6753f9745e
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt
# docs/modules/ROOT/pages/reactive/exploits/csrf.adoc
2022-10-07 17:29:07 -05:00
f462134e87
Add reactive support for BREACH
...
Closes gh-11959
2022-10-07 16:34:17 -05:00
398f5dee7f
Remove deprecated RequestMatcher methods from Java Configuration
...
Closes gh-11939
2022-10-07 15:26:46 -03:00
9fd195d419
Default to shouldFilterAllDispatcherTypes=true in XML
...
Closes gh-11970
2022-10-07 11:46:20 -03:00
146d3269bc
Merge branch '5.8.x'
...
Closes gh-11971
2022-10-07 10:28:14 -03:00
f3321c256c
Add XML support for shouldFilterAllDispatcherTypes
...
Closes gh-11492
2022-10-07 10:20:32 -03:00
12b9f2e196
use-authorization-manager defaults to true
...
Closes gh-11929
2022-10-06 08:12:46 -06:00
c4d23f2b49
Use MvcRequestMatcher by default if Spring MVC is present
...
Closes gh-11899
2022-10-06 09:12:04 -03:00
8b490de08d
Merge branch '5.8.x'
...
# Conflicts:
# docs/modules/ROOT/pages/servlet/exploits/csrf.adoc
2022-10-05 14:46:15 -05:00
dce1c30522
Add support for BREACH
...
Closes gh-4001
2022-10-05 14:21:13 -05:00
22cbd2c42e
Merge branch '5.8.x'
...
Closes gh-11957
2022-10-05 14:00:13 -05:00
a5cc1f0b60
Merge branch '5.7.x' into 5.8.x
...
Closes gh-11956
2022-10-05 13:58:44 -05:00
37dd896d4b
Merge branch '5.6.x' into 5.7.x
...
Closes gh-11955
2022-10-05 13:57:25 -05:00
e0843aabb1
automatically manage docs version (with collector)
2022-10-05 13:56:22 -05:00
c1fcf275d9
Update What's New for 5.8
...
Issue gh-11952
2022-10-05 13:48:18 -05:00
38a7bbd2eb
Merge branch '5.8.x'
2022-10-05 13:20:12 -03:00
ace8caa182
Remove mvcMatchers usage from docs
...
Issue gh-11347
2022-10-05 13:19:37 -03:00
35f7e46d05
Remove WebSecurityConfigurerAdapter
...
Closes gh-10902
2022-10-04 15:13:04 -03:00
5de6da890b
Merge branch '5.8.x'
...
Closes gh-dry-run
2022-10-04 11:18:00 -05:00
475b3bb6bb
Add deferred CsrfTokenRepository.loadDeferredToken
...
* Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken>
* Move RepositoryDeferredCsrfToken to top-level and make package-private
* Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse)
* Update CsrfFilter
* Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler
Issue gh-11892
Closes gh-11918
2022-10-03 17:10:54 -05:00
7c3cc1e386
Merge branch '5.8.x'
2022-10-03 14:29:51 -05:00
0e215a21ad
Add X-Xss-Protection headerValue to XML config
...
Issue gh-9631
2022-10-03 14:29:34 -05:00
ad2abd39dc
Merge branch '5.8.x'
...
Closes gh-11347 in 6.0.x
Closes gh-11945
2022-10-03 16:02:18 -03:00
039e0328e1
Simplify Java Configuration RequestMatcher Usage
...
If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity
Closes gh-11347
Closes gh-9159
2022-10-03 15:55:20 -03:00
bf59d7c374
Update What's New for 5.8
2022-10-03 10:05:25 -05:00
43a1f8249c
Update What's New for 6.0
2022-09-29 15:57:48 -05:00
4d62621094
Merge branch '5.8.x'
2022-09-29 14:09:21 -05:00
7b1158ddb7
Merge branch '5.7.x' into 5.8.x
2022-09-29 14:09:10 -05:00
70c61dc1dd
Merge branch '5.6.x' into 5.7.x
2022-09-29 14:08:17 -05:00
c44230ba24
switch to offical Antora plugin for Gradle
...
- lock version to latest release of Antora 3.1
- rename properties on extension block
- use Node.js version provided by plugin
- remove package.json file
- assign environment variables using environments property on extension block
- use single quotes where possible in build script
- use default setting for log format
2022-09-29 14:05:09 -05:00
6c6aedf772
Update What's New for 6.0
2022-09-26 10:07:50 -05:00
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
c0e784b16d
Update What's New for 6.0
2022-09-26 09:48:52 -05:00
bcb21c9384
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
2022-09-23 15:39:43 -05:00
46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver
...
Closes gh-11896
2022-09-23 15:09:00 -05:00
0efe26c1fd
Merge branch '5.8.x'
...
Closes gh-11894
2022-09-22 13:47:04 -05:00
d94677f87e
CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
...
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.
Closes gh-11892
2022-09-22 11:09:44 -05:00
70460ca009
Adjust OAuth2 Resource Server packaging
...
Closes gh-7349
2022-09-20 17:44:05 -06:00
61c80bcac5
Move Saml2 Authentication Filters
...
Closes gh-8819
2022-09-20 17:18:05 -06:00
48e31f87e4
Remove Deprecated OpenSAML 3 Support
...
Closes gh-10556
2022-09-20 16:57:38 -06:00
983ca6ea27
Update What's New for 5.8
2022-09-20 08:33:38 -03:00
2b4a3a85f9
Update What's New for 6.0
2022-09-20 08:33:11 -03:00
9564f1b5e4
Next development version
2022-09-19 16:55:17 +00:00
009032e03c
Next development version
2022-09-19 15:47:44 +00:00
dcbe900ff8
Release 5.8.0-M3
2022-09-19 15:24:11 +00:00
a0a92b81f7
Release 6.0.0-M7
2022-09-19 15:23:23 +00:00
8f44f74d44
Update What's New for 5.8
2022-09-14 15:13:41 -05:00
70eea8dc67
Update What's New for 5.8
2022-09-14 14:58:48 -05:00
2431dd1103
Merge branch '5.8.x'
2022-09-13 17:38:10 -05:00
355ef21117
Polish gh-11665
2022-09-13 16:45:39 -05:00
1efb63387f
Add authentication converter for introspected tokens
...
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).
The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).
The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.
Closes gh-11661
2022-09-13 16:45:36 -05:00
3387149a0f
repurpose 5.6.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:41:12 -05:00
3e42119f84
repurpose 5.7.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:37:13 -05:00
ab9ed26ad2
repurpose 5.8.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 14:40:56 -05:00
d22ee32c7d
reconfigure branch for local builds and as scheduler for docs workflows
...
- set up placeholder and trigger for Deploy Docs workflow in docs-build branch
- set up placeholder and trigger for Rebuild Search Index workflow in docs-build branch
- remove obsolete Deploy Reference workflow
- upgrade Antora to 3.1
- reconfigure docs build for local build only
- add patch to support using linked worktree as Antora content source
- remove Antora extensions only needed for the production docs build
2022-09-09 12:57:00 -05:00
5ae492b1c1
Add What's New @WithMockUser Supported as Merged Annotation
2022-09-08 09:49:00 -05:00
d996c2a2c6
Remove unsafe/deprecated `Encryptors.querableText(CharSequence,CharSequence)`
...
