Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 11:32:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,612 Commits 38 Branches 348 Tags
Commit Graph

2694 Commits

Author SHA1 Message Date
Josh Cummings
7d3302f52b
Polish Test Name 
So that it adheres to methodNameWhenConditionThenVerification naming
convention.

Issue: gh-3743
 2018-10-30 10:20:37 -06:00
Karl Goffin
50d26c9d28
Polish Logging and Tests 
Removing debug statements which would have prematurely terminated the
stream, changing to AssertJ, and adding another test.

Issue: gh-3743
 2018-10-30 10:18:16 -06:00
Karl Goffin
92e68a589a
PostFilter Support for Streams 
Users can return a Stream from a @PostFilter-annotated method.

Fixes: gh-3743
 2018-10-30 10:17:16 -06:00
Joe Grandja
8ef65ce5c5 Set AuthenticationEventPublisher on each AuthenticationManagerBuilder 
Fixes gh-6009
 2018-10-23 14:08:23 -04:00
Joe Grandja
7a94931514 Polish javadoc 2018-10-23 08:45:06 -04:00
Drummond Dawson
818a3506fe Remove unnecessary concatenation of sql in JdbcUserDetailsManager 2018-10-19 15:30:03 -05:00
Joe Grandja
0b3aa2ce24 Update Security version to 5.2 2018-10-17 14:52:06 -04:00
Johnny Lim
68ffa0fece Add a missing space in Secured.value() signature 2018-10-03 14:47:48 -04:00
John Lin
69b71ee0ed Remove unused variables in ConsensusBased and UnanimousBased 2018-09-21 08:12:40 -05:00
John Lin
f5e2ca1b6e Fix truncated javadoc for Secured 
Fixes: gh-5861
 2018-09-18 21:34:02 -05:00
Vedran Pavic
cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
Johnny Lim
68878a1675 Replace isEqualTo(null) with isNull() 2018-08-09 18:04:48 -06:00
Rob Winch
d595098823 Rename @TransientAuthentication to @Transient 
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
 2018-07-16 11:31:10 -05:00
Rob Winch
ed3ed5e64c Rename @TransientAuthentication to @Transient 
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.

Issue: gh-5481
 2018-07-16 11:17:08 -05:00
Josh Cummings
3c46727be1 Transient Authentication Tokens 
This commit introduces support for transient authentication tokens
which indicate to the filter chain, specifically the
HttpSessionSecurityContextRepository, whether or not the token ought
to be persisted across requests.

To leverage this, simply annotate any Authentication implementation
with @TransientAuthentication, extend from an Authentication that uses
this annotation, or annotate a custom annotation.

Implementations of SecurityContextRepository may choose to not persist
tokens that are marked with @TransientAuthentication in the same way
that HttpSessionSecurityContextRepository does.

