Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 13:23:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,860 Commits 38 Branches 348 Tags
Commit Graph

18860 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
c06b1f4916
Remove LazyCsrfTokenRepository 
Closes gh-13196
 2025-07-09 13:47:06 -06:00
Rob Winch
e48fdd5ed4
Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Rob Winch
dbb3b7e1f5
Remove Unused import 2025-07-07 15:15:51 -05:00
Rob Winch
bfa2a3613c
Fix frameworkVersion 
Should not strip -SNAPSHOT
 2025-07-07 15:15:51 -05:00
Josh Cummings
02d69ec864 Keep EnableWebMvcSecurity Link 
So that links across the Internet that are pointed at
#mvc-enablewebmvcsecurity still arrive at a relevant place,
this commit re-adds the mvc-enablewebmvcsecurity link, even
though @EnableWebMvcSecurity itself is now removed.

Issue gh-17294
 2025-07-07 13:46:03 -06:00
Tran Ngoc Nhan
a439bc65d6 Remove EnableWebMvcSecurity 
Closes gh-17294

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:46:03 -06:00
Josh Cummings
19e88f5e35 Polish Tests 
Issue gh-17298
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan
242956a63c Remove deprecated elements from DaoAuthenticationProvider 
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:38:34 -06:00
Rob Winch
ca5e307bf4
Merge branch '6.5.x' 2025-07-07 14:31:40 -05:00
dependabot[bot]
8e94157971
Bump com.webauthn4j:webauthn4j-core 
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:35 -05:00
dependabot[bot]
e4155e8540
Bump io-spring-javaformat from 0.0.46 to 0.0.47 
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:35 -05:00
dependabot[bot]
7aecd78920
Bump org.hibernate.orm:hibernate-core from 7.0.4.Final to 7.0.5.Final 
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.5.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:35 -05:00
Rob Winch
7a7d2cacd2
Merge branch '6.4.x' into 6.5.x 2025-07-07 14:31:17 -05:00
dependabot[bot]
fa2e4c67a0
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:11 -05:00
dependabot[bot]
45ce51fe8d
Bump com.webauthn4j:webauthn4j-core 
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:11 -05:00
dependabot[bot]
2d3a1dc210
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.20.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.20.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.20/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.20)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.20.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:10 -05:00
dependabot[bot]
64bc37b5d6
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:30:49 -05:00
dependabot[bot]
afc25b1ea3
Bump org.hibernate.orm:hibernate-core from 6.6.19.Final to 6.6.20.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.19.Final to 6.6.20.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.20/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.19...6.6.20)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.20.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:30:49 -05:00
Tran Ngoc Nhan
e52987d03c Remove RoleHierarchyImpl Deprecations 
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:22:22 -06:00
Matt Magoffin
62252c1232
Default to XorCsrfChannelInterceptor in XML 
Change WebSocketMessageBrokerSecurityBeanDefinitionParser to use
XorCsrfChannelInterceptor by default, so WebSocket XML configuration
matches the default Xor-based configuration already in
WebSocketMessageBrokerSecurityConfiguration.

Closes gh-17260

Signed-off-by: Matt Magoffin <matt@solarnetwork.net>
 2025-07-07 13:02:15 -06:00
Josh Cummings
a9636c72d1
Merge branch '6.5.x' 2025-07-07 12:54:26 -06:00
Josh Cummings
bc20bd6340
Merge branch '6.4.x' into 6.5.x 
Closes gh-17495
 2025-07-07 12:53:59 -06:00
Josh Cummings
8461feb028
Merge branch '6.3.x' into 6.4.x 
Closes gh-17494
 2025-07-07 12:53:47 -06:00
Josh Cummings
4f5b17334e
Pick Up csrfChannelInterceptor in XML 
Closes gh-17493
 2025-07-07 12:53:27 -06:00
Josh Cummings
74771a3d42
Merge branch '6.5.x' 2025-07-07 11:43:25 -06:00
Andrey Litvitski
fdf52f021d Use LdapName instead of DistinguishedName 
Closes gh-17301

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-07 11:40:45 -06:00
Tran Ngoc Nhan
6dc77bd98b Update JwtIssuerAuthenticationManagerResolver constructor javadoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 11:37:52 -06:00
Josh Cummings
ea3ba62022
Correct Servlet Path JavaDoc 
Initially PathPatternRequestMatcher was designed to match relative
to the servlet path. However, this was changed to be relative to
the context path. This commit updates the documentation and removes
references to the servlet path other than in the context of setting
a basePath to remove boilerplate.

Issue gh-16430
 2025-07-07 11:34:29 -06:00
Josh Cummings
42283a5c1d
Add Missing File 
Issue gh-17484
 2025-07-07 11:18:57 -06:00
Josh Cummings
5ae1b73bae
Fix Cyclic Bean Dependency 
Closes gh-17484
 2025-07-07 10:32:56 -06:00
Tran Ngoc Nhan
d8043dc8a7 Remove PrePostTemplateDefaults 
Closes gh-17296

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan
21036c94b4 Remove Nimbus(Reactive)OpaqueTokenIntrospector 
Closes gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan
519ae241f4 Fix Mock for Spring(Reactive)OpaqueTokenIntrospector 
Issue gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:41:57 -06:00
Andrey Litvitski
596d44757a Remove RequestVariablesExtractor 
Closes gh-17308

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-03 14:41:12 -06:00
Josh Cummings
639a9afaea
Merge branch '6.5.x' 2025-07-03 14:40:30 -06:00
Josh Cummings
8fb8e26c01
Merge branch '6.4.x' into 6.5.x 2025-07-03 14:40:04 -06:00
Josh Cummings
3f4ef169f6
Merge branch '6.3.x' into 6.4.x 2025-07-03 14:38:39 -06:00
dependabot[bot]
192bafe9a5 Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 14:38:21 -06:00
Tran Ngoc Nhan
9312fb7004 Remove Deprecated AuthorizationDecision Elements 
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 14:32:49 -06:00
Josh Cummings
448283b30c
Merge branch '6.5.x' 2025-07-03 14:19:44 -06:00
Josh Cummings
b5ddf9ccd1
Merge branch '6.4.x' into 6.5.x 2025-07-03 14:19:31 -06:00
Josh Cummings
43042b6724
Merge branch '6.3.x' into 6.4.x 2025-07-03 14:19:20 -06:00
dependabot[bot]
b144c37cad Bump org.springframework:spring-framework-bom from 6.1.20 to 6.1.21 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.20 to 6.1.21.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.20...v6.1.21)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.1.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 14:17:18 -06:00
dependabot[bot]
22992afbe8 Bump org-apache-maven-resolver from 1.9.23 to 1.9.24 
Bumps `org-apache-maven-resolver` from 1.9.23 to 1.9.24.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.23 to 1.9.24

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 14:17:06 -06:00
dependabot[bot]
39b53ee0be Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.0.12 to 2024.0.13.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.0.12...2024.0.13)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 14:16:33 -06:00
dependabot[bot]
23fa7c3047 Bump io-spring-javaformat from 0.0.46 to 0.0.47 
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 14:16:20 -06:00
Josh Cummings
ce107795d8
Fix Broken JavaDoc Link 
Issue gh-16886
 2025-07-03 14:14:00 -06:00
Josh Cummings
af2985a269
Merge branch '6.5.x' 2025-07-03 13:43:24 -06:00
Josh Cummings
3bef5f9f40
Merge branch '6.4.x' into 6.5.x 2025-07-03 13:43:10 -06:00
dependabot[bot]
43e2e53b90 Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 13:42:46 -06:00