Josh Cummings
7675874137
Restructure Migration Steps
...
CLoses gh-12224
2022-11-16 11:35:47 -07:00
Marcus Da Coregio
063f06e7bf
Register FilterChainProxy for all dispatcher types
...
Closes gh-12180
2022-11-16 09:55:21 -03:00
Steve Riesenberg
754fe7f457
Document deprecations in oauth2 modules
...
* oauth2-client
* oauth2-resource-server
Issue gh-12022
2022-11-15 14:06:34 -06:00
Marcus Da Coregio
9bc38ed318
Register FilterChainProxy for All Dispatcher Types Migration Steps
...
Closes gh-12186
2022-11-15 11:55:03 -07:00
Josh Cummings
f3d704a27d
Add PasswordEncoder Preparation Steps
...
Issue gh-10506
2022-11-14 15:25:49 -07:00
Josh Cummings
60e573de26
Add WebSecurityConfigurerAdapter Preparation Steps
...
Issue gh-10902
2022-11-14 10:53:13 -07:00
Steve Riesenberg
4ec10a2bca
Document new oauth2Login() authority defaults
...
Issue gh-11887
2022-11-14 10:37:02 -06:00
Steve Riesenberg
03b407a49a
Polish migration doc
...
Issue gh-12023
2022-11-14 10:27:19 -06:00
Steve Riesenberg
2a6123a456
Document new oauth2Login() authority defaults
...
Issue gh-11887
2022-11-14 09:39:37 -06:00
Marcus Da Coregio
001452d249
Document CAS support removal
...
Closes gh-12163
2022-11-11 13:29:52 -03:00
Rob Winch
1a6a295a07
Document Update to 5.8 in Migration
...
Closes gh-12196
2022-11-10 21:45:41 -06:00
Rob Winch
ef8c4d85bc
Document Configure Default SessionAuthenticationStrategy
...
Closes gh-12192
2022-11-10 14:11:10 -06:00
Steve Riesenberg
7b28df8ebe
Document deprecation in SecurityContextRepository
...
Issue gh-12023
2022-11-09 14:49:45 -06:00
Steve Riesenberg
63cf954e07
Document SecurityContextRepository default
...
Closes gh-12049
2022-11-09 14:49:15 -06:00
Steve Riesenberg
aefc157953
Add important note for SecurityContextRepository
...
Issue gh-12049
2022-11-09 14:47:50 -06:00
Steve Riesenberg
1a3be83084
Merge branch '5.8.x'
...
Closes gh-12185
2022-11-09 12:28:37 -06:00
Steve Riesenberg
ea8fb1f159
Document SecurityContextRepository default
...
Issue gh-12049
2022-11-09 12:19:44 -06:00
Steve Riesenberg
2e41e1cbac
Document deprecation in SecurityContextRepository
...
Issue gh-12023
2022-11-09 12:19:44 -06:00
Steve Riesenberg
9071f10759
Document DelegatingSecurityContextRepository
...
Closes gh-12069
2022-11-09 12:19:43 -06:00
Josh Cummings
3366792d3b
Adjust SAML What's New
...
Issue gh-11077
2022-11-08 14:15:38 -07:00
Josh Cummings
079bb45d94
Add Encryptors Preparation Steps
...
Issue gh-8980
2022-11-08 14:13:44 -07:00
Johannes Graf
8af3b5afe4
Fix documentation part of Multiple HttpSecurity Instances
...
`http.antMatcher()` is not longer available and was replaced with
`http.securityMatcher()`, so use this in the Java Config Multiple
HttpSecurity Instances example, too
2022-11-08 13:51:05 -03:00
Marcus Da Coregio
1103e68fc9
Polish Use new requestMatchers method migration
...
Issue gh-12100
2022-11-08 10:31:49 -03:00
Marcus Da Coregio
89423b38b6
Add requestMatchers and securityMatchers migration steps
...
Issue gh-12100
2022-11-08 08:31:03 -03:00
Marcus Da Coregio
693bfb66b2
Document how to use the new requestMatchers and securityMatchers
...
Closes gh-12100
2022-11-08 08:27:31 -03:00
Josh Cummings
6043cee699
Add OpenSaml4AuthenticationProvider Preparation Steps
...
Issue gh-11077
2022-11-07 17:40:19 -07:00
Josh Cummings
095faffd70
Add RelyingPartyRegistration Preparation Steps
...
Issue gh-11077
2022-11-07 13:37:44 -07:00
Josh Cummings
33ce3b59b8
Add Saml2AuthenticationToken Preparation Steps
...
Issue gh-11077
2022-11-03 13:57:54 -06:00
Josh Cummings
2f87309cda
Fix Typo
...
Closes gh-11077
2022-11-03 13:37:13 -06:00
Marcus Da Coregio
c7b9b33cd1
Merge branch '5.8.x'
2022-11-03 08:23:50 -03:00
Marcus Da Coregio
4d646a2978
Merge branch '5.7.x' into 5.8.x
2022-11-03 08:23:26 -03:00
Marcus Da Coregio
067fc1678c
Merge branch '5.6.x' into 5.7.x
2022-11-03 08:22:09 -03:00
Rivaldi
01a37dd678
Fix typo
...
(cherry picked from commit 20e89e3eca0823bfa329b5de80448bac1f5e0f30)
2022-11-03 08:21:48 -03:00
Márk Kővári
aad01447c3
docs: fix realm typo
2022-11-03 08:21:26 -03:00
Josh Cummings
bb43293469
Expand SAML Deprecations What's New
...
Issue gh-11077
2022-11-02 18:03:13 -06:00
Josh Cummings
5760b6dedf
Add AuthenticationServiceException Reactive Migration Steps
...
Issue gh-9429
Issue gh-12132
2022-11-02 18:02:53 -06:00
Josh Cummings
953c9294d0
Initial SAML Deprecation Preparation Steps
...
- Stop using Converter constructors
- Replace Saml2AuthenticationRequestContextResolver and
Saml2AuthenticationRequestFactory with
Saml2AuthenticationRequestResolver
Issue gh-11077
2022-11-02 18:01:03 -06:00
Josh Cummings
ba8f344ccb
Add AuthenticationServiceException Reactive Preparation Steps
...
Issue gh-9429
Issue gh-12132
2022-11-02 15:48:04 -06:00
Josh Cummings
cca999c57d
Merge remote-tracking branch 'origin/5.8.x'
2022-11-01 13:46:08 -06:00
Josh Cummings
d29ab8bcae
Merge branch '5.7.x' into 5.8.x
2022-11-01 13:43:40 -06:00
Josh Cummings
c94e33b6c8
Merge branch '5.6.x' into 5.7.x
2022-11-01 13:42:35 -06:00
Marcus Da Coregio
63fb14f8c8
Add Remember Me SHA-256 migration steps
...
