37b40476e7
Revert "Add Single Logout Support"
...
This reverts commit e807fae869
2021-04-12 14:44:04 -06:00
4e81bbe386
Revert "Add Saml2LogoutConfigurer"
...
This reverts commit 6f52baba29
2021-04-12 14:43:19 -06:00
9b07b6a991
Added Sections to What's New
...
Closes gh-9596
2021-04-10 01:03:56 -06:00
6f52baba29
Add Saml2LogoutConfigurer
...
Closes gh-9497
2021-04-10 00:25:34 -06:00
e807fae869
Add Single Logout Support
...
Closes gh-8731
2021-04-10 00:25:34 -06:00
2f734a0975
Add RelyingPartyRegistrationResolver
...
Closes gh-9486
2021-04-10 00:12:38 -06:00
efe42b93ce
Add Registration to Saml2Authentication
...
Closes gh-9487
2021-04-10 00:12:38 -06:00
df8abcfae7
Use Interceptors instead of Advice
...
- Interceptor is a more descriptive term for what
method security is doing
- This also allows the code to follow a delegate
pattern that unifies both before-method and after-
method authorization
Issue gh-9289
2021-04-09 18:45:31 -06:00
122346bd27
Document AuthorizationManager for Method Security
...
Issue gh-9289
2021-04-09 18:45:10 -06:00
21f9876d87
Add WebFlux section to What's New
...
Closes gh-9590
2021-04-09 19:36:43 +02:00
e03fe7f089
Add coroutine support to pre/post authorize
...
Closes gh-8143
2021-04-09 19:33:06 +02:00
65b3f6769c
Add Kotlin DSL section to What's New
...
Closes gh-9589
2021-04-09 16:36:47 +02:00
c3739ff799
Add Configuration section to What's New
...
Closes gh-9588
2021-04-09 16:35:41 +02:00
b225ab3bbe
Add OAuth 2.0 Client section to What's New
...
Closes gh-9587
2021-04-09 10:15:14 -04:00
60d3db5798
add management platform(project(":spring-security-dependencies"))
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
de1b3e9d30
Remove DepencencyManagementPlugin
...
Issue gh-9540
2021-04-05 10:36:36 -05:00
1a76ee7442
Update Gradle configuration names
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
4a492846f1
Revert "Lock dependencies for 2.5.0-M3"
...
This reverts commit f05cc6269c
2021-03-15 23:18:45 +01:00
f05cc6269c
Lock dependencies for 2.5.0-M3
2021-03-15 11:00:19 +01:00
8f07ca4957
Fix missing return in example
...
Closes gh-9481
2021-03-03 13:37:26 +01:00
c4be1c6a56
Revert "Lock Dependencies"
...
This reverts commit a85caa4098
2021-02-11 15:49:59 -07:00
a85caa4098
Lock Dependencies
2021-02-11 15:00:38 -07:00
c836c716fe
Fix typo in reactive CSRF docs
2021-02-08 15:02:16 +01:00
10dce79c07
Update saml2-login.adoc
...
Fix example on registering custom marshaller for saml request
2021-02-04 10:06:39 -07:00
041e4aa22f
Change Example Name
...
Closes gh-9379
2021-01-28 11:22:02 -07:00
ad4497fb72
Add https://repo.spring.io/release to reference
2021-01-19 22:50:43 -06:00
54d3839f63
Add permissionsPolicy http header
2020-12-11 12:32:18 +01:00
90b48554e4
Fix Custom DSL sample in docs
2020-12-09 10:48:15 +01:00
d3ef340b26
Fix typos
2020-12-03 11:05:22 +01:00
fe93326087
Update SAML 2.0 Metadata URL Docs
...
Closes gh-9133
2020-12-02 14:13:02 -07:00
58e3235093
Deprecate ClientAuthenticationMethod BASIC and POST
...
Closes gh-9220
2020-11-25 15:13:28 -05:00
b95e1aa209
Revert "Lock dependencies for 5.5.0-M1"
...
This reverts commit 25a7482c8c
2020-11-03 19:53:28 -05:00
4e1f97a525
Document WithSecurityContextTestExecutionListener Nested Support
...
Issue gh-9179
2020-11-03 17:53:59 -06:00
8b7751f5f4
Polish Multiple Filter Chains Docs
...
