Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,305 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

12305 Commits

Author SHA1 Message Date
github-actions[bot] b71962e87d Next development version 2023-12-18 19:49:40 +00:00
github-actions[bot] b97c310aba Release 5.8.9 2023-12-18 19:12:02 +00:00
Josh Cummings 59461d94b0
Clarify RSocket Configuration Docs 
Closes gh-13718
 2023-12-18 12:02:49 -07:00
Josh Cummings fc007aa373
Check OpenSAML Version in XML Support 
Closes gh-12483
 2023-12-18 11:51:15 -07:00
Josh Cummings eaaa813ede
Fix header value typo 
Closes gh-11948
 2023-12-18 10:42:50 -07:00
dependabot[bot] 10b3a9b234 Bump Gamesight/slack-workflow-status from 1.0.1 to 1.2.0 
Bumps [Gamesight/slack-workflow-status](https://github.com/gamesight/slack-workflow-status) from 1.0.1 to 1.2.0.
- [Release notes](https://github.com/gamesight/slack-workflow-status/releases)
- [Commits](https://github.com/gamesight/slack-workflow-status/compare/v1.0.1...v1.2.0)

---
updated-dependencies:
- dependency-name: Gamesight/slack-workflow-status
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:50 -03:00
dependabot[bot] e4cc0a4755 Bump slackapi/slack-github-action from 1.19.0 to 1.24.0 
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.19.0 to 1.24.0.
- [Release notes](https://github.com/slackapi/slack-github-action/releases)
- [Commits](https://github.com/slackapi/slack-github-action/compare/v1.19.0...v1.24.0)

---
updated-dependencies:
- dependency-name: slackapi/slack-github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:37 -03:00
dependabot[bot] ff71ef46b7 Bump actions/setup-java from 3 to 4 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:19 -03:00
dependabot[bot] 5593655bbf Bump spring-io/spring-gradle-build-action from 1 to 2 
Bumps [spring-io/spring-gradle-build-action](https://github.com/spring-io/spring-gradle-build-action) from 1 to 2.
- [Commits](https://github.com/spring-io/spring-gradle-build-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: spring-io/spring-gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:09 -03:00
dependabot[bot] 47812e506f Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:00 -03:00
dependabot[bot] 89fd30f235 Bump io.projectreactor.netty:reactor-netty from 1.0.39 to 1.0.40 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.39 to 1.0.40.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.39...v1.0.40)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 09:16:42 -03:00
dependabot[bot] c3c068376a Bump io.projectreactor:reactor-bom from 2020.0.38 to 2020.0.39 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.38 to 2020.0.39.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.38...2020.0.39)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 09:15:35 -03:00
Marcus Hert Da Coregio 6d68f403fc Document that Shibboleth Repository is Required for SAML Support 
Closes gh-14286
 2023-12-13 09:11:27 -03:00
Josh Cummings 74d06f020d
Update to Latest Boot Property 
Closes gh-14252
 2023-12-11 11:44:08 -07:00
Candelario e896b14046 Dropped Nimbus Error Message 
Closes gh-13730
 2023-12-11 10:19:02 -07:00
Josh Cummings be11812fe4
Account for Super-super-interface Inheritance 
Closes gh-13625
 2023-12-09 11:41:02 -07:00
Steve Riesenberg 9c44b700f5
Add Gradle Enterprise creds to PR builds 
Closes gh-14249
 2023-12-07 14:28:51 -06:00
dependabot[bot] 40e8b20257 Bump ch.qos.logback:logback-classic from 1.2.12 to 1.2.13 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.2.12 to 1.2.13.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.2.12...v_1.2.13)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-04 08:51:58 -07:00
Josh Cummings c336ca49fb
Update Spring MVC Docs 
Closes gh-14220
 2023-12-01 12:57:46 -07:00
Josh Cummings c623303ca5
Add Logging 
Now if the ServletRegistration API available message is shown, it will
also be accompanied with a startup warning in the logs.

Closes gh-14221
 2023-12-01 12:57:46 -07:00
Josh Cummings a98baa7522
Polish ServletRegistration API Deferral 
Tomcat uses different ServletContext instances from startup- and request-time.
This commit ensures that if the programmatic API isn't available at startup-time,
then use the ServletContext attached to the HttpServletRequest at runtime.

