Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-30 00:32:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,274 Commits 38 Branches 345 Tags
Commit Graph

12274 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
b919ece045
Change Idempotent to Read-Only 
Closes gh-13644
 2023-11-07 16:25:28 -07:00
Josh Cummings
11a21896dd
Defer SecurityContextHolderStrategy Lookup 
Due to how early method interceptors are loaded during startup
it's reasonable to consider scenarios where applications are
changing the global security context holder strategy during
startup.

Closes gh-12877
 2023-11-07 12:36:16 -07:00
Marcus Hert Da Coregio
eff9814d7b Add links to WebFlux section where referenced 
Closes gh-14100
 2023-11-07 13:13:41 -03:00
Dong, Xue-Han
058495d463 Add the Authorization Section to Nav List 
Closes gh-14099
 2023-11-07 13:11:52 -03:00
Josh Cummings
ffd12ee3b9
Refine requestMatcher Validation Rules 
Closes gh-14078
 2023-10-31 17:08:24 -06:00
Marcus Hert Da Coregio
3f64c6d745 Use version catalog to resolve nimbus dependency versions 
Issue gh-14047
 2023-10-30 16:11:51 -03:00
Marcus Hert Da Coregio
2cd302fb1b Revert "Use lenient configuration for prohibited dependencies check" 
This reverts commit 602d4189d11a3cd59d07f77b81721731f191534e.
 2023-10-30 16:11:02 -03:00
Marcus Hert Da Coregio
e8ec49b4c5 Resolve versions without downloading dependencies 
Issue gh-14047
 2023-10-30 14:46:12 -03:00
Marcus Hert Da Coregio
602d4189d1 Use lenient configuration for prohibited dependencies check 
Issue gh-14047
 2023-10-30 12:10:32 -03:00
Marcus Hert Da Coregio
884014c2fb Use lenient configuration to resolve artifacts 
Issue gh-14047
 2023-10-30 11:25:30 -03:00
Marcus Hert Da Coregio
47969ec7c9 Fix verifyDependenciesVersions not working with s101 
Issue gh-14047
 2023-10-30 08:28:15 -03:00
Marcus Da Coregio
6654479649 Polish VerifyDependenciesVersionsPlugin 
Issue gh-14047
 2023-10-27 09:45:19 -03:00
Steve Riesenberg
bfc31bacab
Polish Username/Password Authentication page 
Issue gh-11926

(cherry picked from commit 781d575921da42bb0523deda844bdd1c33889077)
 2023-10-25 15:50:53 -05:00
Marcus Da Coregio
ad2bea3350 Fail build if nimbus-jose-jwt version is not aligned 
Closes gh-14047
 2023-10-25 13:44:23 -03:00
Steve Riesenberg
5161712c35
Polish gh-13976 
Closes gh-13757
 2023-10-19 16:40:23 -05:00
Veli Döngelci
a6b872dcf3
Fix caching error state in ReactiveRemoteJWKSource 2023-10-19 16:40:13 -05:00
Marcus Da Coregio
70ad3bf749 relay_state should not be included in signing calculation when it is null 
Closes gh-13913
 2023-10-19 09:58:47 -03:00
Scott Shidlovsky
19c4e427ee Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5 
(cherry picked from commit 508f7d7b8a42a3be34c7919d03d85b64c35d0794)
 2023-10-19 09:50:28 -03:00
Marcus Da Coregio
736f1c27cd Remove updateDependencies plugin 
Closes gh-13966
 2023-10-18 14:12:25 -03:00
github-actions[bot]
ec58bf0b28 Next development version 2023-10-16 16:06:01 +00:00
github-actions[bot]
e4e31f2c90 Release 5.8.8 5.8.8 2023-10-16 15:21:39 +00:00
dependabot[bot]
49cd8ae217 Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.16 to 2021.2.17.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.16...2021.2.17)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-16 07:48:24 -03:00
Steve Riesenberg
81d91063a5
Document how to publish an AuthenticationManager 
Closes gh-11926
 2023-10-13 18:15:09 -05:00
dependabot[bot]
7f50bb5db1 Bump io.projectreactor.netty:reactor-netty from 1.0.36 to 1.0.38 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.36 to 1.0.38.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.36...v1.0.38)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:58:11 -03:00
dependabot[bot]
7556df6ea7 Bump io.projectreactor:reactor-bom from 2020.0.36 to 2020.0.37 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.36 to 2020.0.37.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.36...2020.0.37)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:56:17 -03:00
dependabot[bot]
71ceb5b80b Bump org-eclipse-jetty from 9.4.52.v20230823 to 9.4.53.v20231009 
Bumps `org-eclipse-jetty` from 9.4.52.v20230823 to 9.4.53.v20231009.

