Commit Graph

307 Commits

Author SHA1 Message Date
Phillip Webb 8e092f8d2c Add noformat blocks around withDefaultPasswordEncoder
Find `withDefaultPasswordEncoder` calls and protect them against
formatting.

Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb 63b5998fad Add noformat blocks around auth config
Find `auth` config using a regex search of `^\s*auths*$` and protect
them against formatting.

Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb 103d822e46 Add noformat blocks around http config
Find `http` config using a regex search of `^\s*https*$` and protect
them against formatting.

Issue gh-8945
2020-08-10 16:24:44 -05:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1"
This reverts commit f3a1e5d40c.
2020-08-05 14:59:11 -04:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Dávid Kováč af1c96b425
Simplify OAuth 2.0 Introspection Attribute Retrieval
In order to simplify retrieving of OAuth 2.0 Introspection specific
attributes, OAuth2IntrospectionClaimAccessor interface was introduced
and also new OAuth2AuthenticatedPrincipal implementing this new
interface (OAuth2IntrospectionAuthenticatedPrincipal).

Also DefaultOAuth2AuthenticatedPrincipal was replaced by
OAuth2IntrospectionAuthenticatedPrincipal in cases where OAuth 2.0
Introspection is performed (NimbusOpaqueTokenIntrospector,
NimbusReactiveOpaqueTokenIntrospector).

DefaultOAuth2AuthenticatedPrincipal can be still used by applications
that introspected the token without OAuth 2.0 Introspection.

OAuth2IntrospectionAuthenticatedPrincipal will also be used as a
default principal in tests where request is post-processed/mutated
by OpaqueTokenRequestPostProcessor/OpaqueTokenMutator.

Closes gh-6489
2020-07-09 17:26:13 -06:00
Josh Cummings 146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2"
This reverts commit 68538897c8.
2020-07-01 13:11:50 -06:00
Josh Cummings 68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Rob Winch dac7806cf5 Test beforeTestMethod delays creation of SecurityContext
Issue gh-6591
2020-06-24 16:40:09 -05:00
Markus Gabriel 97ee6d66f1 Fix SecurityContext creation for TEST_EXECUTION
Currently, there is support for setting up a SecurityContext after @Before by
using TestExecutionEvent.TEST_EXECUTION. The current implementation, however,
already creates the SecurityContext in @Before and just does not set it yet.
This leads to issues like #6591. For the case of @WithUserDetails, the
creation of the SecurityContext already looks up a user from the repository.
If the user was inserted in @Before, the user is not found despite using
TestExecutionEvent.TEST_EXECUTION. This commit changes the creation of the
SecurityContext to happen after @Before if using
TestExecutionEvent.TEST_EXECUTION.

Closes gh-6591
2020-06-24 16:40:08 -05:00
Dávid Kovács 88028d82ed formLogin() and login() implement Mergable
This is necessary so that default requests like Spring REST Docs work.

Closes gh-7572
2020-06-22 14:54:32 -05:00
Josh Cummings 900f551890
Inject TestOAuth2AuthorizedClientRepository
Fixes gh-8603
2020-05-28 10:33:02 -06:00
Joe Grandja 86ca6b013c Unlock dependencies
This reverts commit 206960cf44.
2020-05-06 17:27:35 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Dávid Kovács 1f1ddeb025 SecurityMockMvcConfigurer$DelegateFilter is not null-safe
This commit adds null-check to getter method, so instead of NPE an IllegalStateException will be thrown with additional details.

Fixes gh-7745
2020-05-05 09:56:37 -05:00
Markus Engelbrecht d81321bc29
Fix typo 'properites' in documentation
Fixes gh-8095
2020-03-11 10:54:14 -06:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
This reverts commit 147d7dadd7.
2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings 85b0e468ad
Add missing calls to principalName
Issue gh-8054
2020-03-03 17:11:42 -07:00
Josh Cummings 2064214f39
Add principal name to oauth2Client Test Support
Fixes gh-8054
2020-03-03 16:33:08 -07:00
Josh Cummings 3bc1b7a933
Simplify opaqueToken support
Remove scopes convenience method to alleviate potential confusion with
the "scope" attribute.

