Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,708 Commits 32 Branches 333 Tags 111 MiB
Commit Graph

1559 Commits

Author SHA1 Message Date
Denis Washington d3af4f7354 Limit oauth2Login() links to redirect-based flows 
This prevents the generated login page from showing links for
authorization grant types like "client_credentials" which are
not redirect-based, and thus not meant for interactive use in
the browser.

Closes gh-9457
 2021-04-14 06:16:43 -04:00
Joe Grandja 26c6570b10 Revert "Lock Dependencies" 
This reverts commit b3250c06a9.
 2021-04-12 14:42:38 -04:00
Joe Grandja b3250c06a9 Lock Dependencies 2021-04-12 14:19:19 -04:00
Rob Winch 71f9876c48 Revert "Lock dependencies" 
This reverts commit dca4858d81.
 2021-02-11 13:38:50 -06:00
Rob Winch dca4858d81 Lock dependencies 2021-02-11 13:00:32 -06:00
Rob Winch ec8f6014d4 Revert "Lock dependencies" 
This reverts commit fa5f789beb.
 2021-02-11 09:51:54 -06:00
Rob Winch fa5f789beb Lock dependencies 2021-02-11 08:53:40 -06:00
Josh Cummings 87cc4d4519
Fix Test Configuration 
- Typo in PlaceholderConfig was causing Windows builds to
resolve the CLASSPATH environment variable

Closes gh-9421
 2021-02-10 11:36:44 -07:00
Josh Cummings 2985d805b0
Migrate SAML 2.0 Test and Docs to PCFOne 
Issue gh-9362
 2021-01-22 15:12:31 -07:00
Josh Cummings 7c2010f507
Revert "Lock Dependencies for 5.3.6" 
This reverts commit a153012056.
 2020-12-02 19:32:03 -07:00
Josh Cummings a153012056
Lock Dependencies for 5.3.6 2020-12-02 16:31:52 -07:00
Josh Cummings 93c37e6b15
Update Test Controllers 
Closes gh-9121
 2020-10-12 18:08:52 -06:00
Josh Cummings 2dcfda7fac
Revert "Lock Dependencies for 5.3.5.RELEASE" 
This reverts commit 846a5a962c.
 2020-10-07 16:39:28 -06:00
Josh Cummings 846a5a962c
Lock Dependencies for 5.3.5.RELEASE 2020-10-07 13:18:01 -06:00
Artem Grankin dec0368b39
Replace expired msdn link with latest web archive copy 
Initial link expired in March, 2016. Latest copy found in web archive is from February, 2016
 2020-09-28 17:15:45 -06:00
Eleftheria Stein d8bef76a0f Unlock dependencies 
This reverts commit b619d298aa.
 2020-08-05 18:18:02 +02:00
Eleftheria Stein b619d298aa Lock Dependencies for 5.3.4.RELEASE 2020-08-05 12:33:31 +02:00
Josh Cummings 5d8bac1971
Polish WebSecurityConfigurerAdapter JavaDoc 
Issue gh-8784
 2020-07-20 15:23:43 -06:00
Romil Patel a55267f867
WebSecurityConfigurerAdapter JavaDoc 
Closes gh-8784
 2020-07-20 15:23:36 -06:00
Evgeniy Cheban eb90857d6e DefaultWebSecurityExpressionHandler uses RoleHierarchy bean 
Fixes gh-7059
 2020-06-10 16:56:15 -04:00
Joe Grandja 38c1e3ffa8 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException 
Issue gh-8609
 2020-06-09 15:27:32 -04:00
Eleftheria Stein 7a7707b899 Revert "Temporarily ignore RSocket integration tests" 
This reverts commit 8dd9cb2b33.

Fixes gh-8643
 2020-06-08 16:43:12 -04:00
Josh Cummings bbd2a9ebae
Revert "Lock Dependencies for 5.3.3.RELEASE" 
This reverts commit 116bfe01e6.
 2020-06-03 16:11:59 -06:00
Eleftheria Stein 8dd9cb2b33
Temporarily ignore RSocket integration tests 
Issue gh-8643
 2020-06-03 13:58:13 -06:00
Josh Cummings 116bfe01e6
Lock Dependencies for 5.3.3.RELEASE 2020-06-03 13:14:07 -06:00
Rob Winch cf142ef024 Delay AuthenticationPrincipalArgumentResolver Creation 
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
 2020-05-29 16:51:23 -05:00
Joe Grandja 413dfc8679 Unlock dependencies 
This reverts commit a61145f74c.
 2020-05-06 15:29:45 -04:00
Joe Grandja a61145f74c Lock dependencies for 5.3.2.RELEASE 2020-05-06 15:06:08 -04:00
Dávid Kovács a89e3d385f Add ROLE_INFRASTRUCTURE to infrastructure beans 
Closes gh-8407
 2020-04-27 09:02:33 -05:00
Rob Winch f6ddba8cd8 Logout defaults to use Global SecurityContextServerLogoutHandler 
Closes gh-8375
 2020-04-13 16:37:29 -05:00
Eleftheria Stein 2d71297b7e Fix HttpSecurity Javadoc 
Fixes gh-4404
 2020-04-02 11:40:07 -04:00
Joe Grandja a78872f268 Unlock dependencies for 5.3.1.RELEASE 
This reverts commit 88c02684bb.
 2020-03-31 17:53:13 -04:00
Joe Grandja 88c02684bb Lock dependencies for 5.3.1.RELEASE 2020-03-31 17:28:36 -04:00
Rob Winch 0e6e2b2a21 Fix HttpServlet3RequestFactory Logout Handlers 
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.

This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.

Closes gh-4760
 2020-03-30 20:50:12 -05:00
Rob Winch f82d59a1e5 SpringTestContext returns ConfigurableWebApplicationContext 
Closes gh-8233
 2020-03-30 20:50:12 -05:00
Joe Grandja 0230827335 oauth2Login WebFlux does not auto-redirect for XHR request 
Fixes gh-8118
 2020-03-26 05:08:58 -04:00
Eleftheria Stein 699fed7f98 Fix rsocket test 
Request route that exists; add additional error message verification

Fixes gh-8154
 2020-03-20 08:39:43 -04:00
Erik van Paassen 82dbce47b1
Fix typo in Javadoc of HttpSecurity#csrf() 
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
 2020-03-17 13:35:28 -06:00
Markus Engelbrecht e6ad3d5508
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 11:00:18 -06:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7.
 2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings c729fee7bc
Malformed Bearer Token Returns 401 for WebFlux 
Fixes gh-7668
 2020-03-03 15:42:02 -07:00
Joe Grandja c111099640 Polish client-registration xsd attributes 
Issue gh-4557
 2020-03-02 15:02:46 -05:00
Josh Cummings e97396b9c7 Add Resource Server XML Support 
Fixes gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings f1a2d69968 Add AuthenticationProvider List Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 34b40deb38 Add By-RequestMatcher Exception Handling 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 98a2ca3bbc Add Csrf Ignore Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 19584884b3
Register Authentication Provider in Init Phase 
Fixes gh-8031
 2020-02-28 15:32:27 -07:00
Filip Hanik 3257349045 Support POST binding for AuthNRequest 
Has been tested with

- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
 2020-02-28 09:15:26 -08:00
Rob Winch 727fee1e12 Polish HeaderWriterSpec 
Assert.notNull(Object,Supplier) is for when then message passed in
requires concatenation and avoids doing extra work. Since this does
not require concatenation, we can use Assert.notNull(Object,String)

Issue gh-7636
 2020-02-27 07:57:51 -06:00