Issue gh-13794
 2023-12-01 12:57:45 -07:00
dependabot[bot] bb0987db80 Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.17 to 2021.2.18.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.17...2021.2.18)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-20 08:51:36 -03:00
Josh Cummings d961307044
Polish RequestMatcher Description 
Issue gh-13794
 2023-11-17 12:24:38 -07:00
Josh Cummings 4ca54683ae
Defer requestMatchers Validation to Runtime 
Closes gh-13794
 2023-11-17 11:23:21 -07:00
Marcus Hert Da Coregio a7da9491d9 Use assertj assertions 2023-11-17 09:03:36 -03:00
dependabot[bot] 382cfd63ed Bump io-spring-javaformat from 0.0.39 to 0.0.40 
Bumps `io-spring-javaformat` from 0.0.39 to 0.0.40.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.39 to 0.0.40
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.39...v0.0.40)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.39 to 0.0.40
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.39...v0.0.40)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-17 09:03:36 -03:00
dependabot[bot] 7c98a39770 Bump org.springframework:spring-framework-bom from 5.3.30 to 5.3.31 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.30 to 5.3.31.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.30...v5.3.31)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-17 09:03:29 -03:00
dependabot[bot] 6afcc02ef3 Bump io.projectreactor:reactor-bom from 2020.0.37 to 2020.0.38 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.37 to 2020.0.38.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.37...2020.0.38)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-16 08:35:55 -03:00
dependabot[bot] 773673ac2c Bump io.projectreactor.netty:reactor-netty from 1.0.38 to 1.0.39 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.38 to 1.0.39.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.38...v1.0.39)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-16 08:35:05 -03:00
Steve Riesenberg 7335c5745c
Document authentication helper method in WebClient integration 
This commit re-applies 49f3c0ce53
which was lost while splitting pages for Antora.

Issue gh-13816
Issue gh-10120
 2023-11-09 10:46:32 -06:00
Josh Cummings 52675c80b3
Check For Null Exception Message 
Closes gh-13768
 2023-11-07 17:19:35 -07:00
Josh Cummings b919ece045
Change Idempotent to Read-Only 
Closes gh-13644
 2023-11-07 16:25:28 -07:00
Josh Cummings 11a21896dd
Defer SecurityContextHolderStrategy Lookup 
Due to how early method interceptors are loaded during startup
it's reasonable to consider scenarios where applications are
changing the global security context holder strategy during
startup.

Closes gh-12877
 2023-11-07 12:36:16 -07:00
Marcus Hert Da Coregio eff9814d7b Add links to WebFlux section where referenced 
Closes gh-14100
 2023-11-07 13:13:41 -03:00
Dong, Xue-Han 058495d463 Add the Authorization Section to Nav List 
Closes gh-14099
 2023-11-07 13:11:52 -03:00
Josh Cummings ffd12ee3b9
Refine requestMatcher Validation Rules 
Closes gh-14078
 2023-10-31 17:08:24 -06:00
Marcus Hert Da Coregio 3f64c6d745 Use version catalog to resolve nimbus dependency versions 
Issue gh-14047
 2023-10-30 16:11:51 -03:00
Marcus Hert Da Coregio 2cd302fb1b Revert "Use lenient configuration for prohibited dependencies check" 
This reverts commit 602d4189d1.
 2023-10-30 16:11:02 -03:00
Marcus Hert Da Coregio e8ec49b4c5 Resolve versions without downloading dependencies 
Issue gh-14047
 2023-10-30 14:46:12 -03:00
Marcus Hert Da Coregio 602d4189d1 Use lenient configuration for prohibited dependencies check 
Issue gh-14047
 2023-10-30 12:10:32 -03:00
Marcus Hert Da Coregio 884014c2fb Use lenient configuration to resolve artifacts 
Issue gh-14047
 2023-10-30 11:25:30 -03:00
Marcus Hert Da Coregio 47969ec7c9 Fix verifyDependenciesVersions not working with s101 
Issue gh-14047
 2023-10-30 08:28:15 -03:00
Marcus Da Coregio 6654479649 Polish VerifyDependenciesVersionsPlugin 
Issue gh-14047
 2023-10-27 09:45:19 -03:00
Steve Riesenberg bfc31bacab
Polish Username/Password Authentication page 
Issue gh-11926

(cherry picked from commit 781d575921)
 2023-10-25 15:50:53 -05:00
Marcus Da Coregio ad2bea3350 Fail build if nimbus-jose-jwt version is not aligned 
Closes gh-14047
 2023-10-25 13:44:23 -03:00
Steve Riesenberg 5161712c35
Polish gh-13976 
Closes gh-13757
 2023-10-19 16:40:23 -05:00
Veli Döngelci a6b872dcf3
Fix caching error state in ReactiveRemoteJWKSource 2023-10-19 16:40:13 -05:00
Marcus Da Coregio 70ad3bf749 relay_state should not be included in signing calculation when it is null 
Closes gh-13913
 2023-10-19 09:58:47 -03:00
Scott Shidlovsky 19c4e427ee Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5 
(cherry picked from commit 508f7d7b8a)
 2023-10-19 09:50:28 -03:00
Marcus Da Coregio 736f1c27cd Remove updateDependencies plugin 
Closes gh-13966
 2023-10-18 14:12:25 -03:00