Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,648 Commits 35 Branches 334 Tags 114 MiB
Commit Graph

10648 Commits

Author SHA1 Message Date
Joe Grandja 0e88064942 Update hibernate-entitymanager to 5.6.9.Final 
Closes gh-11405
 2022-06-20 11:52:35 -04:00
Joe Grandja 641b9ef83b Update io.projectreactor to 2020.0.20 
Closes gh-11403
 2022-06-20 11:52:30 -04:00
Joe Grandja 6f43d234dc Update aspectj-plugin to 6.4.3.1 
Closes gh-11402
 2022-06-20 11:52:27 -04:00
Joe Grandja d7819ea4da Update jackson-bom to 2.13.3 
Closes gh-11399
 2022-06-20 11:52:17 -04:00
Joe Grandja 37ee70ae86 Add dependency update exclusion for spring-javaformat-checkstyle 2022-06-20 11:16:37 -04:00
Joe Grandja 8ea37360ac Add dependency exclusion rules 2022-06-20 10:03:29 -04:00
Rob Winch d32f74d19d SecurityContextHolder Deferred SecurityContext 
Closes gh-10913
 2022-06-17 17:03:19 -05:00
Rob Winch 29db051f7a Cache SecurityContextRepository.loadContext(HttpServletRequest) Result 
Closes gh-11390
 2022-06-17 14:52:35 -05:00
Rob Winch 591d1edc7d Cache SecurityContextRepository.loadContext(HttpServletRequest) Result 
Closes gh-11390
 2022-06-17 14:52:01 -05:00
Josh Cummings 2a70707c35 Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Josh Cummings 2c09a300b6 Add SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-17 11:28:10 -06:00
Josh Cummings 31e25b115e Add SecurityContextHolderStrategy to Default Components 
Issue gh-11060
 2022-06-17 11:28:10 -06:00
Josh Cummings 539a11d0a4
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:13:42 -06:00
Josh Cummings f035c30edb
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:12:13 -06:00
Josh Cummings 01513ab17e
Add placeholders to reactive post_logout_redirect_uri 
Now also supports baseScheme, baseHost, basePort, and basePath

Issue gh-11229
 2022-06-16 16:10:26 -06:00
Josh Cummings 6f69d85fcb
Reactive OAuth 2.0 logout handler resolves registrationId 
Closes gh-11378
 2022-06-16 16:09:57 -06:00
Josh Cummings 3f30de388a
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:09:56 -06:00
Michael e4505ed6c8
Add placeholders to post_logout_redirect_uri 
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.

Closes gh-11229
 2022-06-16 16:09:56 -06:00
Steve Riesenberg 79c2b8709b
Allow form login when single OAuth2 Provider is configured 
Closes gh-6802
 2022-06-15 14:05:55 -05:00
Josh Cummings d22277ce36
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:16:50 -06:00
Josh Cummings bd60a0f8c9
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:16:49 -06:00
Josh Cummings 812bb0ead0
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:12:52 -06:00
Josh Cummings bb9c7d1b6e
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:12:33 -06:00
Jared Rufer 3ca4b06612
Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:56:16 -06:00
j3graham 29ba67b6d7 Remove dependency on commons-codec by using java.util.Base64 
Closes gh-11318
 2022-06-09 06:50:01 -06:00
Zhivko Delchev e97c5a533b Reverse content type check 
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204
Closes gh-11205
 2022-06-06 15:47:35 -05:00
Zhivko Delchev d882bfcf2b Reverse content type check 
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204
Closes gh-11205
 2022-06-06 15:47:14 -05:00
Zhivko Delchev cf69cdf008 Reverse content type check 
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204
Closes gh-11205
 2022-06-06 15:46:28 -05:00
shirohoo e0fa644b08 Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 14:16:28 -05:00
Rob Winch 592db9180d Enable BackportBot on 5.6.x 2022-06-06 14:16:28 -05:00
Rob Winch 6c3f53ac0a Fix typo in BasicLookupStrategy Javadoc 
Issue gh-11336
 2022-06-06 14:09:24 -05:00
Rob Winch f3590519c1 Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 14:08:55 -05:00
shirohoo b274431c07 Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 13:55:43 -05:00
Rob Winch 3d5e5ff556 Enable BackportBot on 5.7.x 2022-06-06 13:54:36 -05:00
Rob Winch 66592c1e66 Enable BackportBot on 5.8.x 2022-06-06 13:53:58 -05:00
shirohoo 742d7535bb Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 13:52:17 -05:00
Houssem BELHADJ AHMED fc653bb81a
make SAML authentication request uri configurable 
Closes gh-10840
 2022-06-06 12:49:29 -06:00
Kuby 759d799ddd Change phoneNumberVerified with type Boolean 
Closes: gh-11315
 2022-06-03 09:46:00 -05:00
Marcus Da Coregio 4d65d96b8a Fix saml2Tests always running after a single test 
This commit makes the check task depend on the saml2Tests task.
The test task was also configured to run after saml2Tests, to make sure that the
compileTestJava runs after the compileSaml2TestJava

Issue gh-10816
 2022-06-03 11:22:46 -03:00
Marcus Da Coregio 3dd54bcda7 Run SAML 2.0 tests in an exclusive task 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 23903b5f18 Use Reflection to instantiate OpenSAML4 classes 
Because the OpenSAML4 classes are compiled using Java 11, we have to rely on reflection to instante those classes since the config module should be compatible with Java 8

Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio e20323e0a8 Use Java 11 Toolchain for OpenSaml4 compile 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 4631375270 Use Java 8 Toolchain for modules 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio ccb1f68bfe Fix member variable using Java 9+ feature 
This causes compile errors when trying to build using JDK 8

Issue gh-10695
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 4c2401a576 Revert "Make source code compatible with JDK 8" 
This reverts commit 60ed3602f6.
 2022-06-02 19:24:42 +02:00
sKai.fun a3e996a66b Fix title render issue of Digest Authentication document 
Closes gh-11272
 2022-06-01 17:33:41 -05:00
sKai.fun 953b54f63d Fix title render issue of Digest Authentication document 
Closes gh-11272
 2022-06-01 15:15:03 -05:00
Evgeniy Cheban d557d2d0eb Add RoleHierarchy to AuthorityAuthorizationManager 
Added roleHierarchy field to AuthorityAuthorizationManager
that defaults to NullRoleHierarchy along with setter method to override.

Closes gh-11304
 2022-06-01 08:28:16 -06:00
André Luis Gomes aca3fc2412 Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:51:44 -03:00
André Luis Gomes 0c31cb21dc Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:50:56 -03:00