Issue gh-9178
2020-11-02 13:49:24 -07:00
69336fb3ec
Add Multiple Filter Chains Docs
...
Closes gh-9178
2020-11-02 13:45:04 -07:00
ab9a310485
Add Link to WebFlux Unit Tests
2020-11-02 13:45:04 -07:00
b8f8fab54f
Document SigningMethod Support
...
Issue gh-8952
Issue gh-9177
2020-11-02 11:27:23 -07:00
25a7482c8c
Lock dependencies for 5.5.0-M1
2020-10-30 17:52:03 -05:00
6d9ee5a354
add white space before strong notation.
2020-10-30 15:44:49 -06:00
ea68989421
Closes gh-8196
...
Add leveloffset
2020-10-28 14:55:30 -06:00
6714112961
Add SAML Response Decryption Documentation
...
Issue gh-9044
Issue gh-9131
2020-10-14 16:49:42 -06:00
b06b17ca9b
Add Number 10 Diagram Image
2020-10-14 16:49:42 -06:00
45a86a4b4d
Rework community.adoc
...
Fix link to CONTRIBUTING.adoc and use proper name of Stack Overflow according to their trademark guidelines (two words, capital letters)
2020-10-12 13:18:02 -06:00
366146ff80
Polish JWT Signature Algorithm Discovery
...
- Moved support to JwtDecoders and ReactiveJwtDecoders since there is
already the expectation that those classes make an outbound connection
to complete configuration. Since there's no outbound connection when
configuring a NimbusJwtDecoder or NimbusReactiveJwtDecoder, it would be
more intrusive to change that.
Closes gh-7160
2020-10-09 14:17:30 -06:00
a2aeb95b59
Update What's New Link
...
Issue gh-9038
2020-10-06 09:05:18 -06:00
320567128a
Add expression based Kotlin samples
...
Issue gh-8172
2020-10-01 17:58:25 +02:00
0286d368c3
Add authentication event Kotlin samples
...
Issue gh-8172
2020-10-01 17:58:25 +02:00
669587409f
Add Controller Kotlin sample for form login
...
Issue gh-8172
2020-10-01 17:58:25 +02:00
a6d19474c4
Add Header and Parameter Value Documentation
...
Closes gh-9038
2020-09-30 20:50:29 -06:00
c2d8939cf7
Update ssl setup guide link in tomcat server
2020-09-24 13:51:27 -06:00
019c27b0a0
Add servlet HTTP exploit samples
...
Issue gh-8172
2020-09-18 14:44:33 +02:00
f26387a4b7
Add reactive HTTP exploit samples
...
Issue gh-8172
2020-09-18 14:44:10 +02:00
72acc2959e
Add servlet CSRF Kotlin samples
...
Issue gh-8172
2020-09-18 14:14:32 +02:00
7b1f574769
Revert "Lock Dependency Versions for 5.4.0"
...
This reverts commit 3d0e459182
2020-09-09 18:14:12 -04:00
3d0e459182
Lock Dependency Versions for 5.4.0
2020-09-09 13:45:03 -04:00
6222c5fe34
Add What's New in 5.4
...
Closes gh-9001
2020-09-09 13:27:22 -04:00
593a556991
Remove broken link from docs
...
Closes gh-8986
2020-09-07 14:07:42 +02:00
58c7c21a6c
Update abstract-authentication-processing-filter.adoc
2020-09-07 07:57:40 -04:00
0a4766f21e
Restructure SAML 2.0 Documentation
...
- Add images
- Standardize terminology
- Add detail about working with OpenSAML
- Reorganize sections
Closes gh-8763
2020-08-28 12:42:44 -06:00
a9fe2cb377
Add servlet OAuth2 login Kotlin samples
...
Issue gh-8172
2020-08-28 18:15:59 +02:00
44399a5256
Add servlet OAuth2 resource server Kotlin samples
...
Issue gh-8172
2020-08-28 12:21:24 +02:00
7a5d9ce287
Fix typos in reference docs
2020-08-25 10:57:41 +02:00
2abf59b695
Merge Formatting Changes
...
Issue gh-8945
2020-08-24 17:33:23 -05:00
8d80166aaf
Update exception variable names
...
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.