Issue gh-12097
2022-11-01 15:42:21 -03:00
Ger Roza
8315545144
Update RP-Initiated Logout target URLs.
...
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.
Fixes: gh-12081
2022-11-01 12:35:39 -06:00
Marcus Da Coregio
990ee8b8a5
Merge branch '5.8.x'
...
Closes gh-12119
2022-11-01 15:35:12 -03:00
Marcus Da Coregio
7cbb9e82f9
Document how to opt-in for SHA256 in RememberMe
...
Closes gh-12097
2022-11-01 15:33:45 -03:00
Marcus Da Coregio
d701946089
Merge branch '5.8.x'
2022-11-01 08:18:30 -03:00
Marcus Da Coregio
6a4b279145
Merge branch '5.7.x' into 5.8.x
2022-11-01 08:17:50 -03:00
Marcus Da Coregio
752e943492
Merge branch '5.6.x' into 5.7.x
2022-11-01 08:17:03 -03:00
Dan Allen
e9db852d6e
update generateAntora task to keep prerelease segment other than -SNAPSHOT in docs version
2022-11-01 08:13:43 -03:00
Josh Cummings
2a2f7a197c
Add AuthenticationEntryPointFailureHandler Migration Steps
...
Issue gh-9429
2022-10-31 16:40:21 -06:00
Josh Cummings
39f4fcd5f2
Add AuthenticationEntryPointFailureHandler Preparation Steps
...
Issue gh-9429
2022-10-31 16:33:25 -06:00
Josh Cummings
ac7f726a24
Add RunAsManager Preparation Steps
...
Closes gh-11337
2022-10-31 15:46:19 -06:00
Josh Cummings
c5badbc631
Add AccessDecisionManager Preparation Steps
...
Issue gh-11337
2022-10-31 15:25:05 -06:00
Josh Cummings
86c9d5cfbe
Remove Stray Horizontal Rules
...
Issue gh-11337
2022-10-31 15:24:59 -06:00
Rob Winch
4112adf6a0
Document Configure Default CsrfTOken BREACH Protection
...
Closes gh-12107
2022-10-28 15:57:25 -05:00
Rob Winch
96d7c78b67
Polish Document Defer load CsrfToken
...
Issue gh-12105
2022-10-28 15:51:28 -05:00
Rob Winch
d860775b45
Document Defer load CsrfToken
...
Closes gh-12105
2022-10-28 15:41:25 -05:00
Josh Cummings
4938c394e4
Move Opt-out Steps
...
Closes gh-12104
2022-10-28 13:52:02 -06:00
Josh Cummings
4f5372a3a7
Add Request Security Migration Steps
...
Issue gh-11337
2022-10-28 12:25:44 -06:00
Josh Cummings
8da916fa1c
Add Request Security Preparation Steps
...
Issue gh-11337
2022-10-28 11:48:21 -06:00
Josh Cummings
56482e25de
Polish Method Security Migration Steps
...
- Revert steps removed since implicitly included in preparation guide
Issue gh-11337
2022-10-28 09:51:02 -06:00
Josh Cummings
e900ca3a86
Polish Method Security Preparation Steps
...
- Add instruction to declare 5.8 defaults
Issue gh-11337
2022-10-28 09:46:48 -06:00
Josh Cummings
b4974bbce9
Polish Message Security Preparation Steps
...
- Added step to declare the 5.8 default in case later preparation steps
cannot be taken yet
Issue gh-11337
2022-10-28 09:26:04 -06:00
Josh Cummings
f2fc2f9a2b
Add Message Security Cleanup Steps
...
Issue gh-11337
2022-10-28 09:17:58 -06:00
Josh Cummings
31a1486b88
Add Message Security Preparation Steps
...
Issue gh-11337
2022-10-27 20:08:13 -06:00
Rob Winch
855d6b6326
Merge branch '5.8.x'
2022-10-27 15:39:23 -05:00
Rob Winch
3da0d1bf27
Merge branch '5.8.x'
2022-10-27 15:39:03 -05:00
Rob Winch
5721b0351e
Polish RequestCache continue Kolin Configuration
...
Issue gh-12089
2022-10-27 15:13:50 -05:00
Rob Winch
aac1261f0c
Document Migration to SecurityContextHolderFilter
...
Closes gh-12098
2022-10-27 15:12:45 -05:00
Josh Cummings
1dd13e69a4
Standardize Preparation Guide Layout
...
Closes gh-12096
2022-10-27 10:34:20 -06:00
Josh Cummings
cc8a93e5ec
Restore Missing Links to Migration Guide
2022-10-26 16:19:44 -06:00
Josh Cummings
f29d1da0a5
Add Link to 5.8 Preparation Guide
...
Closes gh-12093
2022-10-26 16:19:31 -06:00
Josh Cummings
2a95a24390
Add Link to 6.0 Migration Guide
...
Issue gh-12093
2022-10-26 16:15:36 -06:00
Rob Winch
d40ed58118
Merge branch '5.8.x'
...
Closes gh-12091
Closes gh-12092
2022-10-26 14:56:02 -05:00
Josh Cummings
2b50aa3ae0
Polish Method Security Migration Steps
...
Removed checkboxes when there is only one step
2022-10-26 13:47:16 -06:00
Rob Winch
24cc7ff178
Document Saved Requests Migration
...
Closes gh-12089
2022-10-26 14:24:00 -05:00
Rob Winch
c17e258a6f
Document Saved Requests
...
Closes gh-12088
2022-10-26 14:22:30 -05:00
Josh Cummings
d076ddb26c
Polish Method Security Migration Steps
2022-10-26 13:18:07 -06:00
Josh Cummings
f6731e89db
Polish Method Security Preparation Steps
2022-10-26 12:37:54 -06:00
Josh Cummings
4528561326
Add Method Security Migration Steps
2022-10-25 15:04:59 -06:00
Josh Cummings
7adc000c6b
Merge remote-tracking branch 'origin/5.8.x'
2022-10-25 14:42:32 -06:00
Josh Cummings
04fa5af794
Add Missing Doc Header
...
The EnableMethodSecurity section
2022-10-25 14:41:11 -06:00
Josh Cummings
e505bc3af4
Add Method Security Preparation Steps
2022-10-25 14:41:10 -06:00
Josh Cummings
f2ddeaface
Merge remote-tracking branch 'origin/5.8.x'
2022-10-17 15:01:30 -06:00
Josh Cummings
cfb7c87dfd
Merge remote-tracking branch 'origin/5.7.x' into 5.8.x
2022-10-17 15:00:40 -06:00
Josh Cummings
6b25307339
Merge remote-tracking branch 'origin/5.6.x' into 5.7.x
2022-10-17 14:57:39 -06:00
Josh Cummings
89c815032c
Fix Index Out of Bounds
2022-10-17 14:52:03 -06:00
Josh Cummings
4ba8f8bfe0
Update What's New
...
