Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-03-05 11:14:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,478 Commits 50 Branches 373 Tags
Commit Graph

2785 Commits

Author SHA1 Message Date
Tran Ngoc Nhan
41e3aeb246 Use site-url for reference link 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-03-03 16:51:25 -07:00
Tran Ngoc Nhan
89260a3a9c Use reference links from attributes 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-03-03 16:51:25 -07:00
Josh Cummings
a01c0d003c
Merge branch '7.0.x' 2026-03-03 16:44:25 -07:00
Josh Cummings
20a7f96062
Merge branch '6.5.x' into 7.0.x 2026-03-03 16:44:12 -07:00
HaiYan
706b059ea8
Update logout.adoc 
Directives should be Directive

Signed-off-by: HaiYan <haiyan_qi@hotmail.com>
 2026-03-03 16:43:18 -07:00
Josh Cummings
587ac2cbad Move Snippets to Compiled Code 
Issue gh-18745

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-02 16:20:22 -07:00
Andrey Litvitski
b05b25f2d6 Update opaque-token.adoc for RestClientOpaqueTokenIntrospector 
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-02 16:20:22 -07:00
Josh Cummings
bd51ecd691
Merge branch '7.0.x' 2026-02-26 17:10:28 -07:00
Josh Cummings
c29af014f4
Merge remote-tracking branch 'origin/6.5.x' into 7.0.x 2026-02-26 17:10:16 -07:00
Josh Cummings
4501ae7d1c Update Reactive Resource Server startup exceptations 
Issue gh-16708

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-26 16:56:22 -07:00
Josh Cummings
48112d3d74 Polish Resource Server startup expectations 
Issue gh-16708

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-26 16:56:22 -07:00
[CLOUD4] 한현
b8735abb63 Clarify Resource Server startup expectations 
Clarify that Spring Boot defers OIDC discovery by default.

Closes gh-16708

Signed-off-by: [CLOUD4] 한현 <gusgus1467@naver.com>
 2026-02-26 16:56:22 -07:00
Josh Cummings
50caf0cb28
Merge branch '7.0.x' 2026-02-26 15:57:27 -07:00
Tran Ngoc Nhan
7c3c8bbdcb Update Remember-Me example 
Closes gh-18639

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-26 15:28:32 -07:00
Josh Cummings
b7dbb12c66
Merge branch '7.0.x' 2026-02-26 15:10:18 -07:00
Josh Cummings
731848d5d3
Merge branch '6.5.x' into 7.0.x 2026-02-26 15:09:45 -07:00
Guillaume Husta
68a02ff176 Update Link to CRSF Docs in FAQ 
Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-02-26 14:47:21 -07:00
Josh Cummings
e30d9240c9 Add Docs for Custom Jwt Principal Converters 
Issue gh-6237

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-26 12:28:50 -07:00
Josh Cummings
4b0be84a0e Merge branch '7.0.x' 2026-02-24 17:10:26 -07:00
Josh Cummings
73ee893d98 Merge remote-tracking branch 'origin/6.5.x' into 7.0.x 2026-02-24 17:10:14 -07:00
Josh Cummings
4d43edfb20 Polish Documentation 
- Combined explanation of method attribute with usage recommendations
- Used one sentence per line format

Issue gh-16530

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-24 14:24:11 -07:00
onhann
9f9699f8a5 Clarify need for method attribute in JSP authorize tag 
Closes gh-16530

This aligns the JSP documentation with the changes made in gh-16529.
Added a NOTE to clarify that the method attribute is required when the underlying RequestMatcher is method-specific.

Signed-off-by: onhann <gusgus1467@naver.com>
 2026-02-24 14:24:11 -07:00
Robert Winch
0c394696ce
Fix servlet/architecture.adoc disable Sample 
- Switch `include-java` (does not exist) to `include-code`
- Update kotlin to have the `disable` tag
- Update to suppress deprecation use for User builder (allowed for samples)

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 17:03:17 -06:00
Joe Kuhel
62d1bc86e3
Update servlet architecture docs to use include-code 
Also update antora.xml to include-xml in docs/src/test/resources

Signed-off-by: Joe Kuhel <4983938+jkuhel@users.noreply.github.com>
 2026-02-23 16:37:16 -06:00
Rob Winch
3106f2be7b
Merge pull request #18757 from wonderfulrosemari/gh-4265-csrf-multipart-header 
Document multipart CSRF header option
 2026-02-23 11:51:54 -06:00
Robert Winch
e1436c39f0
Merge Document Keberose Dependency Coordinates 2026-02-23 11:33:25 -06:00
Robert Winch
fec988c82d
Add Kerberos Migration Section 
This links to the updated dependency coordinates