Issue gh-7827
Issue gh-7712
2020-03-03 16:24:43 -07:00
Josh Cummings 689fc9df0c
Align Test Support Claims
Make all sub claims 'user' and all scopes 'read' to align with
existing support for JWT

Issue gh-7828
Issue gh-7789
Issue gh-7680
Issue gh-7618
2020-03-03 16:24:43 -07:00
Josh Cummings 30adabb685
Simplify oauth2Login Test Support
Remove nameAttributeKey as this is easily done by constructing
a DefaultOAuth2User instance.

Issue gh-7789
Issue gh-7828
2020-03-03 15:48:04 -07:00
Josh Cummings bd593a3431
Add Opaque Token WebTestClient Support
Fixes gh-7827
2020-02-27 11:29:55 -07:00
Josh Cummings ffb5a3a0d4
Add oauth2Client WebTestClient Support
Fixes gh-7910
2020-02-05 15:33:57 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version
This reverts commit 064616f1ef.
2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Josh Cummings c367378421
Add OAuth2Client MockMvc Test Support
Fixes gh-7886
2020-02-03 15:59:58 -07:00
Josh Cummings 982f3f902c
Add oauth2Login Reactive Test Support
Fixes gh-7828
2020-01-13 17:49:52 -07:00
Josh Cummings 8f1d0cf528
opaqueToken MockMvc Configuration Order
Fixes gh-7800
2020-01-10 16:47:31 -07:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version
This reverts commit 93acf8f0f1.
2020-01-08 22:15:17 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Josh Cummings 09810b8df9
oidcLogin Test Configuration Flow
Fixes gh-7794
2020-01-07 17:37:48 -07:00
Josh Cummings 84ba3ddf26
Add oauth2Login MockMvc Support
Fixes gh-7789
2020-01-07 14:09:36 -07:00
Josh Cummings e1fdb24b5d
Add opaqueToken MockMvc Test Support
Fixes gh-7712
2019-12-20 15:34:11 -07:00
Josh Cummings d102cae243
oidcLogin MockMvc Documentation
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
2019-12-02 22:49:17 -07:00
Josh Cummings 8c32d5fe48
Add oidcLogin WebFlux Test Support
Fixes: gh-7680
2019-12-02 22:28:24 -07:00
Josh Cummings b35e18ff31
Add oidcLogin MockMvc Test Support
Fixes gh-7618
2019-11-26 16:12:06 -07:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
2019-11-22 15:07:05 -07:00
Drummond Dawson 4f82be7e68 Support URI vars in formLogin and logout MockMvc requests 2019-11-05 09:46:50 +01:00
Rob Winch 00f8991fac Merge Remove Redudant Throws
Fixes gh-7301
2019-09-19 11:04:53 -05:00
Josh Cummings 05caf3d8fb
Use Jwt.Builder
Fixes gh-7443
2019-09-16 14:00:25 -06:00
Josh Cummings b55b2914c2 Mock Jwt Disables CSRF
Fixes gh-7170
2019-09-13 19:04:05 +01:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
Rob Winch 9d63c36f93 Fix JDK 10+
Issue gh-7265
2019-08-16 11:13:11 -05:00
Rob Winch 0c6bff4afb SecurityMockMvcConfigurer Honors Filter Order
Fixes gh-7265
2019-08-16 09:24:33 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer 38de737663 Java 8: Statement lambda can be replaced with expression lambda 2019-08-09 16:59:07 -05:00
Lars Grefer b388976ac8 fix checkstyle 2019-08-09 02:46:20 +02:00
Lars Grefer fe9e454978 StandardCharsets can be used
Reports methods and constructors where constant charset String literal is used (like "UTF-8") which could be replaced with a predefined Charset object like StandardCharsets.UTF_8. This may work a little bit faster, because charset lookup becomes unnecessary. Also catching UnsupportedEncodingException may become unnecessary as well. In this case the catch block will be removed automatically.
2019-08-09 00:39:09 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer 776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Lars Grefer c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
sandmannn 23a7c3010c Added jwt injection for reactive test mocks
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to WebTestClient mutator.