Fixes: gh-5481
 2018-07-16 10:40:45 -05:00
Rob Winch
a66b945ab7 Configuration for ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:08:06 -05:00
Rob Winch
72a267a311 UserDetailsRepositoryReactiveAuthenticationManager uses ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:08:01 -05:00
Rob Winch
ed8218a2b0 ReactiveUserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 15:07:53 -05:00
Rob Winch
7aaf70d582 DaoAuthenticationProvider supports password upgrades 
Issue: gh-2778
 2018-07-15 14:56:45 -05:00
Rob Winch
cabd0a5579 UserDetailsPasswordService 
Issue: gh-2778
 2018-07-15 14:54:20 -05:00
Rob Winch
86b5150d88 Spring Version null for NullPointerException 2018-07-14 22:21:10 -05:00
Rob Winch
d9d9879909 Add JdbcUserDetailsManager(DataSource) constructor 
Fixes: gh-5512
 2018-07-13 15:59:13 -05:00
Rob Winch
4d1c8f26c5 Add DelegatingReactiveAuthenticationManager 
Fixes: gh-5448
 2018-06-18 16:03:41 -05:00
Rob Winch
bb11a81857 Add UserDetailsRepositoryReactiveAuthenticationManager.setScheduler 
Fixes: gh-5417
 2018-06-11 14:30:29 -05:00
Rob Winch
8fa6dd0f5b Revert "Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677" 
This reverts commit d4e459874a2d6c58f822dd8d907870954167641e.
 2018-05-11 04:19:50 -05:00
이경욱
26bc6be850 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
이경욱
6adbe8dae0 Support whitespace characters using RoleHierarchyImpl 2018-05-07 16:51:41 -05:00
Kazuki Shimizu
8d716f75a4 Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:49:25 -05:00
Rob Winch
0a5da93640 Improve PasswordEncoder deprecated notices 
Fixes: gh-5296
 2018-05-03 15:13:06 -05:00
Joe Grandja
d4e459874a Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:38:37 -04:00
Rob Winch
fb7394c1de Polish Javadoc 
Fixes: gh-5186
 2018-03-29 15:33:57 -05:00
Christoph Dreis
d07cfe655d Use Supplier variants of Assert methods 2018-03-27 10:58:55 -05:00
Rob Winch
b1d013e8f0 Fix JDK 9 
Issue: gh-5160
 2018-03-27 09:30:56 -05:00
Alter Ego
0e37c0912e Update User.java 
fixed a typo; replaced "User.witUsername("user")" with "User.withUsername("user")"
 2018-03-22 08:19:44 -05:00
Rob Winch
67d793ae5f Delay lookup of managedVersions 
Fixes: gh-5127
 2018-03-16 13:55:17 -05:00
Rob Winch
efaf2b080f Make MIN_SPRING_VERSION Dynamic 
Fixes: gh-5065
 2018-03-16 13:53:40 -05:00
Josh Cummings
776b378a1d Authorities authenticate TestingAuthenticationToken 
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5073
 2018-03-09 13:21:47 -06:00
ylombardi
1d0e97880d Add the BadCredentialsExceptionMixin to help Jackson serialization of BadCredentialsException 2018-03-08 16:55:57 -06:00
Joe Grandja
5b023d0abc Fix Security version tests -> 5.1 2018-03-02 16:29:22 -05:00
Johnny Lim
d316803596 Polish DaoAuthenticationProviderTests 2018-03-02 08:55:37 -06:00
Rob Winch
8d75554b6b Lazily Create Throwables 
Fixes: gh-5040
 2018-02-26 16:24:40 -06:00
Rob Winch
831399be16 Update to Spring Framework 5.0.4 
Fixes: gh-5027
 2018-02-19 22:00:33 -06:00
Rob Winch
7063a9e111 Issue: gh-5018 2018-02-16 16:50:14 -06:00
Rob Winch
964a14b224 Document Reactive Method security requires Publisher return types 
Fixes: gh-4988
 2018-02-07 16:43:18 -06:00
Lóránt Pintér
f7beb537f0 Add included build to JAR 
Instead of copying classes to the compile output, we now add them directly to the JAR.
This allows JavaCompile to be cached, since there are no overlapping outputs anymore.
 2018-02-02 11:50:00 -06:00
Rob Winch
8b7f772761 Update to Jackson 2.9.4 
Fixes: gh-4985
 2018-02-01 13:45:06 -06:00
Rob Winch
994abb0d00 Document User.withDefaultPasswordEncoder unsafe for production 
Fixes: gh-4793
 2018-01-31 16:26:26 -06:00
Rob Winch
f7e49ace9f Add TestAuthentication 2018-01-26 15:13:09 -06:00
Rob Winch
c5e6ee4563 Update Dependencies 
Fixes: gh-4973
 2018-01-24 13:48:14 -06:00
Rob Winch
6ba225b62d Polish userNotFoundEncodedPassword 
Ensure that if passwordEncoder is set that userNotFoundEncodedPassword
is encoded again if already set.

Issue: gh-4915
 2018-01-24 11:06:08 -06:00