Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 00:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,189 Commits 34 Branches 337 Tags
Commit Graph

9189 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marcus Da Coregio
cfbf28b8ba Revert "Lock Dependencies for Release" 
This reverts commit 3d4e90ba2aa6bf026024da6c8a57672f4e08c920.
 2021-12-20 16:47:36 -03:00
Marcus Da Coregio
f9989bfc42 Release 5.4.10 5.4.10 2021-12-20 16:11:51 -03:00
Marcus Da Coregio
3d4e90ba2a Lock Dependencies for Release 2021-12-20 16:03:13 -03:00
Eleftheria Stein
7e34c6a045 Fix reactive resource server tests 
Closes gh-10660
 2021-12-20 15:41:22 -03:00
Eleftheria Stein
3d4ad5fe50 Make gretty samples compatible with logback 1.2.9 
Explicitly reference the logback.xml file to prevent gretty from configuring the defaults using groovy.

Issue gh-10642
 2021-12-20 14:10:48 -03:00
Steve Riesenberg
0be66d2cc0 Update copyright year 
Issue gh-10557
 2021-12-01 17:37:17 -06:00
Steve Riesenberg
414e096ae4 Fix case sensitive headers comparison 
Closes gh-10557
 2021-12-01 16:05:23 -06:00
Jonas Erbe
5c732b9b7f Fix JwtClaimValidator wrong error code 
Previously JwtClaimValidator returned the invalid_request error on claim validation failure.
But validators have to return invalid_token errors on failure according to:
https://datatracker.ietf.org/doc/html/rfc6750#section-3.1.
Also see gh-10337

Closes gh-10337
 2021-11-29 12:34:53 -07:00
Henning Poettker
fa82c00a67 Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 14:15:14 -03:00
Marcus Da Coregio
e05c9f4bba Improve log message when no CSRF token found 
Closes gh-10436
 2021-11-19 08:43:48 -03:00
Josh Cummings
bd42939b52 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:38:32 -07:00
Josh Cummings
ef23337f90 Fix setJWTClaimSetJWSKeySelector Typo 
Closes gh-10504
 2021-11-16 15:35:10 -07:00
Josh Cummings
e8bbe7a1ce Fix jwtDecoder Documentation Usage 
Closes gh-10505
 2021-11-16 15:21:59 -07:00
Josh Cummings
f89a34c30b Don't Cache ReactiveJwtDecoders Errors 
Closes gh-10444
 2021-11-10 18:07:14 -07:00
Marcus Da Coregio
89db1c37a3 Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext 
Closes gh-10208
 2021-10-22 14:49:13 -03:00
Steve Riesenberg
f1e7744d42 Next Development Version 2021-10-19 00:49:21 -05:00
Steve Riesenberg
0704c709dc Revert "Lock Dependencies for Release" 
This reverts commit 03c2c49d66fe395374ecb3bed696087e882a6bbc.
 2021-10-18 17:38:07 -05:00
Steve Riesenberg
957111c29c Release 5.4.9 5.4.9 2021-10-18 17:35:38 -05:00
Steve Riesenberg
03c2c49d66 Lock Dependencies for Release 2021-10-18 17:34:42 -05:00
Steve Riesenberg
397781e57c Update to Spring Boot 2.4.11 
Closes gh-10418
 2021-10-18 17:33:19 -05:00
Steve Riesenberg
c83bd075a2 Revert "Lock Dependencies for Release" 
This reverts commit bedb569f0d41a46a92665a4e45adcc525cc10290.
 2021-10-18 16:49:15 -05:00
Steve Riesenberg
bedb569f0d Lock Dependencies for Release 2021-10-18 15:38:17 -05:00
Josh Cummings
ba468c7e6e Restructure SwitchUserFilter Logs 
Issue gh-6311
 2021-10-18 15:38:16 -05:00
Emil Sierżęga
37ccf3c18c Fixed link in .editorconfig 2021-10-13 15:38:01 -06:00
Marcus Da Coregio
f45b990b4b Allow SAML 2.0 loginProcessingURL without registrationId 
Closes gh-10176
 2021-10-05 13:30:20 -03:00
Josh Cummings
4df9b4547f Fix OAuth2 Error Code 
Closes gh-10319
 2021-09-28 14:56:25 -06:00
heowc
02060015a5 Fix typo 
Closes gh-10276
 2021-09-22 16:36:38 -06:00
Rob Winch
278bda1c2d Remove finally block for junit 
Allow this to be gathered by Gradle enterprise since if build is up to
date there will be no tests ran which causes failure. Additionally,
Gradle Enterprise displays the tests better than Jenkins.
 2021-09-22 16:25:20 -05:00
Rob Winch
8104a17049
Specify Jenkins user in Jenkinsfile 2021-09-22 16:06:49 -05:00
Anthony Lofton
7614346a6f Updated test.adoc SecurityMockServerConfigurers method references 
Updated all references to SecurityMockServerConfigurers to refer to
correct methods.
Added documentation for mockJwt to include the
SecurityMockServerConfigurers class.