Closes gh-12024
2022-10-13 20:08:31 -06:00
Josh Cummings
f4cc27c375
Change Default for (Server)AuthenticationEntryPointFailureHandler
...
Closes gh-9429
2022-10-13 20:03:03 -06:00
Steve Riesenberg
d6356415f9
Polish whats-new.adoc
2022-10-13 13:42:04 -05:00
Steve Riesenberg
74e0616451
Update What's New for 6.0
2022-10-13 13:42:04 -05:00
Steve Riesenberg
5a55987d6e
Add links to reference in What's New for 5.8
...
Issue gh-4001
Issue gh-11959
2022-10-13 12:52:01 -05:00
Josh Cummings
59c4538798
Update What's New
...
Closes gh-12021
2022-10-13 10:13:20 -06:00
Josh Cummings
fe96a62dfc
Document Observability Support
...
Issue gh-10964
2022-10-12 20:32:25 -06:00
Joe Grandja
bf1e622751
Update What's New in 6.0 for PasswordEncoders
...
Issue gh-11985
2022-10-12 08:27:46 -04:00
Joe Grandja
716aa6df5c
Merge branch '5.8.x'
2022-10-12 07:43:26 -04:00
Joe Grandja
ffbcaca24a
Update reference for PasswordEncoders
...
Issue gh-10506
2022-10-12 07:32:30 -04:00
Marcus Da Coregio
c5e35bf32e
Merge branch '5.8.x'
...
Closes gh-11978
2022-10-10 09:24:50 -03:00
Marcus Da Coregio
4b6fed0667
Add static factory method to AntPathRequestMather and RegexRequestMatcher
...
Closes gh-11938
2022-10-10 09:24:15 -03:00
Daniel Garnier-Moiroux
27059ced87
Default X-Xss-Protection header value to "0"
...
Closes gh-9631
2022-10-07 17:42:55 -05:00
Steve Riesenberg
6753f9745e
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt
# docs/modules/ROOT/pages/reactive/exploits/csrf.adoc
2022-10-07 17:29:07 -05:00
Steve Riesenberg
f462134e87
Add reactive support for BREACH
...
Closes gh-11959
2022-10-07 16:34:17 -05:00
Marcus Da Coregio
398f5dee7f
Remove deprecated RequestMatcher methods from Java Configuration
...
Closes gh-11939
2022-10-07 15:26:46 -03:00
Marcus Da Coregio
9fd195d419
Default to shouldFilterAllDispatcherTypes=true in XML
...
Closes gh-11970
2022-10-07 11:46:20 -03:00
Marcus Da Coregio
146d3269bc
Merge branch '5.8.x'
...
Closes gh-11971
2022-10-07 10:28:14 -03:00
Marcus Da Coregio
f3321c256c
Add XML support for shouldFilterAllDispatcherTypes
...
Closes gh-11492
2022-10-07 10:20:32 -03:00
Josh Cummings
12b9f2e196
use-authorization-manager defaults to true
...
Closes gh-11929
2022-10-06 08:12:46 -06:00
Marcus Da Coregio
c4d23f2b49
Use MvcRequestMatcher by default if Spring MVC is present
...
Closes gh-11899
2022-10-06 09:12:04 -03:00
Steve Riesenberg
8b490de08d
Merge branch '5.8.x'
...
# Conflicts:
# docs/modules/ROOT/pages/servlet/exploits/csrf.adoc
2022-10-05 14:46:15 -05:00
Steve Riesenberg
dce1c30522
Add support for BREACH
...
Closes gh-4001
2022-10-05 14:21:13 -05:00
Rob Winch
22cbd2c42e
Merge branch '5.8.x'
...
Closes gh-11957
2022-10-05 14:00:13 -05:00
Rob Winch
a5cc1f0b60
Merge branch '5.7.x' into 5.8.x
...
Closes gh-11956
2022-10-05 13:58:44 -05:00
Rob Winch
37dd896d4b
Merge branch '5.6.x' into 5.7.x
...
Closes gh-11955
2022-10-05 13:57:25 -05:00
Dan Allen
e0843aabb1
automatically manage docs version (with collector)
2022-10-05 13:56:22 -05:00
Steve Riesenberg
c1fcf275d9
Update What's New for 5.8
...
Issue gh-11952
2022-10-05 13:48:18 -05:00
Marcus Da Coregio
38a7bbd2eb
Merge branch '5.8.x'
2022-10-05 13:20:12 -03:00
Marcus Da Coregio
ace8caa182
Remove mvcMatchers usage from docs
...
Issue gh-11347
2022-10-05 13:19:37 -03:00
Marcus Da Coregio
35f7e46d05
Remove WebSecurityConfigurerAdapter
...
Closes gh-10902
2022-10-04 15:13:04 -03:00
Steve Riesenberg
5de6da890b
Merge branch '5.8.x'
...
Closes gh-dry-run
2022-10-04 11:18:00 -05:00
Steve Riesenberg
475b3bb6bb
Add deferred CsrfTokenRepository.loadDeferredToken
...
* Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken>
* Move RepositoryDeferredCsrfToken to top-level and make package-private
* Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse)
* Update CsrfFilter
* Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler
Issue gh-11892
Closes gh-11918
2022-10-03 17:10:54 -05:00
Steve Riesenberg
7c3cc1e386
Merge branch '5.8.x'
2022-10-03 14:29:51 -05:00
Daniel Garnier-Moiroux
0e215a21ad
Add X-Xss-Protection headerValue to XML config
...
Issue gh-9631
2022-10-03 14:29:34 -05:00
Marcus Da Coregio
ad2abd39dc
Merge branch '5.8.x'
...
Closes gh-11347 in 6.0.x
Closes gh-11945
2022-10-03 16:02:18 -03:00
Marcus Da Coregio
039e0328e1
Simplify Java Configuration RequestMatcher Usage
...
If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity
Closes gh-11347
Closes gh-9159
2022-10-03 15:55:20 -03:00
Daniel Garnier-Moiroux
bf59d7c374
Update What's New for 5.8
2022-10-03 10:05:25 -05:00
Steve Riesenberg
43a1f8249c
Update What's New for 6.0
2022-09-29 15:57:48 -05:00
Steve Riesenberg
4d62621094
Merge branch '5.8.x'
2022-09-29 14:09:21 -05:00
Steve Riesenberg
7b1158ddb7
Merge branch '5.7.x' into 5.8.x
2022-09-29 14:09:10 -05:00
Steve Riesenberg
70c61dc1dd
Merge branch '5.6.x' into 5.7.x
2022-09-29 14:08:17 -05:00
Dan Allen
c44230ba24
switch to offical Antora plugin for Gradle
...
