1926 Commits

Author SHA1 Message Date
Steve Riesenberg
bd345fb2a8
Polish gh-11758 2024-02-29 12:15:30 -06:00
Markus Heiden
5c5503924b
Add SwitchUserGrantedAuthorityMixIn
Closes gh-11775
2024-02-29 11:07:21 -06:00
Marcus Hert Da Coregio
f8ff056eb6 Update Max Sessions on WebFlux
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler

Issue gh-6192
2024-02-28 10:06:45 -03:00
Marcus Hert Da Coregio
a5ce8ae87f Polish Max Sessions on WebFlux
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry

Issue gh-6192
2024-02-27 11:12:50 -03:00
Josh Cummings
4d039e515f
Merge branch '6.2.x' 2024-02-22 13:21:22 -07:00
Josh Cummings
9c48546883
Merge branch '6.1.x' into 6.2.x 2024-02-22 13:21:14 -07:00
Josh Cummings
7f106f0419
Merge branch '5.8.x' into 6.1.x 2024-02-22 13:20:29 -07:00
Christian Becker
5f80468de3 Updated copyright date 2024-02-22 13:19:05 -07:00
Christian Becker
2f762fefe1 Allow tab in HTTP header values.
Closes gh-14573
2024-02-22 13:19:05 -07:00
Marcus Hert Da Coregio
21580fd27d Merge branch '6.2.x' 2024-02-16 13:31:20 -03:00
Marcus Hert Da Coregio
15306c1007 Merge branch '6.1.x' into 6.2.x 2024-02-16 13:21:15 -03:00
Rob Winch
750cb30ce4 Add AuthenticationTrustResolver.isAuthenticated 2024-02-16 13:08:29 -03:00
Josh Cummings
aa8178af65
Merge branch '6.2.x' 2024-02-07 08:53:16 -07:00
Josh Cummings
0cadabfa89
Merge branch '6.1.x' into 6.2.x
Closes gh-14568
2024-02-07 08:52:47 -07:00
Josh Cummings
75fdcd10f7
Use synchronized
Closes gh-14445
2024-02-07 08:48:49 -07:00
Marcus Hert Da Coregio
915d68e216 Remove includeExpiredSessions parameter
The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter

Issue gh-6192
2024-02-06 10:43:00 -03:00
Federico Herrera
c1adeef0da Add validation IpAddressMatcher
Closes gh-13621
2024-01-30 17:16:18 -07:00
Nermin Karapandzic
6e1bcfed11 Add argument resolver for SecurityContext
Closes gh-13425
2024-01-29 17:30:38 -07:00
ahmd-nabil
a808c139ad Enhance IpAddressMatcher performance
Closes gh-14493

Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>
2024-01-29 17:28:19 -07:00
sonallux
6df9ef5ba6 Fix wrong class name in JavaDoc
In the `ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder` class the JavaDoc comments mention the wrong class name. This commit fixes this.
2024-01-19 09:29:07 -07:00
Marcus Hert Da Coregio
06278157fa Merge branch '6.2.x'
Closes gh-14471
2024-01-17 16:16:40 -03:00
Marcus Hert Da Coregio
148e0b41d2 Merge branch '6.1.x' into 6.2.x
Closes gh-14470
2024-01-17 16:16:27 -03:00
Marcus Hert Da Coregio
ce5f5e6e33 Add native hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken
Closes gh-14397
2024-01-17 16:14:59 -03:00
Josh Cummings
d7a9a19161
Merge branch '6.2.x' 2023-12-18 11:47:39 -07:00
Josh Cummings
03e48905c7
Merge branch '6.1.x' into 6.2.x
Closes gh-14346
2023-12-18 11:47:23 -07:00
Josh Cummings
b855ccdb09
Merge branch '5.8.x' into 6.1.x
Closes gh-14345
2023-12-18 11:46:04 -07:00
Josh Cummings
eaaa813ede
Fix header value typo
Closes gh-11948
2023-12-18 10:42:50 -07:00
Josh Cummings
8a34e32a24 Polish IpAddressAuthorizationManager
Closes gh-10577
2023-12-15 16:54:58 -07:00
brunodmartins
ea7c720ce7 Add hasIpAddress to Kotlin DSL
Closes gh-10577
2023-12-15 16:54:58 -07:00
Rob Winch
465642828a Merge branch '6.2.x'
Add HandlerMappingIntrospector Caching

