c8ed130008
Fix websocket.adoc typo
2016-12-21 10:19:51 -06:00
d39f3385b6
Polish DefaultHttpFirewallTests
...
Issue gh-4169
2016-12-21 09:29:23 -06:00
6bec625e68
Update to Spring 4.3.5.RELEASE
...
Fixes gh-4167
2016-12-21 09:04:16 -06:00
666e356ebc
Block URL Encoded "/" in DefaultHttpFirewall
...
Fixes gh-4169
2016-12-21 09:04:00 -06:00
fc516b55a6
Fix Build Against Spring 5.0.0.BUILD-SNAPSHOT
...
Change Bean definition to static to avoid SPR-12646
Fixes gh-4150
2016-12-08 15:54:46 -06:00
bb834bccf6
Polish Exception Message
...
Polish Exception message for bad salt in BCrypt
Issue gh-4147
2016-12-06 08:45:08 -06:00
09436649cc
handling null-values for salts properly now - fixes gh-4147
2016-12-06 08:43:19 -06:00
f94399cff9
Polish
2016-11-17 09:49:41 -06:00
94fb1893de
fix typo "RemoteIpValve"
2016-11-16 14:13:53 -06:00
3185876a7d
Remove dead code in AclAuthorizationStrategyImplTests
2016-11-14 10:18:58 -06:00
2cb38ae115
Next development version
2016-11-09 23:42:16 +00:00
24fcb6c45a
Release version 4.2.0.RELEASE
2016-11-09 23:42:11 +00:00
a9024de734
Polish Spring Version Update
...
Fix related tests.
Issue gh-4123
2016-11-09 17:05:25 -06:00
fd9f57eb5f
Update What's New changelogs
2016-11-09 17:00:09 -06:00
7259759f8d
Update to Spring LDAP 2.2.0.RELEASE
...
Fixes gh-4124
2016-11-09 16:55:19 -06:00
14e5e06ae0
Update to Spring 4.3.4.RELEASE
...
Fixes gh-4123
2016-11-09 16:55:19 -06:00
697daeab7c
Add Jackson2 Support for PreAuthenticatedAuthenticationToken
...
Fixes gh-4120
2016-11-09 16:55:10 -06:00
f97f38fd57
jacksonDatavindVersion->jacksonDatabindVersion
...
Issue gh-4122
2016-11-09 16:46:38 -06:00
a853d38076
Update to Jackson 2.8.4
...
Fixes gh-4122
2016-11-09 16:42:41 -06:00
f0a9421aa4
SecurityJacksonModules->SecurityJackson2Modules
...
Fixes gh-4121
2016-11-09 16:42:41 -06:00
36f4f7d081
Add securityCheckWhenCustomAuthorityThenNameIsUsed
...
Add a test for AclAuthorizationStrategyImpl.securityCheck when a custom
authority is used.
Issue gh-4085
2016-11-09 15:27:41 -06:00
07d1c7c5eb
AclAuthorizationStrategyImpl uses name
...
Fixes gh-4085
2016-11-09 14:53:46 -06:00
d2c28c58e2
Polishing the ReferrerPolicyHeaderWriter gh-4110
2016-11-09 13:16:41 -06:00
14a656186d
Polish Referrer Header Policy Docs
...
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.
Move Referrer Header Polich outside of the CSP section.
Issue gh-4110
2016-11-09 13:15:06 -06:00
2a197c72eb
Fix typos in the reference
...
Fix typos in the reference documentation
Fixes gh-4113
2016-11-09 10:05:27 -06:00
ab5af87953
Add Referrer Policy to What's New
2016-11-08 16:14:20 -06:00
23294c4c57
Add Referrer-Policy header support
...
Fixes gh-4110
2016-11-08 13:21:35 -06:00
eb2870bf82
Polishing doc in What's New in Spring Security 4.2
2016-11-08 11:19:51 -06:00
9fa42117f7
Update GRADLE_OPTS to use " instead of '
2016-11-01 20:11:05 -05:00
cf3d6e7167
Fix Small Typo
...
propoerty->property
2016-10-31 11:31:52 -05:00
08f0b57243
Next development version
2016-10-26 02:49:27 +00:00
97b4cb0b73
Release version 4.2.0.RC1
2016-10-26 02:49:23 +00:00
8ca4b55d32
Update What's New Section of Reference
...
Fixes gh-4109
2016-10-25 15:03:59 -05:00
8e546454a5
Polish ApacheDSContainer LDAPs support
...
Issue gh-4096
2016-10-25 10:17:08 -05:00
406bb1d4d5
Add LDAPs support to ApacheDSContainer
...
* Add the ability to enable LDAP over SSL (LDAPs)
* Add tests
Fixes gh-4096
2016-10-25 10:16:35 -05:00
8437d0fea3
Remove Eclipse Project Name customization
...
Previously the build specified the major.minor.x as a suffix for the
project name. This is now removed since Buildship ignores it.
2016-10-24 18:39:49 -05:00
df3b8bc284
Add Spring MVC test for override cache control
...
Issue gh-3975
2016-10-24 15:57:32 -05:00
57d7ad05f9
Revert "Cache Control only written if not set"
...
This reverts commit 242b831f20
2016-10-24 15:57:26 -05:00
e62596f36d
Polish PasswordEncoderUtils do not leak length
...
Fix possible / 0 if expected is empty String.
Issue gh-255
2016-10-24 12:50:46 -05:00
d3685d89c5
Polish PasswordEncoderUtils do not leak length
...
Issue gh-255
2016-10-24 11:26:43 -05:00
a98389fa98
PasswordEncoderUtils do not leak length
...
Enforce constant time even when expectedLength != actualLength.
Fixes gh-255
2016-10-24 11:26:34 -05:00
dc9f9b140f
Polish PasswordEncoderUtilsTests
...
* Add more tests
* Smaller tests
* Follow new naming convention
2016-10-24 11:24:24 -05:00
f432c04111
Create UserBuilder
...
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder
Fixes gh-4095
2016-10-21 16:42:03 -05:00
50b72dddbc
Fix typo in Javadoc
...
This commit simply fixes typo in Javadoc.
2016-10-20 21:07:15 -05:00
94e580fe64
Add Support for Custom Default Configuration in Web Security
...
Fixes gh-4102
2016-10-19 16:15:56 -05:00
af9139b613
Add intercept-url@request-matcher-ref
...
Fixes gh-4097
2016-10-18 22:27:31 -05:00
f019ea89e7
Remove unused lowercase-comparisons from XSD
...
Fixes gh-3932
2016-10-18 22:27:28 -05:00
0d700628dc
Add spring-security-4.2.xsd to spring.schemas
...
Fixes gh-4098
2016-10-18 22:27:22 -05:00
aaa9708b95
Add BeanResolver to AuthenticationPrincipalArgumentResolver
...
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.
This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.
Fixes gh-3949
2016-10-18 19:45:54 -05:00
df9e6c973c
linked to java configuration sample applications
...
removed outdated description and linked directly to java configuration sample applications
2016-10-17 21:12:17 -05:00
stonio
Rob Winch
Jan Brennenstuhl
Johnny Lim
Dapeng
Spring Buildmaster
Shazin Sadakath
Kazuki Shimizu
Eddú Meléndez
Rob Winch
Gunnar Hillert
avri-schneider
Joe