- lock version to latest release of Antora 3.1
- rename properties on extension block
- use Node.js version provided by plugin
- remove package.json file
- assign environment variables using environments property on extension block
- use single quotes where possible in build script
- use default setting for log format
2022-09-29 14:05:09 -05:00
Steve Riesenberg
6c6aedf772
Update What's New for 6.0
2022-09-26 10:07:50 -05:00
Steve Riesenberg
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
Steve Riesenberg
c0e784b16d
Update What's New for 6.0
2022-09-26 09:48:52 -05:00
Steve Riesenberg
bcb21c9384
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
2022-09-23 15:39:43 -05:00
Steve Riesenberg
46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver
...
Closes gh-11896
2022-09-23 15:09:00 -05:00
Rob Winch
0efe26c1fd
Merge branch '5.8.x'
...
Closes gh-11894
2022-09-22 13:47:04 -05:00
Rob Winch
d94677f87e
CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
...
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.
Closes gh-11892
2022-09-22 11:09:44 -05:00
Josh Cummings
70460ca009
Adjust OAuth2 Resource Server packaging
...
Closes gh-7349
2022-09-20 17:44:05 -06:00
Josh Cummings
61c80bcac5
Move Saml2 Authentication Filters
...
Closes gh-8819
2022-09-20 17:18:05 -06:00
Rob Winch
48e31f87e4
Remove Deprecated OpenSAML 3 Support
...
Closes gh-10556
2022-09-20 16:57:38 -06:00
Marcus Da Coregio
983ca6ea27
Update What's New for 5.8
2022-09-20 08:33:38 -03:00
Marcus Da Coregio
2b4a3a85f9
Update What's New for 6.0
2022-09-20 08:33:11 -03:00
github-actions[bot]
9564f1b5e4
Next development version
2022-09-19 16:55:17 +00:00
github-actions[bot]
009032e03c
Next development version
2022-09-19 15:47:44 +00:00
github-actions[bot]
dcbe900ff8
Release 5.8.0-M3
2022-09-19 15:24:11 +00:00
github-actions[bot]
a0a92b81f7
Release 6.0.0-M7
2022-09-19 15:23:23 +00:00
Steve Riesenberg
8f44f74d44
Update What's New for 5.8
2022-09-14 15:13:41 -05:00
Steve Riesenberg
70eea8dc67
Update What's New for 5.8
2022-09-14 14:58:48 -05:00
Steve Riesenberg
2431dd1103
Merge branch '5.8.x'
2022-09-13 17:38:10 -05:00
Steve Riesenberg
355ef21117
Polish gh-11665
2022-09-13 16:45:39 -05:00
ch4mpy
1efb63387f
Add authentication converter for introspected tokens
...
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).
The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).
The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.
Closes gh-11661
2022-09-13 16:45:36 -05:00
Dan Allen
3387149a0f
repurpose 5.6.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:41:12 -05:00
Dan Allen
3e42119f84
repurpose 5.7.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:37:13 -05:00
Dan Allen
ab9ed26ad2
repurpose 5.8.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 14:40:56 -05:00
Dan Allen
d22ee32c7d
reconfigure branch for local builds and as scheduler for docs workflows
...
- set up placeholder and trigger for Deploy Docs workflow in docs-build branch
- set up placeholder and trigger for Rebuild Search Index workflow in docs-build branch
- remove obsolete Deploy Reference workflow
- upgrade Antora to 3.1
- reconfigure docs build for local build only
- add patch to support using linked worktree as Antora content source
- remove Antora extensions only needed for the production docs build
2022-09-09 12:57:00 -05:00
Rob Winch
5ae492b1c1
Add What's New @WithMockUser Supported as Merged Annotation
2022-09-08 09:49:00 -05:00
Rob Winch
d996c2a2c6
Remove unsafe/deprecated `Encryptors.querableText(CharSequence,CharSequence)`
...
This method is insecure. Users should instead encrypt with their database.
Closes gh-8980
2022-09-07 13:51:58 -05:00
Steve Riesenberg
ed41a60aae
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
# config/src/test/resources/org/springframework/security/config/http/DeferHttpSessionTests-Explicit.xml
# web/src/main/java/org/springframework/security/web/csrf/CsrfFilter.java
2022-09-06 11:51:55 -05:00
Steve Riesenberg
86fbb8db07
Add new interfaces for CSRF request processing
...
Issue gh-4001
Issue gh-11456
2022-09-06 11:43:33 -05:00
Marcus Da Coregio
e17989d92d
Merge branch '5.8.x'
2022-09-01 09:39:33 -03:00
Marcus Da Coregio
ff6fd78d64
Merge branch '5.7.x' into 5.8.x
2022-09-01 09:39:10 -03:00
Marcus Da Coregio
0a08a23423
Merge branch '5.6.x' into 5.7.x
2022-09-01 09:38:33 -03:00
Underground Hill
8b74bf9742
Updated reference to architecture page
...
In the context of Servlet Authentication page, "Architecture" should probably link to "Servlet Authentication Architecture" page
2022-09-01 09:38:10 -03:00
Steve Riesenberg
8474acebf2
Merge branch '5.8.x'
2022-08-29 15:12:48 -05:00
he1ex-tG
568277f8bc
Mistake in Kotlin code representation is fixed
2022-08-29 15:11:10 -05:00
Josh Cummings
b1fd9af723
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-26 16:01:40 -06:00
Josh Cummings
0f58620643
Add AspectJ AuthorizationManager Support
...
Closes gh-11326
2022-08-26 15:59:08 -06:00
Josh Cummings
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-25 14:46:48 -06:00
Josh Cummings
070dce1baf
Document ReactiveMethodSecurity improvements
...
Issue gh-9401
2022-08-25 14:36:03 -06:00
Josh Cummings
27ce5936cf
Add Caveat about Spring Security's co-routine support
...
Closes gh-10920
2022-08-25 14:36:02 -06:00
Rob Winch
81d6b6df6c
Add Explicit SessionAuthenticationStrategy Option
...
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.
This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.
Closes gh-11455
2022-08-18 17:38:03 -05:00
Rob Winch
89f8310d6c
Add Explicit SessionAuthenticationStrategy Option
...
SessionAuthenticationFilter requires accessing the HttpSession to do its
job. Previously, there was no way to just disable the
SessionAuthenticationFilter despite the fact that
SessionAuthenticationStrategy is invoked by the authentication filters
directly.