Issue gh-8945
2020-08-24 17:33:08 -05:00
cf48f986f6
Fix typo in resource server documentation
2020-08-24 09:10:33 +02:00
e6d1e2cf81
Restructure SAML 2.0 Documentation
...
Issue gh-8763
2020-08-19 14:59:26 -06:00
69e0552c30
Add servlet OAuth2 client Kotlin samples
...
Issue gh-8172
2020-08-11 14:25:27 +02:00
380a11566e
Add registered OAuth2 authorized client Kotlin samples
...
Issue gh-8172
2020-08-11 10:24:21 +02:00
324d6795c9
Add WebClient samples to docs
...
Issue gh-8172
2020-08-11 08:33:46 +02:00
496fcbb102
Add OAuth2 resource server WebFlux samples
...
Issue gh-8172
2020-08-11 08:33:46 +02:00
d839e4dd71
Fix typos in resource server docs
...
- Use withJwkSetUri instead of fromJwkSetUri
- Use ES512 instead of EC512
- Use NimbusReactiveOpaqueTokenIntrospector instead of NimbusOpaqueTokenIntrospector in reactive
- User authorizeExchange instead of authorizeRequests
2020-08-11 08:33:46 +02:00
12a8795c3d
Fix typo in resource server docs
2020-08-06 14:11:13 +02:00
1d74d556c2
Revert "Lock Dependency Versions for 5.4.0-RC1"
...
This reverts commit f3a1e5d40c
2020-08-05 14:59:11 -04:00
f3a1e5d40c
Lock Dependency Versions for 5.4.0-RC1
2020-08-05 13:46:11 -04:00
8a355240bc
SAML 2.0 SP Metadata Endpoint Support
...
Issue gh-8693
2020-08-05 10:08:47 -06:00
8146b1fdda
Deprecate CustomUserTypesOAuth2UserService
...
Closes gh-8908
2020-08-04 13:23:44 -04:00
0ed919f072
Deprecate ClientRegistration.redirectUriTemplate
...
Closes gh-8906
2020-08-04 11:03:29 -04:00
31d5b5068c
Kotlin OAuth2 client WebFlux samples
...
Issue gh-8172
2020-07-27 09:34:37 +02:00
48aa5cceda
Wording changes
...
Replacing some terms
2020-07-15 10:22:49 -04:00
683cb49c9d
Add Kotlin WebFlux header configuration to docs
...
Issue gh-8172
2020-07-14 16:34:30 +02:00
793926b977
Add Kotlin header configuration samples to docs
...
Issue gh-8172
2020-07-10 16:08:02 +02:00
f479f0ea49
Add Kotlin expression-based authorization
...
Issue gh-8172
2020-07-06 13:13:57 +02:00
0bdf6859be
Add Kotlin logout samples to docs
...
Issue gh-8172
2020-07-06 12:45:41 +02:00
146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2"
...
This reverts commit 68538897c8
2020-07-01 13:11:50 -06:00
68538897c8
Lock Dependency Versions for 5.4.0-M2
2020-07-01 12:40:29 -06:00
f5e0fe5907
Polish documentation formatting
...
Issue gh-8199
2020-06-29 18:16:59 +02:00
08b69e77d2
Merge Project Modules and Dependencies Section of the docs
...
Closes gh-8199
2020-06-29 12:11:04 -04:00
ca1252be94
Replace whitelist with allowlist
...
Issue gh-8676
2020-06-10 11:49:21 -05:00
a907026eae
Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive
...
Closes gh-8677
2020-06-10 11:48:56 -05:00
bb0fac66d6
Fix a few typos in the documentation
2020-06-09 14:40:39 -05:00
d8aa208a9f
Fix broken link in spring security reference document
...
Fixes:#8593
2020-06-02 05:36:19 -06:00
a63a0e3765
Add reactive CSRF samples to docs
...
Issue gh-8172
2020-05-28 13:16:35 -04:00
da05543ef6
Update OAuth 2.0 Client Testing Docs
...
Issue gh-8603
2020-05-28 10:33:02 -06:00
7463583c1b
Fix typos in BCryptPasswordEncoder documentation
...
Resolves gh-8585
2020-05-27 10:35:49 -05:00
bf9e8295d6
mentioning the default strength of BCryptPasswordEncoder
2020-05-21 11:15:45 -05:00
014df98ebb
Polish
...
