.org/sts) result 301).
* http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to:
  https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/) result 301).
* http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to:
  https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/) result 301).
* http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to:
  https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/) result 302).
* http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to:
  https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html) result 302).
* http://example2.com with 3 occurrences migrated to:
  https://example2.com ([https](https://example2.com) result 302).
* http://flickr.com/ with 2 occurrences migrated to:
  https://flickr.com/ ([https](https://flickr.com/) result 302).
* http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to:
  https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html) result 302).
* http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to:
  https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html) result 302).
* http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to:
  https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302).
* http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to:
  https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx) result 302).
* http://spring.io/spring-security with 1 occurrences migrated to:
  https://spring.io/spring-security ([https](https://spring.io/spring-security) result 302).
* http://spring.io/spring-security/ with 2 occurrences migrated to:
  https://spring.io/spring-security/ ([https](https://spring.io/spring-security/) result 302).
* http://spring.io/tools/sts with 1 occurrences migrated to:
  https://spring.io/tools/sts ([https](https://spring.io/tools/sts) result 302).
* http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to:
  https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt) result 302).
* http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to:
  https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html) result 302).
* http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to:
  https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context) result 302).
* http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to:
  https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt) result 302).

# Ignored
These URLs were intentionally ignored.

* http://java.sun.com/JSP/Page with 14 occurrences
* http://java.sun.com/jsp/jstl/core with 31 occurrences
* http://java.sun.com/jsp/jstl/fmt with 6 occurrences
* http://java.sun.com/jsp/jstl/functions with 1 occurrences
* http://java.sun.com/jstl/core with 1 occurrences
* http://java.sun.com/xml/ns/j2ee with 2 occurrences
* http://java.sun.com/xml/ns/javaee with 6 occurrences
* http://localhost with 20 occurrences
* http://localhost/ with 6 occurrences
* http://localhost/Test</value></property&gt with 1 occurrences
* http://localhost/appcontext/page with 1 occurrences
* http://localhost/authenticated with 1 occurrences
* http://localhost/authentication/login with 2 occurrences
* http://localhost/authorize/oauth2/code/registration-id with 3 occurrences
* http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences
* http://localhost/callback/client-1 with 1 occurrences
* http://localhost/callback/client-1?error=invalid_grant with 1 occurrences
* http://localhost/client-1 with 9 occurrences
* http://localhost/cookie with 1 occurrences
* http://localhost/cookie/delete with 1 occurrences
* http://localhost/custom-login with 1 occurrences
* http://localhost/custom-logout with 1 occurrences
* http://localhost/form-page with 1 occurrences
* http://localhost/iss with 1 occurrences
* http://localhost/issuer with 2 occurrences
* http://localhost/login with 38 occurrences
* http://localhost/login/oauth2/code/ with 4 occurrences
* http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences
* http://localhost/login/oauth2/code/registration-id with 3 occurrences
* http://localhost/login/oauth2/code/registration-id& with 2 occurrences
* http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences
* http://localhost/login/openid with 1 occurrences
* http://localhost/login2 with 1 occurrences
* http://localhost/loginPage with 2 occurrences
* http://localhost/logout with 1 occurrences
* http://localhost/messages with 4 occurrences
* http://localhost/oauth2/authorization/google with 1 occurrences
* http://localhost/openid-page with 1 occurrences
* http://localhost/saved-request with 1 occurrences
* http://localhost/secured with 2 occurrences
* http://localhost/signin with 1 occurrences
* http://localhost/some-url with 1 occurrences
* http://localhost/tosave with 1 occurrences
* http://localhost/user with 1 occurrences
* http://localhost:123456 with 3 occurrences
* http://localhost:1280/certs with 1 occurrences
* http://localhost:314 with 1 occurrences
* http://localhost:4080 with 1 occurrences
* http://localhost:543 with 1 occurrences
* http://localhost:8080 with 16 occurrences
* http://localhost:8080/ with 4 occurrences
* http://localhost:8080/SomeService with 1 occurrences
* http://localhost:8080/contacts with 1 occurrences
* http://localhost:8080/login/oauth2/code with 1 occurrences
* http://localhost:8080/login/oauth2/code/client-id with 2 occurrences
* http://localhost:8080/login/oauth2/code/facebook with 2 occurrences
* http://localhost:8080/login/oauth2/code/github with 2 occurrences
* http://localhost:8080/login/oauth2/code/google with 4 occurrences
* http://localhost:8080/login/oauth2/code/okta with 2 occurrences
* http://localhost:8080/path/page.html?query=string with 1 occurrences
* http://localhost:8080/sample/ with 15 occurrences
* http://localhost:8080/secure with 1 occurrences
* http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences
* http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences
* http://localhost:9080/protected with 2 occurrences
* http://localhost:9080/secured with 1 occurrences
* http://localhost:9080/unsecured with 1 occurrences
* http://localhost:9080/user with 1 occurrences
* http://test.com with 1 occurrences
* http://test.foobar.com with 1 occurrences
* http://testopenid.com?openid.return_to= with 1 occurrences
* http://www.springframework.org/schema/aop with 2 occurrences
* http://www.springframework.org/schema/beans with 8 occurrences
* http://www.springframework.org/schema/context with 2 occurrences
* http://www.springframework.org/schema/mvc with 2 occurrences
* http://www.springframework.org/schema/security with 45 occurrences
* http://www.springframework.org/schema/security/spring-security- with 1 occurrences
* http://www.springframework.org/schema/websocket with 2 occurrences
* http://www.springframework.org/security/tags with 17 occurrences
* http://www.springframework.org/tags with 12 occurrences
* http://www.springframework.org/tags/form with 14 occurrences
* http://www.w3.org/1999/XSL/Transform with 1 occurrences
* http://www.w3.org/1999/xhtml with 26 occurrences
* http://www.w3.org/2001/XMLSchema with 15 occurrences
* http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
2019-03-19 23:53:23 -05:00
Spring Operator 2bf126f4cf URL Cleanup
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.