This method is insecure. Users should instead encrypt with their database.
Closes gh-8980
2022-09-07 13:51:58 -05:00
ed41a60aae
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
# config/src/test/resources/org/springframework/security/config/http/DeferHttpSessionTests-Explicit.xml
# web/src/main/java/org/springframework/security/web/csrf/CsrfFilter.java
2022-09-06 11:51:55 -05:00
86fbb8db07
Add new interfaces for CSRF request processing
...
Issue gh-4001
Issue gh-11456
2022-09-06 11:43:33 -05:00
e17989d92d
Merge branch '5.8.x'
2022-09-01 09:39:33 -03:00
ff6fd78d64
Merge branch '5.7.x' into 5.8.x
2022-09-01 09:39:10 -03:00
0a08a23423
Merge branch '5.6.x' into 5.7.x
2022-09-01 09:38:33 -03:00
8b74bf9742
Updated reference to architecture page
...
In the context of Servlet Authentication page, "Architecture" should probably link to "Servlet Authentication Architecture" page
2022-09-01 09:38:10 -03:00
8474acebf2
Merge branch '5.8.x'
2022-08-29 15:12:48 -05:00
568277f8bc
Mistake in Kotlin code representation is fixed
2022-08-29 15:11:10 -05:00
b1fd9af723
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-26 16:01:40 -06:00
0f58620643
Add AspectJ AuthorizationManager Support
...
Closes gh-11326
2022-08-26 15:59:08 -06:00
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-25 14:46:48 -06:00
070dce1baf
Document ReactiveMethodSecurity improvements
...
Issue gh-9401
2022-08-25 14:36:03 -06:00
27ce5936cf
Add Caveat about Spring Security's co-routine support
...
Closes gh-10920
2022-08-25 14:36:02 -06:00
81d6b6df6c
Add Explicit SessionAuthenticationStrategy Option
...
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.
This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.
Closes gh-11455
2022-08-18 17:38:03 -05:00
89f8310d6c
Add Explicit SessionAuthenticationStrategy Option
...
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.
This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.
Closes gh-11455
2022-08-18 17:00:47 -05:00
13feb87171
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:36 -06:00
d93bde7465
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:06 -06:00
e3d85881e9
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:48:14 -06:00
9f6d9c2b84
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:44:34 -06:00
8ad20b1768
Add CsrfFilter.csrfRequestAttributeName
...
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.
This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.
Issue gh-11699
2022-08-16 13:47:31 -05:00
5b64526ba9
Add CsrfFilter.csrfRequestAttributeName
...
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.
This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.
Issue gh-11699
2022-08-15 17:07:02 -05:00
1510460a1a
Next development version
2022-08-15 16:14:19 +00:00
db74e9d128
Next development version
2022-08-15 16:07:33 +00:00
c188b70c88
Next development version
2022-08-15 16:06:45 +00:00
4559d269e0
Release 5.6.7
2022-08-15 15:25:05 +00:00
173d74d693
Release 5.7.3
2022-08-15 15:24:54 +00:00
063e56ce8b
Release 5.8.0-M2
2022-08-15 15:24:27 +00:00
425b3501b7
Remove `@Configuration` from `@Enable*` Annotations
...
This removes `@Configuration` from all `@Enable` Annotations and explicitly
adds `@Configuration` to wherever the `@Enable*` Annotations are used.
Closes gh-11653
2022-08-09 17:00:24 -05:00
a5069d7e35
Fix Add @Configuration to @Enable*Security Usage
...
Issue gh-6613
2022-08-09 17:00:16 -05:00
2e66b9f6cc
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:44:01 -05:00
efaee4e56b
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:35:49 -05:00
040111ae9e
Remove Configuration meta-annotation from Enable* annotations
...
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
2022-07-30 03:48:42 +02:00
a72c5a55db
Revert "Remove @Configuration from webflux config examples"
...
This reverts commit aec9effb88
2022-07-26 16:46:01 -05:00
aec9effb88
Remove @Configuration from webflux config examples
2022-07-26 16:34:10 -05:00
0d3c3c676d
"Well-Know" should be "Well-Known"
2022-07-26 15:45:27 -05:00
06aa3362dd
"Well-Know" should be "Well-Known"
2022-07-26 15:44:41 -05:00
3b9f5ac77b
"Well-Know" should be "Well-Known"
2022-07-26 15:41:38 -05:00
2a336d4f49
"Well-Know" should be "Well-Known"
2022-07-26 15:41:05 -05:00
0c549ee147
Use SHA256 by default in Remember Me
...
Closes gh-11520
2022-07-25 10:33:12 -03:00
0f64d4c091
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 14:04:16 -03:00
7c7751635d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:56:41 -03:00
5322352427
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:49:21 -03:00
db9d60e82d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:47:07 -03:00
bf138c5154
Next development version
2022-07-18 17:05:25 +00:00
79912a0a44
Release 6.0.0-M6
2022-07-18 13:29:25 -03:00
860c669666
Revert "Release 6.0.0-M6"
...
This reverts commit c8fa238cfc
2022-07-18 13:18:34 -03:00
8d147100ee
Next development version
2022-07-18 16:00:47 +00:00
c8fa238cfc
Release 6.0.0-M6
2022-07-18 15:27:55 +00:00
8d3586f949
Release 5.8.0-M1
2022-07-18 15:25:10 +00:00
f45c4d4b8e
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:41:03 -03:00
dda98f333c
Polish
...
Make encodingAlgorithm final and add it to the constructor
Add since tags
Add more tests
2022-07-15 10:34:36 -03:00
e17fe8ced9
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:34:36 -03:00
35fc437559
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-14 09:25:49 -06:00
9608eaa138
Clarify authorize-http-requests docs
...
Issue gh-11467
2022-07-14 10:19:31 -03:00
64ba31aebb
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 10:08:19 -03:00
57d6ab7134
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 09:13:46 -03:00
624fdfa731
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-13 17:58:16 -06:00
6455e98745
FilterSecurityInterceptor applies to every request by default
...
Closes gh-11466
2022-07-12 10:53:03 -03:00
ce67fb08fd
Clearly end sentence in note before next sentence
2022-07-11 17:38:44 -06:00
6e63278ab9
Use Collection<ConfigAttribute> in examples
...
To match `org.springframework.security.access.ConfigAttribute`.
2022-07-11 17:38:44 -06:00
2c0a4337a8
Clearly end sentence in note before next sentence
2022-07-11 17:36:30 -06:00
9f4b0ca8b5
Use Collection<ConfigAttribute> in examples
...
To match `org.springframework.security.access.ConfigAttribute`.
2022-07-11 17:36:30 -06:00
148c926de0
Support AuthorizationManager for intercept-methods Element
...
Closes gh-11328
2022-07-06 13:01:57 -06:00
74a007dc91
Support AuthorizationManager for intercept-methods Element
...
Closes gh-11328
2022-07-06 12:54:05 -06:00
bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging
...
