Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,305 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

12305 Commits

Author SHA1 Message Date
github-actions[bot] ec58bf0b28 Next development version 2023-10-16 16:06:01 +00:00
github-actions[bot] e4e31f2c90 Release 5.8.8 2023-10-16 15:21:39 +00:00
dependabot[bot] 49cd8ae217 Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.16 to 2021.2.17.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.16...2021.2.17)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-16 07:48:24 -03:00
Steve Riesenberg 81d91063a5
Document how to publish an AuthenticationManager 
Closes gh-11926
 2023-10-13 18:15:09 -05:00
dependabot[bot] 7f50bb5db1 Bump io.projectreactor.netty:reactor-netty from 1.0.36 to 1.0.38 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.36 to 1.0.38.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.36...v1.0.38)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:58:11 -03:00
dependabot[bot] 7556df6ea7 Bump io.projectreactor:reactor-bom from 2020.0.36 to 2020.0.37 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.36 to 2020.0.37.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.36...2020.0.37)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:56:17 -03:00
dependabot[bot] 71ceb5b80b Bump org-eclipse-jetty from 9.4.52.v20230823 to 9.4.53.v20231009 
Bumps `org-eclipse-jetty` from 9.4.52.v20230823 to 9.4.53.v20231009.

Updates `org.eclipse.jetty:jetty-server` from 9.4.52.v20230823 to 9.4.53.v20231009
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.52.v20230823...jetty-9.4.53.v20231009)

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.52.v20230823 to 9.4.53.v20231009
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.52.v20230823...jetty-9.4.53.v20231009)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:56:06 -03:00
dependabot[bot] bd9643af44 Bump com.github.spullara.mustache.java:compiler from 0.9.10 to 0.9.11 
Bumps [com.github.spullara.mustache.java:compiler](https://github.com/spullara/mustache.java) from 0.9.10 to 0.9.11.
- [Commits](https://github.com/spullara/mustache.java/compare/0.9.10...mustache.java-0.9.11)

---
updated-dependencies:
- dependency-name: com.github.spullara.mustache.java:compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-10 08:20:03 -03:00
dependabot[bot] d46627b776 Bump org.jfrog.buildinfo:build-info-extractor-gradle 
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.29.0 to 4.29.4.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.29.0...build-info-gradle-extractor-4.29.4)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-09 07:29:32 -03:00
dependabot[bot] 8c6b5e0efe Bump io.spring.ge.conventions from 0.0.7 to 0.0.14 
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.7 to 0.0.14.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.7...v0.0.14)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:29:32 -03:00
dependabot[bot] 3315775734 Bump org.apache.logging.log4j:log4j-core from 2.17.1 to 2.17.2 
Bumps org.apache.logging.log4j:log4j-core from 2.17.1 to 2.17.2.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:27:24 -03:00
dependabot[bot] cefcbdc819 Bump com.github.spullara.mustache.java:compiler from 0.9.4 to 0.9.10 
Bumps [com.github.spullara.mustache.java:compiler](https://github.com/spullara/mustache.java) from 0.9.4 to 0.9.10.
- [Commits](https://github.com/spullara/mustache.java/compare/mustache.java-0.9.4...0.9.10)

---
updated-dependencies:
- dependency-name: com.github.spullara.mustache.java:compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:27:08 -03:00
dependabot[bot] 0b25dc53cc Bump com.gradle.enterprise from 3.11.1 to 3.11.4 
Bumps com.gradle.enterprise from 3.11.1 to 3.11.4.

---
updated-dependencies:
- dependency-name: com.gradle.enterprise
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:26:54 -03:00
dependabot[bot] 766396aa7c Bump io.projectreactor:reactor-bom from 2020.0.35 to 2020.0.36 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.35 to 2020.0.36.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.35...2020.0.36)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:26:23 -03:00
Marcus Da Coregio 64270f28e4 Saml2LogoutRequestMixin relayState property should be binding 
Closes gh-12539
 2023-10-03 08:41:33 -03:00
dependabot[bot] ece5089cc8 Bump org-aspectj from 1.9.20 to 1.9.20.1 
Bumps `org-aspectj` from 1.9.20 to 1.9.20.1.

Updates `org.aspectj:aspectjrt` from 1.9.20 to 1.9.20.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.20 to 1.9.20.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:50 -03:00
dependabot[bot] 448d23dd3e Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.15 to 2021.2.16.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.15...2021.2.16)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:34 -03:00
dependabot[bot] 0108241049 Bump org.springframework:spring-framework-bom from 5.3.29 to 5.3.30 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.29 to 5.3.30.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.29...v5.3.30)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:13 -03:00
dependabot[bot] 88cfae4182 Bump org-eclipse-jetty from 9.4.51.v20230217 to 9.4.52.v20230823 
Bumps `org-eclipse-jetty` from 9.4.51.v20230217 to 9.4.52.v20230823.