* http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated:
   ([https](https://luke.taylor.openid.cn/) result SSLHandshakeException).

# Fixed URLs

## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.

* http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to:
  https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException).
* http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 2 occurrences migrated to:
  https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to:
  https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException).
* http://schema.openid.net/namePerson/friendly (UnknownHostException) with 1 occurrences migrated to:
  https://schema.openid.net/namePerson/friendly ([https](https://schema.openid.net/namePerson/friendly) result UnknownHostException).
* http://somehost/someUrl (UnknownHostException) with 1 occurrences migrated to:
  https://somehost/someUrl ([https](https://somehost/someUrl) result UnknownHostException).
* http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/) result UnknownHostException).
* http://example.net/pkp-report (404) with 1 occurrences migrated to:
  https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404).
* http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to:
  https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng) result 404).
* http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to:
  https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd) result 404).
* http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to:
  https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd) result 404).
* http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to:
  https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller) result 404).

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://raykrueger.blogspot.com/ with 1 occurrences migrated to:
  https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/) result 200).
* http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to:
  https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects) result 200).
* http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to:
  https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd) result 200).
* http://www.springframework.org/dtd/spring-beans.dtd with 4 occurrences migrated to:
  https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 5 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd) result 200).
* http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 20 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 267 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.2.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context.xsd with 6 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd) result 200).
* http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd) result 200).
* http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 10 occurrences migrated to:
  https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security-2.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 266 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200).
* http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd) result 200).
* http://www.springframework.org/schema/tx/spring-tx.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util-3.0.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util.xsd with 4 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 6 occurrences migrated to:
  https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200).
* http://www.headwaysoftware.com with 1 occurrences migrated to:
  https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com) result 301).
* http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to:
  https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302).

# Ignored
These URLs were intentionally ignored.

* http://appengine.google.com/ns/1.0 with 1 occurrences
* http://docbook.org/ns/docbook with 1 occurrences
* http://jakarta.apache.org/log4j/ with 1 occurrences
* http://java.sun.com/xml/ns/javaee with 22 occurrences
* http://www.springframework.org/schema/aop with 14 occurrences
* http://www.springframework.org/schema/beans with 576 occurrences
* http://www.springframework.org/schema/c with 6 occurrences
* http://www.springframework.org/schema/context with 18 occurrences
* http://www.springframework.org/schema/data/jpa with 2 occurrences
* http://www.springframework.org/schema/jdbc with 2 occurrences
* http://www.springframework.org/schema/mvc with 20 occurrences
* http://www.springframework.org/schema/p with 10 occurrences
* http://www.springframework.org/schema/security with 534 occurrences
* http://www.springframework.org/schema/tx with 10 occurrences
* http://www.springframework.org/schema/util with 16 occurrences
* http://www.springframework.org/schema/websocket with 12 occurrences
* http://www.w3.org/1999/xlink with 1 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 299 occurrences
2019-03-19 17:33:29 -05:00
Spring Operator b93528138e URL Cleanup
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://www.apache.org/licenses/ with 1 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).
2019-03-14 15:46:20 -05:00
Ankur Pathak 4ff51491d7 fixes setting paramName only when it is not null
Fixes: gh-6223
2019-01-10 10:13:44 -06:00
Onur Kagan Ozcan fe40e6d65a Fix UsernamePasswordAuthenticationTokenDeserializer to handle customized object mapper inclusion settings
Resolves #4698
2019-01-07 14:17:24 -06:00
Panayiotis Vlissidis 4123d96cd5 JdbcUserDetailsManager handles extra UserDetails attributes
Check ResutSetMetaData to see if extra columns are present in order to
also handle the UserDetails attributes: accountNonExpired,
accountNonLocked and credentialsNonExpired.

