Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-12-29 11:30:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,867 Commits 54 Branches 369 Tags
Commit Graph

1199 Commits

Author SHA1 Message Date
Josh Cummings
dadf10899c
Add WebExpressionAuthorizationManager.Builder 
Closes gh-17504
 2025-07-09 17:33:10 -06:00
Josh Cummings
c06b1f4916
Remove LazyCsrfTokenRepository 
Closes gh-13196
 2025-07-09 13:47:06 -06:00
Rob Winch
e48fdd5ed4
Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Tran Ngoc Nhan
9312fb7004 Remove Deprecated AuthorizationDecision Elements 
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 14:32:49 -06:00
Josh Cummings
d3e9e3138d
Remove AntPath and MvcRequestMatcher 
Closes gh-16886
Closes gh-16887
 2025-07-03 13:37:50 -06:00
Josh Cummings
e8ed0f1b03
Use PathPatternRequestMatcher in web 
Issue gh-16887
 2025-07-03 13:37:48 -06:00
Josh Cummings
98686a5139
Standardize Mock Request Paths 
Closes gh-17449
 2025-07-03 13:37:47 -06:00
Josh Cummings
d869686d09
Add TestMockHttpServleRequests 
Closes gh-17450
 2025-07-03 13:37:46 -06:00
Tran Ngoc Nhan
709f5db0e5 Polish Webauthn4JRelyingPartyOperations 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-06-17 13:35:52 -05:00
Evgeniy Cheban
092bbfc8e7 ReactiveAuthorizationManager replace deprecated #check calls with #authorize 
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-06-12 11:11:49 -06:00
Max Batischev
aba437d469 Add Support SubjectX500PrincipalExtractor 
Closes gh-16980

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-06-12 12:09:20 -05:00
Joe Grandja
98c3453aa4 Merge branch '6.5.x' 2025-06-06 07:19:08 -04:00
Joe Grandja
d622183e62 Merge branch '6.4.x' into 6.5.x 
Closes gh-17216
 2025-06-06 07:06:12 -04:00
Joe Grandja
a377175455 Merge branch '6.3.x' into 6.4.x 
Closes gh-17215
 2025-06-06 06:50:45 -04:00
Andrey Litvitski
b0f8aa5ea0 Fix to allow multiple AuthenticationFilter instances to process each request 
Closes gh-17173

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-06-06 06:37:03 -04:00
John Niang
9ba5c7b2ce Add SwitchUserGrantedAuthority to Web Jackson Module 
Closes gh-17041

Signed-off-by: John Niang <johnniang@foxmail.com>
 2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan
8e2067bb3e Remove deprecated MemberCategory#DECLARED_FIELDS 
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Rob Winch
6118587ff8 SavedCookieMixinTests uses readValue(String,Object.class) 
The test should not provide SavedCookie.class to the ObjectMapper
since this is not done in production. In particular, it provides the
type that it should be deserialized, but this must be provided in the
JSON since the type is unknown at the time of deserialization.

Issue gh-17006
 2025-05-07 14:55:54 -05:00
M-Faheem-Khan
241c3cd35a Remove deprecated Cookie usage 
Remove usage of comment and verison usage

Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>
 2025-05-07 14:55:54 -05:00
Rob Winch
5f833fa236 Fix Checkstyle Errors 2025-05-07 10:50:41 -05:00
milaneuh
7fda87aecd Remove deprecated methods from CookieServerCsrfTokenRepository 2025-05-07 10:50:41 -05:00
Rob Winch
b453840c0a
HttpHeaders no longer a MultiValueMap 
Closes gh-17060
 2025-05-06 13:27:13 -05:00
Rob Winch
e5e962ef90
Jakarta Cookie HttpOnly Serialization 
The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".