This commit adds an option to disable SessionManagmentFilter in favor of
requiring explicit SessionAuthenticationStrategy invocation already
performed by the authentication filters.
Closes gh-11455
2022-08-18 17:00:47 -05:00
jujunChen
13feb87171
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:36 -06:00
jujunChen
d93bde7465
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:06 -06:00
jujunChen
e3d85881e9
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:48:14 -06:00
jujunChen
9f6d9c2b84
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:44:34 -06:00
Rob Winch
8ad20b1768
Add CsrfFilter.csrfRequestAttributeName
...
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.
This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.
Issue gh-11699
2022-08-16 13:47:31 -05:00
Rob Winch
5b64526ba9
Add CsrfFilter.csrfRequestAttributeName
...
Previously the CsrfToken was set on the request attribute with the name
equal to CsrfToken.getParameterName(). This didn't really make a lot of
sense because the CsrfToken.getParameterName() is intended to be used as
the HTTP parameter that the CSRF token was provided. What's more is it
meant that the CsrfToken needed to be read for every request to place it
as an HttpServletRequestAttribute. This causes unnecessary HttpSession
access which can decrease performance for applications.
This commit allows setting CsrfFilter.csrfReqeustAttributeName to
remove the dual purposing of CsrfToken.parameterName and to allow deferal
of reading the CsrfToken to prevent unnecessary HttpSession access.
Issue gh-11699
2022-08-15 17:07:02 -05:00
github-actions[bot]
1510460a1a
Next development version
2022-08-15 16:14:19 +00:00
github-actions[bot]
db74e9d128
Next development version
2022-08-15 16:07:33 +00:00
github-actions[bot]
c188b70c88
Next development version
2022-08-15 16:06:45 +00:00
github-actions[bot]
4559d269e0
Release 5.6.7
2022-08-15 15:25:05 +00:00
github-actions[bot]
173d74d693
Release 5.7.3
2022-08-15 15:24:54 +00:00
github-actions[bot]
063e56ce8b
Release 5.8.0-M2
2022-08-15 15:24:27 +00:00
Rob Winch
425b3501b7
Remove `@Configuration` from `@Enable*` Annotations
...
This removes `@Configuration` from all `@Enable` Annotations and explicitly
adds `@Configuration` to wherever the `@Enable*` Annotations are used.
Closes gh-11653
2022-08-09 17:00:24 -05:00
Rob Winch
a5069d7e35
Fix Add @Configuration to @Enable*Security Usage
...
Issue gh-6613
2022-08-09 17:00:16 -05:00
Igor Bolic
2e66b9f6cc
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:44:01 -05:00
Igor Bolic
efaee4e56b
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:35:49 -05:00
Joshua Sattler
040111ae9e
Remove Configuration meta-annotation from Enable* annotations
...
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
2022-07-30 03:48:42 +02:00
Steve Riesenberg
a72c5a55db
Revert "Remove @Configuration from webflux config examples"
...
This reverts commit aec9effb88
.
2022-07-26 16:46:01 -05:00
Joshua Sattler
aec9effb88
Remove @Configuration from webflux config examples
2022-07-26 16:34:10 -05:00
Desmond Silveira
0d3c3c676d
"Well-Know" should be "Well-Known"
2022-07-26 15:45:27 -05:00
Desmond Silveira
06aa3362dd
"Well-Know" should be "Well-Known"
2022-07-26 15:44:41 -05:00
Desmond Silveira
3b9f5ac77b
"Well-Know" should be "Well-Known"
2022-07-26 15:41:38 -05:00
Desmond Silveira
2a336d4f49
"Well-Know" should be "Well-Known"
2022-07-26 15:41:05 -05:00
Marcus Da Coregio
0c549ee147
Use SHA256 by default in Remember Me
...
Closes gh-11520
2022-07-25 10:33:12 -03:00
Yuriy Savchenko
0f64d4c091
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 14:04:16 -03:00
Yuriy Savchenko
7c7751635d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:56:41 -03:00
Yuriy Savchenko
5322352427
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:49:21 -03:00
Yuriy Savchenko
db9d60e82d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:47:07 -03:00
github-actions[bot]
bf138c5154
Next development version
2022-07-18 17:05:25 +00:00
github-actions[bot]
79912a0a44
Release 6.0.0-M6
2022-07-18 13:29:25 -03:00
Marcus Da Coregio
860c669666
Revert "Release 6.0.0-M6"
...
This reverts commit c8fa238cfc
.
2022-07-18 13:18:34 -03:00
github-actions[bot]
8d147100ee
Next development version
2022-07-18 16:00:47 +00:00
github-actions[bot]
c8fa238cfc
Release 6.0.0-M6
2022-07-18 15:27:55 +00:00
github-actions[bot]
8d3586f949
Release 5.8.0-M1
2022-07-18 15:25:10 +00:00
Marcus Da Coregio
f45c4d4b8e
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:41:03 -03:00
Marcus Da Coregio
dda98f333c
Polish
...
Make encodingAlgorithm final and add it to the constructor
Add since tags
Add more tests
2022-07-15 10:34:36 -03:00
Marcus Da Coregio
e17fe8ced9
Add SHA256 as an algorithm option for Remember Me token hashing
...
Closes gh-8549
2022-07-15 10:34:36 -03:00
Josh Cummings
35fc437559
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-14 09:25:49 -06:00
Marcus Da Coregio
9608eaa138
Clarify authorize-http-requests docs
...
Issue gh-11467
2022-07-14 10:19:31 -03:00
Marcus Da Coregio
64ba31aebb
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 10:08:19 -03:00
Marcus Da Coregio
57d6ab7134
Improve docs on dispatcherTypeMatcher
...
Closes gh-11467
2022-07-14 09:13:46 -03:00
Josh Cummings
624fdfa731
Add AuthorizationManager for protect-pointcut
...
Closes gh-11323
2022-07-13 17:58:16 -06:00
Marcus Da Coregio
6455e98745
FilterSecurityInterceptor applies to every request by default
...
Closes gh-11466
2022-07-12 10:53:03 -03:00
Tim te Beek
ce67fb08fd
Clearly end sentence in note before next sentence
2022-07-11 17:38:44 -06:00
Tim te Beek
6e63278ab9
Use Collection<ConfigAttribute> in examples
...
To match `org.springframework.security.access.ConfigAttribute`.
2022-07-11 17:38:44 -06:00
Tim te Beek
2c0a4337a8
Clearly end sentence in note before next sentence
2022-07-11 17:36:30 -06:00
Tim te Beek
9f4b0ca8b5
Use Collection<ConfigAttribute> in examples
...
To match `org.springframework.security.access.ConfigAttribute`.
