Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,705 Commits 38 Branches 345 Tags
Commit Graph

12705 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
099aaa33ff
Remove Deprecation Markers 
Since Spring Security still needs these methods and classes, we
should wait on deprecating them if we can.

Instead, this commit changes the original classes to have a
boolean property that is currently false, but will switch to true
in 6.0.

At that time, BearerTokenAuthenticationFilter can change to use
the handler.

Closes gh-11932
 2022-10-13 19:47:22 -06:00
Daniel Garnier-Moiroux
200b7fecd3
Add (Server)AuthenticationEntryPointFailureHandlerAdapter 
Issue gh-11932, gh-9429

(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.

BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
 2022-10-13 19:25:04 -06:00
Steve Riesenberg
9090f62d9b
Merge branch '5.8.x' 2022-10-13 16:46:53 -05:00
Evgeniy Cheban
56b9badcfe
AnonymousAuthenticationFilter should cache its Supplier<SecurityContext> 
Closes gh-11900
 2022-10-13 16:44:48 -05:00
Steve Riesenberg
d6356415f9
Polish whats-new.adoc 2022-10-13 13:42:04 -05:00
Steve Riesenberg
74e0616451
Update What's New for 6.0 2022-10-13 13:42:04 -05:00
Steve Riesenberg
46538ff33d
Merge branch '5.8.x' 
Merged using the ours strategy.
 2022-10-13 12:53:22 -05:00
Steve Riesenberg
5a55987d6e
Add links to reference in What's New for 5.8 
Issue gh-4001
Issue gh-11959
 2022-10-13 12:52:01 -05:00
Steve Riesenberg
45a963a011
Remove CsrfWebFilter.setTokenFromMultipartDataEnabled 
Closes gh-12019
 2022-10-13 11:29:16 -05:00
Steve Riesenberg
819529f5ea
Remove CsrfSpec.tokenFromMultipartDataEnabled 
Also removed ServerCsrfDsl.tokenFromMultipartDataEnabled

