5c56bddbdd
Polish log message
2024-09-03 09:43:37 -03:00
008cbc2cae
Add cookie customizer to CookieRequestCache and CookieServerRequestCache
...
Issue gh-15204
2024-09-03 09:41:30 -03:00
820ce4ea7a
Merge branch '6.3.x'
2024-09-02 09:00:11 -03:00
25ddc2acfc
Merge branch '6.2.x' into 6.3.x
2024-09-02 09:00:01 -03:00
69231c5853
Avoid running the VerifyDependenciesVersionsTask and CheckExpecedBranchVersionTask when inputs are stable #15713
2024-09-02 08:45:48 -03:00
f0f47b54ec
Improve warning message
2024-08-31 16:48:59 -07:00
add5c56136
Update AuthorizeReturnObject Jackson Docs
...
Now instructs to use MethodAuthorizationDeniedHandler
Issue gh-14601
2024-08-30 11:43:47 -06:00
fd05c5ad76
Remove Advised Methods from Authorization Proxy Objects
...
Closes gh-15561
2024-08-30 10:40:25 -07:00
ecf6cace82
Re-Enable Disabled OpenSAML Tests
...
Issue gh-15395
2024-08-30 10:21:32 -06:00
c9d083717f
Apply OpenSAML Test Fix to Remaining Test
...
There was one test that wasn't converted and now it is.
Issue gh-15395
2024-08-30 10:21:32 -06:00
626610a975
Polish Annotation API
...
Rename to a class that isn't focused on the synthesis implementation detail.
Also add Security to the front of the name to clarify that it is only intended
for security annotations, reminiscent of SecurityMetadataSource.
Refine method signatures to better articulate supported use cases.
Issue gh-15286
2024-08-30 08:51:49 -06:00
cc6de8fa5d
Hide MergedAnnotation Implementation Details
...
Issue gh-15286
2024-08-29 17:27:14 -06:00
095929f6e8
Include FilterChain in SessionInformationExpiredEvent
...
Closes gh-14077
2024-08-29 13:12:27 -03:00
3117feff61
Bump org.seleniumhq.selenium:selenium-java from 4.23.1 to 4.24.0
...
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium ) from 4.23.1 to 4.24.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases )
- [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.24.0 )
---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-28 20:50:27 -07:00
373508bd20
Bump org.mockito:mockito-bom from 5.12.0 to 5.13.0
...
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito ) from 5.12.0 to 5.13.0.
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v5.12.0...v5.13.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-27 20:23:49 -07:00
84fc5a70ee
Fix variable targetClassToUse not used
...
Closes gh-15567
2024-08-26 15:49:22 -07:00
e39b39dada
Corrected Reference to HttpServletRequest#authenticate
2024-08-26 15:35:13 -07:00
d2e8c19789
Merge branch '6.3.x'
2024-08-26 16:33:04 -06:00
279cb89eac
Merge branch '6.2.x' into 6.3.x
2024-08-26 16:32:58 -06:00
2ba9b6821a
Fix OIDC Logout Code Snippets
2024-08-26 15:32:35 -07:00
f372f5cf52
Replace OidcSessionStrategy References with OidcSessionRegistry
2024-08-26 15:32:35 -07:00
f0f04e490e
Merge branch '6.3.x'
2024-08-26 16:25:27 -06:00
6ea33ceaea
Merge branch '6.2.x' into 6.3.x
2024-08-26 16:25:12 -06:00
47723f6d39
Fix code format in OIDC Logout docs
2024-08-26 15:14:02 -07:00
52b6de262a
Merge branch '6.3.x'
2024-08-26 19:41:36 +00:00
2041d30201
Merge branch '6.2.x' into 6.3.x
2024-08-26 19:41:36 +00:00
5c84d505d9
Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
...
Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases )
- [Commits](https://github.com/eclipse-ee4j/jstl-api/commits )
---
updated-dependencies:
- dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 12:40:57 -07:00
c3a5cf54d4
Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
...
Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases )
- [Commits](https://github.com/eclipse-ee4j/jstl-api/commits )
---
updated-dependencies:
- dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 12:40:49 -07:00
aef2068f76
Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
...