Closes gh-14333
2023-12-14 16:11:08 -06:00
Rob Winch
6dd29520b0 Merge branch '6.1.x' into 6.2.x
Add HandlerMappingIntrospector Caching

Closes gh-14332
2023-12-14 16:10:50 -06:00
Rob Winch
70dfb3d391 Add HandlerMappingIntrospector Caching
Closes gh-14128
2023-12-14 16:08:36 -06:00
Marcus Da Coregio
57ab15127a Add Max Sessions on WebFlux
Closes gh-6192
2023-12-11 09:48:34 -03:00
Josh Cummings
cad6689659
Merge remote-tracking branch 'origin/6.1.x' 2023-11-15 09:28:28 -07:00
Josh Cummings
187ef0e1a8
Merge branch '6.0.x' into 6.1.x
Closes gh-14146
2023-11-15 09:26:59 -07:00
Josh Cummings
18530c8dcd
Add PhasedObservation
Observation itself does not protect against start and stop being called
multiple times. This commit aligns all observation instances to instead
use an implementation that does have these guards in place.

Closes gh-14082
2023-11-15 09:22:41 -07:00
Marcus Hert Da Coregio
e920bfb3a2 Merge branch '6.1.x'
Closes gh-14138
2023-11-14 10:56:57 -03:00
Marcus Hert Da Coregio
921afba134 Use addCookie instead of addHeader in CookieCsrfTokenRepository
By using addCookie we make sure that configured Tomcat's CookieProcessors are invoked

Closes gh-14131
2023-11-14 10:56:24 -03:00
Josh Cummings
621ab3e7cb
Merge remote-tracking branch 'origin/6.1.x' 2023-11-07 17:33:09 -07:00
Josh Cummings
bcef8f98aa
Merge branch '6.0.x' into 6.1.x
Closes gh-14117
2023-11-07 17:32:51 -07:00
Josh Cummings
4990373cf9
Merge branch '5.8.x' into 6.0.x
Closes gh-14116
2023-11-07 17:22:36 -07:00
Josh Cummings
52675c80b3
Check For Null Exception Message
Closes gh-13768
2023-11-07 17:19:35 -07:00
Steve Riesenberg
d0a5ada2da
Fix formatting 2023-10-31 15:38:44 -05:00
Steve Riesenberg
447f40949c
Revert unnecessary merges on 6.1.x
This commit removes unnecessary main-branch merges starting from
9f8db22b774fe78fef3598c07e184c371892c1c7 and adds the following
needed commit(s) that were made afterward:

- 4d6ff49b9d663d0f25454f3704a45c83b35da689
- ed6ff670d102736eea0ac360921c9015151ac630
- c823b007942a04a27d02c0a28bc2ad85e8790084
- 44fad21363bef1b06422be28c9bbfadde5e44804
2023-10-31 15:22:15 -05:00
Steve Riesenberg
9db33f33c7
Revert unnecessary merges on 6.0.x
This commit removes unnecessary main-branch merges starting from
8750608b5bca45525c99d0a41a20ed02de93d8c7 and adds the following
needed commit(s) that were made afterward:

- 5dce82c48bc0b174838501c5a111b2de70822914
2023-10-31 15:11:45 -05:00
Martin Lukas
318dec845a Update obsolete comment reference (former name of the class) 2023-10-31 09:48:43 -03:00
Josh Cummings
ed6ff670d1 Add Test
Issue gh-13660
2023-10-30 17:49:58 -06:00
Duje
4d6ff49b9d Removed dash from micrometer metric label
Closes gh-13660
2023-10-30 17:49:58 -06:00
Josh Cummings
5dce82c48b
Close Both Observations
Depending on when a request is cancelled, the before and after observation
starts and stops may be called out of order due to the order in
which their doOnCancel handlers are invoked.

To address this, the before filter-wrapper now always closes both the
before observation and the after observation. Since the before filter-
wrapper wraps the entire request, this ensures that either that was
started is stopped, and either that has not been started yet cannot
inadvertently be started by any unexpected ordering of events that
follows.

Closes gh-14031
2023-10-30 16:32:11 -06:00
Mark Chesney
d9399dfda0 Allow redirect status code to be customized
Closes gh-12797
2023-10-16 13:55:52 -06:00