* Correct documented default schema to match default schema exposed as classpath resource
* Fix Java example of adding users to JdbcUserDetailsManager
2020-05-21 11:09:31 -05:00
16b0a268d9
Update index.adoc
2020-05-20 08:01:56 -05:00
c1abc9b134
Polish gh-8501
2020-05-15 13:26:09 -04:00
78fa859798
Add issuerUri to ClientRegistration.providerDetails
...
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.
Fixes gh-8326
2020-05-14 17:13:07 -04:00
e5d2aaf6fe
Deprecate OpenID 2.0 support
...
Deprecate OpenID 2.0 support
2020-05-12 09:37:56 -05:00
fbd3cfa40e
Fix code snippets to configure timeouts
...
Issue: gh-8487
2020-05-11 15:59:11 -04:00
f2a2b469c4
Deprecate openID 2.0 support
...
This commit adds deprecation notice to xml schema, parser of the schema and removes fixme comments.
Fixes gh-7153
2020-05-09 12:04:13 +02:00
6d5d883518
Use Opaquetoken properties to configure timeouts
...
Improve the documentation to show how to re-use the Opaquetoken properties of `OAuth2ResourceServerProperties` to set up basic auth in the configured `RestTemplate`.
2020-05-07 15:20:50 -04:00
86ca6b013c
Unlock dependencies
...
This reverts commit 206960cf44
2020-05-06 17:27:35 -04:00
206960cf44
Lock dependencies for 5.4.0-M1
2020-05-06 17:13:04 -04:00
7748fb00ba
Fix typos in documentation
2020-05-05 10:45:42 -05:00
339d44b5a1
Deprecate openID 2.0 support
...
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)
Fixes gh-7153
2020-05-02 10:18:31 +02:00
1ca47f5cd0
Fix typo in Java configuration docs
2020-05-01 14:24:40 -04:00
70792a9072
Document description error
...
Fixes gh-8119
2020-04-21 09:17:01 -04:00
ebc6012ec7
Rename Preface to Introduction
...
Closes gh-8188
2020-04-20 11:44:13 -05:00
b9b89035f6
Documented dependencies opaque Resource Server
...
Extended the documentation for the opaque Resource Server in order to clearly state which dependencies are required in order for the minimal deployment to work. Replaced dead link for Contribute guidelines in README.adoc
Closes gh-8391
2020-04-17 16:25:14 -05:00
5cd1ec7bb3
Add AuthoritiesMapper setter for reactive OAuth2Login
...
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login
- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
and OAuth2LoginReactiveAuthenticationManager
- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager
Fixes gh-8324
2020-04-17 16:55:05 -04:00
64a5bb053e
Fix typo with correct capitalization
2020-04-17 10:22:37 -04:00
13b2b00093
Add JwtAuthenticationConverter docs
...
Issue gh-8185
2020-04-13 22:47:20 -06:00
ad8c49acae
Add Docs
...
Issue gh-8332
2020-04-10 16:52:10 -06:00
419d7264f9
Add Docs for Custom Bearer Token Header
...
Issue gh-8337
2020-04-09 10:36:03 -06:00
5f1eb392ff
Add WebFlux Kotlin samples to docs
...
Issue: gh-8172
2020-04-08 14:57:25 -04:00
681d2d68e7
Fix typos in FAQ reference docs
...
Add missing space; use https in links
2020-04-08 11:44:42 -04:00
b57c2f2821
Updating authorization docs to mention handling of Maps in @PreFilter and @PostFilter annotations
2020-04-06 18:36:32 -04:00
946de2a51e
Revert "Fix links in oauth2 doc"
...
This reverts commit ad5bfc868c
2020-03-30 13:31:08 -04:00
63c8072ebc
Add crypto Kotlin samples to docs
...
Issue gh-8172
2020-03-30 11:32:43 -04:00
018cbfa93f
Add preauth Kotlin samples to docs
...
Issue gh-8172
2020-03-30 11:31:59 -04:00
ad5bfc868c
Fix links in oauth2 doc
2020-03-27 16:56:13 -05:00
81ad2958bd
Clarify ServerBearerExchangeFilterFunction Docs
...
Fixes gh-8220
2020-03-27 13:23:57 -06:00
7c0023ecc9
Update Encryptors documentation
...
