Commit Graph

10055 Commits

Author SHA1 Message Date
Rob Winch d2f24ae5f5 Add SecurityContextRepository to all Authentication Filters
Closes gh-10949
2022-03-09 15:40:17 -06:00
Rob Winch 9db79aa5d7 BearerTokenAuthenticationFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch 2e9b04ed48 CasAuthenticationFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch 636f3e1d5d AbstractPreAuthenticatedProcessingFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch e6b6104b52 DigestAuthenticationFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch 9b0cd5a0a8 BasicAuthenticationFilter.setSecurityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch 120f2a356f RememberMeAuthenticationFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch 014c471ff1 AuthenticationFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Rob Winch f11cb988a9 AbstractAuthenticationProcessingFilter.securityContextRepository
Issue gh-10953
2022-03-09 15:33:42 -06:00
Marcus Da Coregio 980e0466a7 AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
Closes gh-10950
2022-03-09 15:21:37 -03:00
Rob Winch 65ec2659c4 HttpSessionSecurityContextRepository saves with original response
Previously, the HttpSessionSecurityContextRepository unnecessarily required
the HttpServletResponse from the HttpReqeustResponseHolder passed into
loadContext. This meant code that wanted to save a SecurityContext had to
have a reference to the original HttpRequestResponseHolder. Often that
implied that the code that saves the SecurityContext must also load the
SecurityContext.

This change allows any request / response to be used to save the
SecurityContext which means any code can save the SecurityContext not just
the code that loaded it. This sets up the code to be permit requiring
explicit saves. Using the request/response from the
HttpRequestResponseHolder is only necessary for implicit saves.

Closes gh-10947
2022-03-09 10:17:15 -06:00
Lijamaija bc2bb8cb96 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
Closes gh-10932
2022-03-09 16:18:09 +01:00
Marcus Da Coregio 93d4fd3559 Add SAML 2.0 Single Logout XML Support
Closes gh-10842
2022-03-09 09:18:01 -03:00
Marcus Da Coregio 73f839312d Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 09:18:01 -03:00
Rob Winch b9f79543c5 Add RequestAttributeSecurityContextRepository
Closes gh-10918
2022-03-07 14:52:24 -06:00
Josh Cummings ff87cfce3a Polish EntityDescriptor Customizer
Issue gh-10839
2022-03-04 10:42:04 -07:00
Ulrich Grave d225205bf2 Add method to customize EntityDescriptor
Closes gh-10839
2022-03-04 10:42:04 -07:00
Josh Cummings 923c61e9d2 Polish Formatting
Issue gh-10799
2022-03-02 16:37:58 -07:00
Sander van Schouwenburg 14d0663ae2 Preserve order of RelyingPartRegistration credentials
Issue gh-10799
2022-03-02 16:37:58 -07:00
Josh Cummings 7a02bd14c1 Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:19:03 -07:00
Josh Cummings 238616da80 Use RFC2045 Encoding for SAML 2.0 Logout
Closes gh-10923
2022-03-02 16:18:34 -07:00
Josh Cummings 931fb6a328 Move UnmodifiableMapDeserializer
Issue gh-10905
2022-03-01 14:03:41 -07:00
Josh Cummings 6c3d183a94 Polish Saml2 Jackson Support
Issue gh-10905
2022-03-01 13:56:02 -07:00
Ulrich Grave df84826c95 Add Jackson Support for Saml2 Module
Closes gh-10905
2022-03-01 12:07:55 -07:00
Talerngpong Virojwutikul ff15bec02d update PasswordEncoder declaration 2022-03-01 07:48:31 -07:00
m0k045e 3aa7a65cb4 OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager
Closes gh-10846
2022-02-28 15:30:19 -07:00
Filip Hanik 70b52a001b Change HashSet to LinkedHashSet
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
2022-02-28 14:57:04 -07:00
Josh Cummings efd5fc745c Invert Log Messages
Closes gh-10909
2022-02-28 13:10:06 -07:00
Marcus Da Coregio 344ab1814c Next development version 2022-02-21 11:56:40 -03:00
Marcus Da Coregio 2426989441 Release 5.7.0-M2 2022-02-21 11:00:07 -03:00
Marcus Da Coregio 31d7d29282 Update org.springframework to 5.3.16
Closes gh-10892
2022-02-21 10:35:42 -03:00
Marcus Da Coregio efbd48c458 Update org.slf4j to 1.7.36
Closes gh-10891
2022-02-21 10:35:40 -03:00
Marcus Da Coregio 970beaa743 Update htmlunit-driver to 2.58.0
Closes gh-10890
2022-02-21 10:35:37 -03:00
Marcus Da Coregio 6e386e5f14 Update org.jetbrains.kotlin to 1.6.20-M1
Closes gh-10889
2022-02-21 10:35:35 -03:00
Marcus Da Coregio 44bcfd8468 Update hibernate-entitymanager to 5.6.5.Final
Closes gh-10888
2022-02-21 10:35:32 -03:00
Marcus Da Coregio 2e32a63a75 Update org.eclipse.jetty to 9.4.45.v20220203
Closes gh-10887
2022-02-21 10:35:29 -03:00
Marcus Da Coregio d30a4c197d Update org.aspectj to 1.9.8
Closes gh-10886
2022-02-21 10:35:27 -03:00
Marcus Da Coregio 2d328fa42f Update htmlunit to 2.58.0
Closes gh-10885
2022-02-21 10:35:25 -03:00
Marcus Da Coregio 5d1d9c765c Update io.spring.javaformat to 0.0.31
Closes gh-10884
2022-02-21 10:35:22 -03:00
Marcus Da Coregio bebd615507 Update io.r2dbc to 0.9.1.RELEASE
Closes gh-10883
2022-02-21 10:35:20 -03:00
Marcus Da Coregio c4f3cd294f Update io.projectreactor to 2020.0.16
Closes gh-10881
2022-02-21 10:35:15 -03:00
Marcus Da Coregio 1f028c0ec3 Update aspectj-plugin to 6.4.1
Closes gh-10880
2022-02-21 10:35:13 -03:00
Marcus Da Coregio 876a3e9296 Update com.nimbusds to 9.27
Closes gh-10879
2022-02-21 10:35:10 -03:00
Rob Winch 225e4fdc95 Add .sdkmanrc 2022-02-18 13:48:05 -06:00
Josh Cummings 3d878549f4 Remove WantAssertionsSigned
WantAssertionsSigned requires that asserting parties sign the
assertions. This does not reflect how Spring Security actually
behaves, creating behavior mismatches.

Closes gh-10844
2022-02-18 11:43:25 -07:00
Talerngpong Virojwutikul 8a56e4f35e add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:46:20 -03:00
Eleftheria Stein e97c643870 Deprecate WebSecurityConfigurerAdapter
Closes gh-10822
2022-02-17 12:13:50 +01:00
Josh Cummings 97c18478e5 Add Skipping Decryption Error Message
Closes gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings 399562b2a8 Correct Test
Issue gh-10220
2022-02-16 16:10:36 -07:00
Josh Cummings 836335dc89 Collect All Validation Errors
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
2022-02-16 16:10:19 -07:00