Updates `org.eclipse.jetty:jetty-server` from 9.4.51.v20230217 to 9.4.52.v20230823
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.51.v20230217...jetty-9.4.52.v20230823)

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.51.v20230217 to 9.4.52.v20230823
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.51.v20230217...jetty-9.4.52.v20230823)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:08:47 -03:00
Marcus Da Coregio b9836d618a Fix Workflows 
Issue gh-13873
 2023-09-29 15:50:10 -03:00
Marcus Da Coregio 2505c08e8f Do Not Run Some Workflows on Dependabot's PRs 
Issue gh-13873

(cherry picked from commit 3aae03b1b2)
 2023-09-29 15:48:12 -03:00
Marcus Da Coregio 9e877c9bc6 Do not run some workflows for Dependabot branches 
Issue gh-13873

(cherry picked from commit ab812b2b53)
 2023-09-29 15:48:11 -03:00
dependabot[bot] adef0f3f25 Bump com.google.code.gson:gson from 2.8.6 to 2.8.9 
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.8.6 to 2.8.9.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.8.6...gson-parent-2.8.9)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-29 14:19:16 -03:00
dependabot[bot] a8eb565b05 Bump io.projectreactor.netty:reactor-netty from 1.0.35 to 1.0.36 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.35 to 1.0.36.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.35...v1.0.36)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-29 14:14:00 -03:00
Marcus Da Coregio 64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Marcus Da Coregio 650692964e Fix snapshot_tests on CI workflow 
Closes gh-13876
 2023-09-28 15:58:43 -03:00
Marcus Da Coregio e29ea47ff7 Use Gradle's Version Catalog 
Issue gh-13868
 2023-09-28 14:57:18 -03:00
Marcus Da Coregio 664ee9a206 Fix formatting 
Issue gh-13776
 2023-09-25 10:09:32 -03:00
Jannick Weisshaupt b67218c150 Fix corrupted saml2 metadata when special characters are present 
Closes gh-13776
 2023-09-25 14:08:14 +01:00
Eric Haag ac04c2e675 Add dependency between rncToXsd and sourcesJar 
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
sourcesJar must be defined.

Issue gh-13845
 2023-09-19 14:19:45 +01:00
Eric Haag e63d7fd9e9 Add dependency between rncToXsd and versionlessXsd 
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
versionlessXsd must be defined.

Issue gh-13845
 2023-09-19 14:19:33 +01:00
Eric Haag 718c470910 Prevent creating duplicate .xsd entries 
This change removes .xsd entries that would appear in the top level of
the assembled artifacts. This occurred because the output of the
rncToXsd task does not consider the path beneath the resources
directory. To fix this, the processResources task is directly
configured with a copy spec so the required path can be set.

Issue gh-13845
 2023-09-19 14:19:19 +01:00
Steve Riesenberg 700b711c4b
Merge branch '5.7.x' into 5.8.x 2023-09-18 11:22:40 -05:00
github-actions[bot] c614422f44 Next development version 2023-09-18 16:10:51 +00:00
github-actions[bot] 85e0783796 Next development version 2023-09-18 16:10:25 +00:00
github-actions[bot] 3656fa6e0c Release 5.7.11 2023-09-18 15:24:51 +00:00
github-actions[bot] 564a022ab6 Release 5.8.7 2023-09-18 15:22:27 +00:00
Rob Winch 779541b340 Merge branch '5.7.x' into 5.8.x 
Automate spring-security.xsd

Closes gh-13823
 2023-09-14 23:37:53 -05:00
Rob Winch 5b293d2116 Automate spring-security.xsd 
Closes gh-13819
 2023-09-14 16:01:50 -05:00
Eric Haag f026e29771 Add dependency on rncToXsd task from nohttp 
This addresses a deprecation warning causing build caching to be
disabled for the checkstyleNohttp task. With this change, we tell
Gradle that the rncToXsd task in the spring-security-config project
produces output that should be considered when running the
checkstyleNohttp task. This clears up ambiguities when computing the
task graph.
 2023-09-13 13:58:44 +01:00
Eric Haag 620e6e0c34 Add rncToXsd task to resources set 
This addresses a deprecation warning causing build caching to be
disabled for some tasks. With this change, we tell Gradle that the
rncToXsd task produces output that should be considered a resource.
This clears up ambiguities when computing the task graph.
 2023-09-13 13:58:42 +01:00
Eric Haag 4ebfa2c804 Use lazy API to configure rncToXsd task 
This avoids configuring the task eagerly.
 2023-09-13 13:58:05 +01:00
Steve Riesenberg 3feb809b35
Fix Saml2AuthenticationExceptionMixin on JDK 17 
Closes gh-13804
 2023-09-12 18:39:29 -05:00
Steve Riesenberg 9b7a110704
Fix OAuth2AuthenticationExceptionMixinTests on JDK 17 
Closes gh-11893
 2023-09-12 16:51:47 -05:00
Marcus Da Coregio ce012a4661 CookieRequestCache Should Preserve Request Locale 
Closes gh-13792
 2023-09-12 16:21:27 +01:00
Marcus Da Coregio 96d1763fc4 WWW-Authenticate header should not be added twice 
Closes gh-13737
 2023-08-31 10:07:10 -03:00
github-actions[bot] 8efbbb3eb5 Next development version 2023-08-21 16:09:41 +00:00
github-actions[bot] 612909ac4f Release 5.8.6 2023-08-21 15:21:12 +00:00
Josh Cummings 28f98b3351
Improve Error Message 
Closes gh-13667
 2023-08-20 22:53:57 -06:00
Josh Cummings ed96e2cddf
Ignore Unmappable Servlets 
Closes gh-13666
 2023-08-20 22:53:55 -06:00