Commit Graph

14828 Commits

Author SHA1 Message Date
Steve Riesenberg f11ba8f7f1
Switch to reusable workflows
Issue gh-14538
Closes gh-14242
Closes gh-13195
Closes gh-10460
Closes gh-11308
2024-02-02 17:17:57 -06:00
Steve Riesenberg ad71f57143
Add spring-security-release-plugin
Issue gh-14242
2024-02-02 15:47:31 -06:00
Steve Riesenberg b5bd62130b
Support consistent build info
Closes gh-14538
2024-02-02 14:00:20 -06:00
Marcus Hert Da Coregio 4e5780a30c Fix setters not working for CasAuthenticationFilter
The setSecurityContextRepository and setSecurityContextHolderStrategy only works for the parent class.
This commit overrides the method and make sure that we set the objects in the super class and the CasAuthenticationFilter.

Closes gh-14529
2024-02-02 15:29:28 -03:00
dependabot[bot] 9fb2f73348 Bump org-eclipse-jetty from 11.0.19 to 11.0.20
Bumps `org-eclipse-jetty` from 11.0.19 to 11.0.20.

Updates `org.eclipse.jetty:jetty-server` from 11.0.19 to 11.0.20

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.19 to 11.0.20

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-02 09:33:04 -03:00
Marcus Hert Da Coregio 2efc282f56 Merge branch '5.8.x' into 6.1.x 2024-02-02 09:31:46 -03:00
Marcus Hert Da Coregio 05d3c4b695 Add permission to Edit Dependabot PR workflow
Issue gh-14486
2024-02-02 09:30:50 -03:00
Marcus Hert Da Coregio 5f80cfc705 Automatically assign milestone to Dependabot PR
Issue gh-14486
2024-02-02 09:30:39 -03:00
Habin Song 49f447f3d0 Update session-management.adoc
lambda expression typo. I changed '(session) - session' to '(session) -> session'
2024-01-31 09:51:00 -03:00
Habin Song fbb35a1e3d Typo: Update ldap.adoc
there is no word like 'byusing'. I fixed 'byusing' to 'by using'.
2024-01-31 09:50:51 -03:00
y-tomida cb84efd06d Fix command in CONTRIBUTING.adoc 2024-01-31 09:50:31 -03:00
Josh Cummings ebfe8e3580
Merge branch '5.8.x' into 6.1.x 2024-01-29 17:45:04 -07:00
dependabot[bot] 7011930305 Bump gradle/gradle-build-action from 2 to 3
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3.
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 17:44:51 -07:00
Josh Cummings b0fe1da98e
Merge branch '5.8.x' into 6.1.x 2024-01-29 17:42:29 -07:00
dependabot[bot] 8a75382b2d Bump slackapi/slack-github-action from 1.24.0 to 1.25.0
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/slackapi/slack-github-action/releases)
- [Commits](https://github.com/slackapi/slack-github-action/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: slackapi/slack-github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 17:41:43 -07:00
Josh Cummings 44f22ee5cf
Merge branch '5.8.x' into 6.1.x
Closes gh-14495
2024-01-25 17:32:57 -07:00
Hans Lindner ca10187fd1 Enhance JWT decoding error handling
Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality.

Closes gh-14467
2024-01-25 17:32:10 -07:00
Marcus Hert Da Coregio ce5f5e6e33 Add native hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken
Closes gh-14397
2024-01-17 16:14:59 -03:00
Marcus Hert Da Coregio 2eba7eb672 Merge branch '5.8.x' into 6.1.x 2024-01-17 14:31:29 -03:00
dependabot[bot] 44b785bfb1 Bump io.spring.ge.conventions from 0.0.14 to 0.0.15
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-17 14:31:11 -03:00
dependabot[bot] 56f486588f Bump io.spring.ge.conventions from 0.0.14 to 0.0.15
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-17 14:31:01 -03:00
Marcus Hert Da Coregio fccd9379d5 WebTestUtilsTestRuntimeHints implements RuntimeHintsRegistrar
Closes gh-14399
2024-01-17 08:47:28 -03:00
Steve Riesenberg b4ac2fadba
Merge branch '5.8.x' into 6.1.x 2024-01-12 09:53:58 -06:00
dependabot[bot] 3f5f79d835 Bump io.projectreactor.netty:reactor-netty from 1.0.40 to 1.0.41
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.40 to 1.0.41.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.40...v1.0.41)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:52:45 -06:00
dependabot[bot] 83b8a2e9d1 Bump org.springframework:spring-framework-bom from 6.0.15 to 6.0.16
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.0.15 to 6.0.16.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.0.15...v6.0.16)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:44:30 -06:00
dependabot[bot] 9ce8aa13cb Bump io.projectreactor:reactor-bom from 2022.0.14 to 2022.0.15
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2022.0.14 to 2022.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2022.0.14...2022.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:43:21 -06:00
dependabot[bot] 9985580534 Bump io.projectreactor:reactor-bom from 2020.0.39 to 2020.0.40
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.39 to 2020.0.40.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.39...2020.0.40)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:42:04 -06:00
dependabot[bot] 8ced725d28 Bump org.slf4j:slf4j-api from 2.0.10 to 2.0.11
Bumps org.slf4j:slf4j-api from 2.0.10 to 2.0.11.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:41:10 -06:00
dependabot[bot] 90ef7d4c74 Bump org.apereo.cas.client:cas-client-core from 4.0.3 to 4.0.4
Bumps [org.apereo.cas.client:cas-client-core](https://github.com/apereo/java-cas-client) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/apereo/java-cas-client/releases)
- [Commits](https://github.com/apereo/java-cas-client/compare/cas-client-4.0.3...cas-client-4.0.4)

