Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,831 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

11831 Commits

Author SHA1 Message Date
Steve Riesenberg bbac85e20b Reduce severity of invalid registrationId to warn 
This prevents filling the log file with error messages when routine
scans are being performed.

Closes gh-11344
 2022-09-26 09:56:20 -05:00
Josh Cummings ae6fb8c681
Add Deprecated Versions of Original Classes 
Issue gh-7349
 2022-09-23 16:31:22 -06:00
Josh Cummings 37a160245f
Adjust OAuth2 Resource Server packaging 
Closes gh-7349
 2022-09-23 16:31:21 -06:00
Steve Riesenberg 46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver 
Closes gh-11896
 2022-09-23 15:09:00 -05:00
Steve Riesenberg d140d95305
Fix assertion in NullSecurityContextRepository 
Issue gh-11060
 2022-09-22 15:33:22 -05:00
Steve Riesenberg 5d757919a2
Add SecurityContextHolderStrategy to new repository 
In 6.0, RequestAttributeSecurityContextRepository will be the default
implementation of SecurityContextRepository. This commit adds the
ability to configure a custom SecurityContextHolderStrategy, similar
to other components.

Issue gh-11060
Closes gh-11895
 2022-09-22 15:33:21 -05:00
Rob Winch d94677f87e CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler 
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.

Closes gh-11892
 2022-09-22 11:09:44 -05:00
Evgeniy Cheban c1d27612af Simplify AuthorizationManager composition 
Closes gh-11625
 2022-09-20 16:24:45 -06:00
Josh Cummings 3f8503f1b4
Deprecate AccessDecisionManager et al 
Closes gh-11302
 2022-09-20 16:09:59 -06:00
Marcus Da Coregio 983ca6ea27 Update What's New for 5.8 2022-09-20 08:33:38 -03:00
Marcus Da Coregio 0c96989cbe Move script tag into body element 
Closes gh-11879
 2022-09-19 15:46:23 -03:00
github-actions[bot] 9564f1b5e4 Next development version 2022-09-19 16:55:17 +00:00
github-actions[bot] dcbe900ff8 Release 5.8.0-M3 2022-09-19 15:24:11 +00:00
Steve Riesenberg e4e24c6639
Update org.springframework to 5.3.23 
Closes gh-11851
 2022-09-16 13:39:03 -05:00
Steve Riesenberg eeb152cd6d
Update htmlunit-driver to 2.64.0 
Closes gh-11850
 2022-09-16 13:39:03 -05:00
Steve Riesenberg 0159e8c976
Update org.mockito to 4.8.0 
Closes gh-11849
 2022-09-16 13:39:02 -05:00
Steve Riesenberg e2a4227c11
Update junit-bom to 5.9.0 
Closes gh-11848
 2022-09-16 13:39:02 -05:00
Steve Riesenberg 573a5b626d
Update hsqldb to 2.7.0 
Closes gh-11847
 2022-09-16 13:39:02 -05:00
Steve Riesenberg 5d8427a52b
Update hibernate-entitymanager to 5.6.11.Final 
Closes gh-11846
 2022-09-16 13:39:01 -05:00
Steve Riesenberg ece5ff1500
Update org.eclipse.jetty to 9.4.49.v20220914 
Closes gh-11845
 2022-09-16 13:39:01 -05:00
Steve Riesenberg 870de424f0
Update htmlunit to 2.64.0 
Closes gh-11844
 2022-09-16 13:39:00 -05:00
Steve Riesenberg a884e0dda9
Update io.rsocket to 1.1.3 
Closes gh-11843
 2022-09-16 13:39:00 -05:00
Steve Riesenberg 6d3e04184b
Update io.projectreactor to 2020.0.23 
Closes gh-11841
 2022-09-16 13:38:59 -05:00
Steve Riesenberg 3d4f947cd5
Update mockk to 1.12.8 
Closes gh-11840
 2022-09-16 13:38:59 -05:00
Steve Riesenberg d915f0f9ca
Update aspectj-plugin to 6.5.1 
Closes gh-11839
 2022-09-16 13:38:58 -05:00
Steve Riesenberg a799528679
Update com.nimbusds to 9.43.1 
Closes gh-11838
 2022-09-16 13:38:58 -05:00
Steve Riesenberg 40a343c6e1
Update jackson-bom to 2.13.4 
Closes gh-11835
 2022-09-16 13:38:57 -05:00
Steve Riesenberg 67a00bcaa0
Fix JSONObject and JSONArray imports in tests 2022-09-16 13:38:57 -05:00
Steve Riesenberg 11f46fc584
Exclude release candidate dependencies 2022-09-16 13:38:56 -05:00
Marcus Da Coregio 9a4b39e823 Merge branch '5.7.x' into 5.8.x 2022-09-16 13:17:25 -03:00
Marcus Da Coregio e01b43f0e4 Merge branch '5.6.x' into 5.7.x 2022-09-16 13:16:55 -03:00
Jerome Prinet 8d2fb6858f Update Gradle Enterprise plugin to 3.11.1 2022-09-16 13:14:53 -03:00
Marcus Da Coregio 53ed6c3138 Merge branch '5.7.x' into 5.8.x 
Closes gh-11825
 2022-09-16 10:18:10 -03:00
Marcus Da Coregio b6a8c10d05 Merge branch '5.6.x' into 5.7.x 
Closes gh-11824
 2022-09-16 10:17:21 -03:00
Marcus Da Coregio 7756247c3a Simplify checkSamples task 
Closes gh-11814
 2022-09-16 09:36:12 -03:00
Steve Riesenberg 8f44f74d44
Update What's New for 5.8 2022-09-14 15:13:41 -05:00
Daniel Garnier-Moiroux bea7761a1c
ClientRegistrations#rest defines 30s connect and read timeouts 2022-09-14 15:10:34 -05:00
Steve Riesenberg 70eea8dc67
Update What's New for 5.8 2022-09-14 14:58:48 -05:00
slam 45bbd86f7e
HttpSecurityDsl should support apply method 
Closes gh-11754
 2022-09-14 13:58:42 -05:00
Steve Riesenberg 355ef21117
Polish gh-11665 2022-09-13 16:45:39 -05:00
ch4mpy 1efb63387f
Add authentication converter for introspected tokens 
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).

The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).

The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.

Closes gh-11661
 2022-09-13 16:45:36 -05:00
Steve Riesenberg cc988fc287
Merge branch '5.7.x' into 5.8.x 
Merged using the ours strategy.
 2022-09-12 15:52:10 -05:00
Steve Riesenberg 937c86cb55
Merge branch '5.6.x' into 5.7.x 
Merged using ours strategy.
 2022-09-12 15:48:15 -05:00
Dan Allen 3387149a0f repurpose 5.6.x branch to provide local docs build 
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
 2022-09-12 15:41:12 -05:00
Dan Allen 3e42119f84 repurpose 5.7.x branch to provide local docs build 
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
 2022-09-12 15:37:13 -05:00
Dan Allen ab9ed26ad2 repurpose 5.8.x branch to provide local docs build 
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
 2022-09-12 14:40:56 -05:00
aSemy 6e2e8c41b5
typo fitler -> filter 2022-09-12 10:43:41 -05:00
aSemy e7880b1815
Javadoc typo 'sue' -> 'use' 2022-09-12 10:43:03 -05:00
Rob Winch 5ae492b1c1 Add What's New @WithMockUser Supported as Merged Annotation 2022-09-08 09:49:00 -05:00
mariusz b478e5bc93 gh-6899: @WithMockUser as metaannotation 2022-09-08 09:44:32 -05:00