Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-18 04:17:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,008 Commits 46 Branches 369 Tags
Commit Graph

20008 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tran Ngoc Nhan
cfe13c7c76 Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-15 10:52:01 -07:00
Josh Cummings
3336f5f2ec Merge branch '7.0.x' 2026-01-14 14:47:31 -07:00
Josh Cummings
d2ed8321b4 Merge branch '6.5.x' into 7.0.x 2026-01-14 14:46:36 -07:00
Guillaume Husta
dd1f097131 Add @FunctionalInterface to RequestMatcher 
Add `@FunctionalInterface` to `RequestMatcher`.

According to the documentation, it is a FunctionalInterface.

See: https://docs.spring.io/spring-security/reference/6.5/servlet/authorization/authorize-http-requests.html#match-by-custom

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:45:22 -07:00
Josh Cummings
565896404c Merge branch '7.0.x' 2026-01-14 14:36:12 -07:00
Josh Cummings
7690c284c0 Merge branch '6.5.x' into 7.0.x 2026-01-14 14:35:59 -07:00
Guillaume Husta
508b3f26e3 docs: Typo in page Preparing for 7.0 / Web (version 6.5) 
In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:35:26 -07:00
박기현\qkrrl
91d8a04ec2 Fix duplicated use-authorization-manager in docs 
Signed-off-by: 박기현\qkrrl <qkrrlgus114@naver.com>
 2026-01-14 14:21:38 -07:00
Marcus Hert da Coregio
8254f589b8 Create Jackson Mixin for OneTimeTokenAuthentication 
Closes gh-18095

Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>
 2026-01-14 10:35:02 -07:00
Joe Grandja
92b7c41f2f Ensure Cursor imports Spring Security 
Closes gh-8492
 2026-01-13 17:01:21 -05:00
Bae Jihong
8692185de1 Fix javadoc warnings for spring-security-oauth2-client 
- Fix a javadoc warning
- Apply javadoc-warnings-error plugin

Closes gh-18460

Signed-off-by: Bae Jihong <dasog@naver.com>
 2026-01-13 10:01:13 -06:00
Robert Winch
7ca0f7723e Fix checkstyle 2026-01-12 16:28:22 -06:00
Stefano Cordio
a612522ecd Add nullability contract to PasswordEncoder#encode 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-01-12 16:28:22 -06:00
Robert Winch
fe138d6434
Merge branch '7.0.x' 2026-01-12 16:05:51 -06:00
Robert Winch
7fcbf642b8
Use project.artifactory(Username|Password) 2026-01-12 16:05:38 -06:00
Robert Winch
a32d9f04e3
Revert "Use project.artifactory(Username|Password)" 
This reverts commit 9c449000dc0508457d0e4392a46e8ca731ada0fa.
 2026-01-12 16:04:56 -06:00
Robert Winch
93ae52aa58
Merge branch '7.0.x' 2026-01-12 15:48:57 -06:00
Robert Winch
9c449000dc
Use project.artifactory(Username|Password) 2026-01-12 15:48:47 -06:00
Robert Winch
43fe5f6b46
Fix update-antora-ui-spring.yml 2026-01-12 14:37:34 -06:00
Robert Winch
f47f81351e
Merge branch '7.0.x' 2026-01-12 14:32:23 -06:00
Robert Winch
63c99b9438
Revert "Update to 7.1.0-SNAPSHOT" 
This reverts commit b77ea8d3a3009940229239b4b442fe902acf4fba.
 2026-01-12 14:31:57 -06:00
paulvas
0d47870928 Fix: migrate compiler-warnings-error plugin to gradle 
Fixes: gh-18434
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
paulvas
da4362111a Fix: Enforce compiler warnings in oauth2-core 
To prevent future compiler warnings from being introduced, this change
applies the `compile-warnings-error` plugin to the
`spring-security-oauth2-core` module.

This ensures that any new warnings will fail the build, maintaining
code quality and preventing warning accumulation.