Fixes gh-4399
2018-12-21 09:46:17 -06:00
Joe Grandja be23ab8114 AuthenticationFailureEvent should publish once
Fixes gh-6281
2018-12-20 22:40:45 -05:00
finke-ba b838f7c7b7 Add WebFlux support for spring security web jackson module.
Fixes: gh-6303
2018-12-19 10:11:17 -06:00
Robbie Martinus e60ae4984a Add hasAnyAuthority() and hasAnyRole() in AuthorizeExchangeSpec
Fixes gh-6306
2018-12-19 09:55:47 -06:00
finke-ba 9c7cab835f Add conditionally servlet based support for spring security web jackson module. 2018-12-18 14:21:31 -06:00
Richard Valdivieso cb0ea0241b Spring Security provides a DelegatingSecurityContextRunnable
abstraction for Runnable that can be used for async and
scheduled tasks. The primary contract for task scheduling is
TaskScheduler and there's no such wrapper available at the moment.

The new DelegatingSecurityContextTaskScheduler class implements
TaskScheduler interface.

Fixes gh-6043
2018-12-17 14:30:55 -06:00
mibo 60e3bf4093 Add Anonymous Support to AuthenticatedReactiveAuthorizationManager
Fixes: gh-6235
2018-12-12 15:48:17 -06:00
ir73 9a357f8cb6 Moved CachingUserDetailsService to spring-core
Made CachingUserDetailsService constructor public and moved to spring-core to make it easier to configure caching in UserDetailsService

Fixes gh-4139
2018-12-11 13:22:08 -06:00
Eric Deandrea 4178c92741 Add Reactive Support for UserDetailsChecker
Integrate UserDetailsChecker into ReactiveAuthenticationManager and
OAuth2 resource server authentication converters.

Fixes gh-6219
2018-12-11 13:07:40 -06:00
Zhanwei Wang 12ab2cca31 Improve error message for Chinese. 2018-12-06 11:57:21 -06:00
Robbie Martinus 090000c3d2 SessionRegistryImpl uses computeIfAbsent
Fixes: gh-5834
2018-12-05 10:26:07 -06:00
dperezcabrera 898d005a53 InMemoryUserDetailsManager.updatePassword case-insenstive
Previously updatePassword was case sensitive which was
inconsistent with the rest of the class.

This commit updates updatePassword to be case insensitive.

Fixes: gh-6039
2018-11-09 11:39:58 -06:00
Josh Cummings 7d3302f52b
Polish Test Name
So that it adheres to methodNameWhenConditionThenVerification naming
convention.

Issue: gh-3743
2018-10-30 10:20:37 -06:00
Karl Goffin 50d26c9d28
Polish Logging and Tests
Removing debug statements which would have prematurely terminated the
stream, changing to AssertJ, and adding another test.

Issue: gh-3743
2018-10-30 10:18:16 -06:00
Karl Goffin 92e68a589a
PostFilter Support for Streams
Users can return a Stream from a @PostFilter-annotated method.

