Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,802 Commits 34 Branches 337 Tags
Commit Graph

311 Commits

Author SHA1 Message Date
ahmd-nabil
dfef781e33 Add default implementation in UserDetails 
Closes gh-14275

Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>
 2023-12-11 11:00:57 -07:00
Marcus Da Coregio
07b6c451fd Merge branch '6.1.x' 
Closes gh-13884
 2023-09-29 11:47:38 -03:00
Marcus Da Coregio
92c82191c9 Merge branch '5.8.x' into 6.0.x 
Closes gh-13882
 2023-09-29 11:46:00 -03:00
Marcus Da Coregio
64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Steve Riesenberg
d6ff58bb7f
Update Mockito to 5.5.0 
Closes gh-13810
 2023-09-19 10:39:03 -05:00
Tim te Beek
9df9cb5aed refactor: AssertJ best practices 
Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D

Co-authored-by: Moderne <team@moderne.io>
 2023-09-12 16:18:14 -06:00
Kevin Park
02aa052fc7 Fix typo in method name 2023-08-08 17:32:01 -06:00
Laurent MARTELLI
5a7eb108c8 Fix Javadoc 2023-06-22 11:22:15 -06:00
Josh Cummings
590e9e23d9
Merge branch '5.8.x' into 6.0.x 
Closes gh-13253
 2023-05-31 15:42:41 -06:00
Josh Cummings
79f1cf799d
Merge branch '5.7.x' into 5.8.x 
Closes gh-13252
 2023-05-31 15:31:31 -06:00
Josh Cummings
bcc1cfc28a
Restore OAuth2AuthorizedClientRepository Test Instrumentation 
Closes gh-13113
 2023-05-31 15:30:03 -06:00
Marcus Da Coregio
e3cc8d13e8 Merge branch '5.8.x' into 6.0.x 2023-04-19 11:29:49 -03:00
Marcus Da Coregio
744b74f4c9 Merge branch '5.7.x' into 5.8.x 2023-04-19 11:27:08 -03:00
Amal Krishna
8bec14009e Fix typo in SecurityMockMvcResultMatchers.java 
Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication
 2023-04-19 11:25:55 -03:00
Marcus Da Coregio
1a4a2a9055 Merge branch '5.8.x' into 6.0.x 2023-04-14 13:32:10 -03:00
Marcus Da Coregio
54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
Marcus Da Coregio
52ed165476 Move classpath checks to class member variable 
Closes gh-11437
 2023-02-07 09:25:06 -03:00
Marcus Da Coregio
c15f45d9ee Only register hints for servlet applications 
Closes gh-12622
 2023-02-03 16:37:33 -03:00
Marcus Da Coregio
1648151dd2 Register hints for @WithSecurityContext on class level 
Issue gh-12215
 2022-11-17 10:18:15 -03:00
Marcus Da Coregio
177e11fbd7 Add WebTestUtils test runtime hints 
Closes gh-12216
 2022-11-16 11:16:20 -03:00
Marcus Da Coregio
7094ee3710 Add runtime hints for annotations using @WithSecurityContext 
Closes gh-12215
 2022-11-16 10:02:34 -03:00
Rob Winch
9cb668aec2 SessionManagementConfigurer properly defaults SecurityContextRepository 
Previously the default was an HttpSessionSecurityContextRepository which
meant that if a stateless authentication occurred the SecurityContext would
be lost on ERROR dispatch.

This commit ensures that the RequestAttributeSecurityContextRepository is
also consulted by default.