Issue gh-11061
2022-06-27 16:24:27 -06:00
74167d62b1
Add SecurityContextHolderStrategy XML Configuration for Messaging
...
Issue gh-11061
2022-06-27 15:55:28 -06:00
5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security
...
Issue gh-11061
2022-06-27 13:40:55 -06:00
9cd7c7b046
Add SecurityContextHolderStrategy XML Configuration for Method Security
...
Issue gh-11061
2022-06-27 13:05:07 -06:00
11a74a2926
Fix method call example on documentation
2022-06-24 17:05:31 -06:00
d3a024786b
Next Development Version
2022-06-20 15:05:30 -04:00
fa4c5449e7
Release 5.6.6
2022-06-20 14:50:24 -04:00
6f275deb55
Next Development Version
2022-06-20 12:37:13 -04:00
c40f65f5a2
Release 5.7.2
2022-06-20 12:17:25 -04:00
150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults
...
Issue gh-11061
2022-06-17 12:21:10 -06:00
2a70707c35
Add SecurityContextHolderStrategy XML Configuration for Defaults
...
Issue gh-11061
2022-06-17 11:28:10 -06:00
a3e996a66b
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 17:33:41 -05:00
953b54f63d
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 15:15:03 -05:00
6b1d5ec6ae
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 15:13:06 -05:00
aca3fc2412
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:51:44 -03:00
0c31cb21dc
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:50:56 -03:00
24701b547f
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:49:47 -03:00
b9acdd5058
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 13:43:42 +02:00
2afa9313eb
Use AuthorizationManager in <http>
...
Closes gh-11305
2022-05-31 16:01:41 -06:00
9dbd1f3e25
Use AuthorizationManager in <http>
...
Closes gh-11305
2022-05-31 15:10:00 -06:00
d7077b441a
Correct access(String) reference
...
Closes gh-11280
2022-05-27 15:00:15 -06:00
292585080a
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:59:06 -06:00
0abc54c7de
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:52:20 -06:00
ff0d85e2ac
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:51:45 -06:00
f4c0fcb5ef
Add AuthorizationManager to Messaging
...
Closes gh-11076
2022-05-27 13:35:19 -06:00
101f11ba94
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 13:12:56 -06:00
18b903f6e3
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 13:12:56 -06:00
038266a94f
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 13:12:55 -06:00
bbff945b95
Restore missing link text
...
Issue gh-10934
2022-05-27 13:00:20 -06:00
8690accd57
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:57:57 -06:00
e3c15260e7
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:57:57 -06:00
9625382b22
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:57:56 -06:00
dda026b5fc
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:57:02 -06:00
2363dbb4e4
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:56:57 -06:00
23cc1eb32b
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:56:51 -06:00
ff0b1712b6
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:46:36 -06:00
0a64579b1e
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:46:27 -06:00
416f94f979
Update Junit5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:46:04 -06:00
8a03d1fcec
Add AuthorizationManager to Messaging
...
Closes gh-11076
2022-05-27 12:20:48 -06:00
0355e960d7
Next development version
2022-05-18 11:52:05 -05:00
fdad14af63
Release 5.6.5
2022-05-18 11:03:25 -05:00
07841794c5
Next development version
2022-05-18 16:02:48 +00:00
8eb235d36e
Release 6.0.0-M5
2022-05-18 10:37:41 -05:00
14bbf33658
Revert "Release 6.0.0-M5"
...
This reverts commit 6513f3ce71
2022-05-18 10:37:07 -05:00
6513f3ce71
Release 6.0.0-M5
2022-05-18 15:26:59 +00:00
4caf53e96d
Next Development Version
2022-05-18 10:06:25 -05:00
22a1c99b9e
Release 5.7.1
2022-05-18 10:00:11 -05:00
3a5eb47d0c
Next development version
2022-05-16 19:13:07 +00:00
eaac43a179
Release 6.0.0-M4
2022-05-16 13:42:14 -05:00
cd024bdb80
Revert "Release 6.0.0-M4"
...
This reverts commit 49a5f972be
2022-05-16 13:25:42 -05:00
49a5f972be
Release 6.0.0-M4
2022-05-16 12:51:47 -05:00
dc648cf79f
Next Developement Version
2022-05-16 11:51:06 -05:00
5155719877
Next Development Version
2022-05-16 11:44:53 -05:00
c2d2914a4f
Release 5.6.4
2022-05-16 11:36:26 -05:00
3497b0ed68
Release 5.7.0
2022-05-16 11:35:18 -05:00
806e05855c
Replace removed context-related operators
...
Closes gh-11194
2022-05-10 14:58:02 -03:00
4ebd37ae77
Add 5.8 Support
2022-05-03 09:04:34 -06:00
1f43733749
Add 5.7.x branch to playbook
2022-05-03 09:03:51 -06:00
0e9228d10a
Prepare for Spring Security 5.8
2022-05-02 16:34:23 -06:00
a0232ed135
Add shouldFilterAllDispatcherTypes to Kotlin DSL
...
Closes gh-11153
2022-04-28 08:34:48 -03:00
e94adedb94
Add shouldFilterAllDispatcherTypes to Kotlin DSL
...
Closes gh-11153
2022-04-28 08:19:20 -03:00
6c8f64d2bd
Next Development Version
2022-04-18 14:55:35 -05:00
e80b3cc5a2
Release 5.7.0-RC1
2022-04-18 14:50:15 -05:00
2a2c2dd209
Next development version
2022-04-18 13:27:01 -03:00
fa0e06ebdc
Release 5.6.3
2022-04-18 11:59:42 -03:00
9a9a43a0c0
ForceEagerSessionCreationFilter
...
Closes gh-11109
2022-04-15 14:18:25 -05:00
aaf78330b1
ForceEagerSessionCreationFilter
...
Closes gh-11109
2022-04-15 14:16:35 -05:00
5367524030
Change the default of shouldFilterAllDispatchTypes to true
...
Closes gh-11107
2022-04-14 16:30:42 -03:00
84b5c76a7b
Add Option to Filter All Dispatcher Types
...
Closes gh-11092
2022-04-14 16:10:36 -03:00
7fea639a43
Add Option to Filter All Dispatcher Types
...
Closes gh-11092
2022-04-14 15:58:00 -03:00
86c3ce7efc
Update What's New
2022-04-13 11:24:36 -03:00
39b0620a84
Add DisableUrlRewritingFilter
...
Closes gh-11084
2022-04-08 16:13:44 -05:00
7be32872e9
Add DisableUrlRewritingFilter
...
Closes gh-11084
2022-04-08 16:13:24 -05:00
b71d9bfdc2
Fix typo
2022-04-06 11:09:41 +02:00
ed8887e0fc
Fix typo
2022-04-06 11:09:15 +02:00
4ee5800ec9
use okta as registration id
...
looks like `ping` is some registration id used in the past.
Closes gh-11034
2022-03-30 14:41:03 -06:00
d4931ecf2b
use okta as registration id
...
looks like `ping` is some registration id used in the past.
2022-03-30 14:40:25 -06:00
51a99701ad
use okta as registration id
...
looks like `ping` is some registration id used in the past.