Fixes gh-8208
2020-03-27 09:50:46 -04:00
6d61b87213
Add security context holder Kotlin samples to docs
...
Issue gh-8172
2020-03-26 15:36:44 -04:00
8e5e0c4a9e
Add delegating filter proxy Kotlin samples to docs
...
Issue gh-8172
2020-03-26 15:35:51 -04:00
5b4cb5b13d
Add filter Kotlin samples to docs
...
Issue gh-8172
2020-03-26 15:10:42 -04:00
e62b8a7585
Add Figures to Resource Server Docs
...
Fixes gh-8182
2020-03-25 16:30:48 -06:00
dcacd06360
Polish Resource Server JWT Docs
...
Issue gh-5935
2020-03-24 15:35:57 -06:00
8872d8b7d0
Polish Resource Server Multi-tenancy Docs
...
Issue gh-7532
2020-03-24 15:24:43 -06:00
933104d2d6
Document JwtGrantedAuthoritiesConverter Features
...
Fixes gh-8176
2020-03-24 14:39:08 -06:00
2c103f34e3
Add password storage Kotlin samples to docs
...
Issue gh-8172
2020-03-24 10:29:11 -04:00
10c66d282a
Fix userNameAttribute property case style
...
Fixes gh-8169
2020-03-23 10:08:14 -04:00
0e9497de3c
Document SAML 2.0 Improvements
...
Fixes gh-8079
Fixes gh-8078
2020-03-20 17:08:01 -06:00
d1dbd92903
Document OAuth2Authorization success and failure handlers
...
Fixes gh-8073
2020-03-20 16:30:05 -04:00
5bff741c31
Document AuthorizedClientServiceOAuth2AuthorizedClientManager
...
Fixes gh-8152
2020-03-19 20:15:34 -04:00
06fdb83fb8
Document Jackson serialization support for OAuth 2.0 Client
...
Fixes gh-8075
2020-03-18 17:05:56 -04:00
4da7235d9b
Document OAuth2AuthorizationRequest customization improvements
...
Fixes gh-8071
2020-03-18 11:20:08 -04:00
e00a030621
Document OAuth 2.0 Client XML Support
...
Fixes gh-8074
2020-03-17 13:27:29 -04:00
3d5a1522d6
Document OAuth 2.0 Login XML Support
...
Fixes gh-8110
2020-03-16 12:33:37 -04:00
bfd36d9a54
Remove Redundant ConcurrentSessionFilter Refs
...
Fixes gh-8105
2020-03-13 16:27:30 -06:00
3b80c2e345
Document AuthenticationEventPublisher
...
Fixes gh-8081
2020-03-11 16:48:14 -06:00
5b1838fd73
Add Resource Server XML snippets
...
Fixes gh-8077
2020-03-09 18:49:49 -06:00
69e1034ddc
Document baseUrl Support for OIDC Logout
...
Fixes gh-8072
2020-03-06 23:06:25 -07:00
4ef37f289e
OAuth 2.0 Test Support Docs
...
- Added WebTestClient documentation
- Updated MockMvc documentation to align
Fixes gh-8050
2020-03-06 23:01:18 -07:00
93b8c656d8
Document JwtClaimValidator
...
Fixes gh-8076
2020-03-04 14:47:44 -07:00
6db921c95d
Fix broken links
...
Fixes gh-8069
2020-03-04 13:12:11 -07:00
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
2020-03-04 12:02:48 -07:00
747d8817cb
Specify Section Ids in What's New
...
Issue gh-8062
2020-03-04 11:01:59 -07:00
Josh Cummings
Eleftheria Stein
Joe Grandja
Rob Winch
Eleftheria Stein
Ivan
kavi87
Christophe Gilles
Guillaume Berche
Hideaki Matsunami
Ayush Kohli
Matthias Luppi
ilee
知一
Phillip Webb
Jakub Kubrynski
Jay Bryant
Heinz Wittig
Robin Dupret
Dayan
Markus Engelbrecht
Mazharul Islam
Thomas Turrell-Croft
Andreas Volkmann
Joe Grandja
Thomas Vitale
Jean-Pierre Bergamin
Dávid Kovács
Andrii Hrytsiuk
corneliouz Bett
Philipp Gerhard
Antonin Arquey
Souphorn
Maksim Mednik
wassan128
komuro.hiraku