Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,082 Commits 34 Branches 337 Tags
Commit Graph

612 Commits

Author SHA1 Message Date
Joe Grandja
de95583509 Move oauth2login samples under oauth2 directory 
Fixes gh-5397
 2018-05-30 12:16:05 -04:00
Rob Winch
73345e7434 Add Cross Site Tracing (XST) & HTTP Method Tampering Protection 
Fixes: gh-5377
 2018-05-24 09:35:40 -05:00
Robert Roth
4bfce2a591 Fixed typo in acl database schema appendix. 
Fixes gh-5204
 2018-05-07 16:44:32 -05:00
Robert Roth
fddc28ba3b Fixed typo in CSRF documentation. 
Fixes gh-4792
 2018-05-07 16:44:32 -05:00
Josh Cummings
f8247fa346
Remove Default URLs and Parameters Commentary 
This paragraph was originally there to explain why Spring Security was
moving from the old default URLs and parameters to new ones.

Now that the defaults are the same in XML and well as Java Config, the
explanation is now no longer relevant.

Fixes: gh-5242
 2018-04-19 08:53:23 -06:00
Joe Grandja
526e0fdd4f Add OAuth2 Client HandlerMethodArgumentResolver 
Fixes gh-4651
 2018-04-02 12:13:52 -04:00
Rob Winch
6e5105f899 Extract appendix subsections 
Issue: gh-2567
 2018-03-09 16:34:46 -06:00
Rob Winch
40bb73124c Move data to data/index 
Issue: gh-2567
 2018-03-09 16:34:42 -06:00
Rob Winch
780e6aefd2 Extract additional-topics subsections 
Issue: gh-2567
 2018-03-09 16:34:38 -06:00
Rob Winch
35345fac70 Extract authorization subsections 
Issue: gh-2567
 2018-03-09 16:34:35 -06:00
Rob Winch
8cf51032e0 Extract Subsections of Web 
Issue: gh-2567
 2018-03-09 16:34:31 -06:00
Rob Winch
ae9075c023 Extract test subsections 
Issue: gh-2567
 2018-03-09 16:34:30 -06:00
Rob Winch
cf4272ff64 Extract architecture subsections 
Issue: gh-2567
 2018-03-09 16:34:24 -06:00
Rob Winch
4152530e69 Fix new lines 
Issue: gh-2567
 2018-03-09 16:34:20 -06:00
Rob Winch
73cec43842 Extract subsections for preface 
Issue: gh-2567
 2018-03-09 16:34:12 -06:00
Rob Winch
86465026a1 Extract top level section of reference 
Issue: gh-2567
 2018-03-09 16:33:54 -06:00
Rob Winch
e799f13ae2 Consistent new lines in referenche 
Issue: gh-2567
 2018-03-09 16:33:54 -06:00
Rob Winch
d21338d212 Support errorOnInvalidType for Reactive AuthenticationPrincipal 
Fixes: gh-5096
 2018-03-09 12:05:55 -06:00
Rob Winch
a2073b2b91 Support BeanResolver for Reactive AuthenticationPrincipal 
Fixes: gh-4326
 2018-03-09 12:05:55 -06:00
Rob Winch
d816af2337 Add BadCredentials Jackson Support to What's New 
Issue: gh-5087
 2018-03-09 12:05:55 -06:00
Rob Winch
7fafd899ee Add Reactive WithUserDetails to What's new 
Issue: gh-4888
 2018-03-09 12:05:55 -06:00
Rob Winch
abae2f3e87 Allow WithSecurityContextTestExecutionListener to execute after @Before 
Fixes: gh-2935
 2018-03-08 14:13:07 -06:00
Rob Winch
210a510bba Use HttpFirewall Bean 
Fixes: gh-5022
 2018-02-15 17:18:28 -06:00
Rob Winch
6f48afbfe6 Format HttpFirewall Reference 
Put each sentence on a newline.