2022-07-11 17:36:30 -06:00
Josh Cummings
148c926de0
Support AuthorizationManager for intercept-methods Element
...
Closes gh-11328
2022-07-06 13:01:57 -06:00
Josh Cummings
74a007dc91
Support AuthorizationManager for intercept-methods Element
...
Closes gh-11328
2022-07-06 12:54:05 -06:00
Josh Cummings
bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging
...
Issue gh-11061
2022-06-27 16:24:27 -06:00
Josh Cummings
74167d62b1
Add SecurityContextHolderStrategy XML Configuration for Messaging
...
Issue gh-11061
2022-06-27 15:55:28 -06:00
Josh Cummings
5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security
...
Issue gh-11061
2022-06-27 13:40:55 -06:00
Josh Cummings
9cd7c7b046
Add SecurityContextHolderStrategy XML Configuration for Method Security
...
Issue gh-11061
2022-06-27 13:05:07 -06:00
Vinícius Hashimoto
11a74a2926
Fix method call example on documentation
2022-06-24 17:05:31 -06:00
Joe Grandja
d3a024786b
Next Development Version
2022-06-20 15:05:30 -04:00
Joe Grandja
fa4c5449e7
Release 5.6.6
2022-06-20 14:50:24 -04:00
Joe Grandja
6f275deb55
Next Development Version
2022-06-20 12:37:13 -04:00
Joe Grandja
c40f65f5a2
Release 5.7.2
2022-06-20 12:17:25 -04:00
Josh Cummings
150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults
...
Issue gh-11061
2022-06-17 12:21:10 -06:00
Josh Cummings
2a70707c35
Add SecurityContextHolderStrategy XML Configuration for Defaults
...
Issue gh-11061
2022-06-17 11:28:10 -06:00
sKai.fun
a3e996a66b
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 17:33:41 -05:00
sKai.fun
953b54f63d
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 15:15:03 -05:00
sKai.fun
6b1d5ec6ae
Fix title render issue of Digest Authentication document
...
Closes gh-11272
2022-06-01 15:13:06 -05:00
André Luis Gomes
aca3fc2412
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:51:44 -03:00
André Luis Gomes
0c31cb21dc
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:50:56 -03:00
André Luis Gomes
24701b547f
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:49:47 -03:00
André Luis Gomes
b9acdd5058
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 13:43:42 +02:00
Josh Cummings
2afa9313eb
Use AuthorizationManager in <http>
...
Closes gh-11305
2022-05-31 16:01:41 -06:00
Josh Cummings
9dbd1f3e25
Use AuthorizationManager in <http>
...
Closes gh-11305
2022-05-31 15:10:00 -06:00
Josh Cummings
d7077b441a
Correct access(String) reference
...
Closes gh-11280
2022-05-27 15:00:15 -06:00
Josh Cummings
292585080a
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:59:06 -06:00
Josh Cummings
0abc54c7de
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:52:20 -06:00
Josh Cummings
ff0d85e2ac
Correct access(String) reference
...
Closes gh-11280
2022-05-27 14:51:45 -06:00
Josh Cummings
f4c0fcb5ef
Add AuthorizationManager to Messaging
...
Closes gh-11076
2022-05-27 13:35:19 -06:00
Josh Cummings
101f11ba94
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 13:12:56 -06:00
Josh Cummings
18b903f6e3
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 13:12:56 -06:00
nor-ek
038266a94f
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 13:12:55 -06:00
Josh Cummings
bbff945b95
Restore missing link text
...
Issue gh-10934
2022-05-27 13:00:20 -06:00
Josh Cummings
8690accd57
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:57:57 -06:00
Josh Cummings
e3c15260e7
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:57:57 -06:00
nor-ek
9625382b22
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:57:56 -06:00
Josh Cummings
dda026b5fc
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:57:02 -06:00
Josh Cummings
2363dbb4e4
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:56:57 -06:00
nor-ek
23cc1eb32b
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:56:51 -06:00
Josh Cummings
ff0b1712b6
Improve ContextConfiguration Docs
...
Point to updated Spring Reference
Issue gh-10934
2022-05-27 12:46:36 -06:00
Josh Cummings
0a64579b1e
Polish ExtendWith Docs
...
Use spring-framework-reference-url placeholder
Issue gh-10934
2022-05-27 12:46:27 -06:00
nor-ek
416f94f979
Update Junit5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:46:04 -06:00
Josh Cummings
8a03d1fcec
Add AuthorizationManager to Messaging
...
Closes gh-11076
2022-05-27 12:20:48 -06:00
Steve Riesenberg
0355e960d7
Next development version
2022-05-18 11:52:05 -05:00
Steve Riesenberg
fdad14af63
Release 5.6.5
2022-05-18 11:03:25 -05:00
github-actions[bot]
07841794c5
Next development version
2022-05-18 16:02:48 +00:00
github-actions[bot]
8eb235d36e
Release 6.0.0-M5
2022-05-18 10:37:41 -05:00
Steve Riesenberg
14bbf33658
Revert "Release 6.0.0-M5"
...
This reverts commit 6513f3ce71
.
2022-05-18 10:37:07 -05:00
github-actions[bot]
6513f3ce71
Release 6.0.0-M5
2022-05-18 15:26:59 +00:00
Rob Winch
4caf53e96d
Next Development Version
2022-05-18 10:06:25 -05:00
Rob Winch
22a1c99b9e
Release 5.7.1
2022-05-18 10:00:11 -05:00
github-actions[bot]
3a5eb47d0c
Next development version
2022-05-16 19:13:07 +00:00
Steve Riesenberg
eaac43a179
Release 6.0.0-M4
2022-05-16 13:42:14 -05:00
Steve Riesenberg
cd024bdb80
Revert "Release 6.0.0-M4"
...
This reverts commit 49a5f972be
.
2022-05-16 13:25:42 -05:00
Steve Riesenberg
49a5f972be
Release 6.0.0-M4
2022-05-16 12:51:47 -05:00
Rob Winch
dc648cf79f
Next Developement Version
2022-05-16 11:51:06 -05:00
Rob Winch
5155719877
Next Development Version
2022-05-16 11:44:53 -05:00
Rob Winch
c2d2914a4f
Release 5.6.4
2022-05-16 11:36:26 -05:00
Rob Winch
3497b0ed68
Release 5.7.0
2022-05-16 11:35:18 -05:00
Marcus Da Coregio
806e05855c
Replace removed context-related operators
...
