Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,658 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

12658 Commits

Author SHA1 Message Date
Marcus Da Coregio 40abf87ae6 Add buildScan to checkRemote 
Closes gh-11766
 2022-08-30 09:11:08 -03:00
Steve Riesenberg 0aa5850d22
Fix formatting 
Issue gh-11762
 2022-08-29 16:26:30 -05:00
Steve Riesenberg 41ede20712
Add method-security.mode to spring-security-6.0.xsd 2022-08-29 16:05:20 -05:00
Steve Riesenberg 8474acebf2
Merge branch '5.8.x' 2022-08-29 15:12:48 -05:00
he1ex-tG 568277f8bc
Mistake in Kotlin code representation is fixed 2022-08-29 15:11:10 -05:00
Rob Winch 2efc8dcd15 Default Require Explicit Save SecurityContext 
Closes gh-11762
 2022-08-29 10:16:04 -05:00
Josh Cummings b1fd9af723
Merge remote-tracking branch 'origin/5.8.x' into main 2022-08-26 16:01:40 -06:00
Josh Cummings 0f58620643 Add AspectJ AuthorizationManager Support 
Closes gh-11326
 2022-08-26 15:59:08 -06:00
Rob Winch f84f08c4b9 Default HttpSessionRequestCache.matchingRequestParameterName=continue 
Closes gh-11757
 2022-08-26 14:44:55 -05:00
Josh Cummings b28efbc4b8
Merge remote-tracking branch 'origin/5.8.x' into main 2022-08-25 15:44:31 -06:00
Bert Vanwolleghem a5351f3d89
LogoutPageGeneratingWebFilter Uses Context Path 
Closes gh-11716
 2022-08-25 15:36:04 -06:00
Josh Cummings 210693eb6b
Add @Configuration 
Issue gh-6613
Issue gh-9401
 2022-08-25 15:30:48 -06:00
Josh Cummings 84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main 2022-08-25 14:46:48 -06:00
Josh Cummings 070dce1baf
Document ReactiveMethodSecurity improvements 
Issue gh-9401
 2022-08-25 14:36:03 -06:00
Josh Cummings e990174c89
Polish ReactiveMethodSecurity Support 
- Changed annotation property to useAuthorizationManager
to match related XML support
- Moved support found in bean post-processors back into
interceptors directly. This reduces the number of components to
maintain and simplifies ongoing support
- Added @Deprecated annotation to indicate that applications
should use AuthorizationManagerBeforeReactiveMethodInterceptor and
AuthorizationManagerAfterReactiveMethodInterceptor instead. While
true that the new support does not support coroutines, the existing
coroutine support is problematic since it cannot be reliably paired
with other method interceptors
- Moved expression handler configuration to the constructors
- Constrain all method security interceptors to require publisher types
- Use ReactiveAdapter to check for single-value types as well

Issue gh-9401

Polish
 2022-08-25 14:36:03 -06:00
Josh Cummings 6fd23d2567
Add MockMethodInvocation Constructor 
Issue gh-9401
 2022-08-25 14:36:02 -06:00
Josh Cummings 27ce5936cf
Add Caveat about Spring Security's co-routine support 
Closes gh-10920
 2022-08-25 14:36:02 -06:00
Evgeniy Cheban cbb4f40f0c ReactiveAuthorizationManager + Reactive Method Security 
Closes gh-9401
 2022-08-25 14:35:04 -06:00
Steve Riesenberg 76c39fa490
Merge branch '5.8.x' 
Closes gh-11750
 2022-08-24 16:47:08 -05:00
Steve Riesenberg 87e5cb07fd
Merge branch '5.8.x' 2022-08-24 16:46:37 -05:00
shinD 4ff0724c87
slight improvement in HttpSessionRequestCache 
Closes gh-11666
 2022-08-24 16:44:23 -05:00
Steve Riesenberg afc087102b
Merge branch '5.7.x' into 5.8.x 2022-08-24 16:42:01 -05:00
Steve Riesenberg 517631eb8c
Merge branch '5.6.x' into 5.7.x 2022-08-24 16:41:16 -05:00
Steve Riesenberg 1c014eb512
Use 6.0.x instead of 3.0.x as default branch 2022-08-24 16:38:27 -05:00
Rob Winch 14e4690517 Merge branch '5.8.x' 2022-08-24 08:59:43 -05:00
Rob Winch 32dbaceec5 Fix mockito 4.7.0 merge 
Issue gh-11748
 2022-08-24 08:58:00 -05:00
Rob Winch 67f2f129c5 Merge branch '5.8.x' 2022-08-23 16:12:07 -05:00
Rob Winch 232838bf50 Fix mockito 4.7.0 merge 
Issue gh-11748
 2022-08-23 16:10:24 -05:00
Rob Winch 670b71363d Merge branch '5.8.x' 
Closes gh-11749
 2022-08-23 16:03:50 -05:00
Rob Winch 26f8f2ce2d Merge branch 'mockito-update-5.8.x' into 5.8.x 
Closes gh-11748
 2022-08-23 16:02:19 -05:00
Rob Winch ebf180833e Update to mockito 4.7.0 
Closes gh-11748
 2022-08-23 16:01:46 -05:00
Rob Winch 2fb625db84 Remove mockito deprecations 
Issue gh-11748
 2022-08-23 15:59:52 -05:00
Rob Winch 924c80a224 Merge branch '5.8.x' 2022-08-23 13:50:29 -05:00
Rob Winch 0c2c95c02f Merge branch '5.7.x' into 5.8.x 2022-08-23 13:47:10 -05:00
Rob Winch 7d972b10db Merge branch '5.6.x' into 5.7.x 2022-08-23 13:46:56 -05:00
Rob Winch 8c69699458 Remove backportbot.yml 
Issue gh-11736
 2022-08-23 13:46:32 -05:00
Rob Winch e8a388d5b7 Merge branch '5.8.x' 
Closes gh-11747
 2022-08-23 13:43:43 -05:00
Rob Winch e3c447d761 Merge branch '5.7.x' into 5.8.x 
Closes gh-11746
 2022-08-23 13:42:37 -05:00
Rob Winch 93d8983f8a Merge branch '5.8.x' 2022-08-23 13:42:21 -05:00
Rob Winch d37c413460 Merge branch '5.7.x' into 5.8.x 2022-08-23 13:39:25 -05:00
Rob Winch f774c4de39 Merge branch '5.6.x' into 5.7.x 
Closes gh-11738
 2022-08-23 13:30:59 -05:00
Rob Winch fc10d5fc29 repository=spring-projects/spring-security 
Previously the repository used spring-project (missing the s)
 2022-08-23 13:30:20 -05:00
Rob Winch df785408f1 Merge branch '5.6.x' into 5.7.x 2022-08-23 13:23:15 -05:00
Marcus Da Coregio 38c05ad31c Add native hints for basic @PostAuthorize usage 
Closes gh-11737
 2022-08-23 15:17:14 -03:00
Marcus Da Coregio bd5a05dcdd Polish CoreSecurityRuntimeHints 2022-08-23 15:06:07 -03:00
Rob Winch c79ebf4edf Setup Forward Merge 2022-08-22 16:19:44 -05:00
Marcus Da Coregio a8d6c1d21f Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:58:22 -03:00
Marcus Da Coregio c7912c551b Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:51:53 -03:00
Marcus Da Coregio 0aac515737 Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:35:41 -03:00
Marcus Da Coregio 3826fca567 Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:33:08 -03:00