Issue gh-18773

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 11:29:50 -06:00
busoco-sjb
17b434c1c1
Document the change in dependency coordinates with Spring Security 7 
Signed-off-by: busoco-sjb <169069865+busoco-sjb@users.noreply.github.com>
 2026-02-23 11:21:59 -06:00
Chen He
d65625e399 Update BCryptPasswordEncoder example in password-storage.adoc 
Replaces the usage of BCryptPasswordEncoder with
BcryptPassword4jPasswordEncoder in documentation samples.

Signed-off-by: Chen He <nidhogg55555@gmail.com>
 2026-02-19 14:29:53 -06:00
Tran Ngoc Nhan
a539f056f7 Add javadoc-warnings-error 
Closes gh-18452

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-19 13:48:28 -06:00
Robert Winch
cc6a005aa5 Add InetAddressMatcher 
Co-authored-by: Gábor Vaspöri <gabor.vaspori@gmail.com>
Co-authored-by: Kian Jamali <kianjamali123@gmail.com>
Co-authored-by: Rossen Stoyanchev <rstoyanchev@users.noreply.github.com>
 2026-02-19 11:44:19 -06:00
wonderfulrosemari
8d76ae0844 Document multipart CSRF header option 
Closes gh-4265

Signed-off-by: wonderfulrosemari <whwlsgur1419@naver.com>
 2026-02-19 02:07:25 +09:00
Josh Cummings
705fa60a01 Document Method Security hasScope Support 
Issue gh-18013

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-10 15:23:32 -07:00
Josh Cummings
688b6ca733 Add Documentation for ExpressionJwtGrantedAuthoritiesConverter 
Closes gh-18300
 2026-02-10 09:11:26 -07:00
Robert Winch
50fad46df6
Bump @antora/atlas-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/atlas-extension"
  dependency-version: 1.0.0-alpha.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:48 -06:00
dependabot[bot]
e28eea208b
Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.4 to 1.14.7.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.4...v1.14.7)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:58 -06:00
dependabot[bot]
f646392542
Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-version: 1.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:57 -06:00
dependabot[bot]
52ca16fa4b
Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs 
Bumps [antora](https://gitlab.com/antora/antora) from 3.2.0-alpha.8 to 3.2.0-alpha.11.
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.8...v3.2.0-alpha.11)

---
updated-dependencies:
- dependency-name: antora
  dependency-version: 3.2.0-alpha.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:52:25 +00:00
arianna
3386e077e6 Fix typos in SAML 2.0 Documentation 
- Fix wrong docs link in Servlet - SAML2 Log In Overview
- Fix examples in Servlet - SAML2 Authentication Responses
- Fix examples in Servlet - SAML2 Logout

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
10490a7b92 Fix typos in OAuth 2.0 Resource Server 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
f1e742dfc5 Fix typos in Authorization Documentation 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
8e9480545e Fix issue reports 
Closes gh-18376

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
Josh Cummings
fc2fd63793
Merge branch '7.0.x' 2026-02-05 17:23:08 -07:00
Vincent Stradiot
075c48c0d8 Fix typo in documentation 
Signed-off-by: Vincent Stradiot <vincentstradiot@hotmail.com>
 2026-02-05 17:22:43 -07:00
Joe Grandja
517bc7cb65 Polish gh-18614 2026-02-05 15:32:47 -05:00
Elayne Bloom
a2d407518c Document ClientSettings 
Added documentation to describe the possible client configuration options when setting up an Oauth2 Authorization Server.

Closes gh-18614

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-05 15:32:46 -05:00
Joe Grandja
8f22fd4407 Merge branch '7.0.x' 2026-02-02 16:38:29 -05:00
Elayne Bloom
2c97b3376b Document Client PKCE settings 
Updated the documentation to reflect recent changes to enable PKCE by default for `authorization_code` flows in the documentation for the client.

Closes gh-18304

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-02 16:30:27 -05:00
Vyacheslav
e029b3ac6f Update authorize-http-requests.adoc 
Comma added for java configuration 

Signed-off-by: Vyacheslav <43342280+cmmttd@users.noreply.github.com>
 2026-02-02 11:48:07 -06:00
Tran Ngoc Nhan
8bafd94b1f Add compile-warnings-error 
Closes gh-18424

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 11:37:39 -06:00