Fixes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Pavel Vassiliev
1ddccd8a39 Fix spring-security-oauth2-core compiler warnings 
Closes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Robert Winch
2825aa3ff1
Merge branch '7.0.x' 
Closes gh-18485
 2026-01-12 13:44:13 -06:00
Pavel Vassiliev
641d8a362b Fix Gradle 9.0 deprecations 
This commit addresses several build warnings and errors to prepare for
Gradle 9.0 and resolve static analysis issues.
Closes: gh-18472
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
 2026-01-12 13:43:16 -06:00
Robert Winch
ec06f08bb6
Merge branch '7.0.x' 2026-01-12 13:38:52 -06:00
Andrey Litvitski
13f6286e04 Use DefaultParameterNameDiscoverer#getSharedInstance 
Closes: gh-18330

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-01-12 13:37:32 -06:00
Robert Winch
b77ea8d3a3 Update to 7.1.0-SNAPSHOT 2026-01-12 13:37:32 -06:00
rigu1
0a6883c586 Fix Javadoc warnings in spring-security-web 
* Use <code> tags for external references in DelegatingMissingAuthorityAccessDeniedHandler and SwitchUserWebFilter
* Fix typo in SessionAuthenticationException
* Apply javadoc-warnings-error plugin

Closes gh-18468

Signed-off-by: rigu1 <dlsrbtla@gmail.com>
 2026-01-12 13:24:47 -06:00
rigu1
c07a2e57bd Add javadoc-warnings-error build plugin 
Signed-off-by: rigu1 <dlsrbtla@gmail.com>
 2026-01-12 13:24:47 -06:00
Robert Winch
5a7d93ee3b
Merge branch '7.0.x' 
Closes gh-18471
 2026-01-09 16:55:02 -06:00
Fr05ty-hub
e9a92a8e9a Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but is referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Fr05ty-hub
ed774d3595 Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but was referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Robert Winch
a3b57c470f
Merge branch '7.0.x' 2026-01-09 15:25:02 -06:00
Robert Winch
eb5cc89c69
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:24:51 -06:00
Robert Winch
d1a32b4b62
Merge branch '7.0.x' 2026-01-09 15:23:29 -06:00
Robert Winch
d6f8a2e928
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:23:06 -06:00
Robert Winch
6a47b5d573
Merge branch '6.4.x' into 6.5.x 2026-01-09 15:22:39 -06:00
github-actions[bot]
e588a3528f Update Antora Spring UI to v0.4.25 2026-01-09 15:22:22 -06:00
github-actions[bot]
7ea5be4b98 Update Antora Spring UI to v0.4.25 2026-01-09 15:21:48 -06:00
Robert Winch
3833650d33
Update to 7.1.0-SNAPSHOT 2026-01-09 10:32:03 -06:00
Robert Winch
2344fe5ebb Use proper xref syntax 
Incldue the required resource id and required # of the fragment.

See

- https://docs.antora.org/antora/latest/page/xref/#xref-macro
- https://docs.antora.org/antora/latest/page/resource-id-coordinates/#id-resource
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
ba18f681e5 Use xref anchor id 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
3d9bc6a5cf Update mfa.adoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Martin Boulais
1d8ea63a9e Fix typo in HTTP Basic Auth Provider documentation 
The documentation states that setting the header `X-Requested-By` will remove the `WWW-Authenticate` header from the response.
However, after testing this and reading the library code it looks like the header to set is `X-Requested-With` (X-Requested-By is mentioned nowhere except in this documentation file), so I propose this simple PR to fix this.

Signed-off-by: Martin Boulais <31805063+martinboulais@users.noreply.github.com>
 2026-01-08 13:59:34 -06:00
Tran Ngoc Nhan
d20c88ecef Format code 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Tran Ngoc Nhan
79815e044e Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Rob Winch
04bba36ee5
Update supported branches in workflow file 
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2026-01-08 13:05:45 -06:00
Robert Winch
5bb99b654f
Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.5.2 2026-01-08 13:02:42 -06:00