Fixes: gh-3743
2018-10-30 10:17:16 -06:00
Joe Grandja 8ef65ce5c5 Set AuthenticationEventPublisher on each AuthenticationManagerBuilder
Fixes gh-6009
2018-10-23 14:08:23 -04:00
Joe Grandja 7a94931514 Polish javadoc 2018-10-23 08:45:06 -04:00
Drummond Dawson 818a3506fe Remove unnecessary concatenation of sql in JdbcUserDetailsManager 2018-10-19 15:30:03 -05:00
Joe Grandja 0b3aa2ce24 Update Security version to 5.2 2018-10-17 14:52:06 -04:00
Johnny Lim 68ffa0fece Add a missing space in Secured.value() signature 2018-10-03 14:47:48 -04:00
John Lin 69b71ee0ed Remove unused variables in ConsensusBased and UnanimousBased 2018-09-21 08:12:40 -05:00
John Lin f5e2ca1b6e Fix truncated javadoc for Secured
Fixes: gh-5861
2018-09-18 21:34:02 -05:00
Vedran Pavic cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
Johnny Lim 68878a1675 Replace isEqualTo(null) with isNull() 2018-08-09 18:04:48 -06:00
Rob Winch d595098823 Rename @TransientAuthentication to @Transient
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
2018-07-16 11:31:10 -05:00
Rob Winch ed3ed5e64c Rename @TransientAuthentication to @Transient
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
2018-07-16 11:17:08 -05:00
Josh Cummings 3c46727be1 Transient Authentication Tokens
This commit introduces support for transient authentication tokens
which indicate to the filter chain, specifically the
HttpSessionSecurityContextRepository, whether or not the token ought
to be persisted across requests.

To leverage this, simply annotate any Authentication implementation
with @TransientAuthentication, extend from an Authentication that uses
this annotation, or annotate a custom annotation.

Implementations of SecurityContextRepository may choose to not persist
tokens that are marked with @TransientAuthentication in the same way
that HttpSessionSecurityContextRepository does.

Fixes: gh-5481
2018-07-16 10:40:45 -05:00
Rob Winch a66b945ab7 Configuration for ReactiveUserDetailsPasswordService
Issue: gh-2778
2018-07-15 15:08:06 -05:00
Rob Winch 72a267a311 UserDetailsRepositoryReactiveAuthenticationManager uses ReactiveUserDetailsPasswordService
Issue: gh-2778
2018-07-15 15:08:01 -05:00
Rob Winch ed8218a2b0 ReactiveUserDetailsPasswordService
Issue: gh-2778
2018-07-15 15:07:53 -05:00
Rob Winch 7aaf70d582 DaoAuthenticationProvider supports password upgrades
Issue: gh-2778
2018-07-15 14:56:45 -05:00
Rob Winch cabd0a5579 UserDetailsPasswordService
Issue: gh-2778
2018-07-15 14:54:20 -05:00
Rob Winch 86b5150d88 Spring Version null for NullPointerException 2018-07-14 22:21:10 -05:00
Rob Winch d9d9879909 Add JdbcUserDetailsManager(DataSource) constructor
Fixes: gh-5512
2018-07-13 15:59:13 -05:00
Rob Winch 4d1c8f26c5 Add DelegatingReactiveAuthenticationManager
Fixes: gh-5448
2018-06-18 16:03:41 -05:00
Rob Winch bb11a81857 Add UserDetailsRepositoryReactiveAuthenticationManager.setScheduler
