Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,647 Commits 34 Branches 337 Tags
Commit Graph

2837 Commits

Author SHA1 Message Date
Josh Cummings
a31a99b591
Add SecurityContextHolderStrategy to Default Components 
Issue gh-11060
 2022-06-17 11:58:36 -06:00
Josh Cummings
31e25b115e Add SecurityContextHolderStrategy to Default Components 
Issue gh-11060
 2022-06-17 11:28:10 -06:00
Marcus Da Coregio
4c2401a576 Revert "Make source code compatible with JDK 8" 
This reverts commit 60ed3602f6281d1a34c643484dfcb3440e2243d5.
 2022-06-02 19:24:42 +02:00
Evgeniy Cheban
5eadcba7d1
Add RoleHierarchy to AuthorityAuthorizationManager 
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.

Closes gh-11304
 2022-06-01 09:00:08 -06:00
Evgeniy Cheban
d557d2d0eb Add RoleHierarchy to AuthorityAuthorizationManager 
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.

Closes gh-11304
 2022-06-01 08:28:16 -06:00
James
d124fa2858
Fix typo in comment for changePassword method 2022-05-25 12:34:55 -06:00
Evgeniy Cheban
5540bbcf0b
createEvaluationContext should defer lookup of Authentication 
- Added createEvaluationContext method that accepts Supplier<Authentication>
- Refactored classes that use EvaluationContext to use lazy initialization of Authentication

Closes gh-9667
 2022-05-18 17:36:17 -06:00
Evgeniy Cheban
362f15534e createEvaluationContext should defer lookup of Authentication 
- Added createEvaluationContext method that accepts Supplier<Authentication>
- Refactored classes that use EvaluationContext to use lazy initialization of Authentication

Closes gh-9667
 2022-05-18 17:34:14 -06:00
Evgeniy Cheban
2b4794475e
Polish gh-11188 2022-05-12 16:32:11 -05:00
Evgeniy Cheban
3f861f7f20
Polish gh-11188 2022-05-12 16:20:43 -05:00
Marcus Da Coregio
806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Evgeniy Cheban
dbd96a9e3f
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager 
Closes gh-11188
 2022-05-09 16:05:52 -06:00
Evgeniy Cheban
9f669c5e3c
Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager 
Closes gh-11188
 2022-05-09 16:05:04 -06:00
Evgeniy Cheban
66bbfc7a50 @EnableMethodSecurity doesn't resolve Method Security annotations on interfaces through a Proxy 
Removed proxy unwrapping in case of resolving Method Security annotations,
this cause an issue when interfaces which are implemented by the proxy was skipped,
resulting in a missing security checks on those methods.

Closes gh-11175
 2022-05-03 13:17:23 -05:00
Evgeniy Cheban
9193e46800 @EnableMethodSecurity doesn't resolve Method Security annotations on interfaces through a Proxy 
Removed proxy unwrapping in case of resolving Method Security annotations,
this cause an issue when interfaces which are implemented by the proxy was skipped,
resulting in a missing security checks on those methods.

