Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 13:23:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,867 Commits 38 Branches 348 Tags
Commit Graph

12867 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
4e81bbe386
Revert "Add Saml2LogoutConfigurer" 
This reverts commit 6f52baba29fa31c79bbe1b058f1cffe44fb5fab1.
 2021-04-12 14:43:19 -06:00
Rob Winch
44763345d3 Update htmlunit-driver to 2.49.1 
Closes gh-9624
 2021-04-12 14:55:59 -05:00
Rob Winch
57d77c0cfb Update htmlunit to 2.49.1 
Closes gh-9623
 2021-04-12 14:55:57 -05:00
Rob Winch
8a13278c6d Update io.spring.nohttp to 0.0.6.RELEASE 
Closes gh-9622
 2021-04-12 14:55:54 -05:00
Rob Winch
f30ee19ccc Update io.projectreactor to 2020.0.6 
Closes gh-9620
 2021-04-12 14:55:50 -05:00
Rob Winch
ac288b8dc9 Update com.nimbusds to 9.3.3 
Closes gh-9619
 2021-04-12 14:55:48 -05:00
Rob Winch
7c4abdb4db Update jackson-bom to 2.12.3 
Closes gh-9616
 2021-04-12 14:55:41 -05:00
Joe Grandja
a5117506a5 Next Development Version 2021-04-12 14:43:21 -04:00
Joe Grandja
26c6570b10 Revert "Lock Dependencies" 
This reverts commit b3250c06a922f74c8d77589b3c9a5768fe345f8c.
 2021-04-12 14:42:38 -04:00
Joe Grandja
dd4e8eb36f Release 5.3.9.RELEASE 5.3.9.RELEASE 2021-04-12 14:24:06 -04:00
Joe Grandja
b3250c06a9 Lock Dependencies 2021-04-12 14:19:19 -04:00
Joe Grandja
aa0edfa1c7 Update to Spring Boot 2.2.13 
Closes gh-9614
 2021-04-12 14:19:01 -04:00
Joe Grandja
c381503f7b Next Development Version 2021-04-12 13:47:56 -04:00
Joe Grandja
8850ccb1c6 Revert "Lock Dependencies" 
This reverts commit 924ceac681eae11cabdf1af1d37ff4550b9d350d.
 2021-04-12 13:47:04 -04:00
Joe Grandja
321e6a8742 Release 5.4.6 5.4.6 2021-04-12 13:36:39 -04:00
Joe Grandja
924ceac681 Lock Dependencies 2021-04-12 13:36:39 -04:00
Joe Grandja
951cb844dd Update to Spring Boot 2.4.4 2021-04-12 13:36:28 -04:00
Eleftheria Stein
ea19b31133 Next development version 2021-04-12 19:00:02 +02:00
Eleftheria Stein
46fdb250dc Release 5.2.10.RELEASE 5.2.10.RELEASE 2021-04-12 18:17:48 +02:00
Eleftheria Stein
b500b3ea69 Update to OpenSAML 3.4.6 
Closes gh-9607
 2021-04-12 10:55:05 +02:00
Eleftheria Stein
59171434d5 Update to hibernate-entitymanager 5.4.30.Final 
Closes gh-9606
 2021-04-12 10:54:38 +02:00
Eleftheria Stein
5d18dd6d7d Update to Groovy 2.4.21 
Closes gh-9605
 2021-04-12 10:54:17 +02:00
Eleftheria Stein
41b0e51dbb Update to embedded Apache Tomcat 9.0.45 
Closes gh-9604
 2021-04-12 10:53:38 +02:00
Eleftheria Stein
310c1148ce Update blockhound to 1.0.6.RELEASE 
Closes gh-9603
 2021-04-12 10:53:11 +02:00
Eleftheria Stein
93defb2ff2 Update to RSocket 1.0.4 
Closes gh-9602
 2021-04-12 10:52:33 +02:00
Eleftheria Stein
fb7efffad3 Update to Spring Data Moore-SR13 
Closes gh-9601
 2021-04-12 10:52:09 +02:00
Eleftheria Stein
6db79b70e6 Update to Spring Framework 5.2.13.RELEASE 
Close gh-9600
 2021-04-12 10:51:41 +02:00
Eleftheria Stein
78a618c260 Update to Reactor Dysprosium-SR18 
Closes gh-9599
 2021-04-12 10:51:11 +02:00
Eleftheria Stein
cfc5256fad Update to GAE 1.9.88 
Closes gh-9608
 2021-04-12 10:50:46 +02:00
Eleftheria Stein
289b11b873 Update to nohttp 0.0.6.RELEASE 
Closes gh-9609
 2021-04-12 10:50:22 +02:00
Josh Cummings
7da6077727
Update to commons-codec:1.15 
Closes gh-9575
 2021-04-10 10:11:32 -06:00
Josh Cummings
9b07b6a991
Added Sections to What's New 
Closes gh-9596
 2021-04-10 01:03:56 -06:00
Josh Cummings
6f52baba29
Add Saml2LogoutConfigurer 
Closes gh-9497
 2021-04-10 00:25:34 -06:00
Josh Cummings
d19ff12813
Publish CsrfTokenRepository as shared object 
Closes gh-9595
 2021-04-10 00:25:34 -06:00
Josh Cummings
e807fae869
Add Single Logout Support 
Closes gh-8731
 2021-04-10 00:25:34 -06:00
Josh Cummings
2f734a0975
Add RelyingPartyRegistrationResolver 
Closes gh-9486
 2021-04-10 00:12:38 -06:00
Josh Cummings
efe42b93ce
Add Registration to Saml2Authentication 
Closes gh-9487
 2021-04-10 00:12:38 -06:00
Josh Cummings
88c1475a3b
Polish OpenSAML 4 support 
Issue gh-9095
 2021-04-10 00:12:15 -06:00
Josh Cummings
4f7d529c5d
Polish Csrf Tests 
Issue gh-9561
 2021-04-09 22:47:31 -06:00
佚名
8dc702c80f
Add null check in CsrfFilter and CsrfWebFilter 
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.

