Marcus Da Coregio
c73bd4756d
Change samplesBranch property to point to correct branch
...
Closes gh-11040
2022-03-28 13:35:11 -03:00
Marcus Da Coregio
6c52c52a68
Use ServletContext in AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10908
2022-03-28 09:45:23 -03:00
Rob Winch
67fd46bfa6
Add SecurityContextRepository.loadContext(HttpServletRequest)
...
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.
Closes gh-11028
2022-03-25 14:21:52 -05:00
Rob Winch
8940719dbb
HttpSessionSecurityContextRepository support null HttpServletResponse
...
Closes gh-11029
2022-03-25 13:01:40 -05:00
Eleftheria Stein
d4d6ddbaae
Fix formatting in reference docs
2022-03-24 15:13:50 +01:00
Yuriy Savchenko
446ab5047c
Add authorizeHttpRequests to Kotlin DSL
...
Closes gh-10481
2022-03-22 09:39:06 -06:00
Yuriy Savchenko
3016ed0067
Fix typos in Kotlin DSL docs
...
Issue gh-10481
2022-03-22 08:27:29 -06:00
Marcus Da Coregio
7deaab8822
Next development version
2022-03-21 14:51:40 -03:00
Marcus Da Coregio
ed0a323a71
Release 5.7.0-M3
2022-03-21 14:00:04 -03:00
Marcus Da Coregio
94adc640ca
Update spring-data-bom to 2021.2.0-M4
...
Closes gh-11014
2022-03-21 13:57:14 -03:00
Marcus Da Coregio
0c9e73876d
Update org.springframework to 5.3.17
...
Closes gh-11011
2022-03-21 10:10:13 -03:00
Marcus Da Coregio
e128e8d87e
Update htmlunit-driver to 2.60.0
...
Closes gh-11010
2022-03-21 10:10:11 -03:00
Marcus Da Coregio
fe5cfa9cae
Update org.jetbrains.kotlin to 1.6.20-RC
...
Closes gh-11009
2022-03-21 10:10:08 -03:00
Marcus Da Coregio
01c2694073
Update hibernate-entitymanager to 5.6.7.Final
...
Closes gh-11008
2022-03-21 10:10:06 -03:00
Marcus Da Coregio
393f182b40
Update htmlunit to 2.60.0
...
Closes gh-11007
2022-03-21 10:10:03 -03:00
Marcus Da Coregio
dae500fb9b
Update io.projectreactor to 2020.0.17
...
Closes gh-11005
2022-03-21 10:09:58 -03:00
Marcus Da Coregio
44aee2034b
Update mockk to 1.12.3
...
Closes gh-11004
2022-03-21 10:09:55 -03:00
Marcus Da Coregio
106d77a1b9
Update com.nimbusds to 9.31
...
Closes gh-11003
2022-03-21 10:09:53 -03:00
Marcus Da Coregio
661848ef7e
Update jackson-bom to 2.13.2
...
Closes gh-11000
2022-03-21 10:09:46 -03:00
Marcus Da Coregio
84717e0546
Update logback-classic to 1.2.11
...
Closes gh-10999
2022-03-21 10:09:43 -03:00
Steve Riesenberg
28dd7dabfb
Update What's New for 5.7
2022-03-17 12:56:17 -05:00
Steve Riesenberg
987ee2e67a
Polish gh-10911
2022-03-17 12:53:56 -05:00
David Kirstein
1b29c43a11
Use configurable charset in ServerHttpBasicAuthenticationConverter
...
Closes gh-10903
2022-03-17 12:53:55 -05:00
Steve Riesenberg
c38c722473
Update What's New for 5.7
2022-03-17 09:56:45 -05:00
Steve Riesenberg
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
Joe Grandja
4a8219d16c
Update whats-new.adoc with gh-9812
2022-03-17 04:41:33 -04:00
Joe Grandja
50d315d833
Remove unused code
2022-03-17 04:23:44 -04:00
Joe Grandja
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
ShinDongHun1
7955e5ac52
Polish UsernamePasswordAuthenticationFilter method
...
Closes gh-10970
2022-03-16 16:29:40 +01:00
Josh Cummings
cf29bf996c
Polish InResponseTo support
...
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once
Issue gh-9174
2022-03-15 14:06:58 -06:00
Elias Lousseief
3c878549b5
Add support for validation of InResponseTo
...
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).
Closes gh-9174
2022-03-15 14:06:57 -06:00
Elias Lousseief
836f203d44
Refactored OpenSaml4AuthenticationProviderTests
...
Factored out repeatedly used code for signing a request.
2022-03-15 14:06:57 -06:00
Simone Giannino
73003d59d6
OAuth 2.0 logout handler resolves uri placeholders
...
- OidcClientInitiatedLogoutSuccessHandler can automatically resolve placeholders like baseUrl and registrationId inside the postLogoutRedirectUri
Issue gh-7900
2022-03-15 12:54:39 -06:00
Rob Winch
fabeabd2db
Fix docs SecurityContextHolder Diagram
...
Issue gh-9635
2022-03-12 13:44:45 -06:00
Rob Winch
87ed31a99c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-11 17:22:23 -06:00
Rob Winch
dbcb5004b4
Extract createSecurityContextRepository()
...
Extract out method in preparation for adding SecurityContextHolderFilter
configuration.
Issue gh-9635
2022-03-11 17:21:49 -06:00
Rob Winch
e4f1826622
Remove "Hi ... there" From Docs
...
Close gh-10963
2022-03-11 13:41:19 -06:00
Rob Winch
b71b2f81e1
Add Persistence to documentation
...
Closes gh-10962
2022-03-11 13:41:19 -06:00
Rob Winch
9967078059
Antora 3.0.0
...
Issue gh-10962
2022-03-11 13:41:19 -06:00
Norbert Nowak
ac9c29b2a0
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:23:35 -07:00
Rob Winch
d2f24ae5f5
Add SecurityContextRepository to all Authentication Filters
...
Closes gh-10949
2022-03-09 15:40:17 -06:00
Rob Winch
9db79aa5d7
BearerTokenAuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
2e9b04ed48
CasAuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
636f3e1d5d
AbstractPreAuthenticatedProcessingFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
e6b6104b52
DigestAuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
9b0cd5a0a8
BasicAuthenticationFilter.setSecurityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
120f2a356f
RememberMeAuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
014c471ff1
AuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch
f11cb988a9
AbstractAuthenticationProcessingFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
Marcus Da Coregio
980e0466a7
AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
...
Closes gh-10950
2022-03-09 15:21:37 -03:00