2022-03-30 14:39:39 -06:00
ce720ad38e
Document Authorization Events
...
Issue gh-9288
2022-03-29 16:37:22 -06:00
04c483387e
Document Authorization Events
...
Issue gh-9288
2022-03-29 16:03:20 -06:00
759d983d62
Fix formatting in reference docs
2022-03-24 15:15:20 +01:00
d4d6ddbaae
Fix formatting in reference docs
2022-03-24 15:13:50 +01:00
0a2a327476
Fix reference documentation redirects
...
Closes gh-11018
2022-03-23 09:01:42 +01:00
8fe6ecb459
Update antora.yml
2022-03-21 15:27:40 -05:00
e2e1689d9d
Release 6.0.0-M2
2022-03-21 13:56:04 -05:00
7deaab8822
Next development version
2022-03-21 14:51:40 -03:00
ed0a323a71
Release 5.7.0-M3
2022-03-21 14:00:04 -03:00
28dd7dabfb
Update What's New for 5.7
2022-03-17 12:56:17 -05:00
c38c722473
Update What's New for 5.7
2022-03-17 09:56:45 -05:00
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
428216b322
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:50:25 -05:00
4a8219d16c
Update whats-new.adoc with gh-9812
2022-03-17 04:41:33 -04:00
54b033078b
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:36:10 -04:00
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
fabeabd2db
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:45 -06:00
c49d47d9fa
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:12 -06:00
972039e65c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-12 13:31:04 -06:00
87ed31a99c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-11 17:22:23 -06:00
ae7d56d65b
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:43:11 -06:00
6e45a376cd
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:42:38 -06:00
e4f1826622
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:41:19 -06:00
b71b2f81e1
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:41:19 -06:00
9967078059
Antora 3.0.0
...
Issue gh-10962
2022-03-11 13:41:19 -06:00
abd33389be
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:49:29 -07:00
ac9c29b2a0
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:23:35 -07:00
660da6f4a0
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 17:49:43 +01:00
bc2bb8cb96
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 16:18:09 +01:00
1762a4ce70
Add SAML 2.0 Single Logout XML Support
...
Closes gh-10842
2022-03-09 10:48:34 -03:00
1cbe7a75d3
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 10:40:26 -03:00
93d4fd3559
Add SAML 2.0 Single Logout XML Support
...
Closes gh-10842
2022-03-09 09:18:01 -03:00
73f839312d
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 09:18:01 -03:00
440ffce2eb
Update PasswordEncoder declaration
...
Closes gh-10910
2022-03-01 07:50:55 -07:00
acda921fe9
Update PasswordEncoder declaration
...
Closes gh-10910
2022-03-01 07:49:25 -07:00
ff15bec02d
update PasswordEncoder declaration
2022-03-01 07:48:31 -07:00
344ab1814c
Next development version
2022-02-21 11:56:40 -03:00
2426989441
Release 5.7.0-M2
2022-02-21 11:00:07 -03:00
1a32b399e6
Next development version
2022-02-21 10:49:06 -03:00
e9f3da94fc
Release 5.6.2
2022-02-21 10:04:41 -03:00
386e8a86a1
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:54:04 -03:00
45a88fc391
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:49:27 -03:00
8a56e4f35e
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:46:20 -03:00
a2d1965c25
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:30:45 +01:00
c6b185465d
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:24:23 +01:00
f64181ab41
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 17:18:48 +01:00
77ba94e1db
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 11:07:42 +01:00
015036741b
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:16:47 +01:00
d0faff62df
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:01:43 +01:00
4142f06259
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 18:10:58 +01:00
4492e5b667
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 16:12:10 +01:00
85e531ec74
Fix typo in role hierarchy docs
...
Closes gh-10804
2022-02-04 16:32:47 +01:00
27ecae2545
Fix typo in role hierarchy docs
...
Closes gh-10804
2022-02-04 16:31:19 +01:00
28b363551e
Use lambda DSL in logout header docs
2022-02-04 16:26:51 +01:00
7c9de7d0ff
Use lambda DSL in logout header docs
2022-02-04 16:26:18 +01:00
ac990afa5d
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:47:35 -06:00
c1dfe407bc
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:27 -06:00
51fc4a4ca3
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:05 -06:00
55cccbf727
Fix broken link to SAML2 login example
2022-02-03 10:20:45 -06:00
e5def290a1
Fix broken link to SAML2 login example
2022-02-03 10:10:04 -06:00
13d8b69ee4
Fix broken link to SAML2 login example
2022-02-03 09:42:21 -06:00
a095ea75a2
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:52:54 +01:00
8aa3f291b7
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:42:08 +01:00
f465403a99
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:30:43 +01:00
99c488c6ae
Polish LDAP reference docs
...
Issue gh-10789
2022-01-28 17:15:37 +01:00
869fc8c96c
Use LDAP AuthenticationManager factory in reference docs
...
Closes gh-10789
2022-01-28 17:13:04 +01:00
e280061538
Polish LDAP reference docs
...
Issue gh-10789
2022-01-28 17:04:39 +01:00
d5824521e8
Use LDAP AuthenticationManager factory in reference docs
...
Closes gh-10789
2022-01-28 17:03:56 +01:00
5a2556879a
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 16:18:33 -07:00
d538423f98
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 15:09:45 -07:00
f94090a59b
Remove spring-security-openid
...
Closes gh-10773
2022-01-21 16:55:19 -06:00
55cf7c9683
Remove default display_version
2022-01-18 13:26:39 -06:00
c4812b17ee
Default antora displayVersion
...
Issue gh-10765
2022-01-18 12:55:46 -06:00
c9a9087454
Add 6.0.* tag to antora-playbook
2022-01-17 14:45:31 -03:00
3834268008
Next development version
2022-01-17 13:08:59 -03:00
816831746f
Release 6.0.0-M1
2022-01-17 11:22:05 -03:00
20c252982e
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-14 15:29:50 -07:00
7efbc9d5f7
Next Development Version
2022-01-14 12:51:23 -06:00
a8457b518f
Release 5.7.0-M1
2022-01-14 12:16:08 -06:00
525f40490c
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:59:14 -05:00
214cfe807e
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:42:10 -05:00
96e5e67737
Update to Antora 3.0.0
2022-01-05 11:22:34 -06:00
005d7465b0
Add fix for 5.6.1 version
2022-01-04 17:03:32 -06:00
783a43ea35
Add CheckAntoraVersionPlugin
2022-01-04 15:52:05 -06:00
07a176d11e
Update antora to 5.6.2
2022-01-04 15:52:05 -06:00
9b6c7af526
Add CheckAntoraVersionPlugin
2022-01-04 15:33:24 -06:00
6884a16726
Add CheckAntoraVersionPlugin
2022-01-04 15:29:14 -06:00
45b7fed884
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 13:14:12 -07:00
6b54afe9a3
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 12:54:22 -07:00
2471e3296d
Fix xsd tests
2021-12-13 17:38:22 -06:00
2fb056b5c1
Merge Clean up Reference Documentation
...