Fixes: gh-5417
2018-06-11 14:30:29 -05:00
Rob Winch 8fa6dd0f5b Revert "Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677"
This reverts commit d4e459874a.
2018-05-11 04:19:50 -05:00
이경욱 26bc6be850 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
이경욱 6adbe8dae0 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
Kazuki Shimizu 8d716f75a4 Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:49:25 -05:00
Rob Winch 0a5da93640 Improve PasswordEncoder deprecated notices
Fixes: gh-5296
2018-05-03 15:13:06 -05:00
Joe Grandja d4e459874a Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:38:37 -04:00
Rob Winch fb7394c1de Polish Javadoc
Fixes: gh-5186
2018-03-29 15:33:57 -05:00
Christoph Dreis d07cfe655d Use Supplier variants of Assert methods 2018-03-27 10:58:55 -05:00
Rob Winch b1d013e8f0 Fix JDK 9
Issue: gh-5160
2018-03-27 09:30:56 -05:00
Alter Ego 0e37c0912e Update User.java
fixed a typo; replaced "User.witUsername("user")" with "User.withUsername("user")"
2018-03-22 08:19:44 -05:00
Rob Winch 67d793ae5f Delay lookup of managedVersions
Fixes: gh-5127
2018-03-16 13:55:17 -05:00
Rob Winch efaf2b080f Make MIN_SPRING_VERSION Dynamic
Fixes: gh-5065
2018-03-16 13:53:40 -05:00
Josh Cummings 776b378a1d Authorities authenticate TestingAuthenticationToken
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5073
2018-03-09 13:21:47 -06:00
ylombardi 1d0e97880d Add the BadCredentialsExceptionMixin to help Jackson serialization of BadCredentialsException 2018-03-08 16:55:57 -06:00
Joe Grandja 5b023d0abc Fix Security version tests -> 5.1 2018-03-02 16:29:22 -05:00
Johnny Lim d316803596 Polish DaoAuthenticationProviderTests 2018-03-02 08:55:37 -06:00
Rob Winch 8d75554b6b Lazily Create Throwables
Fixes: gh-5040
2018-02-26 16:24:40 -06:00
Rob Winch 831399be16 Update to Spring Framework 5.0.4
Fixes: gh-5027
2018-02-19 22:00:33 -06:00
Rob Winch 7063a9e111 Issue: gh-5018 2018-02-16 16:50:14 -06:00
Rob Winch 964a14b224 Document Reactive Method security requires Publisher return types
Fixes: gh-4988
2018-02-07 16:43:18 -06:00
Lóránt Pintér f7beb537f0 Add included build to JAR
Instead of copying classes to the compile output, we now add them directly to the JAR.
This allows JavaCompile to be cached, since there are no overlapping outputs anymore.
2018-02-02 11:50:00 -06:00
Rob Winch 8b7f772761 Update to Jackson 2.9.4
Fixes: gh-4985
2018-02-01 13:45:06 -06:00
Rob Winch 994abb0d00 Document User.withDefaultPasswordEncoder unsafe for production
Fixes: gh-4793
2018-01-31 16:26:26 -06:00
Rob Winch f7e49ace9f Add TestAuthentication 2018-01-26 15:13:09 -06:00
Rob Winch c5e6ee4563 Update Dependencies
Fixes: gh-4973
2018-01-24 13:48:14 -06:00
Rob Winch 6ba225b62d Polish userNotFoundEncodedPassword
Ensure that if passwordEncoder is set that userNotFoundEncodedPassword
is encoded again if already set.