When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.

ZiQiang Zhao<1694392889@qq.com>

Closes gh-9561
 2021-04-09 21:57:14 -06:00
佚名
22d7043d01
Add null check in CsrfFilter and CsrfWebFilter 
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.

When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.

ZiQiang Zhao<1694392889@qq.com>

Closes gh-9561
 2021-04-09 21:55:30 -06:00
佚名
9570d0cada
Add null check in CsrfFilter and CsrfWebFilter 
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.

When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.

ZiQiang Zhao<1694392889@qq.com>

Closes gh-9561
 2021-04-09 21:47:11 -06:00
佚名
87ed527023
Add null check in CsrfFilter and CsrfWebFilter 
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.

When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.

ZiQiang Zhao<1694392889@qq.com>
 2021-04-09 21:43:19 -06:00
Josh Cummings
df8abcfae7
Use Interceptors instead of Advice 
- Interceptor is a more descriptive term for what
method security is doing
- This also allows the code to follow a delegate
pattern that unifies both before-method and after-
method authorization

Issue gh-9289
 2021-04-09 18:45:31 -06:00
Josh Cummings
122346bd27
Document AuthorizationManager for Method Security 
Issue gh-9289
 2021-04-09 18:45:10 -06:00
Josh Cummings
6bcf479659
Polish Javadoc 
Issue gh-9289
 2021-04-09 18:44:25 -06:00
Josh Cummings
6828987b4b
Add AfterMethodAuthorizationManager 
- Removes the need to keep MethodAuthorizationContext#returnObject
in sync with other method parameters
- Restores MethodAuthorizationContext's immutability

Closes gh-9591
 2021-04-09 18:43:56 -06:00
Josh Cummings
2b494ebc5f
Polish AOP Structure 
- Changed from MethodMatcher to Pointcut since authorization
annotations also can be attached to classes
- Adjusted advice to extend Before or AfterAdvice
- Adjusted advice to extend PointcutAdvisor so
that it can share its Pointcut
- Adjusted advice to extend AopInfrastructureBean to
align with old advice classes

Issue gh-9289
 2021-04-09 17:46:33 -06:00
Josh Cummings
62d77ec97e
Add GrantedAuthorityDefaults to Expression Handler 
Issue gh-9289
 2021-04-09 17:46:33 -06:00
Josh Cummings
68cf74468c
Add check for custom advice 
- Because publishing an advice bean replaces Spring Security
defaults, the code should error if both a custom bean and
either secureEnabled or prePostEnabled are specified

Issue gh-9289
 2021-04-09 17:46:33 -06:00