Issue gh-10254
 2021-09-14 16:19:49 -03:00
Derek Van Blerkom
9a1f04c08f Fix return type to allow further security config 
Issue gh-10245
 2021-09-13 15:41:25 -03:00
Fabio Guenci
8c1201ae49
Preserve Null Claim Values 
Prior to this commit ClaimTypeConverter returned the claims with the
original value for all the claims with a null converted value.
The changes allows ClaimTypeConverter to overwrite and return claims
with converted value of null.

Closes gh-10135
 2021-08-16 15:07:23 -06:00
Joe Grandja
fefe985242 Next Development Version 2021-08-16 11:57:20 -04:00
Joe Grandja
ec6b2203ca Revert "Lock Dependencies for Release" 
This reverts commit 067bdd0dd91038678a414e6609a585f0ed0ded9d.
 2021-08-16 11:55:39 -04:00
Joe Grandja
16b28f5a2f Release 5.4.8 5.4.8 2021-08-16 11:12:40 -04:00
Joe Grandja
067bdd0dd9 Lock Dependencies for Release 2021-08-16 11:12:40 -04:00
Joe Grandja
2f81cbc577 Update to Spring Boot 2.4.8 
Closes gh-10181
 2021-08-16 11:12:21 -04:00
Steve Riesenberg
dc81e1c86b Revert "URL encode client credentials" 
This reverts commit 5243b1b8a82398c443c5fe563e39f4eacb540798.

Issue gh-9610 gh-9861
Closes gh-10018
 2021-07-20 13:29:29 -05:00
dmitrilc
6878ff7487
Update oauth2-resourceserver.adoc 
fix the name of the parameter, from failure to badCredentials

Replaces AuthenticationFailureEvent

Remove AuthenticationFailureEvent Reference

Closes gh-10062
 2021-07-16 12:03:35 -06:00
Luke Quinane
c5a50bd7ec Fix typos 
Closes gh-10050
 2021-07-08 09:48:28 -03:00
Daniel Garnier-Moiroux
37e2cc4e89 Fix Saml2WebSsoAuthenticationRequestFilter javadoc 
Closes gh-10025
 2021-06-30 13:55:35 +02:00
Rob Winch
ad45a74b34 Update to use s01.oss.sonatype.org 
Closes gh-10015
 2021-06-29 16:36:42 -05:00
Rob Winch
84118a7d44 Remove -PdeployDocsHost=docs-ip.spring.io 
Closes gh-10021
 2021-06-29 16:17:38 -05:00
Rob Winch
fb83ddabe2 Update to spring-build-conventions:0.0.38 
Closes gh-10020
 2021-06-29 16:14:43 -05:00
/usr/local/ΕΨΗΕΛΩΝ
50a17f58db Improve AuthenticationManagerBeanDefinitionParser XML parsing 
Closes gh-7282
 2021-06-28 12:19:39 +02:00
Eleftheria Stein
e313e6b89a Apply DefaultLoginPageConfigurer before logout 
If they are not applied in this order, then the LogoutConfigurer cannot
set the logoutSuccessUrl, because the DefaultLoginPageGeneratingFilter
does not exist yet.
This impacts users that inject the default HttpSecurity bean.

Closes gh-9973
 2021-06-24 11:09:19 +02:00
Steve Riesenberg
5137a653ff
Next Development Version 2021-06-21 13:02:52 -05:00
Steve Riesenberg
c17767883f Revert "Lock Dependencies for Release" 
This reverts commit d71be4ca28afa6e9ed9c0d30ee5dae74a5eb1987.
 2021-06-21 12:57:05 -05:00
Josh Cummings
73e6ef2ace
Release 5.4.7 5.4.7 2021-06-21 10:33:21 -06:00
Josh Cummings
d71be4ca28
Lock Dependencies for Release 2021-06-21 10:33:10 -06:00