Issue: gh-4915
2018-01-24 11:06:08 -06:00
Phillip Webb fd78d055aa Lazily initialize userNotFoundEncodedPassword
Update `DaoAuthenticationProvider` so that `userNotFoundEncodedPassword`
is lazily initialized on the first call to `retrieveUser`, rather than
in `doAfterPropertiesSet`.

Since some `PasswordEncoder` implementations can be slow, this change
can help to improve application startup times and the expense of some
delay with the first login.

Note that `userNotFoundEncodedPassword` creation occurs on the first
user retrieval, regardless of whether the user is ultimately found. This
ensures consistent processing times, regardless of the outcome.

First Call:
	Found      = encode(userNotFound) + decode(supplied)
	Not-Found  = encode(userNotFound) + decode(userNotFound)

Subsequent Call:
	Found      = decode(supplied)
	Not-Found  = decode(userNotFound)

Fixes gh-4915
2018-01-24 11:06:08 -06:00
Johnny Lim f3830eec7d Rename userDetailsRepository to userDetailsService 2018-01-10 16:04:48 -06:00
Rob Winch 803cdcf01e Test Jackson HashMap in Whitelist
Issue: gh-4889
2018-01-03 16:17:23 -06:00
Chris Burrell cf97e16379 Add HashMap to Jackson whitelist
Issue: gh-4889
2018-01-03 16:17:23 -06:00
Rob Winch b9152701a6 Javadoc Polish 2017-12-21 16:43:11 -06:00
Johnny Lim 921157cdcd Remove explicit super() calls 2017-12-21 15:11:51 -06:00
Johnny Lim 57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Rob Winch c856c376df Fix UTF-8 in JdbcDaoImplTests 2017-12-20 15:50:23 -06:00
Joe Grandja e19fdb6cc1 Remove AuthenticatedPrincipal from UserDetails
Issue gh-4877
2017-11-30 10:52:24 -05:00
Joe Grandja 50d1a81458 AbstractAuthenticationToken.getName() uses UserDetails.getUsername()
Fixes gh-4877
2017-11-30 09:17:42 -05:00
Rob Winch ee1745b681 Update to Spring Framework 5.0.2.RELEASE 2017-11-27 11:57:03 -06:00
Rob Winch 691bf2e11d PasswordEncoder Bean for AuthenticationManagerBuilder
Issue: gh-4873
2017-11-27 11:42:56 -06:00
Johnny Lim 701933c7f7 Fix copyright start years
See gh-4655
See gh-4725
2017-11-17 10:14:32 -06:00
Johnny Lim 5f518d00e5 Apply Checkstyle EmptyStatementCheck module
This commit adds Checkstyle `EmptyStatementCheck` module and aligns code with it.
2017-11-16 20:18:21 -06:00
Oleg Zhuravlev 563139c469 Fix keys in messages bundle 2017-11-16 11:28:57 -06:00
Benedikt Ritter fffd781b03 Add localization to error messages from ExceptionTranslationFilter
Fixes gh-4504
2017-11-16 11:25:56 -06:00
Johnny Lim b6895e6359 Apply Checkstyle WhitespaceAfterCheck module 2017-11-16 11:18:31 -06:00
Johnny Lim d900f2a623 Remove unused imports
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
Rob Winch 6d4b4bf2c7 Align Dependencies with Spring IO Cairo
Fixes gh-4821
2017-11-14 13:45:24 -06:00
Johnny Lim 99df632f24 Add missing @Override annotations
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
2017-11-08 13:27:24 -06:00
Rob Winch d9abd2e443 User.UserBuilder only encodes once
Fixes gh-4794
2017-11-06 09:47:37 -06:00
Greg Turnquist 881cd0befb Fix UsernamePasswordAuthenticationTokenMixin to handle null credentials/details
Resolves #4698
2017-10-31 16:34:07 -05:00
Rob Winch e95430fa36 Polish Reactive Method Security reference
Issue gh-4757
2017-10-30 16:27:50 -05:00
Gajendra kumar ec723952d5 principals and sessionIds should be set using constructor so that can be shared across node in cluster
As principals and sessionIds are set in class itself so one can't share user session count across nodes(Cluster). Using constructor for setting principals and sessionIds we can pass Cache map to constructor which can enable common session count in cluster otherwise user would be allowed to logged in with multiple sessions. There is no point keeping principals and sessionIds completely internal.
2017-10-30 01:08:15 -05:00
Frank Pavageau 35706ad60a Deserialize the principal in a neutral way
When the principal of the Authentication is an object, it is not necessarily
an User: it could be another implementation of UserDetails, or even a
completely unrelated type. Since the type of the object is serialized as a
property and used by the deserialization anyway, there's no point in
enforcing a stricter type.
2017-10-30 00:53:31 -05:00
Frank Pavageau 6fd9ff254b Map values directly from the JSON nodes
Not only is it more efficient without converting to an intermediate String,
using JsonNode.toString() may not even produce valid JSON according to its
Javadoc (ObjectMapper.writeValueAsString() should be used).
2017-10-30 00:53:31 -05:00
Antoine 0771778b81 Polish more AssertJ assertions 2017-10-29 22:22:34 -05:00
Antoine e0aca04a28 Polish AssertJ assertions
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
Rob Winch 44320447fe Update to Spring 5.0.1.RELEASE
Issue gh-4739
2017-10-29 14:31:45 -05:00
Rob Winch 747473257f Use ReactorSecurityContextHolder
Issue gh-4713
2017-10-26 20:11:42 -05:00
Rob Winch 9ea4df5b5d ReactiveSecurityContextHolder
Fixes gh-4713
2017-10-26 20:11:42 -05:00
Rob Winch 399da1ecad SecurityContextImpl constructor
Fixes gh-4712
2017-10-26 20:11:42 -05:00
Rob Winch 38a8189a62 DelegatingApplicationListener uses CopyOnWriteArrayList
Fixes gh-4416
2017-10-24 15:35:04 -05:00
Rob Winch 8291f20796 DaoAuthenticationProvider uses DelegatingPasswordEncoder
This means that passwords will be encoded with BCrypt by default

Fixes: gh-2775
2017-10-24 07:56:28 -05:00
Rob Winch d19b222b55 UserDetailsRepositoryReactiveAuthenticationManager uses DelegatingPasswordEncoder
This means passwords will be encoded with BCrypt by default

