Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,648 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

8648 Commits

Author SHA1 Message Date
Eleftheria Stein d8bef76a0f Unlock dependencies 
This reverts commit b619d298aa.
 2020-08-05 18:18:02 +02:00
Eleftheria Stein 9187a7925e Release 5.3.4.RELEASE 2020-08-05 17:40:07 +02:00
Eleftheria Stein b619d298aa Lock Dependencies for 5.3.4.RELEASE 2020-08-05 12:33:31 +02:00
Eleftheria Stein ddeb68ff44 Update to Spring Boot 2.2.9.RELEASE 
Closes gh-8922
 2020-08-05 12:10:25 +02:00
Eleftheria Stein 49fa14c4c5 Update to GAE 1.9.81 
Closes gh-8923
 2020-08-05 12:09:46 +02:00
Eleftheria Stein 57f0a96e92 Update to nohttp 0.0.5.RELEASE 
Closes gh-8924
 2020-08-05 12:06:01 +02:00
Eleftheria Stein cd78d384ea Update to spring-build-conventions:0.0.34.RELEASE 
Closes gh-8925
 2020-08-05 12:05:28 +02:00
Dávid Kováč d104490cb8 Resolve Bearer token after subscribing to publisher 
Bearer token was resolved immediately after calling method convert. In situations when malformed token was provided or authorization header and access token query param were present in request exception was thrown instead of signalling error.
After this change Bearer token is resolved on subscription and invalid states are handled by signaling error to subscriber.

Closes gh-8865
 2020-08-03 11:09:48 -05:00
Josh Cummings c2612a2f41
Remove unused import 
Issue gh-8589
 2020-07-31 08:45:17 -06:00
Josh Cummings f3695932de
Polish to Avoid NPE 
Issue gh-5648

Co-authored-by: MattyA <mat.auburn@gmail.com>
 2020-07-30 17:28:07 -06:00
Josh Cummings 950769fa00
Additional Jwt Validation Debug Messages 
Closes gh-8589

Co-authored-by: MattyA <mat.auburn@gmail.com>
 2020-07-30 17:21:58 -06:00
Dennis Neufeld 57db8e5d4a Add OAuth2AuthenticationException to allowlist 
Add mixins for
- OAuth2AuthenticationException
- OAuth2Error

Closes gh-8797
 2020-07-21 10:15:44 -04:00
Josh Cummings 5d8bac1971
Polish WebSecurityConfigurerAdapter JavaDoc 
Issue gh-8784
 2020-07-20 15:23:43 -06:00
Romil Patel a55267f867
WebSecurityConfigurerAdapter JavaDoc 
Closes gh-8784
 2020-07-20 15:23:36 -06:00
Josh Cummings 9045636a4b
Polish Bearer Token Padding 
Issue gh-8502
 2020-07-16 11:56:55 -06:00
kothasa 09e154d8f2
Bearer Token Padding 
Closes gh-8502
 2020-07-16 11:53:36 -06:00
wangsong 6584b84b60 Fix ProviderManager Javadoc typo 
Closes gh-8800
 2020-07-07 17:12:38 -05:00
Rob Winch 070706d948 LoginPageGeneratingWebFilter honors context path 
Closes gh-8807
 2020-07-07 13:36:35 -05:00
Julian Müller 4fec451196 Enables empty authorityPrefix 
- docs stated that empty authorityPrefix are allowed but implementation denied to use `""`
- commit removes the `hasText`-limitation but restricts to `notNull`

Fixes gh-8421
 2020-07-07 15:24:38 +02:00
Eleftheria Stein 7af5804d56 Compare Timestamps up to the millisecond 
Issue gh-8782
 2020-07-01 11:30:27 +02:00
Ellie Bahadori 8904b3b19b Use Github Actions workflow for PRs and remove Travis 
Closes gh-8719
 2020-06-30 10:14:04 -04:00
Rob Winch 8dea578959 Update to spring-build-conventions:0.0.33.RELEASE 
Closes gh-8759
 2020-06-25 11:28:15 -05:00
Dávid Kovács c16db27670 formLogin() and login() implement Mergable 
This is necessary so that default requests like Spring REST Docs work.

Closes gh-7572
 2020-06-22 14:56:07 -05:00
Evgeniy Cheban eb90857d6e DefaultWebSecurityExpressionHandler uses RoleHierarchy bean 
Fixes gh-7059
 2020-06-10 16:56:15 -04:00
Joe Grandja 38c1e3ffa8 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException 
Issue gh-8609
 2020-06-09 15:27:32 -04:00
Joe Grandja acf56f24a6 OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException 
Fixes gh-8609
 2020-06-09 15:21:07 -04:00
Eleftheria Stein 7a7707b899 Revert "Temporarily ignore RSocket integration tests" 
This reverts commit 8dd9cb2b33.