Fixes: spring-projectsgh-6896
2019-06-15 10:01:57 -06:00
sandmannn 9323d8e821 Extended testing api for JWT
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to the MockMvc request builder.

Issue: spring-projectsgh-6896
2019-06-12 10:09:32 -06:00
Josh Cummings d0f5b42884
Mock Jwt Test Support and Jwt.Builder Polish
Simplified the initial support to introduce fewer classes and only the
features described in the ticket.

Changed tests to align with existing patterns in the repository.

Added JavaDoc to remaining public methods introduced for this feature.

Issue: gh-6634
Issue: gh-6851
2019-05-22 14:23:02 -06:00
Jérôme Wacongne e59d8a529b
Mock Jwt Test Support and Jwt.Builder
Fixes: gh-6634
Fixes: gh-6851
2019-05-22 14:23:02 -06:00
Spring Operator b93528138e URL Cleanup
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://www.apache.org/licenses/ with 1 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).
2019-03-14 15:46:20 -05:00
Rob Winch 1a80d4a66c Fix Generics in ReactorContextTestExecutionListenerTests for JDK 9+
Issue: gh-6075
2018-11-30 12:07:58 -06:00
Aanuoluwapo Otitoola a28c677f88 ReactorContextTestExecutionListener should use named hooks
Fixes: gh-6075
2018-11-30 11:13:26 -06:00
Tadaya Tsuyukubo 12050404ad Populate test security context with authentication
Add setAuthentication method on TestSecurityContextHolder.
2018-10-03 14:24:45 -04:00
Vedran Pavic cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
mhyeon.lee 18db425861 Polish Javadoc to remove warning 2018-07-18 09:24:59 -06:00
Rob Winch 1137f3b46d Add cross references to ReactorContextTestExecutionListener
Fixes: gh-5418
2018-06-11 17:13:24 -05:00
Rob Winch 7a204a5f58 Fixes for SPR-16624
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
Rob Winch b1d013e8f0 Fix JDK 9
Issue: gh-5160
2018-03-27 09:30:56 -05:00
Rob Winch 1851aaa66d Fix ReactorContextTestExecutionListener with custom SecurityContext
Fixes: gh-5137
2018-03-19 09:29:27 -05:00
Oleh Dokuka 76e36bd06e fix Mock Authentication resolution 2018-03-19 09:16:55 -05:00
Rob Winch 65193963ad Fix Imports
Issue: gh-4888
2018-03-09 09:15:39 -06:00
Rob Winch 2228485a40 WithUserDetails supports ReactiveUserDetailsService
Fixes: gh-4888
2018-03-08 23:13:19 -06:00
Rob Winch abae2f3e87 Allow WithSecurityContextTestExecutionListener to execute after @Before
Fixes: gh-2935
2018-03-08 14:13:07 -06:00
Rob Winch e1a8d250de Add authenticated().withAuthentication(Consumer<Authentication>)
This allows arbitrary assertions of the authenticated user