Closes gh-9668
2021-12-13 16:57:36 -06:00
0beb725259
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-08 11:07:09 +01:00
65426a40ec
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-07 17:23:06 +01:00
32ec8c3ae4
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:58:24 +01:00
7ec3b55ab3
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:48:11 +01:00
1896a5e669
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-06 13:05:50 +01:00
f1ca42e501
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:14:05 -03:00
bb99d7d95a
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:13:12 -03:00
04161b9288
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 10:38:04 -03:00
16a21264d0
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:36:31 -07:00
739cdc1a4c
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:36:10 -07:00
2dac210cac
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:32:36 -07:00
1c0f092176
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:26:53 -07:00
02cd1dd3c4
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:26:25 -07:00
9316241c01
Fix AuthnRequestConverter Sample Typos
...
Closes gh-10364
2021-11-18 13:24:59 -07:00
32d79f3f4e
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:42 -07:00
b7cc667d21
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:27 -07:00
879b2d089f
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:29:23 -07:00
088a24cf59
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:18:42 -07:00
3fb1565cc0
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:17:37 -07:00
5913501e1a
#10505 Fix jwtDecoder
...
Fixed jwtDecoder(JWTProcessor jwtProcessor, OAuth2TokenValidator<Jwt> jwtValidator)
2021-11-16 14:05:43 -07:00
7b15098570
Update Spring Security to 5.7
...
Closes gh-10509
2021-11-15 17:10:00 -07:00
6b6f473a1b
Added authorizeHttpRequests Docs
...
Closes gh-10442
2021-11-15 16:23:18 -07:00
e398fbf2a7
Include 5.6.0 Release in docs
2021-11-15 16:37:47 -06:00
7236f2c5f2
Added authorizeHttpRequests Docs
...
Closes gh-10442
2021-11-15 15:35:23 -07:00
29a4b2bc9b
Next Development Version
2021-11-15 16:13:45 -06:00
fa628f7491
Release 5.6.0
2021-11-15 16:13:12 -06:00
4f185724a3
Polish gh-10479
2021-11-12 15:09:50 -05:00
eceb9ed479
Polish gh-10479
2021-11-12 15:08:11 -05:00
939a5581f2
Antora remove unnecessary logging
2021-11-11 16:07:43 -06:00
3c39761ca1
Add --stacktrace Antora argument
2021-11-11 16:01:17 -06:00
c93595969e
Add Spring Security 5.6.0-RC1
2021-11-11 16:01:17 -06:00
a3e658872c
Update What's New for 5.6
2021-11-11 15:20:19 -06:00
0bdaa21867
Update What's New for 5.6
2021-11-11 14:51:40 -06:00
0e6722800d
Polish gh-10479
2021-11-11 14:24:30 -06:00
73e1506e5e
Consistency update for servlet docs
2021-11-11 14:24:29 -06:00
7d806b668f
Separate OAuth 2.0 Client Reactive Docs
...
Related gh-10367
2021-11-11 14:24:29 -06:00
1246d5839d
Revamp OAuth 2.0 Login Reactive documentation
...
Related gh-8174
2021-11-11 14:24:29 -06:00
9887b282ce
Polish gh-10479
2021-11-11 14:05:55 -06:00
cba5d3239e
Fix versions
2021-11-11 13:38:48 -06:00
4f88bb8e5f
Antora Playbook
2021-11-11 13:37:08 -06:00
08dc83c781
Fix Antora Versions
2021-11-11 13:35:34 -06:00
127e10e607
Antora Playbook
2021-11-11 13:34:54 -06:00
ab794bf67a
Consistency update for servlet docs
2021-11-11 10:41:12 -06:00
83f76fa1f6
Separate OAuth 2.0 Client Reactive Docs
...
Related gh-10367
2021-11-11 10:41:12 -06:00
0c12aeb7a1
Revamp OAuth 2.0 Login Reactive documentation
...
Related gh-8174
2021-11-11 10:41:12 -06:00
310a50587c
Port Missing Integration Docs
...
Closes gh-10465
2021-11-10 16:09:50 -07:00
b60020a40c
Use authorizeHttpRequests in Docs
...
Issue gh-8900
2021-11-10 16:09:50 -07:00
f4ddb4e3f4
Update What's New Links
2021-11-10 16:09:50 -07:00
09a14bf8a0
Port Missing Integration Docs
...
Closes gh-10465
2021-11-10 16:08:57 -07:00
812d6f7b18
Use authorizeHttpRequests in Docs
...
Issue gh-8900
2021-11-10 16:08:57 -07:00
03504e2233
Update What's New Links
2021-11-10 16:08:57 -07:00
75abf0cf78
Fix Broken Link
...
Issue gh-10367
2021-11-05 12:52:41 -06:00
4a9637483a
Separate OAuth 2.0 Client Reactive Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
7708418fae
Separate OAuth 2.0 Login Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
82696918ae
Separate OAuth 2.0 Client Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
e350c8a852
Document parameters converter in oauth2 client servlet docs
...
Closes gh-10467
2021-11-05 12:45:46 -06:00
efa2fab061
Document authentication helper method in WebClient integration
...
Closes gh-10120
2021-11-05 12:45:46 -06:00
76ebbb84f7
Separate Namespace Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
50196537e1
Separate OAuth 2.0 Client Reactive Docs
...
Issue gh-10367
2021-11-04 12:45:39 -06:00
3db13de1e2
Separate OAuth 2.0 Login Servlet Docs
...
Issue gh-10367
2021-11-04 11:55:53 -06:00
8c508d6afa
Separate OAuth 2.0 Client Servlet Docs
...
Issue gh-10367
2021-11-04 11:33:58 -06:00
b27c7e17f4
Document parameters converter in oauth2 client servlet docs
...
Closes gh-10467
2021-11-03 17:09:44 -05:00
49f3c0ce53
Document authentication helper method in WebClient integration
...
Closes gh-10120
2021-11-03 15:57:12 -05:00
869e379099
Separate Namespace Servlet Docs
...
Issue gh-10367
2021-11-01 17:49:15 -06:00
c705a093a2
Quote the version for antora.yml
2021-11-01 15:35:37 -05:00
46c5b91500
Put nav in generated docs
2021-11-01 10:28:08 -05:00
e4a465a704
Put nav in generated docs
2021-11-01 10:27:34 -05:00
e2c5772b3d
Use explicit version from antora.yml
2021-11-01 09:58:23 -05:00
c7a50c40ae
Use explicit version from antora.yml
2021-11-01 09:56:58 -05:00
caf4c47105
Remove CAS module
...
Closes gh-10441
2021-11-01 09:02:43 -03:00
db60df2f9c
Update to Spring Framework 6.0
...
Issue gh-10360
2021-11-01 09:02:42 -03:00
b2e6c60d94
Remove remoting technologies support
...
Closes gh-10366
2021-11-01 09:02:42 -03:00
11aa02c6fb
Separate SAML 2.0 Login Docs
...
Issue gh-10367
2021-10-29 15:06:54 -06:00
6d2d3b9a69
Separate Resource Server Reactive Docs
...
Issue gh-10367
2021-10-29 13:06:38 -06:00
f02a7d2b28
Separate Testing Servlet Docs
...
