Commit Graph

5864 Commits

Author SHA1 Message Date
Kazuki Shimizu d2c28c58e2 Polishing the ReferrerPolicyHeaderWriter gh-4110 2016-11-09 13:16:41 -06:00
Rob Winch 14a656186d Polish Referrer Header Policy Docs
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.

Move Referrer Header Polich outside of the CSP section.

Issue gh-4110
2016-11-09 13:15:06 -06:00
stonio 2a197c72eb Fix typos in the reference
Fix typos in the reference documentation

Fixes gh-4113
2016-11-09 10:05:27 -06:00
Rob Winch ab5af87953 Add Referrer Policy to What's New 2016-11-08 16:14:20 -06:00
Eddú Meléndez 23294c4c57 Add Referrer-Policy header support
Fixes gh-4110
2016-11-08 13:21:35 -06:00
Kazuki Shimizu eb2870bf82 Polishing doc in What's New in Spring Security 4.2 2016-11-08 11:19:51 -06:00
Rob Winch 9fa42117f7 Update GRADLE_OPTS to use " instead of ' 2016-11-01 20:11:05 -05:00
Rob Winch cf3d6e7167 Fix Small Typo
propoerty->property
2016-10-31 11:31:52 -05:00
Spring Buildmaster 08f0b57243 Next development version 2016-10-26 02:49:27 +00:00
Spring Buildmaster 97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch 8ca4b55d32 Update What's New Section of Reference
Fixes gh-4109
2016-10-25 15:03:59 -05:00
Rob Winch 8e546454a5 Polish ApacheDSContainer LDAPs support
Issue gh-4096
2016-10-25 10:17:08 -05:00
Gunnar Hillert 406bb1d4d5 Add LDAPs support to ApacheDSContainer
* Add the ability to enable LDAP over SSL (LDAPs)
* Add tests

Fixes gh-4096
2016-10-25 10:16:35 -05:00
Rob Winch 8437d0fea3 Remove Eclipse Project Name customization
Previously the build specified the major.minor.x as a suffix for the
project name. This is now removed since Buildship ignores it.
2016-10-24 18:39:49 -05:00
Rob Winch df3b8bc284 Add Spring MVC test for override cache control
Issue gh-3975
2016-10-24 15:57:32 -05:00
Rob Winch 57d7ad05f9 Revert "Cache Control only written if not set"
This reverts commit 242b831f20.
Spring MVC fixed the issue we were working around and the changes
in Spring Security were unreliable.

Fixes gh-3975
2016-10-24 15:57:26 -05:00
Rob Winch e62596f36d Polish PasswordEncoderUtils do not leak length
Fix possible / 0 if expected is empty String.

Issue gh-255
2016-10-24 12:50:46 -05:00
Rob Winch d3685d89c5 Polish PasswordEncoderUtils do not leak length
Issue gh-255
2016-10-24 11:26:43 -05:00
avri-schneider a98389fa98 PasswordEncoderUtils do not leak length
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
2016-10-24 11:26:34 -05:00
Rob Winch dc9f9b140f Polish PasswordEncoderUtilsTests
* Add more tests
* Smaller tests
* Follow new naming convention
2016-10-24 11:24:24 -05:00
Rob Winch f432c04111 Create UserBuilder
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
2016-10-21 16:42:03 -05:00
Johnny Lim 50b72dddbc Fix typo in Javadoc
This commit simply fixes typo in Javadoc.
2016-10-20 21:07:15 -05:00
Rob Winch 94e580fe64 Add Support for Custom Default Configuration in Web Security
Fixes gh-4102
2016-10-19 16:15:56 -05:00
Rob Winch af9139b613 Add intercept-url@request-matcher-ref
Fixes gh-4097
2016-10-18 22:27:31 -05:00
Rob Winch f019ea89e7 Remove unused lowercase-comparisons from XSD
Fixes gh-3932
2016-10-18 22:27:28 -05:00
Rob Winch 0d700628dc Add spring-security-4.2.xsd to spring.schemas
Fixes gh-4098
2016-10-18 22:27:22 -05:00
Rob Winch aaa9708b95 Add BeanResolver to AuthenticationPrincipalArgumentResolver
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.