Closes gh-12020
 2022-10-13 11:29:15 -05:00
Josh Cummings
db7732dd4a
Merge remote-tracking branch 'origin/5.8.x' 2022-10-13 10:19:54 -06:00
Josh Cummings
59c4538798
Update What's New 
Closes gh-12021
 2022-10-13 10:13:20 -06:00
Joe Grandja
753e113a13 RequestMatcherDelegatingAuthorizationManager defaults to deny 
Closes gh-11958
 2022-10-13 11:12:00 -04:00
Josh Cummings
d0653afec3
Remove Duplicate Property 2022-10-13 09:02:35 -06:00
Steve Riesenberg
2407d07890
Default to Xor CSRF tokens in CsrfWebFilter 
Closes gh-11960
 2022-10-13 09:39:57 -05:00
Steve Riesenberg
2a2051cd7b
Default to Xor CSRF tokens in CsrfFilter 
Issue gh-11960
 2022-10-13 09:39:55 -05:00
Marcus Da Coregio
60aa799498 Merge branch '5.8.x' 2022-10-13 09:37:58 -03:00
Marcus Da Coregio
445833295b Merge branch '5.7.x' into 5.8.x 2022-10-13 09:37:33 -03:00
Marcus Da Coregio
0c239813e5 Merge branch '5.6.x' into 5.7.x 2022-10-13 09:36:09 -03:00
Marcus Da Coregio
717320a9ba Update org.springframework.data to 2021.2.4 
Closes gh-12018
 2022-10-13 09:30:50 -03:00
Marcus Da Coregio
601fafd3de Update org.springframework to 5.3.23 
Closes gh-12017
 2022-10-13 09:30:47 -03:00
Marcus Da Coregio
0f5c23ab17 Update hibernate-entitymanager to 5.6.12.Final 
Closes gh-12016
 2022-10-13 09:30:43 -03:00
Marcus Da Coregio
a73b8de0f4 Update org.eclipse.jetty to 9.4.49.v20220914 
Closes gh-12015
 2022-10-13 09:30:40 -03:00
Marcus Da Coregio
2d7813be6e Update io.rsocket to 1.1.3 
Closes gh-12014
 2022-10-13 09:30:37 -03:00
Marcus Da Coregio
655a1e345e Update io.projectreactor to 2020.0.24 
Closes gh-12012
 2022-10-13 09:30:31 -03:00
Marcus Da Coregio
4fc00b74a9 Update mockk to 1.12.8 
Closes gh-12011
 2022-10-13 09:30:28 -03:00
Marcus Da Coregio
0521bb1af5 Update jackson-bom to 2.13.4.20221012 
Closes gh-12008
 2022-10-13 09:30:17 -03:00
Marcus Da Coregio
4992e8ce62 Update org.springframework.data to 2021.1.8 
Closes gh-12007
 2022-10-13 09:24:21 -03:00
Marcus Da Coregio
c772daab92 Update org.springframework to 5.3.23 
Closes gh-12006
 2022-10-13 09:24:20 -03:00
Marcus Da Coregio
45a4a89960 Update hibernate-entitymanager to 5.6.12.Final 
Closes gh-12005
 2022-10-13 09:24:20 -03:00
Marcus Da Coregio
b43c7e927f Update org.eclipse.jetty to 9.4.49.v20220914 
Closes gh-12004
 2022-10-13 09:24:20 -03:00
Marcus Da Coregio
50d23622d0 Update io.rsocket to 1.1.3 
Closes gh-12003
 2022-10-13 09:24:20 -03:00
Marcus Da Coregio
2c2603ba0f Update io.projectreactor to 2020.0.24 
Closes gh-12001
 2022-10-13 09:24:20 -03:00
Marcus Da Coregio
f7f53ea2b7 Update jackson-bom to 2.13.4.20221012 
Closes gh-11997
 2022-10-13 09:22:28 -03:00
Marcus Da Coregio
db7f52db4e Add hints to invoke SecurityContextImpl#getAuthentication 
Closes gh-11987
 2022-10-13 09:06:16 -03:00
Joe Grandja
6026f9f70f Merge branch '5.8.x' 2022-10-13 06:31:37 -04:00
Joe Grandja
185991a606 Revert "Add default AuthorizationManager" 
This reverts commit 4ddec07d0e13c2fe994a8720e22215402d49edd5.
 2022-10-13 06:18:00 -04:00
Josh Cummings
fe96a62dfc
Document Observability Support 
Issue gh-10964
 2022-10-12 20:32:25 -06:00
Josh Cummings
2713075d08
Mark Observations with Firewall Failures 
Closes gh-11994
 2022-10-12 20:32:24 -06:00
Josh Cummings
46ab84684b
Mark Observations with CSRF Failures 
Closes gh-11993
 2022-10-12 20:32:23 -06:00
Josh Cummings
d3d8f7d60f
Mark Observations with Security Context Events 
Closes gh-11992
 2022-10-12 20:32:23 -06:00
Josh Cummings
99a87179dd
Instrument Filter Chain 
Closes gh-11911
 2022-10-12 20:32:22 -06:00
Josh Cummings
8c610684f3
Instrument Authentication and Authorization 
Closes gh-11989
Closes gh-11990
 2022-10-12 20:32:21 -06:00
Josh Cummings
827384e386
Add Micrometer Dependency 2022-10-12 19:26:21 -06:00
Steve Riesenberg
7c872cf7fd
Merge branch '5.8.x' 2022-10-12 15:02:40 -05:00
Steve Riesenberg
440748ec65
Add test support for Xor CSRF tokens 
Issue gh-4001
 2022-10-12 15:02:15 -05:00
Steve Riesenberg
9b43950e13
Merge branch '5.8.x' 2022-10-12 13:14:20 -05:00
Steve Riesenberg
8bd25f90e4
Polish XorServerCsrfTokenRequestAttributeHandlerTests 2022-10-12 12:31:56 -05:00
Steve Riesenberg
804f20045e
Polish XorCsrfTokenRequestAttributeHandlerTests 2022-10-12 12:30:40 -05:00
Steve Riesenberg
05e4a1dd20
Cache Xor CsrfToken 
Closes gh-11988
 2022-10-12 12:30:40 -05:00