Issue: gh-2775
2017-10-24 07:56:28 -05:00
Rob Winch cdc992b132 Remove SaltSource
Fixes gh-4681
2017-10-24 07:56:28 -05:00
Rob Winch 4529e09339 Remove PasswordEncoder from core
Issue: gh-4674
2017-10-24 07:56:28 -05:00
Rob Winch 6c69333df6 Remove PasswordEncoderUtils from core
Issue: gh-4674
2017-10-24 07:56:28 -05:00
Rob Winch 3a4a32e654 Remove LdapShaPasswordEncoder from core
Issue: gh-4674
2017-10-24 07:56:20 -05:00
Rob Winch 6a3e981c80 Remove BaseDigestPasswordEncoder from core
Issue: gh-4674
2017-10-24 07:55:40 -05:00
Rob Winch a8aa65b828 Remove Md4PasswordEncoder from core
Issue: gh-4674
2017-10-24 07:55:32 -05:00
Rob Winch 2dc4e326be Remove MessageDigestPasswordEncoder from core
Issue: gh-4674
2017-10-23 22:27:16 -05:00
Rob Winch 12dbf2e961 Remove PlainTextPasswordEncoder from core
Issue: gh-4674
2017-10-23 22:27:16 -05:00
Rob Winch 40fd8d7aa7 Remove ShaPasswordEncoder from core
Issue: gh-4674
2017-10-23 22:27:16 -05:00
Rob Winch e98fc3556e Remove Md5PasswordEncoder from core
Issue: gh-4674
2017-10-23 22:27:16 -05:00
Rob Winch 52560b560d PasswordEncodedUser
Fixes gh-4680
2017-10-23 22:27:16 -05:00
Rob Winch 1ea10a1e89 Add User.withDefaultPasswordEncoder()
Fixes gh-4678
2017-10-23 22:27:16 -05:00
Rob Winch a0fb324e1d Add passwordEncoder to UserBuilder
Fixes gh-4677
2017-10-23 22:27:16 -05:00
Rob Winch 7fd1cff3ce Fix PrePostAdviceReactiveMethodInterceptor tangle
Issue: gh-4636
2017-10-16 16:36:43 -05:00
Rob Winch 1dc49276f8 Fix P tangle
Issue: gh-4636
2017-10-16 16:36:15 -05:00
Rob Winch 96f6368214 Update to Spring Framework 5.0.1.BUILD-SNAPSHOT
Fixes gh-4633
2017-10-16 16:30:59 -05:00
Rob Winch 57d26ffa10 Polish 2017-10-11 13:57:59 -05:00
Rob Winch e99e2a9f09 PrePostAdviceMethodInterceptor->PrePostAdviceReactiveMethodInterceptor
Issue gh-4615
2017-10-11 13:57:54 -05:00
Rob Winch 5502856095 UserDetailsRepositoryAuthenticationManager->UserDetailsRepositoryReactiveAuthenticationManager
Issue gh-4615
2017-10-11 13:57:35 -05:00
Rob Winch 4681697581 UserDetailsRepository->ReactiveUserDetailsService
Issue gh-4615
2017-10-11 13:57:30 -05:00
Rob Winch f1bc82dcef AuthenticatedAuthorizationManager->AuthenticatedReactiveAuthorizationManager
Issue gh-4615
2017-10-11 13:57:26 -05:00
Rob Winch 866ce5eaec AuthorityAuthorizationManager->AuthorityReactiveAuthorizationManager
Issue gh-4615
2017-10-11 13:57:08 -05:00
Rob Winch fc84d31010 Fix Javadoc Encoding 2017-10-09 16:48:50 -05:00
Rob Winch 23f56f568c Update MockitJunitRunner import
Issue: gh-4608
2017-10-09 16:13:33 -05:00
Rob Winch 445834784a Update to Mockito 2.10.0
Issue: gh-4608
2017-10-09 16:13:11 -05:00
Rob Winch f3828924ff Fix equals and hashCode alignment
Fixes gh-4588
2017-09-28 17:25:00 -05:00
Rob Winch 1c9b627267 Update to Spring Framework 5.0.0.RELEASE
Fixes gh-4585
2017-09-28 17:24:38 -05:00
Rob Winch b59265c641 Add InMemoryUserDetailsManager(UserDetails... users) 2017-09-22 19:56:32 -05:00
Stephan Schroevers 9e719bc313 Drop the `aopalliance:aopalliance` dependency
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.

This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)

The documentation is updated accordingly.

[1] https://jira.spring.io/browse/SPR-13984
2017-09-22 11:11:04 -05:00
Rob Winch 8854414101 Polish for Gradle 5.0 2017-09-18 16:53:19 -05:00
Rob Winch 8a66d0c78d Polish PermissionEvaluator Autowired into Web Security
Issue gh-4077
2017-09-18 16:53:19 -05:00
Craig Andrews 3bf6bf10de Configure permissionEvaluator and roleHierarchy by default
Implementations of AbstractSecurityExpressionHandler (such as the very commonly used DefaultWebSecurityExpressionHandler) get PermissionEvaluator and RoleHierarchy from the application context (if the application context is provided, and exactly one of such a bean exists in it). This approach matches that used in GlobalMethodSecurityConfiguration, making everything in Spring Security work the same way (including WebSecurity).

