Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,809 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

6809 Commits

Author SHA1 Message Date
Michael J. Simons 1517e9b222 Migrate xml-contacts groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons 4a3baad4f9 Migrate xml-ldap groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons 8c6f965973 Migrate javaconfig-ldap groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons 26f7b2f99f Migrate javaconfig-helloworld groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Michael J. Simons 2e2b22f87e Migrate xml-insecure groovy->java 
See #4939.
 2018-01-24 11:06:08 -06:00
Rob Winch 6ba225b62d Polish userNotFoundEncodedPassword 
Ensure that if passwordEncoder is set that userNotFoundEncodedPassword
is encoded again if already set.

Issue: gh-4915
 2018-01-24 11:06:08 -06:00
Phillip Webb fd78d055aa Lazily initialize userNotFoundEncodedPassword 
Update `DaoAuthenticationProvider` so that `userNotFoundEncodedPassword`
is lazily initialized on the first call to `retrieveUser`, rather than
in `doAfterPropertiesSet`.

Since some `PasswordEncoder` implementations can be slow, this change
can help to improve application startup times and the expense of some
delay with the first login.

Note that `userNotFoundEncodedPassword` creation occurs on the first
user retrieval, regardless of whether the user is ultimately found. This
ensures consistent processing times, regardless of the outcome.

First Call:
	Found      = encode(userNotFound) + decode(supplied)
	Not-Found  = encode(userNotFound) + decode(userNotFound)

Subsequent Call:
	Found      = decode(supplied)
	Not-Found  = decode(userNotFound)

Fixes gh-4915
 2018-01-24 11:06:08 -06:00
Rob Winch 0eef5b4b42 Add StrictHttpFirewall 2018-01-24 11:06:08 -06:00
Joe Grandja 900ab1df81 Add javadoc for the OAuth 2.0 Security Configurer's 
Fixes gh-4972
 2018-01-24 06:18:08 -05:00
Joe Grandja 6b24aaf6f5 Add javadoc for spring-security-oauth2-jose 
Fixes gh-4885
 2018-01-23 21:27:47 -05:00
Joe Grandja fe2ac00deb Add javadoc for spring-security-oauth2-client 
Fixes gh-4884
 2018-01-23 17:07:21 -05:00
Joe Grandja 84679a5d64 Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login 2018-01-23 12:14:57 -05:00
Kazuki Shimizu 444e2dade3 Support GrantedAuthoritiesMapper @Bean for oauth2Login 
Fixes gh-4880
 2018-01-23 09:51:14 -05:00
Rob Winch fe40952908 Revert "webflux-form sample uses Tomcat" 
This reverts commit 67bb91bb76.

We can use Netty again now that reactor/reactor-netty#248 has
been resolved.

Fixes: gh-4923
 2018-01-23 08:31:41 -06:00
Rob Winch 6a0833165a AuthorizationWebFilter handles null Authentication 
If the AuthorizationManager used the Authentication and the Authentication
was null the AuthorizationWebFilter would produce a NullPointerException

This commit fixes the test to ensure that Authentication is subscribed to
and ensures that the Authentication is not null

Fixes: gh-4966
 2018-01-22 15:16:58 -06:00
Joe Grandja e6cac604f3 Add javadoc for spring-security-oauth2-core 
Fixes gh-4883
 2018-01-18 16:00:26 -05:00
Rob Winch 91ef7ce1cf AuthenticationEventPublisher Bean used by Default 
Fixes: gh-4940
 2018-01-18 08:59:27 -06:00
Rob Winch 65c3862da9 Password Troubleshooting Reference Fix 
Correct the package to NoOpPasswordEncoder within the reference