Issue gh-10367
2021-10-29 12:34:29 -06:00
f39d272a86
Separate SAML Docs
...
Issue gh-10367
2021-10-29 11:30:41 -06:00
b4ffe154d7
Separate Testing Reactive Docs
...
Issue gh-10367
2021-10-29 10:09:04 -06:00
7a99542662
Docs Use Section Summary where appropriate
...
Closes gh-10449
2021-10-28 14:02:38 -05:00
b77cb8d0cb
Remove redundant docs for Reactive OAuth2 Client
...
Issue gh-10373
2021-10-28 09:23:32 -04:00
ce09f3eff4
Polish gh-10373
2021-10-28 09:06:30 -04:00
4b0e74aac4
Separate Resource Server Servlet Docs
...
Issue gh-10367
2021-10-27 10:02:05 -06:00
d40e8f6732
Fix Antora warnings
2021-10-26 20:05:06 -05:00
9357c2f05d
antora.component.version extract major.minor only
2021-10-26 15:22:40 -05:00
144af074b7
Use a dynamic version for Antora
2021-10-26 14:20:35 -05:00
863bee2bc7
Revert 6.0 generated version
2021-10-25 21:16:05 -05:00
dbf8e9ecce
Use 6.0 for generated docs
2021-10-25 21:11:35 -05:00
0c105ff44f
Use ROOT component name
2021-10-25 10:48:53 -05:00
f27ad296d0
Generated docs use version URL
2021-10-21 10:11:11 -05:00
ecd7301893
Use version in docs URL
2021-10-21 10:10:24 -05:00
a8c7ac9010
Add Antora based docs in whats-new
2021-10-18 21:11:47 -05:00
47087ba9c5
Revamp OAuth 2.0 Client reactive documentation
...
Related gh-8174
2021-10-14 14:35:25 -05:00
a487ef2d74
Add JwtEncoder to What's New in 5.6
2021-10-14 14:26:48 -05:00
c82722c412
Update What's New in 5.6
2021-10-14 09:27:39 -03:00
00f466a431
Update What's New in 5.6
2021-10-13 12:06:47 -05:00
f561499683
Fix Antora cross-references that lead to other pages.
...
Also using AsciiDoc style listings instead of Markdown style listings, and using explicit section IDs on all cross-references.
2021-10-06 09:53:15 -06:00
14fd213557
Better consistency between reactive and servlet
2021-09-23 15:50:14 -05:00
77dc3d1a0e
Move to servlet/configurations/*
2021-09-23 15:50:14 -05:00
ca2bc958df
Create features/integrations
2021-09-23 15:50:14 -05:00
ab63ebbbee
Add link to authorization from features.
2021-09-23 15:50:14 -05:00
176e6b6000
Add additional info to overview
2021-09-23 15:50:14 -05:00
d6ada7fb18
Remove /servlet/hello/index.adoc
...
This is now /servlet/getting-started.adoc
2021-09-23 15:50:14 -05:00
e368734557
Update "Big Picture" to Architecture
2021-09-23 15:50:14 -05:00
0d339aeda6
Add Reactive Getting Started Page
2021-09-23 15:50:14 -05:00
7537aa5124
Add generic authorization page
2021-09-23 15:50:14 -05:00
a1c7a39bd3
Fix Firewall link in nav
2021-09-23 15:50:14 -05:00
d52aab88af
Update nav text Project Modules
2021-09-23 15:50:14 -05:00
be9ff16583
Remove Asciidoctor from the build in favor of Antora
2021-09-23 15:50:14 -05:00
871bc1c42c
The next version of Security is 5.6
2021-09-23 15:50:14 -05:00
7e2eb6894f
Use component name of ''
...
This makes it so that the URL contains security in the root of the deploy
folder. We will do this until we decide to add projects other than the
security related projects.
2021-09-23 15:50:14 -05:00
52bfae5e27
Servlet Authentication no a link in nav
2021-09-23 15:50:14 -05:00
a7f3f54a33
architecture/index.adoc -> ../architecture.adoc
...
BASE_DIR=docs/modules/ROOT/pages
git --no-pager diff HEAD~1 --diff-filter=R -M | sed -Ez "s%(\nrename to|rename from |similarity index [^\n]+|diff[^\n]+|$BASE_DIR/)%%g" | grep "\S" | while read rename_from_to; do
from=$(echo $rename_from_to | cut -f 1 -d " ")
to=$(echo $rename_from_to | cut -f 2 -d " ")
echo "processing rename from $from to $to"
find "$BASE_DIR/../" -name "*.adoc" | while read adoc_file; do
sed -i -E "s%xref:$from%xref:$to%g" "$adoc_file"
done
done
2021-09-23 15:50:14 -05:00
583761f916
unpwd->passwords folder
2021-09-23 15:50:14 -05:00
e4ce7249cc
Generate antora.yml and push to spring-security-docs-generated
2021-09-23 15:50:14 -05:00
a0e9c67482
Fix antora version
2021-09-23 15:50:13 -05:00
0b587dcef1
Reduce folders
2021-09-23 15:50:13 -05:00
2da377ec88
Fix antora security version
2021-09-23 15:50:13 -05:00
e681e44268
overview/ -> ../
2021-09-23 15:50:11 -05:00
a64a694c60
Indent testing subsections in nav.adoc
2021-09-23 15:49:45 -05:00
32331185dc
Fix local anchor
2021-09-23 15:49:45 -05:00
29a7669101
rg "xref:\S+?#\S+\[\]" docs/modules -l -g "*.adoc" | while read adoc_file_to_replace; do
...
echo "Replacing $adoc_file_to_replace"
for id_file in build/ids/*.id; do
id=$(basename $id_file | sed 's/\.id$//')
xref_page=$(cat $id_file)
if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
then
echo " - Skipping same page refid $id "
else
text_file=$(echo $id_file | sed 's/\.id$/.text/')
default_text=$(cat $text_file)
sed -i -E "s%xref:${xref_page}#${id}\[\]%xref:${xref_page}#${id}[$default_text]%g" $adoc_file_to_replace
fi
done
done
2021-09-23 15:49:45 -05:00
1f90df6a14
mkdir -p build/ids
...
find -name "*.adoc" | xargs -I{file} awk -v file={file} '/\[\[/ { gsub("\[|\]", ""); id=$0; gsub("./docs/modules/ROOT/pages/", "", file); gsub("\[|\]", ""); id=$0;getline;text=$0; sub("^=+ ","", text); print file > "build/ids/"id".id"; print text > "build/ids/"id".text" }' {file}
find docs/modules -name "*.adoc"|while read adoc_file_to_replace; do
echo "Replacing $adoc_file_to_replace"
for id_file in build/ids/*.id; do
id=$(basename $id_file | sed 's/\.id$//')
xref_page=$(cat $id_file)
if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
then
echo " - Skipping same page refid $id "
else
sed -i -E "s%<<$id(|,([^,>]+))>>%xref:${xref_page}#${id}[\2]%g" $adoc_file_to_replace
fi
done
done
2021-09-23 15:49:43 -05:00
d2affef356
Fix images
...