Fixes: gh-4996
2018-02-02 16:56:45 -06:00
Johnny Lim 57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Johnny Lim b6895e6359 Apply Checkstyle WhitespaceAfterCheck module 2017-11-16 11:18:31 -06:00
Johnny Lim d900f2a623 Remove unused imports
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
Johnny Lim cdcf65de1e Polish
Fixes gh-4425
2017-10-29 23:43:13 -05:00
Antoine e0aca04a28 Polish AssertJ assertions
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
Rob Winch 8da2c7f657 Add WebFlux CSRF Protection
Fixes gh-4734
2017-10-28 22:59:24 -05:00
Rob Winch c467dcdbe1 SecurityMockServerConfiguers fixes
Issue: gh-4719
2017-10-27 18:17:36 -05:00
Rob Winch 77aedcf502 SecurityMockServerConfigurers updates
Issue: gh-4719
2017-10-27 18:17:33 -05:00
Rob Winch 3bceadd369 Only populate a Context once
Fixes gh-4718
2017-10-27 17:35:54 -05:00
Rob Winch be593b95a8 Prefer existing Context in ReactorContextTestExecutionListener
Issue gh-4718
2017-10-27 17:35:54 -05:00
Rob Winch 9363e2ba41 Polish ReactorContextTestExecutionListenerTests
Necessary for preparing for the changes that will be made. The Context
should not necessarily be empty, but it should not contain the SecurityContext

Issue gh-4718
2017-10-27 17:35:54 -05:00
Rob Winch 3abec60188 SecurityMockServerConfigurers checkstyle 2017-10-27 17:33:08 -05:00
Rob Winch 747473257f Use ReactorSecurityContextHolder
Issue gh-4713
2017-10-26 20:11:42 -05:00
Rob Winch 8291f20796 DaoAuthenticationProvider uses DelegatingPasswordEncoder
This means that passwords will be encoded with BCrypt by default

Fixes: gh-2775
2017-10-24 07:56:28 -05:00
Johnny Lim 25052214ae Polish 2017-10-16 18:33:27 -05:00
Rob Winch 23f56f568c Update MockitJunitRunner import
Issue: gh-4608
2017-10-09 16:13:33 -05:00
Rob Winch 445834784a Update to Mockito 2.10.0
Issue: gh-4608
2017-10-09 16:13:11 -05:00
Rob Winch 1f4082e754 Fix copyright lines 2017-09-18 11:11:25 -05:00
Rob Winch 3ecf3ea034 Fix double * in Copyright headers 2017-09-18 10:47:26 -05:00
Rob Winch d9bad2bc9d Mono.currentContext()->subscriberContext()
Fixing refactoring by Reactor
2017-09-01 17:20:47 -05:00
Rob Winch f59fc357b8 Polish ReactorContextTestExecutionListenerTests
Code Style fixes
2017-08-30 14:27:14 -05:00
Rob Winch 4fd17e4c2e Fix ReactorContext after changes to Reactor 2017-08-30 14:25:40 -05:00
Rob Winch 7ae4506a88 Add ReactorContextTestExecutionListener
Fixes gh-4502
2017-08-17 16:42:01 -05:00
Rob Winch e16b8e7976 Fix logback-test.xml 2017-08-17 16:42:01 -05:00
Rob Winch 544f39f826 Add Annotated Support for WebTestClient
Fixes gh-4457
2017-07-15 22:05:54 -05:00
Rob Winch 6590fc31cd Use withMutator
Fixes gh-4455
2017-07-14 11:01:52 -05:00
Rob Winch 03f2d654ad Fix WebTestClient Support
Fixes gh-4419
2017-07-13 21:02:07 -05:00
Rob Winch 915de03f42 Polish ExchangeMutatorWebFilter Support
Issue gh-4343
2017-05-31 13:23:55 -05:00
Rob Winch 7bc98db23c Add WebTestClient test support
SecurityExchangeMutators

Fixes gh-4343
2017-05-19 15:09:23 -05:00
Rob Winch e631805635 Remove RedirectMatcher
This is no longer necessary now that Spring 5 is the minimum version.

Fixes gh-4092
2017-05-11 14:38:18 -05:00
Rob Winch d81b436e5d Remove pom.xml from build
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.

This commit removes the pom.xml files from the build.

