c38e57fa42
Fix class and variable names
2019-11-28 09:23:38 +01:00
8ebc7ca0ea
Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc
2019-11-28 09:23:38 +01:00
8a95e5798d
Update @MessageMapping to match input/output cardinality
2019-11-22 15:07:38 -06:00
cd0bec48de
Fix typo in log message.
2019-11-21 15:55:27 -07:00
0d35194b47
Add sessionFixation Javadoc
2019-11-15 12:17:05 +01:00
ca8877c8c5
Updates javadoc for InitializeUserDetailsBeanManagerConfigurer
2019-11-13 10:34:10 +01:00
1188a3bb5f
Polish RememberMeConfigurer
...
Issue: gh-4140
2019-11-07 15:26:59 +01:00
b13f750646
Retrieve remember-me key from service as fallback
...
Fixes: gh-4140
2019-11-07 13:55:39 +01:00
9f6a36444a
Add missing schemas
2019-11-06 08:24:20 -06:00
925bf48ec0
Polish OAuth2ResourceServerConfigurerTests
...
To confirm that resource server only produces SCOPE_<scope>
authorities by default.
Issue gh-7596
2019-11-04 11:39:54 -07:00
0cafcf37e2
Make the loginProcessingUrl configurable for saml2Login()
...
Fixes gh-7565
https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
5f17032ffd
Restore Removed Throws Clauses
...
In a recent clean-up, certain exceptions were removed from various
throws clauses.
This PR re-introduces throws clauses that are important for one of the
following reasons:
1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.
Fixes gh-7541
2019-10-30 12:13:54 -06:00
635f7e1edd
CsrfWebFilter supports multipart/form-data
...
Fixes gh-7576
2019-10-28 14:06:10 -05:00
0ac5f5456f
Fix typo 'is' -> 'if' in javadoc
2019-10-25 13:27:11 -06:00
de7cbc82b5
Clarify in Javadoc that expressionHandler should not be null
...
Fixes: gh-2665
2019-10-23 15:10:39 -04:00
3051a79188
Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
2019-09-30 14:33:41 -05:00
a911f3d52f
Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-30 14:14:59 -05:00
3854afad61
Merge Add denyAll method in AuthorizePayloadsSpec.Access
2019-09-30 14:05:42 -05:00
758af54796
ObjectPostProcessor Tests groovy->java
...
Issue gh-4939
2019-09-27 16:36:33 -06:00
a08be5bf6f
UrlAuthorizationsTests groovy->java
...
Issue gh-4939
2019-09-27 16:23:33 -06:00
870d83eb3e
PermitAllSupportTests groovy->java
...
Issue gh-4939
2019-09-27 16:23:33 -06:00
350bce761f
Add hasAuthority method to RSocketSecurity
...
Fixes gh-7435
2019-09-27 16:48:25 -05:00
5f905232cb
Polish CurrentSecurityContextArgumentResolvers
...
Fixes gh-7487
2019-09-27 13:19:08 -06:00
5ef6e7ed6f
Add author for SecurityReactorContextConfiguration
...
Issue gh-7422
2019-09-27 15:17:20 -04:00
0fea57d6a1
Optimize SecurityReactorContextConfiguration
...
Issue gh-7422
2019-09-27 14:46:39 -04:00
33ba292fed
Resource Server w/ SecurityReactorContextSubscriber
...
Fixes gh-7423
2019-09-27 11:01:04 -06:00
5a67971375
WebFluxSecurityConfiguration configures oauth2Client() by default
...
Fixes gh-7470
2019-09-27 10:04:19 -04:00
08d2c93713
Polish gh-7466
2019-09-26 22:11:53 -04:00
9bae0a4dbd
Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec
...
Fixes gh-7466
2019-09-26 17:19:32 -04:00
2a5bd6e719
Align Servlet ExchangeFilterFunction CoreSubscriber
...
Fixes gh-7422
2019-09-26 16:17:17 -04:00
d3b7a47ef8
Polish gh-4442
2019-09-25 21:37:31 -04:00
da9f027fa4
Add nonce to OIDC Authentication Request
...
Fixes gh-4442
2019-09-25 14:57:54 -04:00
ceab56f764
Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION
...
Fixes gh-7434
2019-09-24 15:39:25 -05:00
9f18c2e21a
OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri
...
Fixes gh-7036
2019-09-24 11:07:36 -04:00
98e75eb51a
Fix Javadoc for anonymous
2019-09-23 11:06:28 -04:00
00f8991fac
Merge Remove Redudant Throws
...
Fixes gh-7301
2019-09-19 11:04:53 -05:00
3a66191756
Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
...
See Fixes gh-7437
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
2019-09-18 21:17:09 -05:00
034b5e9e93
Introduce LogoutSuccessEvent
...
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.
By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.
This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.
Fixes gh-2900
2019-09-18 10:57:16 -05:00
9926ad68b8
add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-18 07:59:20 -05:00
daf6b53e3a
Add denyAll method in AuthorizePayloadsSpec.Access
...
See gh-7437
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
2019-09-17 20:17:10 -05:00
05caf3d8fb
Use Jwt.Builder
...
Fixes gh-7443
2019-09-16 14:00:25 -06:00
1176d0cfdb
Polish DefaultFilters,Issue55Tests
...
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code
Issue gh-4939
2019-09-16 13:56:17 -06:00
950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java
...
Issue gh-4939
2019-09-16 13:37:22 -06:00
101e0a21a8
Bearer WebClient Filter Authentication Propagation
...
Fixes: gh-7418
2019-09-11 16:27:21 +01:00
96d44cd4b7
Add Default RSocketSecurity
...
Fixes gh-7361
2019-09-09 16:10:55 -05:00
5d0815bc76
Allow RSocketMessageHandlerITests to timeout
...
Fixes gh-7415
2019-09-09 16:10:50 -05:00
6296e6e896
RSocketSecurity delegates to correct matcher
...
Fixes gh-7414
2019-09-09 16:09:23 -05:00
1b699a49fb
Polish RSocket packaging
...
Fixes gh-7413
2019-09-09 16:07:14 -05:00
aa533c2565
Add missing javadoc to session fixation
2019-09-06 16:33:51 -04:00
316380e622
Allow Custom PayloadInterceptor to be Added
...
Fixes gh-7362
2019-09-06 14:52:47 -05:00
Ruslan Stelmachenko
Eleftheria Stein
Pim Moerenhout
Paul Pazderski
Adrian Pena
邓超
Yanming Zhou
Josh Cummings
Filip Hanik
Rob Winch
Vitalii Mahas
Luis Felipe Vega Calle
Joe Grandja
Roman Chigvintsev
Mark Heckler
Jesús Ascama
Ebert Toribio
Onur Kagan Ozcan
Manuel Tejeda
kostya05983