- Move images into assets/
- Remove figures form antora.yml
- Add :figures: to each page that uses it
2021-09-23 15:47:21 -05:00
f5274926cf
Fix up reactive/oauth2/index.adoc links
2021-09-23 15:47:21 -05:00
88ac7a5d2e
Fixup servlet/authentication/architecture/index.adoc
2021-09-23 15:47:21 -05:00
b8a362a60f
Remove include servlet/saml2/index.adoc
2021-09-23 15:47:20 -05:00
c3dfb1711d
Remove includes
2021-09-23 15:45:22 -05:00
f01a13aa52
Antora
...
mkdir -p docs/modules/ROOT/
mkdir -p docs/modules/ROOT/pages/
git checkout antora-2.x docs/antora.yml
git checkout antora-2.x docs/modules/ROOT/nav.adoc
mv docs/manual/src/docs/asciidoc/images docs/modules/ROOT/
mv docs/manual/src/docs/asciidoc/_includes/* docs/modules/ROOT/pages/
cp ~/code/rwinch/spring-reference/*antora* ~/code/spring-projects/spring-security/
mv docs/modules/ROOT/pages/about docs/modules/ROOT/pages/overview
2021-09-23 15:45:22 -05:00
131078dcae
Fix typo in digest.adoc
...
Closes gh-10304
2021-09-21 14:45:43 -04:00
220de60142
Update What's New in 5.6
2021-09-20 12:18:27 -03:00
f0fd09bf79
Update What's New in 5.6
2021-09-20 09:09:45 -06:00
d207d03bf7
Update What's New for 5.6
2021-09-17 14:40:57 -05:00
ab098f171d
Propagate TestSecurityContextHolder to SecurityContextHolder
...
Create SecurityMockMvcResultHandlers to define security related MockMvc ResultHandlers
Create a method to allow copying the SecurityContext from the TestSecurityContextHolder to SecurityContextHolder
Closes gh-9565
2021-09-17 16:39:53 -03:00
017c218bbd
Update What's New section
...
Adds the SAML 2.0 Single Logout Support and the new Saml2AuthenticationRequestRepository
2021-09-17 13:57:23 -03:00
729418ad7a
Fix typo in headers asciidoc
2021-09-15 15:05:08 -06:00
fe274e7553
Fix some list punctuation and capitalization in docs
2021-09-15 10:49:02 -06:00
31a8f8c4df
Fix the use of "s" with code blocks in docs
2021-09-15 10:49:02 -06:00
af4cc03dec
Fix some typos and mistakes in docs
2021-09-15 10:49:02 -06:00
8cba9fbf9d
Updated test.adoc SecurityMockServerConfigurers method references
...
Updated all references to SecurityMockServerConfigurers to refer to
correct methods.
Added documentation for mockJwt to include the
SecurityMockServerConfigurers class.
2021-09-14 15:04:08 -03:00
4f06fc6ed1
Add Saml2LogoutConfigurer
...
Closes gh-9497
2021-09-13 16:39:48 -06:00
c63d618b26
Add Single Logout Support
...
Closes gh-8731
2021-09-13 16:39:48 -06:00
6488295cad
Add RelyingPartyRegistrationResolver
...
Closes gh-9486
2021-09-13 16:39:48 -06:00
f5a525e740
Add Registration to Saml2Authentication
...
Closes gh-9487
2021-09-13 16:39:48 -06:00
3443eac829
Fix typo in index.adoc
2021-09-13 16:32:32 +02:00
6fae98a6f4
Update docs to point to ACL samples
...
Closes gh-10110
2021-09-06 11:14:57 -03:00
989c1419d5
Clarify OAuth 2.0 Resource Server Multitenancy Snippet
...
Closes gh-10233
2021-09-03 16:54:41 -06:00
1cfe84922c
Add Java examples to session management docs
...
Closes gh-8979
2021-08-26 10:14:48 +02:00
ac8e912ea1
Update a broken link to Spring Boot documentation
2021-08-17 11:33:49 +02:00
aed203f367
Docs for WebSessionServerLogoutHandler
...
Issue gh-4838
2021-08-16 13:09:42 -06:00
d5c953b106
Polish Saml2AuthenticationRequestRepository
...
- Moved docs into AuthnRequest section, changed links to be more
semantically valuable to search engines
- Moved tests to be nearer to similar tests
Issue gh-9185
2021-07-27 14:56:23 -06:00
16e17d242e
Add Saml2AuthenticationRequestRepository
...
Closes gh-9185
2021-07-27 14:55:53 -06:00
bfe94f9a80
Update deprecated usage in reference docs
...
Closes gh-10063
2021-07-21 10:21:02 -05:00
a4431264e6
Update oauth2-resourceserver.adoc
...
fix the name of the parameter, from failure to badCredentials
Replaces AuthenticationFailureEvent
Remove AuthenticationFailureEvent Reference
Closes gh-10062
2021-07-16 11:56:57 -06:00
f73f213f50
Remove DependencySetPlugin
...
Closes gh-10070
2021-07-12 15:31:38 -05:00
ff47086d56
Update SAML docs to point to correct api url
...
Closes gh-9953
2021-07-09 11:09:55 -03:00
e30b45c6fb
Fix typos
2021-07-08 09:17:47 -03:00
bd88f37a50
Document PasswordManagementConfigurer
...
Issue gh-8657
2021-07-01 16:58:43 -06:00
d121ab9565
Support A Well-Known URL for Changing Passwords
...
Closes gh-8657
2021-07-01 16:57:53 -06:00
85e95719a0
Update docs links to point to minor version branches
...
Closes gh-9986
2021-07-01 09:01:25 -03:00
03ded987af
Allow Defining Custom SAML Response Validator
...
Add a setter method into OpenSaml4AuthenticationProvider that allows defining a custom ResponseValidator
Closes gh-9721
2021-06-30 08:26:42 -03:00
6474a9e76e
Allow Creating RelyingPartyRegistration from Metadata InputStream
...
Update SAML2 Login reference documentation to reflect the changes
Closes gh-9558
2021-06-30 08:02:24 -03:00
58ebacc06f
Use springFrameworkVersion property in docs links
...
Closes gh-9987
2021-06-29 13:20:47 -03:00
0080aeee94
Add OpenSAML 3 and 4 Explanation
...
Closes gh-10014
2021-06-28 13:25:07 -06:00
5940b8dee7
Update to use OpenSaml4AuthenticationProvider
...
Closes gh-10013
2021-06-28 13:25:02 -06:00
8d3e58f074
Polish Whitespace
...
Issue gh-10013
2021-06-28 13:24:57 -06:00
da9d7414bd
Add remaining Kotlin samples to reference docs
...
Closes gh-8172
2021-06-24 11:49:13 +02:00
bbf5614a9c
Fix Broken Links in Docs
...
Closes gh-9869
2021-06-21 10:42:55 -03:00
0aa93b18d6
Update links to point to migrated samples
...
Closes gh-9816
2021-06-21 10:42:55 -03:00
d60981fd59
Add messaging to documentation about sample migration
...
Closes gh-9815
2021-06-21 10:42:55 -03:00
b51c18b37b
Add missing WebFlux CORS Reference
...