Closes gh-11194
2022-05-10 14:58:02 -03:00
Josh Cummings
4ebd37ae77
Add 5.8 Support
2022-05-03 09:04:34 -06:00
Josh Cummings
1f43733749
Add 5.7.x branch to playbook
2022-05-03 09:03:51 -06:00
Josh Cummings
0e9228d10a
Prepare for Spring Security 5.8
2022-05-02 16:34:23 -06:00
Marcus Da Coregio
a0232ed135
Add shouldFilterAllDispatcherTypes to Kotlin DSL
...
Closes gh-11153
2022-04-28 08:34:48 -03:00
Marcus Da Coregio
e94adedb94
Add shouldFilterAllDispatcherTypes to Kotlin DSL
...
Closes gh-11153
2022-04-28 08:19:20 -03:00
Rob Winch
6c8f64d2bd
Next Development Version
2022-04-18 14:55:35 -05:00
Rob Winch
e80b3cc5a2
Release 5.7.0-RC1
2022-04-18 14:50:15 -05:00
Marcus Da Coregio
2a2c2dd209
Next development version
2022-04-18 13:27:01 -03:00
Marcus Da Coregio
fa0e06ebdc
Release 5.6.3
2022-04-18 11:59:42 -03:00
Rob Winch
9a9a43a0c0
ForceEagerSessionCreationFilter
...
Closes gh-11109
2022-04-15 14:18:25 -05:00
Rob Winch
aaf78330b1
ForceEagerSessionCreationFilter
...
Closes gh-11109
2022-04-15 14:16:35 -05:00
Marcus Da Coregio
5367524030
Change the default of shouldFilterAllDispatchTypes to true
...
Closes gh-11107
2022-04-14 16:30:42 -03:00
Marcus Da Coregio
84b5c76a7b
Add Option to Filter All Dispatcher Types
...
Closes gh-11092
2022-04-14 16:10:36 -03:00
Marcus Da Coregio
7fea639a43
Add Option to Filter All Dispatcher Types
...
Closes gh-11092
2022-04-14 15:58:00 -03:00
Marcus Da Coregio
86c3ce7efc
Update What's New
2022-04-13 11:24:36 -03:00
Rob Winch
39b0620a84
Add DisableUrlRewritingFilter
...
Closes gh-11084
2022-04-08 16:13:44 -05:00
Rob Winch
7be32872e9
Add DisableUrlRewritingFilter
...
Closes gh-11084
2022-04-08 16:13:24 -05:00
Pascal Verdage
b71d9bfdc2
Fix typo
2022-04-06 11:09:41 +02:00
Pascal Verdage
ed8887e0fc
Fix typo
2022-04-06 11:09:15 +02:00
Johannes Graf
4ee5800ec9
use okta as registration id
...
looks like `ping` is some registration id used in the past.
Closes gh-11034
2022-03-30 14:41:03 -06:00
Johannes Graf
d4931ecf2b
use okta as registration id
...
looks like `ping` is some registration id used in the past.
2022-03-30 14:40:25 -06:00
Johannes Graf
51a99701ad
use okta as registration id
...
looks like `ping` is some registration id used in the past.
2022-03-30 14:39:39 -06:00
Josh Cummings
ce720ad38e
Document Authorization Events
...
Issue gh-9288
2022-03-29 16:37:22 -06:00
Josh Cummings
04c483387e
Document Authorization Events
...
Issue gh-9288
2022-03-29 16:03:20 -06:00
Eleftheria Stein
759d983d62
Fix formatting in reference docs
2022-03-24 15:15:20 +01:00
Eleftheria Stein
d4d6ddbaae
Fix formatting in reference docs
2022-03-24 15:13:50 +01:00
Eleftheria Stein
0a2a327476
Fix reference documentation redirects
...
Closes gh-11018
2022-03-23 09:01:42 +01:00
Steve Riesenberg
8fe6ecb459
Update antora.yml
2022-03-21 15:27:40 -05:00
github-actions[bot]
e2e1689d9d
Release 6.0.0-M2
2022-03-21 13:56:04 -05:00
Marcus Da Coregio
7deaab8822
Next development version
2022-03-21 14:51:40 -03:00
Marcus Da Coregio
ed0a323a71
Release 5.7.0-M3
2022-03-21 14:00:04 -03:00
Steve Riesenberg
28dd7dabfb
Update What's New for 5.7
2022-03-17 12:56:17 -05:00
Steve Riesenberg
c38c722473
Update What's New for 5.7
2022-03-17 09:56:45 -05:00
Steve Riesenberg
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
Steve Riesenberg
428216b322
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:50:25 -05:00
Joe Grandja
4a8219d16c
Update whats-new.adoc with gh-9812
2022-03-17 04:41:33 -04:00
Joe Grandja
54b033078b
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:36:10 -04:00
Joe Grandja
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
Rob Winch
fabeabd2db
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:45 -06:00
Rob Winch
c49d47d9fa
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:12 -06:00
Rob Winch
972039e65c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-12 13:31:04 -06:00
Rob Winch
87ed31a99c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-11 17:22:23 -06:00
Rob Winch
ae7d56d65b
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:43:11 -06:00
Rob Winch
6e45a376cd
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:42:38 -06:00
Rob Winch
e4f1826622
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:41:19 -06:00
Rob Winch
b71b2f81e1
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:41:19 -06:00
Rob Winch
9967078059
Antora 3.0.0
...
Issue gh-10962
2022-03-11 13:41:19 -06:00
Norbert Nowak
abd33389be
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:49:29 -07:00
Norbert Nowak
ac9c29b2a0
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:23:35 -07:00
Lijamaija
660da6f4a0
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 17:49:43 +01:00
Lijamaija
bc2bb8cb96
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 16:18:09 +01:00
Marcus Da Coregio
1762a4ce70
Add SAML 2.0 Single Logout XML Support
...
Closes gh-10842
2022-03-09 10:48:34 -03:00
Marcus Da Coregio
1cbe7a75d3
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 10:40:26 -03:00
Marcus Da Coregio
93d4fd3559
Add SAML 2.0 Single Logout XML Support
...
Closes gh-10842
2022-03-09 09:18:01 -03:00
Marcus Da Coregio
73f839312d
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 09:18:01 -03:00
Talerngpong Virojwutikul
440ffce2eb
Update PasswordEncoder declaration
...
Closes gh-10910
2022-03-01 07:50:55 -07:00
Talerngpong Virojwutikul
acda921fe9
Update PasswordEncoder declaration
...