Issue gh-4077
2017-09-18 16:35:16 -05:00
Rob Winch 1f4082e754 Fix copyright lines 2017-09-18 11:11:25 -05:00
Rob Winch 3ecf3ea034 Fix double * in Copyright headers 2017-09-18 10:47:26 -05:00
Rob Winch ae342dfcce Update to the lastest SNAPSHOTs 2017-09-18 10:17:21 -05:00
Rob Winch 7bb4367cf1 Prepare Versions for Release 2017-09-13 08:24:14 -05:00
Rob Winch 72f139a824 Mono.currentContext()->subscriberContext()
Fixing refactoring by Reactor
2017-09-01 16:14:42 -05:00
ladislav-bozek b3ad174ee2 Small typo in Javadoc 2017-08-30 15:27:53 -05:00
Rob Winch 895f0d108c Run PasswordEncoder on Schedulers.parallel() 2017-08-29 22:26:56 -05:00
Rob Winch a563689e6c Add PasswordEncoder for UserDetailsRepositoryAuthenticationManager 2017-08-29 21:19:42 -05:00
Rob Winch 416ff3c77a Add EnableReactiveMethodSecurity
Issue gh-4496
2017-08-17 16:42:01 -05:00
Rob Winch e16b8e7976 Fix logback-test.xml 2017-08-17 16:42:01 -05:00
Rob Winch 0f0563cd6f MethodSecurityMetadataSourceAdvisor supports MethodInterceptor
Fixes gh-4480
2017-07-31 16:46:51 -05:00
Joe Grandja a176a8c4ae Update to next development version 2017-07-24 11:54:43 -04:00
Joe Grandja abf34e0e67 Release 5.0.0.M3 2017-07-24 11:12:32 -04:00
Rob Winch 0b481cf4b6 Make UserBuilder.username public
This allows for reusing a UserBuilder to create multiple UserDetails with
similar attributes but different usernames.

Fixes gh-4453
2017-07-12 13:54:52 -05:00
Rob Winch 37011720c9 Update to latest Spring IO Cairo SNAPSHOT
Fixes gh-4407
2017-06-20 16:42:09 -05:00
Rob Winch fb85ad6bd7 Revert "Work Around SPR-15651"
This reverts commit 6c286696b4.
2017-06-15 15:25:36 -05:00
Rob Winch dcef3d6ebb Remove springIoVersion for release preparations 2017-06-15 13:34:51 -05:00
Rob Winch 6c286696b4 Work Around SPR-15651
Issue gh-4386
2017-06-09 22:26:02 -05:00
Rob Winch d09fb5b500 Move UserDetailsRepository to core.userdetails
Fixes gh-4383
2017-06-09 16:07:09 -05:00
Joe Grandja eb6bd9bea9 Update groupId io.projectreactor.addons -> io.projectreactor
Fixes gh-4377
2017-06-08 14:06:51 -04:00
Rob Winch 5dee8534cd Update SecurityJackson2Modules
Fixes gh-4370
2017-06-07 23:05:13 -05:00
Rob Winch a79a81cd24 Simplify webflux samples
Remove the custom user from the hellowebflux and hellowebfluxfn samples.
2017-05-23 15:59:16 -05:00
Rob Winch 07234f6255 Switch back to Spring Framework 5.0.0.BUILD-SNAPSHOT 2017-05-16 15:12:09 -05:00
Rob Winch 22c1685d70 Use AssertionsForClassType 2017-05-15 13:48:12 -05:00
Rob Winch d81b436e5d Remove pom.xml from build
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.

This commit removes the pom.xml files from the build.

Fixes gh-4283
2017-05-11 14:32:36 -05:00
Vedran Pavic e9427e421b Update Spring version 2017-05-10 00:27:36 -05:00
Vedran Pavic 85719fcd64 Use Base64 implementation provided by Java 8 2017-05-10 00:27:36 -05:00
Rob Winch b4f2777755 Add WebFlux
Fixes gh-4128
2017-05-10 00:13:02 -05:00
Rob Winch 051e3fb079 Add UserBuilders.withUserDetails 2017-05-10 00:12:12 -05:00
Rob Winch 5c7ff5c24a Update to spring 5.0.0.RC1 2017-05-09 02:35:46 -05:00
Rob Winch e1ef0477fb Build Leverages tests-configuration plugin 2017-05-01 17:10:20 -05:00
Rob Winch d108bf58bf Remove commons-logging
Issue: gh-4308
2017-04-24 19:40:22 -05:00
Rob Winch dd6fc48dd8 Standardize Build
The build now uses spring build conventions to simplify the build

Fixes gh-4284
2017-04-21 10:55:05 -05:00