Closes gh-9951
2021-06-18 16:31:02 +02:00
7f81b3fead
Fix typos in RSocket reference docs
2021-06-18 14:39:15 +02:00
ebef8c1425
Remove non-existent class from RSocket reference docs
...
Closes gh-9949
2021-06-18 14:15:45 +02:00
8bf970c805
Fix typos in WebFlux test docs
2021-06-18 13:12:10 +02:00
ba8a5b1d20
Fix typo in WebFlux reference docs
2021-06-17 16:38:23 +02:00
56fd50fa2f
Add remaining servlet Kotlin examples
...
Issue gh-8172
2021-06-16 10:34:21 +02:00
1b72e9d4e0
Fix typos in FAQ docs
2021-06-16 10:34:21 +02:00
e89db9fd69
Fix typos in Mock MVC docs
2021-06-16 10:34:21 +02:00
cf9071b0b2
Fix typos in SAML 2 docs
2021-06-15 09:53:53 +02:00
c294050738
Anonymous Authentication Argument Resolution Docs
...
Closes gh-3338
2021-06-08 16:11:18 -06:00
252ef7842d
Add missing delimiters
...
I missed three block delimiters while restoring admonition formatting.
2021-06-04 14:57:43 -05:00
7171521b47
Further changes based on feedback
...
Mostly restoring the formatting of admonitions.
2021-06-04 14:13:47 -05:00
93893ded53
Accounted for feedback
...
Incorporated suggested changes from a review.
2021-06-04 14:13:47 -05:00
a6d0719177
Various fixes
...
Fixes to make the build work.
2021-06-04 14:13:47 -05:00
849aaa4f3e
Change to main
...
The switch to main triggered some conflicts, which I have fixed in this commit.
2021-06-04 14:13:47 -05:00
0fdee9cdb8
Further changes
...
A file changed while I was working on it, as the developers
added more material for Kotlin. I edited the changes, to make
everything be consistent.
2021-06-04 14:13:47 -05:00
9219cbf9d1
Editing pass
...
I went through everything to get it to fit with Spring's docuemntation standard.
Lots of small changes for punctuation, grammar, usage, voice, and so on.
Also added some links, mostly to the API Javadoc.
2021-06-04 14:13:47 -05:00
e3416640a7
Fix Resource Server clock skew default value in docs
...
Closes gh-6611
2021-06-02 12:19:36 +03:00
67e5c05a47
Polish AuthorizationManager Method Security
...
- Removed consolidated pointcut advisor in favor of each interceptor
being an advisor. This allows Spring AOP to do more of the heavy
lifting of selecting the set of interceptors that applies
- Created new method context for after interceptors instead of
modifying existing one
- Added documentation
- Added XML support
- Added AuthorizationInterceptorsOrder to simplify interceptor
ordering
- Adjusted annotation lookup to comply with JSR-250 spec
- Adjusted annotation lookup to exhaustively search for duplicate
annotations
- Separated into three @Configuration classes, one for each set of
authorization annotations
Issue gh-9289
2021-05-18 17:34:04 -06:00
55f85bd3a1
Add Eleftheria Stein to Reference Authors
...
Closes gh-9762
2021-05-17 09:25:59 -05:00
30a203ed7a
Add Kotlin samples for Jwt Client Authentication
...
Issue gh-9578
2021-05-17 10:33:42 +02:00
e51ca79954
Document Jwt Client Authentication support
...
Closes gh-9578
2021-05-14 22:58:44 -04:00
f874a12ddb
Document jwt-bearer authorization grant
...
Closes gh-9580
2021-05-14 14:48:37 -04:00
498be8f431
Clarify requireInitialize Example
...
Closes gh-9484
2021-05-14 10:36:00 -06:00
fc6fa79c86
Update permission-policy Docs
...
Issue gh-9262
2021-04-29 16:52:29 -06:00
006b9b9607
master->main
...
Closes gh-9683
2021-04-26 16:55:43 -05:00
501d5ff497
Removed Method Security AuthorizationManager from What's New
...
Issue gh-9596
2021-04-12 15:53:44 -06:00
163b5943ca
Revert AuthorizationManager Method Security
2021-04-12 15:53:22 -06:00
b352c8f1da
Removed SAML SLO from What's New
...
Issue gh-9596
2021-04-12 14:49:33 -06:00
8c92eddbe5
Revert "Add Registration to Saml2Authentication"
...
This reverts commit efe42b93ce
2021-04-12 14:44:36 -06:00
55047fd996
Revert "Add RelyingPartyRegistrationResolver"
...
This reverts commit 2f734a0975
2021-04-12 14:44:19 -06:00
37b40476e7
Revert "Add Single Logout Support"
...
This reverts commit e807fae869
2021-04-12 14:44:04 -06:00
4e81bbe386
Revert "Add Saml2LogoutConfigurer"
...
This reverts commit 6f52baba29
2021-04-12 14:43:19 -06:00
9b07b6a991
Added Sections to What's New
...
Closes gh-9596
2021-04-10 01:03:56 -06:00
6f52baba29
Add Saml2LogoutConfigurer
...
Closes gh-9497
2021-04-10 00:25:34 -06:00
e807fae869
Add Single Logout Support
...
Closes gh-8731
2021-04-10 00:25:34 -06:00
2f734a0975
Add RelyingPartyRegistrationResolver
...
Closes gh-9486
2021-04-10 00:12:38 -06:00
efe42b93ce
Add Registration to Saml2Authentication
...
Closes gh-9487
2021-04-10 00:12:38 -06:00
df8abcfae7
Use Interceptors instead of Advice
...
- Interceptor is a more descriptive term for what
method security is doing
- This also allows the code to follow a delegate
pattern that unifies both before-method and after-
method authorization
Issue gh-9289
2021-04-09 18:45:31 -06:00
122346bd27
Document AuthorizationManager for Method Security
...
Issue gh-9289
2021-04-09 18:45:10 -06:00
21f9876d87
Add WebFlux section to What's New
...
Closes gh-9590
2021-04-09 19:36:43 +02:00
e03fe7f089
Add coroutine support to pre/post authorize
...
Closes gh-8143
2021-04-09 19:33:06 +02:00
Steve Riesenberg
Marcus Da Coregio
Josh Cummings
Rob Winch
Dan Allen
Daniel Garnier-Moiroux
github-actions[bot]
ch4mpy
Underground Hill
he1ex-tG
jujunChen
Igor Bolic
Joshua Sattler
Desmond Silveira
Yuriy Savchenko
Tim te Beek
Vinícius Hashimoto
Joe Grandja
sKai.fun
André Luis Gomes
nor-ek
Pascal Verdage
Johannes Graf
Eleftheria Stein
Lijamaija
Talerngpong Virojwutikul
giger85
Ken Dombeck
Henning Poettker
Jeff Maxwell
Alexander Schwartz
heqiang
Ashley Scopes
Dmitriy Bogdanov
Anthony Lofton
Ayush Kohli
YevheniiLutsyshyn
dmitrilc
Luke Quinane
Evgeniy Cheban
Jay Bryant