Fixes gh-8643
 2020-06-08 16:43:12 -04:00
Rob Winch 5a5bed49f6 Add subscriberContext to PayloadSocketAcceptor delegate.accept 
Closes gh-8654
 2020-06-05 12:54:26 -05:00
Josh Cummings 8ff3d6606b
Next Development Version 2020-06-03 16:13:07 -06:00
Josh Cummings bbd2a9ebae
Revert "Lock Dependencies for 5.3.3.RELEASE" 
This reverts commit 116bfe01e6.
 2020-06-03 16:11:59 -06:00
Josh Cummings 4246b0ae0a
Release 5.3.3.RELEASE 2020-06-03 13:58:56 -06:00
Eleftheria Stein 8dd9cb2b33
Temporarily ignore RSocket integration tests 
Issue gh-8643
 2020-06-03 13:58:13 -06:00
Josh Cummings 116bfe01e6
Lock Dependencies for 5.3.3.RELEASE 2020-06-03 13:14:07 -06:00
Josh Cummings 04079fca69
Update to Latest rsocket-core 
Now that the RSocket Authentication Extension is GA, it's no longer
necessary to override the version locally in the sample.

Issue gh-7935
 2020-06-03 13:14:07 -06:00
Josh Cummings 35cf443431
Update to Kotlin 1.3.72 
Closes gh-8645
 2020-06-03 13:14:32 -06:00
Josh Cummings 4213046653
Update to Spring Boot 2.2.7.RELEASE 
Closes gh-8646
 2020-06-03 13:14:26 -06:00
Josh Cummings 16723e55b1
Update to AppEngine 1.9.80 
Closes gh-8647
 2020-06-03 13:14:07 -06:00
Josh Cummings 977642b0ce
Change Reactor Constraint to Take Latest SR 
Issue gh-8531
 2020-06-03 12:25:52 -06:00
Josh Cummings 94737df378
Pull Latest Minor Releases for Nimbus 
Closes gh-8608
 2020-06-03 12:25:30 -06:00
Rob Winch cf142ef024 Delay AuthenticationPrincipalArgumentResolver Creation 
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
 2020-05-29 16:51:23 -05:00
Markus Engelbrecht 258bd8fa09 Fix typos in BCryptPasswordEncoder documentation 
Closes gh-8586
 2020-05-27 10:37:46 -05:00
Spencer Gilson 30736184ca Fixing typo in README 
Closes gh-8581
 2020-05-27 07:57:29 -05:00
Eleftheria Stein 2ebbb6f80a Mock request with non-standard HTTP method in test 
Fixes gh-8594
 2020-05-26 15:38:53 -04:00
justmehyp 5bcfaaf94d Remove unused field 'digester' in Md4PasswordEncoder 
`private Digester digester;`  defined in Md4PasswordEncoder is never used. So remove it.

Closes gh-8553
 2020-05-21 11:19:28 -05:00
Mazharul Islam e1f01c6d77 mentioning the default strength of BCryptPasswordEncoder 
Fixes gh-8542
 2020-05-21 11:16:12 -05:00
Thomas Turrell-Croft c1f737c842 Polish JDBC Authentication Doc 
* Correct documented default schema to match default schema exposed as classpath resource
* Fix Java example of adding users to JdbcUserDetailsManager

Fixes gh-8550
 2020-05-21 11:10:06 -05:00
Maksim Vinogradov 892f2f8843 Prevent StackOverflowError for AccessControlEntryImpl.hashCode 
Getting StackOverflowError when invoke AclImpl.hashCode because of
cross-references between AclImpl and AccessControlEntryImpl

Remove from AccessControlEntryImpl.hashCode method invocation of
acl.hashCode

fixes gh-5401
 2020-05-21 10:07:20 -05:00
Andreas Volkmann 5eeeac8e51 Update index.adoc 2020-05-20 08:02:50 -05:00
Dávid Kovács 8399375a86 Object ID Identicy conversion to long fails on old schema 
This change fixed a bug which tried to convert non-string object as string

Fixes gh-7621
 2020-05-19 13:44:57 -05:00
cbornet b6efd5ba76 Create the CSRF token on the bounded elactic scheduler 
The CSRF token is created with a call to UUID.randomUUID which is blocking.
This change ensures this blocking call is done on the bounded elastic scheduler which supports blocking calls.

Fixes gh-8128
 2020-05-18 11:05:50 -05:00