Joe Grandja
c2cfe92a02
Merge branch '6.3.x'
2024-11-18 05:16:16 -05:00
Joe Grandja
a8c4d6cead
Require Locale argument for toLower/toUpperCase usage
2024-11-18 04:22:26 -05:00
Marcus Hert Da Coregio
00e4a8fb54
Add support for One-Time Token Login
...
Closes gh-15114
2024-09-03 10:07:56 -03:00
Josh Cummings
4635dabf87
Merge branch '6.3.x'
2024-08-22 19:44:55 -06:00
Josh Cummings
a3b88a8d4b
Enable Runtime Method Parameter Reflection
...
Several method security tests rely on method parameters
being preserved, in order to demonstrate the difference
between relying on runtime reflection and using the @P
annotation.
Closes gh-15680
2024-08-22 19:44:11 -06:00
Daniel Garnier-Moiroux
bc8ba7f3b7
Inline CSS for default login and logout page
...
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
in air-gapped or offline scenarios, and no dependency on an external CDN that may
go away some day.
2024-08-05 09:27:18 -05:00
Josh Cummings
8d43f1bd7d
Merge branch '5.8.x' into 6.2.x
2024-07-31 15:48:44 -06:00
Josh Cummings
5cdcdc9bcb
Suppress Node Files From Nohttp Analysis
...
Given that we have no control over the contents of
third-party code, it isn't helpful to have nohttp
generate errors for the usage of http:// in that code.
2024-07-31 15:48:28 -06:00
Josh Cummings
f231ea277d
Merge branch '5.8.x' into 6.2.x
...
Closes gh-15210
2024-06-06 13:35:56 -06:00
Josh Cummings
6aabd768a8
Pick MvcRequestMatcher for MockMvc requests
...
Closes gh-13849
2024-06-06 13:17:43 -06:00
Steve Riesenberg
f8fde0d79d
Update nohttp allow list
...
Issue gh-14609
2024-03-25 14:51:53 -05:00
Josh Cummings
65cce7e305
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14640
2024-02-20 15:59:32 -07:00
Josh Cummings
008296cce2
Exclude Deprecated Classes
...
Closes gh-14630
2024-02-20 15:58:55 -07:00
Josh Cummings
238bc9733a
Remove stray projects
2024-02-20 15:57:46 -07:00
Steve Riesenberg
9db33f33c7
Revert unnecessary merges on 6.0.x
...
This commit removes unnecessary main-branch merges starting from
8750608b5b
and adds the following
needed commit(s) that were made afterward:
- 5dce82c48b
2023-10-31 15:11:45 -05:00
Josh Cummings
cb33fd7850
Add OIDC Back-Channel Logout Support
...
Closes gh-12570
2023-09-16 15:12:21 -06:00
Steve Riesenberg
ac7fbea248
Add nohttp exclusions
2023-05-12 14:30:12 -05:00
Steve Riesenberg
1eff924598
Merge branch '5.8.x' into 6.0.x
2023-02-28 16:53:33 -06:00
Steve Riesenberg
b2240f376e
Merge branch '5.7.x' into 5.8.x
2023-02-28 16:53:14 -06:00
Steve Riesenberg
7b88ab289d
Add nohttp exclusion
...
Issue gh-12804
2023-02-28 16:52:19 -06:00
Marcus Da Coregio
7094ee3710
Add runtime hints for annotations using @WithSecurityContext
...
Closes gh-12215
2022-11-16 10:02:34 -03:00
Marcus Da Coregio
fd25568330
Merge branch '5.8.x'
...
Closes gh-12159
2022-11-08 13:29:36 -03:00
Marcus Da Coregio
9195521eea
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12158
2022-11-08 13:28:28 -03:00
Marcus Da Coregio
40548eb963
Merge branch '5.6.x' into 5.7.x
...
Closes gh-12157
2022-11-08 13:27:51 -03:00
Marcus Da Coregio
8cde8fb363
Update Gradle to 7.5.1
...
Closes gh-11779
2022-11-08 13:27:25 -03:00
Josh Cummings
5afc7cb04f
Merge remote-tracking branch 'origin/5.8.x'
2022-10-13 19:48:05 -06:00
Daniel Garnier-Moiroux
200b7fecd3
Add (Server)AuthenticationEntryPointFailureHandlerAdapter
...
Issue gh-11932, gh-9429
(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.
BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
2022-10-13 19:25:04 -06:00
Marcus Da Coregio
c5e35bf32e
Merge branch '5.8.x'
...
Closes gh-11978
2022-10-10 09:24:50 -03:00
Marcus Da Coregio
4b6fed0667
Add static factory method to AntPathRequestMather and RegexRequestMatcher
...
Closes gh-11938
2022-10-10 09:24:15 -03:00
Rob Winch
0efe26c1fd
Merge branch '5.8.x'
...
Closes gh-11894
2022-09-22 13:47:04 -05:00
Rob Winch
d94677f87e
CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
...
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.
Closes gh-11892
2022-09-22 11:09:44 -05:00
Steve Riesenberg
1be9be97a1
Exclude JavadocPackageCheck from Spring Checks
...
Issue gh-11422
2022-07-15 13:03:45 -05:00
Marcus Da Coregio
ee11c3ade7
Exclude JavadocPackageCheck from Spring Checks
...
Issue gh-11422
2022-07-15 14:10:53 -03:00
Joe Grandja
f87df42500
Remove deprecated OAuth2IntrospectionClaimAccessor
...
Closes gh-11499
2022-07-13 15:51:58 -04:00
Joe Grandja
7b18336c6a
Change interface with constants to final class
...
Closes gh-10960
2022-07-13 15:51:58 -04:00
Josh Cummings
a31a99b591
Add SecurityContextHolderStrategy to Default Components
...
Issue gh-11060
2022-06-17 11:58:36 -06:00
Josh Cummings
31e25b115e
Add SecurityContextHolderStrategy to Default Components
...
Issue gh-11060
2022-06-17 11:28:10 -06:00
Marcus Da Coregio
1cbe7a75d3
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 10:40:26 -03:00
Marcus Da Coregio
73f839312d
Add SAML 2.0 Login XML Support
...
Closes gh-9012
2022-03-09 09:18:01 -03:00
Rob Winch
f94090a59b
Remove spring-security-openid
...
Closes gh-10773
2022-01-21 16:55:19 -06:00
Josh Cummings
4374905801
Establish new Package Tangle Baseline
...
Ran ./gradlew check && ./gradlew s101 -Ps101.label=baseline
Issue gh-10333
2021-11-19 11:46:08 -07:00
Marcus Da Coregio
17e0a47ef4
Revert "Fix CAS Client Java lib not working with Jakarta EE 9"
...
This reverts commit aa5564e240
.
2021-11-01 09:02:43 -03:00
Marcus Da Coregio
5c4dd51994
Fix CAS Client Java lib not working with Jakarta EE 9
...
Copy the code from the library and change it to support the Jakarta classes
Issue gh-10360
2021-11-01 09:02:42 -03:00
Marcus Da Coregio
e36e2b2a97
Move Saml2AuthnRequestRepository to web package
...
Moving to solve package tangles
Issue gh-9185
2021-09-29 14:10:39 -03:00
Josh Cummings
64f0102425
Establish Structure101 Baseline
...
Issue gh-6236
2021-09-27 16:06:43 -06:00
Josh Cummings
4272889dc8
Install Structure101 Plugin
...
Issue gh-6236
2021-09-27 14:56:03 -06:00
Joe Grandja
5830fda2fa
Introduce JwtEncoder
...
Closes gh-9208
2021-09-24 05:13:40 -04:00
Marcus Hert da Coregio
ab098f171d
Propagate TestSecurityContextHolder to SecurityContextHolder
...
Create SecurityMockMvcResultHandlers to define security related MockMvc ResultHandlers
Create a method to allow copying the SecurityContext from the TestSecurityContextHolder to SecurityContextHolder
Closes gh-9565
2021-09-17 16:39:53 -03:00
Josh Cummings
194993ad1a
Add Saml2ParameterNames
...
Closes gh-10270
2021-09-14 17:40:12 -06:00
Dávid Kováč
3ff825576b
Move and rename OAuth2IntrospectionClaimAccessor/Names
...
Introduced OAuth2TokenIntrospectionClaimAccessor and OAuth2TokenIntrospectionClaimNames
with copied implementation from OAuth2IntrospectionClaimAccessor/Names.
OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames are
now deprecated.
Also method getScopes() returning list of scopes was introduced
and getScope() is now deprecated.
Closes gh-9647
2021-08-12 16:51:33 -06:00