Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,022 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

6022 Commits

Author SHA1 Message Date
Rob Winch 7259759f8d Update to Spring LDAP 2.2.0.RELEASE 
Fixes gh-4124
 2016-11-09 16:55:19 -06:00
Rob Winch 14e5e06ae0 Update to Spring 4.3.4.RELEASE 
Fixes gh-4123
 2016-11-09 16:55:19 -06:00
Rob Winch 697daeab7c Add Jackson2 Support for PreAuthenticatedAuthenticationToken 
Fixes gh-4120
 2016-11-09 16:55:10 -06:00
Rob Winch f97f38fd57 jacksonDatavindVersion->jacksonDatabindVersion 
Issue gh-4122
 2016-11-09 16:46:38 -06:00
Rob Winch a853d38076 Update to Jackson 2.8.4 
Fixes gh-4122
 2016-11-09 16:42:41 -06:00
Rob Winch f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Rob Winch 36f4f7d081 Add securityCheckWhenCustomAuthorityThenNameIsUsed 
Add a test for AclAuthorizationStrategyImpl.securityCheck when a custom
authority is used.

Issue gh-4085
 2016-11-09 15:27:41 -06:00
Shazin Sadakath 07d1c7c5eb AclAuthorizationStrategyImpl uses name 
Fixes gh-4085
 2016-11-09 14:53:46 -06:00
Kazuki Shimizu d2c28c58e2 Polishing the ReferrerPolicyHeaderWriter gh-4110 2016-11-09 13:16:41 -06:00
Rob Winch 14a656186d Polish Referrer Header Policy Docs 
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.

Move Referrer Header Polich outside of the CSP section.

Issue gh-4110
 2016-11-09 13:15:06 -06:00
stonio 2a197c72eb Fix typos in the reference 
Fix typos in the reference documentation

Fixes gh-4113
 2016-11-09 10:05:27 -06:00
Rob Winch ab5af87953 Add Referrer Policy to What's New 2016-11-08 16:14:20 -06:00
Eddú Meléndez 23294c4c57 Add Referrer-Policy header support 
Fixes gh-4110
 2016-11-08 13:21:35 -06:00
Kazuki Shimizu eb2870bf82 Polishing doc in What's New in Spring Security 4.2 2016-11-08 11:19:51 -06:00
Rob Winch 9fa42117f7 Update GRADLE_OPTS to use " instead of ' 2016-11-01 20:11:05 -05:00
Rob Winch cf3d6e7167 Fix Small Typo 
propoerty->property
 2016-10-31 11:31:52 -05:00
Spring Buildmaster 08f0b57243 Next development version 2016-10-26 02:49:27 +00:00
Spring Buildmaster 97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch 8ca4b55d32 Update What's New Section of Reference 
Fixes gh-4109
 2016-10-25 15:03:59 -05:00
Rob Winch 8e546454a5 Polish ApacheDSContainer LDAPs support 
Issue gh-4096
 2016-10-25 10:17:08 -05:00
Gunnar Hillert 406bb1d4d5 Add LDAPs support to ApacheDSContainer 
* Add the ability to enable LDAP over SSL (LDAPs)
* Add tests

Fixes gh-4096
 2016-10-25 10:16:35 -05:00
Rob Winch 8437d0fea3 Remove Eclipse Project Name customization 
Previously the build specified the major.minor.x as a suffix for the
project name. This is now removed since Buildship ignores it.
 2016-10-24 18:39:49 -05:00
Rob Winch df3b8bc284 Add Spring MVC test for override cache control 
Issue gh-3975
 2016-10-24 15:57:32 -05:00
Rob Winch 57d7ad05f9 Revert "Cache Control only written if not set" 
This reverts commit 242b831f20.
Spring MVC fixed the issue we were working around and the changes
in Spring Security were unreliable.

Fixes gh-3975
 2016-10-24 15:57:26 -05:00
Rob Winch e62596f36d Polish PasswordEncoderUtils do not leak length 
Fix possible / 0 if expected is empty String.

