c193a06ac5
Update to Jetty 9.4.42.v20210604
...
Closes gh-9964
2021-06-21 11:19:18 +02:00
3e27f6aece
Update to embedded Apache Tomcat 9.0.48
...
Closes gh-9963
2021-06-21 11:17:18 +02:00
4314c335c8
Update to embedded Tomcat websocket 8.5.68
...
Closes gh-9962
2021-06-21 11:15:38 +02:00
c87c5eb888
Update ehcache to 2.10.9.2
...
Closes gh-9961
2021-06-21 11:13:54 +02:00
613ec13e95
Update to jaxb-impl 2.3.4
...
Closes gh-9960
2021-06-21 11:12:47 +02:00
dabe2bacb0
Update to RSocket 1.0.5
...
Closes gh-9959
2021-06-21 11:12:22 +02:00
6afe47f164
Update to Spring Framework 5.2.15.RELEASE
...
Closes gh-9958
2021-06-21 11:08:49 +02:00
766a48c16e
Update to Reactor Dysprosium-SR20
...
Closes gh-9957
2021-06-21 11:07:18 +02:00
c2473ed979
Update to nohttp 0.0.8
...
Closes gh-9956
2021-06-21 11:05:39 +02:00
f91608dcba
Disable default logout page when logout disabled
...
Closes gh-9475
2021-06-18 10:52:00 +02:00
67a18f564a
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 12:14:37 -05:00
5a4cfe1226
Fix Adding Filter Relative to Custom Filter
...
Closes gh-9787
2021-06-14 17:36:52 -03:00
08f7a97ae7
Anonymous Authentication Argument Resolution Docs
...
Closes gh-3338
2021-06-08 16:31:08 -06:00
c41aeed6cb
Fix Getting Started Link
...
Closes gh-6502
2021-06-08 13:54:02 -06:00
c0200512a7
URL encode client credentials
...
Closes gh-9610
2021-06-08 08:27:20 -05:00
d5062bb828
PayloadInterceptorRSocket retains all payloads
...
Flux#skip discards its corresponding elements, meaning that they
aren't intended for reuse. When using RSocket's ByteBufPayloads,
this means that the bytes are releaseed back into RSocket's pool.
Since the downstream request may still need the skipped payload,
we should construct the publisher in a different way so as to
avoid the preemptive release.
Deferring Spring JavaFormat to clarify what changed.
Closes gh-9345
2021-06-04 13:47:48 -06:00
898bdeb0fd
Fix Resource Server clock skew default value in docs
...
Closes gh-6611
2021-06-02 13:19:30 +03:00
c79cb8eff6
Handle encoded spaces in the root dn
...
Fixes an issue where provider URLs passed to the constructor of the
DefaultSpringSecurityContextSource can be URL encoded, resulting in
an invalid base dn. Additionally adds support for list constructor
to support spaces in base dn.
Closes gh-9742
# Conflicts:
# ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java
# ldap/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java
2021-05-26 12:57:48 -05:00
d3a3c36ad3
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 16:14:35 -05:00
c9a8419e22
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-13 20:12:15 -04:00
ecb4a5749a
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-13 20:12:00 -04:00
362855b8b8
docs.af.pivotal.io->docs-ip.spring.io
...
The build conventions plugin does not support a property, so we must
override the configuration for docs.host to docs-ip.spring.io
Closes gh-9686
2021-04-27 10:26:51 -05:00
0a56dc4ef5
docs.af.pivotal.io->docs-ip.spring.io
...
Closes gh-9686
2021-04-27 09:54:05 -05:00
99db0ca2c5
WebFlux httpBasic() matches on XHR requests
...
Closes gh-9660
2021-04-20 10:05:06 -04:00
ab34c0308c
Add guard around logger.debug statement
...
The log message involves string concatenation, the cost of which
should only be incurred if debug logging is enabled
Issue gh-9648
2021-04-16 10:57:53 -06:00
adf3e94c9f
Fix HttpSecurity.addFilter* Ordering
...
Closes gh-9633
2021-04-14 21:18:51 -05:00
521706d496
Limit oauth2Login() links to redirect-based flows
...
This prevents the generated login page from showing links for
authorization grant types like "client_credentials" which are
not redirect-based, and thus not meant for interactive use in
the browser.
Closes gh-9457
2021-04-14 06:41:52 -04:00
ea19b31133
Next development version
2021-04-12 19:00:02 +02:00
46fdb250dc
Release 5.2.10.RELEASE
2021-04-12 18:17:48 +02:00
b500b3ea69
Update to OpenSAML 3.4.6
...
Closes gh-9607
2021-04-12 10:55:05 +02:00
59171434d5
Update to hibernate-entitymanager 5.4.30.Final
...
Closes gh-9606
2021-04-12 10:54:38 +02:00
5d18dd6d7d
Update to Groovy 2.4.21
...
Closes gh-9605
2021-04-12 10:54:17 +02:00
41b0e51dbb
Update to embedded Apache Tomcat 9.0.45
...
Closes gh-9604
2021-04-12 10:53:38 +02:00
310c1148ce
Update blockhound to 1.0.6.RELEASE
...
Closes gh-9603
2021-04-12 10:53:11 +02:00
93defb2ff2
Update to RSocket 1.0.4
...
Closes gh-9602
2021-04-12 10:52:33 +02:00
fb7efffad3
Update to Spring Data Moore-SR13
...
Closes gh-9601
2021-04-12 10:52:09 +02:00
6db79b70e6
Update to Spring Framework 5.2.13.RELEASE
...
Close gh-9600
2021-04-12 10:51:41 +02:00
78a618c260
Update to Reactor Dysprosium-SR18
...
Closes gh-9599
2021-04-12 10:51:11 +02:00
cfc5256fad
Update to GAE 1.9.88
...
Closes gh-9608
2021-04-12 10:50:46 +02:00
289b11b873
Update to nohttp 0.0.6.RELEASE
...
Closes gh-9609
2021-04-12 10:50:22 +02:00
8dc702c80f
Add null check in CsrfFilter and CsrfWebFilter
...
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.
When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.
ZiQiang Zhao<1694392889@qq.com>
Closes gh-9561
2021-04-09 21:57:14 -06:00
bd0247adef
Next Development Version
2021-02-11 12:22:42 -07:00
974156d5fb
Release 5.2.9.RELEASE
2021-02-11 10:37:22 -07:00
e2121532a2
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 09:38:04 -07:00
7cab7b06c5
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 09:38:04 -07:00
f60daa5152
Update to GAE 1.9.86
...
Closes gh-9442
2021-02-11 09:31:37 -07:00
f63b770ec5
Update to Tomcat 9.0.43
...
Closes gh-9441
2021-02-11 09:31:30 -07:00
44bb975f82
Update to Jetty 9.4.36.v20210114
...
Closes gh-9440
2021-02-11 09:31:25 -07:00
3cb6b3e5d6
Update to hibernate-validator 6.1.7.Final
...
Closes gh-9439
2021-02-11 09:31:20 -07:00
db07cea579
Update to hibernate-entitymanager 5.4.28.Final
...
Closes gh-9438
2021-02-11 09:31:15 -07:00
Eleftheria Stein
Steve Riesenberg
Marcus Hert da Coregio
Josh Cummings
Steve Riesenberg
Rob Winch
Craig Andrews
Joe Grandja
Denis Washington
佚名