Fixes: gh-4965
 2018-01-18 08:25:52 -06:00
Rob Winch 450600cbb8 Polish reference 2018-01-12 09:17:05 -06:00
Rob Winch 0991f31613 Document exchange password for short term credential 
Fixes gh-4959
 2018-01-12 09:15:35 -06:00
Joe Grandja aa900065b8 Document OAuth2UserService delegation-based strategy for authorities mapping 
Fixes gh-4909
 2018-01-11 10:07:58 -05:00
Michael J. Simons 6c0b510c98 Remove hardcoded Spring versions from namespaces 
This fixes #4945.
 2018-01-10 16:47:20 -06:00
Michael J. Simons b634b49f9f Migrate xml-jaas groovy->java 2018-01-10 16:44:59 -06:00
Michael J. Simons cd3449b312 Migrate javaconfig-form groovy->java 
See #4939
 2018-01-10 16:41:36 -06:00
Adolfo Eloy 196f02748d Migrate UserDetailsManagerConfigurerTests groovy->java 2018-01-10 16:13:08 -06:00
Johnny Lim f3830eec7d Rename userDetailsRepository to userDetailsService 2018-01-10 16:04:48 -06:00
Michael J. Simons a4701bcd52 Migrate javaconfig-jdbc groovy->java 
See #4939.
 2018-01-10 16:03:39 -06:00
Joe Grandja 1d32fffc1d Make OAuth2Error Serializable 
Fixes gh-4944
 2018-01-10 10:40:54 -05:00
Rob Winch 4d310b7bf3 spring-build-conventions 0.0.9.RELEASE 
Issue gh-4954
 2018-01-09 12:51:57 -06:00
Rob Winch e49e430538 Use spring-build-conventions Bom plugin 
Fixes gh-4954
 2018-01-09 11:27:34 -06:00
Rob Winch 803cdcf01e Test Jackson HashMap in Whitelist 
Issue: gh-4889
 2018-01-03 16:17:23 -06:00
Chris Burrell cf97e16379 Add HashMap to Jackson whitelist 
Issue: gh-4889
 2018-01-03 16:17:23 -06:00
Adolfo Eloy 1d862c3836 Add tip to install Groovy Eclipse plugin on newer STS versions 2018-01-03 12:55:08 -06:00
Rob Winch 22737dce7e Polish 
DelegatingPasswordEncoder copies the provided Map. This ensures that
references to the Map do not update the state of DelegatingPasswordEncoder
and NullPointerException is avoided for implementations that do not allow
a null key.

Issue: gh-4936
 2018-01-03 10:11:04 -06:00
Michael J. Simons 2b66793535 Catch possible NullPointerException 
Some maps may throw a NullPointerException when get is called with null. This commit catches the exceptions and just leaves the delegate null.

Fixes gh-4936
 2018-01-03 09:46:58 -06:00
Michael J. Simons 718052932a Migrate xml-helloworld groovy->java 
This is a suggestion how to migrate the GebSpec based tests to Java / Selenium based tests.

Issue: gh-4939
 2018-01-03 09:35:28 -06:00
Michael J. Simons f9083614be Remove duplicate dependency 2018-01-03 09:35:28 -06:00
Rob Winch b9152701a6 Javadoc Polish 2017-12-21 16:43:11 -06:00
Rob Winch df3dd23772 Update to hibernate-validator 6.0.5.Final 2017-12-21 15:30:39 -06:00
Johnny Lim e9f3cfe814 Update to hibernate-validator 6.0.4.Final 2017-12-21 15:27:11 -06:00
Johnny Lim 921157cdcd Remove explicit super() calls 2017-12-21 15:11:51 -06:00
Johnny Lim 57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Aygiz Shaymardanov cfe40358bd typo in java doc 2017-12-21 14:18:41 -06:00
Johnny Lim 316fd0572f Remove @Nullable annotations in UserDetailsMapFactoryBean 2017-12-21 14:08:05 -06:00
Eddú Meléndez c16456623f Remove unused imports 2017-12-20 16:05:38 -06:00
Eddú Meléndez 9b84204e10 Remove spring-security-bom in dependencyManagement 
spring-security-bom it provides dependency management for itself. This
commit avoids adding it to the dependency management section.

Fixes gh-4878
 2017-12-20 16:02:53 -06:00
Rob Winch c856c376df Fix UTF-8 in JdbcDaoImplTests 2017-12-20 15:50:23 -06:00
Rob Winch b011076d2b .travis continue on failure 
Fixes gh-4925
 2017-12-20 15:38:22 -06:00
Rob Winch 2ba8c8bf02 Fix Travis build URL in README 
Fixes gh-4924
 2017-12-20 15:36:10 -06:00
Rob Winch 67bb91bb76 webflux-form sample uses Tomcat 
Work around gh-4923
 2017-12-20 15:08:49 -06:00