This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.

Fixes gh-3949
2016-10-18 19:45:54 -05:00
Joe df9e6c973c linked to java configuration sample applications
removed outdated description and linked directly to java configuration sample applications
2016-10-17 21:12:17 -05:00
Paul Samsotha 1da9c06f3b Fix Reference (test.adoc) Typo
@SpringExecutionListeners -> @SpringTestExecutionListeners
2016-10-17 21:11:19 -05:00
Rob Winch 0c35209d77 Document Proxy Server
Issue gh-4076
2016-10-17 21:07:57 -05:00
Rob Winch badb466cc5 AuthenticationConfiguration imports ObjectPostProcessor
Fixes gh-4086
2016-10-17 20:00:27 -05:00
Rob Winch 46bb855737 Remove chat sample
Removed in favor of
https://github.com/spring-projects/spring-session/tree/master/samples/websocket

Fixes gh-4094
2016-10-17 17:02:59 -05:00
Rob Winch 6a3a5f7beb Polish Deprecations
Issue gh-4080
2016-10-17 17:02:59 -05:00
Rob Winch 52c6e3cf89 Create RedirectMatcher
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.

Issue gh-4080
2016-10-17 17:02:58 -05:00
Rob Winch 17cfd4707b Fix deprecations
Issue gh-4080
2016-10-17 17:00:18 -05:00
Rob Winch 2c99cd3bbf Remove MatcherAssertionErrors
Spring 5 removes MatcherAssertionErrors. We should not have been using
this class anyways.

This commit updates to using assertj in favor of MatcherAssertionErrors.

Issue gh-4080
2016-10-17 17:00:17 -05:00
Rob Winch 8a7ac398e6 Remove TheController from Bean
It is already picked up with classpath scanning

Issue gh-4080
2016-10-17 17:00:17 -05:00
Rob Winch 5e35e37a2b Update to Thymeleaf 3.0.2 and remove tiles
Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.

Issue gh-4080
2016-10-17 17:00:17 -05:00
Rob Winch c1e9140940 Update itest/web to use Servelt 3.1
Previously itest/web used Servlet 2.5 which Spring 5 is not
compatabile with. This commit removes unnecessary tests (ones that
were already covered) and converts the remaining tests to MockMvc
using the provided servlet version.

Issue gh-4080
2016-10-17 17:00:17 -05:00
Rob Winch 1222fc5f10 XML ref to bean
Spring 5 removes ref XML attribute in favor of bean XML attribute. This
commit updates all the samples and tests to use bean instead of ref.

Issue gh-4080
2016-10-17 17:00:17 -05:00
Rob Winch 08c1f500a7 Version bumps for Spring 5
Issue gh-4080
2016-10-17 17:00:17 -05:00
Rob Winch a18707c870 gradlew disables Gradle Daemon
Fixes gh-4093
2016-10-17 17:00:16 -05:00
Jitendra Singh 48ff518a41 Fix Jackson 2.7+
UnmodifiableSetDeserializer added which will ensure
Collection$UnmodifiableSet deserialize properly with jackson-databind 2.7+

Fixes gh-4073
2016-10-13 07:42:07 -05:00
Rob Winch 0b1e3b4e4a Fix Reference Typo
unlimitted->unlimited
2016-09-23 16:45:08 -05:00
Rob Winch 6b4a52715b Fix Typo in Reference 2016-09-23 14:57:52 -05:00
Spring Buildmaster 7fb052e7ae Next development version 2016-09-23 19:39:35 +00:00
Spring Buildmaster c1b8150439 Release version 4.2.0.M1 2016-09-23 19:39:33 +00:00
Rob Winch 8b89e804e3 Polish RequestAttributeAuthenticationFilter
Issue gh-3978
2016-09-23 13:08:08 -05:00
Rob Winch c0f5aaee78 Adds What's New Spring Security 4.2
Fixes gh-4070
2016-09-23 13:02:27 -05:00
Rob Winch 6fb564a629 Polish HTTP Response Splitting
Issue gh-3910
2016-09-23 12:49:01 -05:00