Closes gh-11175
 2022-05-03 13:15:53 -05:00
Josh Cummings
0e9228d10a
Prepare for Spring Security 5.8 2022-05-02 16:34:23 -06:00
Emil Sierżęga
33ee3058d4 Add missing insufficientAuthentication property in messages_*.properties 2022-04-29 10:38:42 +02:00
Emil Sierżęga
da2a68e182 Add missing untranslated properties in messages_lt 2022-04-29 10:38:42 +02:00
Emil Sierżęga
5832202a4d Fixed bad property name in messages_it 2022-04-29 10:38:42 +02:00
Emil Sierżęga
22dac674da Remove unnecessary dots from messages_cs_CZ 2022-04-29 10:38:42 +02:00
Emil Sierżęga
8b06a4bbe2 Remove trailing space from messages_ru 2022-04-29 10:38:42 +02:00
Emil Sierżęga
47c4b0426d Add missing badLdapConnection property in messages_*.properties 2022-04-29 10:38:42 +02:00
Josh Cummings
61c0a25bcd
Add default strategy constructor 
Closes gh-11059
 2022-04-05 17:32:14 -06:00
Josh Cummings
057f4a86d5
Add default strategy constructor 
Closes gh-11059
 2022-04-05 17:29:47 -06:00
Josh Cummings
bdd5f86526
Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:37:21 -06:00
Parikshit Dutta
990831db85
Add authorization events 
Closes gh-9288
 2022-03-29 16:22:43 -06:00
Josh Cummings
061f69eb70
Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:03:19 -06:00
Parikshit Dutta
bd9434882f
Add authorization events 
Closes gh-9288
 2022-03-29 15:44:21 -06:00
Steve Riesenberg
8aa7029d07 Fix checkstyle errors 
Issue gh-10989
 2022-03-18 22:53:29 -05:00
Norbert Nowak
abd33389be Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:49:29 -07:00
Norbert Nowak
ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:23:35 -07:00
Josh Cummings
4ede1feae5 Polish Saml2 Jackson Support 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Ulrich Grave
2334610fa9 Add Jackson Support for Saml2 Module 
Closes gh-10905
 2022-03-01 14:17:17 -07:00
Josh Cummings
6c3d183a94 Polish Saml2 Jackson Support 
Issue gh-10905
 2022-03-01 13:56:02 -07:00
Ulrich Grave
df84826c95 Add Jackson Support for Saml2 Module 
Closes gh-10905
 2022-03-01 12:07:55 -07:00
Eleftheria Stein
a2d1965c25 Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant 
Closes gh-10837
 2022-02-15 11:30:45 +01:00
Eleftheria Stein
c6b185465d Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant 
Closes gh-10837
 2022-02-15 11:24:23 +01:00
Rob Winch
70fa8b1fdb Add Support for @Transient SecurityContext 
Closes gh-9995
 2022-02-03 09:45:51 -06:00
Rob Winch
6f0029fc44 Add Support for @Transient SecurityContext 
Closes gh-9995
 2022-02-02 17:04:44 -06:00
Rob Winch
f94090a59b Remove spring-security-openid 
Closes gh-10773
 2022-01-21 16:55:19 -06:00
Rob Winch
44bc953a39 Remove jcl-over-slf4j 
Issue gh-10499
 2022-01-19 14:40:56 -06:00
Rob Winch
678c386834 jsr250-api -> jakarta.annotation-api 
Issue gh-10501
 2022-01-19 14:34:32 -06:00
Rob Winch
f8e14683f6 Remove jcl-over-slf4j 
Issue gh-10499
 2022-01-19 14:33:46 -06:00
Marcus Da Coregio
60ed3602f6 Make source code compatible with JDK 8 
Closes gh-10695
 2022-01-11 09:19:41 -03:00
Guirong Hu
3935f4bffe Fix the bug that the custom GrantedAuthority comparison fails 
Closes gh-10566
 2021-12-08 08:53:00 -03:00
Guirong Hu
22379e79e7 Fix the bug that the custom GrantedAuthority comparison fails 
Closes gh-10566
 2021-12-08 08:50:36 -03:00
Josh Cummings
a68411566e Polish Memory Leak Mitigation 
Issue gh-9841
 2021-11-30 15:33:47 -07:00
Hiroshi Shirosaki
2bc643d6c8 Address SecurityContextHolder memory leak 
To get current context without creating a new context.
Creating a new context may cause ThreadLocal leak.

Closes gh-9841
 2021-11-30 15:33:39 -07:00
Josh Cummings
78857c62f4 Polish Memory Leak Mitigation 
Issue gh-9841
 2021-11-30 14:29:18 -07:00
Hiroshi Shirosaki
809ff883b0 Address SecurityContextHolder memory leak 
To get current context without creating a new context.
Creating a new context may cause ThreadLocal leak.

Closes gh-9841
 2021-11-30 14:29:18 -07:00