Issue gh-255
 2016-10-24 12:50:46 -05:00
Rob Winch d3685d89c5 Polish PasswordEncoderUtils do not leak length 
Issue gh-255
 2016-10-24 11:26:43 -05:00
avri-schneider a98389fa98 PasswordEncoderUtils do not leak length 
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
 2016-10-24 11:26:34 -05:00
Rob Winch dc9f9b140f Polish PasswordEncoderUtilsTests 
* Add more tests
* Smaller tests
* Follow new naming convention
 2016-10-24 11:24:24 -05:00
Rob Winch f432c04111 Create UserBuilder 
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
 2016-10-21 16:42:03 -05:00
Johnny Lim 50b72dddbc Fix typo in Javadoc 
This commit simply fixes typo in Javadoc.
 2016-10-20 21:07:15 -05:00
Rob Winch 94e580fe64 Add Support for Custom Default Configuration in Web Security 
Fixes gh-4102
 2016-10-19 16:15:56 -05:00
Rob Winch af9139b613 Add intercept-url@request-matcher-ref 
Fixes gh-4097
 2016-10-18 22:27:31 -05:00
Rob Winch f019ea89e7 Remove unused lowercase-comparisons from XSD 
Fixes gh-3932
 2016-10-18 22:27:28 -05:00
Rob Winch 0d700628dc Add spring-security-4.2.xsd to spring.schemas 
Fixes gh-4098
 2016-10-18 22:27:22 -05:00
Rob Winch aaa9708b95 Add BeanResolver to AuthenticationPrincipalArgumentResolver 
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.

This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.

Fixes gh-3949
 2016-10-18 19:45:54 -05:00
Joe df9e6c973c linked to java configuration sample applications 
removed outdated description and linked directly to java configuration sample applications
 2016-10-17 21:12:17 -05:00
Paul Samsotha 1da9c06f3b Fix Reference (test.adoc) Typo 
@SpringExecutionListeners -> @SpringTestExecutionListeners
 2016-10-17 21:11:19 -05:00
Rob Winch 0c35209d77 Document Proxy Server 
Issue gh-4076
 2016-10-17 21:07:57 -05:00
Rob Winch badb466cc5 AuthenticationConfiguration imports ObjectPostProcessor 
Fixes gh-4086
 2016-10-17 20:00:27 -05:00
Rob Winch 46bb855737 Remove chat sample 
Removed in favor of
https://github.com/spring-projects/spring-session/tree/master/samples/websocket

Fixes gh-4094
 2016-10-17 17:02:59 -05:00
Rob Winch 6a3a5f7beb Polish Deprecations 
Issue gh-4080
 2016-10-17 17:02:59 -05:00
Rob Winch 52c6e3cf89 Create RedirectMatcher 
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.

Issue gh-4080
 2016-10-17 17:02:58 -05:00
Rob Winch 17cfd4707b Fix deprecations 
Issue gh-4080
 2016-10-17 17:00:18 -05:00
Rob Winch 2c99cd3bbf Remove MatcherAssertionErrors 
Spring 5 removes MatcherAssertionErrors. We should not have been using
this class anyways.

This commit updates to using assertj in favor of MatcherAssertionErrors.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 8a7ac398e6 Remove TheController from Bean 
It is already picked up with classpath scanning

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 5e35e37a2b Update to Thymeleaf 3.0.2 and remove tiles 
Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch c1e9140940 Update itest/web to use Servelt 3.1 
Previously itest/web used Servlet 2.5 which Spring 5 is not
compatabile with. This commit removes unnecessary tests (ones that
were already covered) and converts the remaining tests to MockMvc
using the provided servlet version.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 1222fc5f10 XML ref to bean 
Spring 5 removes ref XML attribute in favor of bean XML attribute. This
commit updates all the samples and tests to use bean instead of ref.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 08c1f500a7 Version bumps for Spring 5 
Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch a18707c870 gradlew disables Gradle Daemon 
Fixes gh-4093
 2016-10-17 17:00:16 -05:00