Fixes gh-4283
2017-05-11 14:32:36 -05:00
Vedran Pavic 85719fcd64 Use Base64 implementation provided by Java 8 2017-05-10 00:27:36 -05:00
Rob Winch dd6fc48dd8 Standardize Build
The build now uses spring build conventions to simplify the build

Fixes gh-4284
2017-04-21 10:55:05 -05:00
Joe Grandja 2ce174dbf0 Update poms to 5.0.0.BUILD-SNAPSHOT 2017-04-07 16:49:50 -04:00
Rob Winch d2524eadfc Update poms to new to SNAPSHOT version 2017-03-02 09:20:34 -06:00
Spring Buildmaster 081f0c4d94 Release version 4.2.2.RELEASE 2017-03-02 07:29:42 +00:00
Rob Winch 9c03571bbb Use message in all Assert
This ensures compatibility with Spring 5.

Fixes gh-4193
2017-01-30 19:58:24 -06:00
Spring Buildmaster 7a7ce11ebb Release version 4.2.1.RELEASE 2016-12-21 17:23:28 +00:00
Spring Buildmaster 24fcb6c45a Release version 4.2.0.RELEASE 2016-11-09 23:42:11 +00:00
Spring Buildmaster 97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch 6a3a5f7beb Polish Deprecations
Issue gh-4080
2016-10-17 17:02:59 -05:00
Rob Winch 52c6e3cf89 Create RedirectMatcher
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.

Issue gh-4080
2016-10-17 17:02:58 -05:00
Rob Winch 17cfd4707b Fix deprecations
Issue gh-4080
2016-10-17 17:00:18 -05:00
Rob Winch 8a7ac398e6 Remove TheController from Bean
It is already picked up with classpath scanning

Issue gh-4080
2016-10-17 17:00:17 -05:00
Spring Buildmaster c1b8150439 Release version 4.2.0.M1 2016-09-23 19:39:33 +00:00
Rob Winch 4d02a5c0a0 Update pom.xml dependencies 2016-08-30 11:27:29 -05:00
Rob Winch 050198e51b Fix csrf() when used then not used
Previously if csrf() was used and subsequently not used, the
TestCsrfTokenRepository was still used. This makes it difficult to test
the actual CsrfTokenRepository implementation.

Now the TestCsrfTokenRepository is only used if explicitly enabled.

Fixes gh-4016
2016-08-09 17:09:16 -04:00
Spring Buildmaster 919f000c80 Release version 4.1.1.RELEASE 2016-07-07 00:57:35 +00:00
Rob Winch 8ad91ef6a5 WithSecurityContextTestExecutionListener > SqlScriptsTestExecutionListener
WithSecurityContextTestExecutionListener should order after
SqlScriptsTestExecutionListener so sql can setup the current user's info
in the database.

Fixes gh-3962
2016-07-06 16:09:17 -05:00
Rob Winch bbeb7f94d7 Fix checkstyle
Issue gh-3920
2016-06-20 19:36:51 -05:00
Rob Winch a2a06d19c1 Add formLogin() Accept Test
Issue gh-3920
2016-06-20 16:23:29 -05:00
Micah Silverman 314828859e Added accept method call to buildRequest in SecurityMockMvcRequestBuilders with default of MediaType.APPLICATION_FORM_URLENCODED 2016-06-20 15:46:01 -05:00
Eddú Meléndez a2ead4cf7a Polish
Fixes gh-3892
2016-06-20 12:35:43 -05:00
Rob Winch 2d6051625f Update pom.xml 2016-06-17 14:30:11 -05:00
Rob Winch 101190ad8b Format WithSecurityContextTestExecutionListener 2016-05-20 10:46:26 -05:00
Rob Winch 336de35874 Polish WithSecurityContextTestExecutionListener
Extract method for reuse

SecurityContext createSecurityContext(AnnotatedElement annotated,
    WithSecurityContext withSecurityContext,
    TestContext context)

Issue gh-3888
2016-05-20 10:46:26 -05:00
Eddú Meléndez a53d022312 Support WithSecurityContextFactory on superclass
Fixes gh-3888
2016-05-20 10:46:14 -05:00
Rob Winch 7b61a44929 Fix test .standaloneSetup
Previously, Spring Security's test support did not work well with the
standalone setup. This was because the springSecurityFilterChain was not
found by the WebTestUtils.