---
updated-dependencies:
- dependency-name: org.apereo.cas.client:cas-client-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:39:34 -06:00
dependabot[bot] 7c401f35ed Bump io-spring-javaformat from 0.0.40 to 0.0.41
Bumps `io-spring-javaformat` from 0.0.40 to 0.0.41.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.40 to 0.0.41
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.40...v0.0.41)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.40 to 0.0.41
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.40...v0.0.41)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:38:04 -06:00
dependabot[bot] 24d4abe5fd Bump io-spring-javaformat from 0.0.40 to 0.0.41
Bumps `io-spring-javaformat` from 0.0.40 to 0.0.41.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.40 to 0.0.41
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.40...v0.0.41)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.40 to 0.0.41
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.40...v0.0.41)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-12 09:37:19 -06:00
dependabot[bot] 574ac94cfc Bump io.mockk:mockk from 1.13.8 to 1.13.9
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.8 to 1.13.9.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/commits)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-08 11:22:53 -07:00
Marcus Hert Da Coregio d032b23ab7 Make OAuth2AuthorizationExchange serializable
Closes gh-14402
2024-01-05 07:53:28 -03:00
Taeik Lim 6c5b3d69c5 Fix broken sample code in Authorize HttpServletRequests
Signed-off-by: Taeik Lim <sibera21@gmail.com>
2024-01-03 11:29:46 -03:00
Steve Riesenberg 6f3a1fe1cd
Polish kotlin.adoc
Issue gh-14384
2023-12-29 10:57:21 -06:00
Steve Riesenberg 63556b6636
Polish java.adoc
Issue gh-14384
2023-12-29 10:57:21 -06:00
Siddharth1605 e11ed2d313
Updated the Configuration examples in docs
Closes gh-14384
2023-12-29 10:57:21 -06:00
dependabot[bot] 79eef6cc54 Bump org.slf4j:slf4j-api from 2.0.9 to 2.0.10
Bumps org.slf4j:slf4j-api from 2.0.9 to 2.0.10.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-29 11:40:41 -03:00
Steve Riesenberg 3beb583207
Merge branch '5.8.x' into 6.1.x 2023-12-28 12:56:25 -06:00
Steve Riesenberg 16dc6be3c8
Update copyright year
Issue gh-14329
2023-12-28 12:54:29 -06:00
Geir Hedemark c88aaedb48
Updated broken documentation link in javadocs 2023-12-28 12:54:29 -06:00
Taeik Lim 3cb181aece
Fix Spring initializr link in 'Getting Spring Security'
Signed-off-by: Taeik Lim <sibera21@gmail.com>

Issue gh-9869
2023-12-28 11:11:14 -06:00
nkilchenmann ae7ae1ffee
Update configuration.adoc
Fixing typo in documentation

Issue gh-12628
2023-12-28 10:57:53 -06:00
Krishna Chaitanya Surapaneni 7ec9188f5b
Remove Irrelevant Documentation Lines
Refactor: Remove two lines that lack proper context due to earlier
deletions/movements. They are no longer relevant and contribute little
to the overall meaning.

Issue gh-12974
2023-12-28 10:47:17 -06:00
Marcus Hert Da Coregio 92af758f1f Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive
Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state.

Issue gh-14362
2023-12-26 15:58:16 -03:00
Marcus Hert Da Coregio 778a63a763 Revert "Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing"
This reverts commit 8a93178da7.
2023-12-26 15:10:15 -03:00
DingHao 7cd626fe25 Fix FilterChainProxy cannot be found when @EnableWebSecurity(debug = true)
Closes gh-14370
2023-12-26 11:20:09 -03:00
Marcus Hert Da Coregio 364bc10e78 Add hints for CompositeFilterChainProxy
Closes gh-14359
2023-12-26 10:41:56 -03:00
Marcus Hert Da Coregio 8a93178da7 Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing
Closes gh-14362
2023-12-22 08:40:07 -03:00
dependabot[bot] 3d277fbf86 Bump org-eclipse-jetty from 11.0.18 to 11.0.19
Bumps `org-eclipse-jetty` from 11.0.18 to 11.0.19.

Updates `org.eclipse.jetty:jetty-server` from 11.0.18 to 11.0.19
- [Release notes](https://github.com/jetty/jetty.project/releases)
- [Commits](https://github.com/jetty/jetty.project/compare/jetty-11.0.18...jetty-11.0.19)

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.18 to 11.0.19
- [Release notes](https://github.com/jetty/jetty.project/releases)
- [Commits](https://github.com/jetty/jetty.project/compare/jetty-11.0.18...jetty-11.0.19)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-21 08:58:11 -03:00