This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
 2025-05-06 13:27:13 -05:00
Rob Winch
66319fc3bc
MockServerHttpRequest.method(String,String)->method(HttpMethod,String) 
Closes gh-17058
 2025-05-06 13:26:16 -05:00
Josh Cummings
aa338e9b0d
Merge branch '6.4.x' 2025-05-02 10:58:22 -06:00
Josh Cummings
57fc29e614
Merge branch '6.3.x' into 6.4.x 
Closes gh-17032
 2025-05-02 10:57:55 -06:00
Josh Cummings
e48f26e51e
Propagate StrictFirewallRequest Wrapper 
Closes gh-16978
 2025-05-02 10:57:07 -06:00
Max Batischev
c855453e40 Fix Typo In SubjectDnX509PrincipalExtractorTests 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-04-29 12:25:41 -06:00
Josh Cummings
f93a7a2f85
Deprecate HandlerMappingIntrospectorRequestTransformer 
Closes gh-16536
 2025-04-07 13:56:18 -06:00
chu3la
8cbe02e3aa Update WebAuthn Test Objects Class Names 
Closes gh-16604

Signed-off-by: chu3la <elmansouri.houssam@gmail.com>
 2025-04-03 16:33:34 -06:00
Josh Cummings
4cdc6dab21
Fix Formatting 
Issue gh-16604
 2025-04-03 12:55:51 -06:00
Vasanth
04d7130975
Update WebAuthn Test Objects Class Names 
Renamed the WebAuthn test object class names

Closes gh-16604

Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>
 2025-04-03 12:55:50 -06:00
Josh Cummings
b7d399ab89
Merge branch '6.4.x' 2025-04-01 12:02:53 -06:00
Josh Cummings
0954638d57
Merge branch '6.3.x' into 6.4.x 
Closes gh-16862
 2025-04-01 12:02:25 -06:00
DingHao
857ef6fe08 WithHttpOnlyCookie defaults to false 
Closes gh-16820

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-04-01 11:59:51 -06:00
Max Batischev
9a897d0b62 Add Support Postgres To JdbcUserCredentialRepository 
Closes gh-16832

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-31 16:43:36 -06:00
wtigerhyunsu
bdbf6a2be3 Add toString() to IpAddressMatcher.java 
Closes gh-16795

Signed-off-by: wtigerhyunsu <jack951@naver.com>
 2025-03-27 16:38:53 -06:00
Josh Cummings
99345537d6
Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter 
Issue gh-16417
 2025-03-26 16:38:39 -06:00
Josh Cummings
1eec51ab6c
Polish SwitchUserFilterTests 
Ensure that the appropriate HTTP Method is specified in tests

Issue gh-16417
 2025-03-26 16:38:38 -06:00
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components 
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
 2025-03-26 13:28:58 -06:00
Josh Cummings
50ad378a29
Polish MockHttpServletRequest Usage 
This commit makes so that the requestURI is set to a value that makes
sense with the other properties being mocked.

Issue gh-16632
 2025-03-26 13:27:17 -06:00
Rob Winch
491d28b6bb
Merge branch '6.4.x' 
- Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity

Closes gh-16821
 2025-03-25 16:19:14 -05:00
Rob Winch
a6b5c05da9
Additional WebAuthn4jRelyingPartyOperationTests 
- verify that anonymous users not saved
- verify that when user found the CredentialRecord is allowed

Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
9c054474a8
Use Test Name Conventions 
Issue gh-16385
 2025-03-25 16:14:25 -05:00
Borghi
e3a715b8f5 Fix issues identified in PR review 
Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 13:00:27 -03:00
Josh Cummings
56e757a2a1 Provide Authentication to AuthenticationExceptions 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
Josh Cummings
464e506429 Polish ExceptionTranslateWebFilter 
- Isolated exception construction
- Isolated entry point subscription

Issue gh-16444
 2025-03-21 21:54:32 -06:00
Josh Cummings
bfc12d55eb
Polish Tests 
Issue gh-16771
 2025-03-21 14:43:05 -06:00
Josh Cummings
3d96878d43
Cache RequestPath 
In this way PathPatternRequestMatcher won't need to reparse for each
request matcher.

Issue gh-16771
 2025-03-21 14:43:05 -06:00
Josh Cummings
86599afd43
Rename servletPath to basePath 
Closes gh-16765
 2025-03-21 12:04:46 -06:00