Closes gh-10910
2022-03-01 07:49:25 -07:00
Talerngpong Virojwutikul
ff15bec02d
update PasswordEncoder declaration
2022-03-01 07:48:31 -07:00
Marcus Da Coregio
344ab1814c
Next development version
2022-02-21 11:56:40 -03:00
Marcus Da Coregio
2426989441
Release 5.7.0-M2
2022-02-21 11:00:07 -03:00
Marcus Da Coregio
1a32b399e6
Next development version
2022-02-21 10:49:06 -03:00
Marcus Da Coregio
e9f3da94fc
Release 5.6.2
2022-02-21 10:04:41 -03:00
Talerngpong Virojwutikul
386e8a86a1
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:54:04 -03:00
Talerngpong Virojwutikul
45a88fc391
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:49:27 -03:00
Talerngpong Virojwutikul
8a56e4f35e
add Kotlin examples for Spring Data Integration of servlet application
2022-02-18 08:46:20 -03:00
Eleftheria Stein
a2d1965c25
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:30:45 +01:00
Eleftheria Stein
c6b185465d
Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant
...
Closes gh-10837
2022-02-15 11:24:23 +01:00
Yuriy Savchenko
f64181ab41
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 17:18:48 +01:00
Yuriy Savchenko
77ba94e1db
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 11:07:42 +01:00
Talerngpong Virojwutikul
015036741b
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:16:47 +01:00
Talerngpong Virojwutikul
d0faff62df
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:01:43 +01:00
Eleftheria Stein
4142f06259
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 18:10:58 +01:00
Eleftheria Stein
4492e5b667
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 16:12:10 +01:00
giger85
85e531ec74
Fix typo in role hierarchy docs
...
Closes gh-10804
2022-02-04 16:32:47 +01:00
giger85
27ecae2545
Fix typo in role hierarchy docs
...
Closes gh-10804
2022-02-04 16:31:19 +01:00
Eleftheria Stein
28b363551e
Use lambda DSL in logout header docs
2022-02-04 16:26:51 +01:00
Eleftheria Stein
7c9de7d0ff
Use lambda DSL in logout header docs
2022-02-04 16:26:18 +01:00
Rob Winch
ac990afa5d
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:47:35 -06:00
Rob Winch
c1dfe407bc
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:27 -06:00
Rob Winch
51fc4a4ca3
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:05 -06:00
Ken Dombeck
55cccbf727
Fix broken link to SAML2 login example
2022-02-03 10:20:45 -06:00
Ken Dombeck
e5def290a1
Fix broken link to SAML2 login example
2022-02-03 10:10:04 -06:00
Ken Dombeck
13d8b69ee4
Fix broken link to SAML2 login example
2022-02-03 09:42:21 -06:00
Eleftheria Stein
a095ea75a2
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:52:54 +01:00
Eleftheria Stein
8aa3f291b7
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:42:08 +01:00
Eleftheria Stein
f465403a99
Fix typo in getting started docs
...
Closes gh-10736
2022-02-02 10:30:43 +01:00
Eleftheria Stein
99c488c6ae
Polish LDAP reference docs
...
Issue gh-10789
2022-01-28 17:15:37 +01:00
Eleftheria Stein
869fc8c96c
Use LDAP AuthenticationManager factory in reference docs
...
Closes gh-10789
2022-01-28 17:13:04 +01:00
Eleftheria Stein
e280061538
Polish LDAP reference docs
...
Issue gh-10789
2022-01-28 17:04:39 +01:00
Eleftheria Stein
d5824521e8
Use LDAP AuthenticationManager factory in reference docs
...
Closes gh-10789
2022-01-28 17:03:56 +01:00
Josh Cummings
5a2556879a
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 16:18:33 -07:00
Josh Cummings
d538423f98
Add Saml2AuthenticationRequestResolver
...
Closes gh-10355
2022-01-24 15:09:45 -07:00
Rob Winch
f94090a59b
Remove spring-security-openid
...
Closes gh-10773
2022-01-21 16:55:19 -06:00
Rob Winch
55cf7c9683
Remove default display_version
2022-01-18 13:26:39 -06:00
Rob Winch
c4812b17ee
Default antora displayVersion
...
Issue gh-10765
2022-01-18 12:55:46 -06:00
Marcus Da Coregio
c9a9087454
Add 6.0.* tag to antora-playbook
2022-01-17 14:45:31 -03:00
Marcus Da Coregio
3834268008
Next development version
2022-01-17 13:08:59 -03:00
Marcus Da Coregio
816831746f
Release 6.0.0-M1
2022-01-17 11:22:05 -03:00
Josh Cummings
20c252982e
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-14 15:29:50 -07:00
Steve Riesenberg
7efbc9d5f7
Next Development Version
2022-01-14 12:51:23 -06:00
Steve Riesenberg
a8457b518f
Release 5.7.0-M1
2022-01-14 12:16:08 -06:00
Joe Grandja
525f40490c
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:59:14 -05:00
Joe Grandja
214cfe807e
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:42:10 -05:00
Rob Winch
96e5e67737
Update to Antora 3.0.0
2022-01-05 11:22:34 -06:00
Rob Winch
005d7465b0
Add fix for 5.6.1 version
2022-01-04 17:03:32 -06:00
Rob Winch
783a43ea35
Add CheckAntoraVersionPlugin
2022-01-04 15:52:05 -06:00
Rob Winch
07a176d11e
Update antora to 5.6.2
2022-01-04 15:52:05 -06:00
Rob Winch
9b6c7af526
Add CheckAntoraVersionPlugin
2022-01-04 15:33:24 -06:00
Rob Winch
6884a16726
Add CheckAntoraVersionPlugin
2022-01-04 15:29:14 -06:00
Josh Cummings
45b7fed884
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 13:14:12 -07:00
Josh Cummings
6b54afe9a3
Remove SAML 2.0 Logout Default
...
Closes gh-10607
2022-01-03 12:54:22 -07:00
Rob Winch
2471e3296d
Fix xsd tests
2021-12-13 17:38:22 -06:00
Rob Winch
2fb056b5c1
Merge Clean up Reference Documentation
...
Closes gh-9668
2021-12-13 16:57:36 -06:00
Marcus Da Coregio
0beb725259
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-08 11:07:09 +01:00
Marcus Da Coregio
65426a40ec
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-07 17:23:06 +01:00
Steve Riesenberg
32ec8c3ae4
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:58:24 +01:00
Steve Riesenberg
7ec3b55ab3
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:48:11 +01:00
Steve Riesenberg
1896a5e669
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-06 13:05:50 +01:00
Henning Poettker
f1ca42e501
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:14:05 -03:00
Henning Poettker
bb99d7d95a
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 14:13:12 -03:00
Henning Poettker
04161b9288
Fix return type for NoOpPasswordEncoder bean in documentation
2021-11-23 10:38:04 -03:00
Josh Cummings
16a21264d0
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:36:31 -07:00
Josh Cummings
739cdc1a4c
Polish AuthRequestConverter Sample Doc
...
Issue gh-10364
2021-11-18 13:36:10 -07:00