Closes gh-12070
 2022-10-20 10:57:47 -05:00
Steve Riesenberg
2a2051cd7b
Default to Xor CSRF tokens in CsrfFilter 
Issue gh-11960
 2022-10-13 09:39:55 -05:00
Steve Riesenberg
7c872cf7fd
Merge branch '5.8.x' 2022-10-12 15:02:40 -05:00
Steve Riesenberg
440748ec65
Add test support for Xor CSRF tokens 
Issue gh-4001
 2022-10-12 15:02:15 -05:00
Marcus Da Coregio
398f5dee7f Remove deprecated RequestMatcher methods from Java Configuration 
Closes gh-11939
 2022-10-07 15:26:46 -03:00
Marcus Da Coregio
35f7e46d05 Remove WebSecurityConfigurerAdapter 
Closes gh-10902
 2022-10-04 15:13:04 -03:00
Steve Riesenberg
5de6da890b
Merge branch '5.8.x' 
Closes gh-dry-run
 2022-10-04 11:18:00 -05:00
Steve Riesenberg
475b3bb6bb
Add deferred CsrfTokenRepository.loadDeferredToken 
* Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken>
* Move RepositoryDeferredCsrfToken to top-level and make package-private
* Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse)
* Update CsrfFilter
* Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler

Issue gh-11892
Closes gh-11918
 2022-10-03 17:10:54 -05:00
Rob Winch
4479cefade Default Require Explicit Session Management = true 
Closes gh-11763
 2022-09-30 21:49:05 -05:00
Steve Riesenberg
bcb21c9384
Merge branch '5.8.x' 
# Conflicts:
#	config/src/test/java/org/springframework/security/config/annotation/web/configuration/DeferHttpSessionJavaConfigTests.java
 2022-09-23 15:39:43 -05:00
Steve Riesenberg
46696a9226
CsrfTokenRequestHandler extends CsrfTokenRequestResolver 
Closes gh-11896
 2022-09-23 15:09:00 -05:00
Rob Winch
0efe26c1fd Merge branch '5.8.x' 
Closes gh-11894
 2022-09-22 13:47:04 -05:00
Rob Winch
d94677f87e CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler 
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.

Closes gh-11892
 2022-09-22 11:09:44 -05:00
Steve Riesenberg
306a3bc20a
Merge branch '5.8.x' 2022-09-12 10:49:40 -05:00
aSemy
6e2e8c41b5
typo fitler -> filter 2022-09-12 10:43:41 -05:00
aSemy
e7880b1815
Javadoc typo 'sue' -> 'use' 2022-09-12 10:43:03 -05:00
Rob Winch
0248421df1 Merge branch '5.8.x' 2022-09-08 10:15:24 -05:00
mariusz
b478e5bc93 gh-6899: @WithMockUser as metaannotation 2022-09-08 09:44:32 -05:00
Joshua Sattler
040111ae9e Remove Configuration meta-annotation from Enable* annotations 
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.

Closes gh-6613

Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
 2022-07-30 03:48:42 +02:00
Steve Riesenberg
206c6ffb54
Remove deprecation warnings with Context.putAll 
Closes gh-11476
 2022-07-08 16:03:45 -05:00
Igor Bolic
d96b4a0463 Set the useTrailingSlashMatch to true for tests 
The Spring MVC changed the default behavior for trailing slash match
with https://github.com/spring-projects/spring-framework/issues/28552.
This causes failures in Spring Security's tests.

Setting the `useTrailingSlashMatch` to `true` ensures that Spring
Security will work for users who have modified the default configuration.
Specifing the request mapper with trailing slash path ensures that the tests
are successful when default behavior is used.

Closes gh-11451
 2022-07-05 11:29:36 -06:00
Josh Cummings
6ac9366657
Add SecurityContextHolderStrategy Test Support 
Issue gh-11061
Issue gh-11444
 2022-06-27 13:17:45 -06:00
Josh Cummings
f86992a0af
Add SecurityContextHolderStrategy Test Support 
Issue gh-11061
Issue gh-11444
 2022-06-27 13:02:11 -06:00
Marcus Da Coregio
806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Rob Winch
b1233d053f Add test support for SecurityContextHolderFilter 
Issue gh-9635
 2022-04-13 15:59:21 -05:00
Rob Winch
6e6d472da4 Add test support for SecurityContextHolderFilter 
Issue gh-9635
 2022-04-13 10:53:11 -05:00
Steve Riesenberg
8aa7029d07 Fix checkstyle errors 
Issue gh-10989
 2022-03-18 22:53:29 -05:00
Rob Winch
972039e65c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-12 13:31:04 -06:00
Rob Winch
87ed31a99c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-11 17:22:23 -06:00