Bumps [jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api](https://github.com/eclipse-ee4j/jstl-api ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/eclipse-ee4j/jstl-api/releases )
- [Commits](https://github.com/eclipse-ee4j/jstl-api/commits )
---
updated-dependencies:
- dependency-name: jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 12:40:27 -07:00
78fd8bf3b7
Specify Labels for npm Updates
...
This brings the labels in line with the other dependency updates that
aren't of interest for the release notes. It also avoids adding labels
that aren't already defined by the project.
2024-08-26 13:37:04 -06:00
b91f10825e
Disable Flaky Tests
...
There was another flaky failure. While it seems clear what
needs to be done to repair it, this commit disables these
tests for now while the CI on a separate branch confirms
after a few days that the tests are stable again.
Issue gh-15395
2024-08-26 08:58:38 -06:00
561c786726
Repair Flaky Tests
...
The issue turned out to be that OpenSAML first sends two HEAD
requests before sending a GET to retrieve the metadata. The way
the MockWebServer dispatcher was configured, it would send back
the metadata on each request. This created a situation where sockets
were being closed by the client before the server had sent all the
response, resulting in a broken pipe.
The tests would succeed most of the time due to lucky timing between
the client closing the socket and the server having sent all of its
(unrequested) data.
This version sends an expected HEAD response when requested.
Issue gh-15395
2024-08-23 15:55:56 -06:00
e90a6b66fe
Bump com.gradle.develocity from 3.17.6 to 3.18
...
Bumps com.gradle.develocity from 3.17.6 to 3.18.
---
updated-dependencies:
- dependency-name: com.gradle.develocity
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 20:17:45 -07:00
4635dabf87
Merge branch '6.3.x'
2024-08-22 19:44:55 -06:00
d134b0a4f4
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15681
2024-08-22 19:44:40 -06:00
a3b88a8d4b
Enable Runtime Method Parameter Reflection
...
Several method security tests rely on method parameters
being preserved, in order to demonstrate the difference
between relying on runtime reflection and using the @P
annotation.
Closes gh-15680
2024-08-22 19:44:11 -06:00
dff3780c5e
Merge branch '6.3.x'
2024-08-22 12:38:17 -06:00
4c0d969f1f
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15676
2024-08-22 12:37:45 -06:00
3ee5a96e53
Merge branch '5.8.x' into 6.2.x
...
Closes gh-15675
2024-08-22 12:24:56 -06:00
8318a42959
Update What's New for 6.4
...
Issue gh-15437
2024-08-22 13:12:33 -05:00
5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type
...
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.
Closes gh-15651
2024-08-22 12:10:25 -06:00
09785a3845
Bump org-eclipse-jetty from 11.0.22 to 11.0.23
...
Bumps `org-eclipse-jetty` from 11.0.22 to 11.0.23.
Updates `org.eclipse.jetty:jetty-server` from 11.0.22 to 11.0.23
Updates `org.eclipse.jetty:jetty-servlet` from 11.0.22 to 11.0.23
---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 10:55:48 -07:00
fd991aaf9e
Revert "Bump com.gradle.develocity from 3.17.6 to 3.18"
...
This reverts commit 430874c6
2024-08-22 11:16:59 -05:00
1531acd2a8
Merge branch '6.3.x'
2024-08-22 11:07:05 -03:00
548e1c3649
Revert "Log command for debugging"
...
This reverts commit f1802be73a
2024-08-22 11:06:59 -03:00
9791801bc6
Merge branch '6.2.x' into 6.3.x
2024-08-22 11:06:43 -03:00
c06543daf3
Merge branch '5.8.x' into 6.2.x
2024-08-22 11:06:19 -03:00
037ccecdaa
Next development version
2024-08-22 13:53:46 +00:00
de8dbf9560
Release 6.4.0-M3
2024-08-22 13:23:02 +00:00
e92a945a2d
Replace Env Variable with Expression
...
Issue gh-15659
2024-08-22 10:17:55 -03:00
Marcus Hert Da Coregio
Florian Bernard
Bryan Kelly
Yanming Zhou
Josh Cummings
DingHao
Ilpyo-Yang
dependabot[bot]
Xi Minghui
Hero Wanders
Junhyunny
github-actions[bot]
Steve Riesenberg