This commit ensures that the springSecurityFilterChain is added as a
servlet attribute if it is explicitly defined. WebTestUtils can then
find the springSecurityFilterChain in the ServletContext.

Fixes gh-3881
2016-05-16 11:02:40 -04:00
Rob Winch 602bb457b8 Formatting
Issue gh-3881
2016-05-16 11:02:40 -04:00
Spring Buildmaster 001b05569a Release version 4.1.0.RELEASE 2016-05-05 04:25:46 +00:00
Rob Winch 78bf6e2bd5 WithSecurityContextTestExecutionListener supports generic Annotation
Previously Spring Security's WithSecurityContextTestExecutionListener
allowed a WithSecurityContextFactory<Annotation> to be used. This
was broken in SEC-3074.

This commit ensures that WithSecurityContextFactory<Annotation> is
supported again.

Fixes gh-3837
2016-05-03 15:41:25 -04:00
Jens Goldhammer ceef70946b Resolve springSecurityFilterChain to Filter
When enabling debug for spring security, the FilterChainProxy will be wrapped by the DebugFilter.
This DebugFilter will be registered as bean springSecurityFilterChain. The WebTestUtils will now search for the bean by name instead of FilterChainProxy class.
In this case we have to cast to a Java ServletFilter to support both filter...

Fixes gh-3836
2016-04-26 15:53:38 -04:00
Spring Buildmaster 24d0069668 Release version 4.1.0.RC2 2016-04-21 01:47:25 +00:00
Rob Winch b2b53f7a81 Fix unauthenitcated() and AnonymousAuthenticationToken
Previously if unauthenticated() experienced an AnonymousAuthenticationToken
it would not match.

This commit ensures that if the user is anonymous (not just null)
unauthenticated() works.

Fixes gh-3409
2016-04-19 15:08:47 -05:00
Rob Winch 8a28a27225 Formatting Polish 2016-04-19 14:24:11 -05:00
Rob Winch d3a9cc6eae Add CsrfTokenRepository (#3805)
* Create LazyCsrfTokenRepository

Fixes gh-3790

* Add CookieCsrfTokenRepository

Fixes gh-3009
2016-04-12 17:26:53 -04:00
Joe Grandja b90242f2fa Updates all POM versions to 4.1.0 snapshot build.
Fixes gh-3804
2016-04-12 10:35:43 -04:00
Eddú Meléndez Gonzales a5a5d9a1a9 Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities (#3793)
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)

Fixes gh-3791
2016-04-08 08:55:53 -05:00
Rob Winch 8abb882927 Rename poorly named withUser variable
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.

This commit renames the variables to withSecurityContext.

Fixes gh-3775
2016-04-01 10:27:14 -05:00
Spring Buildmaster 044acf7e27 Release version 4.1.0.RC1 2016-03-23 07:15:15 -07:00
Rob Winch ec4e6c7453 Update pom.xml to 4.1.0.BUILD-SNAPSHOT 2016-03-14 00:51:35 -05:00
Rob Winch f221920a19 Clean up code to conform to basic checkstyle
Issue gh-3746
2016-03-14 00:15:12 -05:00
Rob Winch df5e3ba6ee Polish Imports 2016-03-09 16:24:50 -06:00
Rob Winch 835ac0a217 Add @WithUserDetails userDetailsServiceBeanName
Fixes gh-3346
2016-03-09 15:59:23 -06:00
Rob Winch 618b8a2d83 Fix WebTestUtils when no matching HttpSecurity found
Previously a NullPointerException would be thrown if no HttpSecurity
matched on the request passed in. This was because findFilters would
return null rather than an empty List.

This commit returns null if findFilters gets a null result.

Fixes gh-3343
2016-03-09 15:20:10 -06:00
Billy Korando 71d4ce96ad Convert to assertj
Fixes gh-3175
2016-03-09 14:30:17 -06:00