Issue: gh-5022
 2018-02-15 17:18:28 -06:00
Rob Winch
964a14b224 Document Reactive Method security requires Publisher return types 
Fixes: gh-4988
 2018-02-07 16:43:18 -06:00
Rissy Lin
4fbfb710f5 fix typo in documentation: index.adoc 
1) for more on information on how the Spring Security `AuthenticationManager` is -> for more information on how the Spring Security `AuthenticationManager` is`

2) all the sames things -> all the same things
 2018-02-07 10:48:00 -06:00
Rob Winch
e1a8d250de Add authenticated().withAuthentication(Consumer<Authentication>) 
This allows arbitrary assertions of the authenticated user

Fixes: gh-4996
 2018-02-02 16:56:45 -06:00
Rob Winch
cd88c739e0 Add Guides to docsZip 
Fixes: gh-4327
 2018-01-30 15:35:30 -06:00
Joe Grandja
84679a5d64 Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login 2018-01-23 12:14:57 -05:00
Rob Winch
65c3862da9 Password Troubleshooting Reference Fix 
Correct the package to NoOpPasswordEncoder within the reference

Fixes: gh-4965
 2018-01-18 08:25:52 -06:00
Rob Winch
450600cbb8 Polish reference 2018-01-12 09:17:05 -06:00
Rob Winch
0991f31613 Document exchange password for short term credential 
Fixes gh-4959
 2018-01-12 09:15:35 -06:00
Joe Grandja
aa900065b8 Document OAuth2UserService delegation-based strategy for authorities mapping 
Fixes gh-4909
 2018-01-11 10:07:58 -05:00
Johnny Lim
f3830eec7d Rename userDetailsRepository to userDetailsService 2018-01-10 16:04:48 -06:00
Rob Winch
00e8795adc Update What's New 2017-11-27 11:50:37 -06:00
Rob Winch
cd1a02225b Document PasswordEncoder 2017-11-27 11:42:56 -06:00
Rob Winch
690e22778a Polish Docs 2017-11-27 11:42:56 -06:00
Joe Grandja
4f85f3a12f Polish - Editing pass for OAuth 2.0 Login ref doc 2017-11-22 10:44:50 -05:00
Jay Bryant
3eb66f37e0 Editing pass for OAuth 2.0 Login ref doc 
Fixes gh-4850
 2017-11-21 22:01:15 -05:00
Joe Grandja
94a8d9b116 Add OAuth 2.0 Login in reference doc 
Fixes gh-4849
 2017-11-17 11:37:56 -05:00
Rob Winch
82adf744f5 Polish Docs 2017-10-31 10:27:34 -05:00
Rob Winch
e95430fa36 Polish Reactive Method Security reference 
Issue gh-4757
 2017-10-30 16:27:50 -05:00
Rob Winch
d664ff2e26 Lookup HandlerMappingIntrospector from Bean 2017-10-30 16:27:50 -05:00
Rob Winch
8e6c726fb2 Add WebFlux to What's New 5.0 
Fixes gh-4757
 2017-10-30 15:29:13 -05:00
Rob Winch
5280ac40e9 WebMvcConfigurerAdapter->WebMvcConfigurer 
Fixes gh-4612
 2017-10-30 01:30:08 -05:00
Arend v. Reinersdorff
a558d408a3 Minor typos PreAuthenticatedAuthenticationProvider 2017-10-29 22:12:04 -05:00
Kyle Anderson
a139a0052d Fix Typo in Reference Docs 2017-10-29 22:09:46 -05:00
Paul Wheeler
6decf1c8ef Allow use of non-numeric (e.g. UUID) values for ObjectIdentity.getIdentifier() 
Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.

There are the following other changes:

 - BasicLookupStrategy has a new property, aclClassIdSupported, which
 is used to retrieve the new column from the database. This preserves
 backwards-compatibility, as it is false by default.

 - JdbcMutableAclService has the same property, aclClassIdSupported,
 which is needed to modify the insert statement to write to the
 new column. Defaults to false for backwards-compatibility.

 - Tests have been updated to verify both the existing functionality
 for backwards-compatibility and the new functionality.

Fixes gh-1224
 2017-10-29 21:29:12 -05:00
Rob Winch
b91aa19b35 Doc DelegatingPasswordEncoder is default 
Fixes gh-gh-2775
 2017-10-24 07:56:28 -05:00
Rob Winch
cdc992b132 Remove SaltSource 
Fixes gh-4681
 2017-10-24 07:56:28 -05:00