Updates `org.eclipse.jetty:jetty-server` from 9.4.52.v20230823 to 9.4.53.v20231009
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.52.v20230823...jetty-9.4.53.v20231009)

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.52.v20230823 to 9.4.53.v20231009
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.52.v20230823...jetty-9.4.53.v20231009)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:56:06 -03:00
dependabot[bot]
bd9643af44 Bump com.github.spullara.mustache.java:compiler from 0.9.10 to 0.9.11 
Bumps [com.github.spullara.mustache.java:compiler](https://github.com/spullara/mustache.java) from 0.9.10 to 0.9.11.
- [Commits](https://github.com/spullara/mustache.java/compare/0.9.10...mustache.java-0.9.11)

---
updated-dependencies:
- dependency-name: com.github.spullara.mustache.java:compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-10 08:20:03 -03:00
dependabot[bot]
d46627b776 Bump org.jfrog.buildinfo:build-info-extractor-gradle 
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.29.0 to 4.29.4.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.29.0...build-info-gradle-extractor-4.29.4)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-09 07:29:32 -03:00
dependabot[bot]
8c6b5e0efe Bump io.spring.ge.conventions from 0.0.7 to 0.0.14 
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.7 to 0.0.14.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.7...v0.0.14)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:29:32 -03:00
dependabot[bot]
3315775734 Bump org.apache.logging.log4j:log4j-core from 2.17.1 to 2.17.2 
Bumps org.apache.logging.log4j:log4j-core from 2.17.1 to 2.17.2.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:27:24 -03:00
dependabot[bot]
cefcbdc819 Bump com.github.spullara.mustache.java:compiler from 0.9.4 to 0.9.10 
Bumps [com.github.spullara.mustache.java:compiler](https://github.com/spullara/mustache.java) from 0.9.4 to 0.9.10.
- [Commits](https://github.com/spullara/mustache.java/compare/mustache.java-0.9.4...0.9.10)

---
updated-dependencies:
- dependency-name: com.github.spullara.mustache.java:compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:27:08 -03:00
dependabot[bot]
0b25dc53cc Bump com.gradle.enterprise from 3.11.1 to 3.11.4 
Bumps com.gradle.enterprise from 3.11.1 to 3.11.4.

---
updated-dependencies:
- dependency-name: com.gradle.enterprise
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:26:54 -03:00
dependabot[bot]
766396aa7c Bump io.projectreactor:reactor-bom from 2020.0.35 to 2020.0.36 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.35 to 2020.0.36.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.35...2020.0.36)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:26:23 -03:00
Marcus Da Coregio
64270f28e4 Saml2LogoutRequestMixin relayState property should be binding 
Closes gh-12539
 2023-10-03 08:41:33 -03:00
dependabot[bot]
ece5089cc8 Bump org-aspectj from 1.9.20 to 1.9.20.1 
Bumps `org-aspectj` from 1.9.20 to 1.9.20.1.

Updates `org.aspectj:aspectjrt` from 1.9.20 to 1.9.20.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.20 to 1.9.20.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:50 -03:00
dependabot[bot]
448d23dd3e Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.15 to 2021.2.16.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.15...2021.2.16)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:34 -03:00
dependabot[bot]
0108241049 Bump org.springframework:spring-framework-bom from 5.3.29 to 5.3.30 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.29 to 5.3.30.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.29...v5.3.30)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:13 -03:00
dependabot[bot]
88cfae4182 Bump org-eclipse-jetty from 9.4.51.v20230217 to 9.4.52.v20230823 
Bumps `org-eclipse-jetty` from 9.4.51.v20230217 to 9.4.52.v20230823.

Updates `org.eclipse.jetty:jetty-server` from 9.4.51.v20230217 to 9.4.52.v20230823
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.51.v20230217...jetty-9.4.52.v20230823)

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.51.v20230217 to 9.4.52.v20230823
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.51.v20230217...jetty-9.4.52.v20230823)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:08:47 -03:00
Marcus Da Coregio
b9836d618a Fix Workflows 
Issue gh-13873
 2023-09-29 15:50:10 -03:00
Marcus Da Coregio
2505c08e8f Do Not Run Some Workflows on Dependabot's PRs 
Issue gh-13873

(cherry picked from commit 3aae03b1b2414c847ec61bb430ba4445c1bcadf5)
 2023-09-29 15:48:12 -03:00
Marcus Da Coregio
9e877c9bc6 Do not run some workflows for Dependabot branches 
Issue gh-13873

(cherry picked from commit ab812b2b5399985e54472d8e3d13f9b52730b06d)
 2023-09-29 15:48:11 -03:00
dependabot[bot]
adef0f3f25 Bump com.google.code.gson:gson from 2.8.6 to 2.8.9 
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.8.6 to 2.8.9.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.8.6...gson-parent-2.8.9)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-29 14:19:16 -03:00
dependabot[bot]
a8eb565b05 Bump io.projectreactor.netty:reactor-netty from 1.0.35 to 1.0.36 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.35 to 1.0.36.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.35...v1.0.36)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-29 14:14:00 -03:00
Marcus Da Coregio
64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Marcus Da Coregio
650692964e Fix snapshot_tests on CI workflow 
Closes gh-13876
 2023-09-28 15:58:43 -03:00
Marcus Da Coregio
e29ea47ff7 Use Gradle's Version Catalog 
Issue gh-13868
 2023-09-28 14:57:18 -03:00
Marcus Da Coregio
664ee9a206 Fix formatting 
Issue gh-13776
 2023-09-25 10:09:32 -03:00
Jannick Weisshaupt
b67218c150 Fix corrupted saml2 metadata when special characters are present 
Closes gh-13776
 2023-09-25 14:08:14 +01:00
Eric Haag
ac04c2e675 Add dependency between rncToXsd and sourcesJar 
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
sourcesJar must be defined.

Issue gh-13845
 2023-09-19 14:19:45 +01:00
Eric Haag
e63d7fd9e9 Add dependency between rncToXsd and versionlessXsd 
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
versionlessXsd must be defined.

Issue gh-13845
 2023-09-19 14:19:33 +01:00