Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-12-31 04:20:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,310 Commits 54 Branches 369 Tags
Commit Graph

1051 Commits

Author SHA1 Message Date
Steve Riesenberg
ddf4542a9e
Add hasText assertion to IpAddressMatcher constructor 
Issue gh-15527

(cherry picked from commit 3a298196512de5f3002707e2af8298d650033df7)
 2024-11-15 10:17:39 -06:00
Steve Riesenberg
554df6fab6
Fix NPE in IpAddressMatcher 
Closes gh-15527

(cherry picked from commit 52de894c3c0a812562d6822db30f5c6c88526181)
 2024-11-15 10:17:38 -06:00
Josh Cummings
5048a68ab7
Merge branch '6.2.x' into 6.3.x 
Closes gh-15986
 2024-10-24 11:56:41 -06:00
Josh Cummings
addc7c53b2
Merge branch '5.8.x' into 6.2.x 
Closes gh-15985
 2024-10-24 11:56:16 -06:00
DingHao
1399a82ea9 Return Null Request When Cookie Is Malformed 
Closes gh-15905
 2024-10-24 10:55:36 -07:00
Rob Winch
1528c421bd Merge branch '6.2.x' into 6.3.x 
Add Firewall for WebFlux

Closes gh-15967
 2024-10-21 09:43:48 -05:00
Rob Winch
0e257b56ce Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 09:42:24 -05:00
Rob Winch
542071b1f8 Merge Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 08:56:42 -05:00
Rob Winch
4ce7cde155 Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 08:46:13 -05:00
Steve Riesenberg
1e4aff2bdb
Merge branch '6.2.x' into 6.3.x 
Closes gh-15186
 2024-05-31 19:02:31 -05:00
Steve Riesenberg
3fc7b6e921
Merge branch '5.8.x' into 6.2.x 
Closes gh-15185
 2024-05-31 18:34:14 -05:00
Steve Riesenberg
dcb8c563e8
Fix ArrayIndexOutOfBoundsException 
Issue gh-13310
Closes gh-15184
 2024-05-31 18:12:21 -05:00
Josh Cummings
7288fecc24
Verify ipAddress Not A Hostname 
Closes gh-15172
 2024-05-30 17:50:56 -06:00
Joaquin Santana
927840fe88 Do Not Invalidate Current Session When It Is Registered 
Closes gh-15066
 2024-05-14 10:01:54 -03:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Marcus Hert Da Coregio
b3c7f3ff19 Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision 
Issue gh-7395
 2024-04-30 08:38:03 -03:00
Marcus Hert Da Coregio
61eba00654 Move HaveIBeenPwnedRestApiPasswordChecker to spring-security-web 
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.

Issue gh-7395
 2024-04-10 14:58:01 -03:00
ruabtmh
c0928bf198 Add DelegatingAuthenticationConverter 
Closes gh-14644
 2024-03-13 14:33:45 -06:00
DingHao
8885707674 Add DelegatingServerAuthenticationConverter 
Closes gh-14644
 2024-03-05 08:21:59 -07:00
Steve Riesenberg
bd345fb2a8
Polish gh-11758 2024-02-29 12:15:30 -06:00
Markus Heiden
5c5503924b
Add SwitchUserGrantedAuthorityMixIn 
Closes gh-11775
 2024-02-29 11:07:21 -06:00
Marcus Hert Da Coregio
f8ff056eb6 Update Max Sessions on WebFlux 
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler

Issue gh-6192
 2024-02-28 10:06:45 -03:00
Marcus Hert Da Coregio
a5ce8ae87f Polish Max Sessions on WebFlux 
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry

Issue gh-6192
 2024-02-27 11:12:50 -03:00
Josh Cummings
4d039e515f
Merge branch '6.2.x' 2024-02-22 13:21:22 -07:00
Josh Cummings
9c48546883
Merge branch '6.1.x' into 6.2.x 2024-02-22 13:21:14 -07:00
Josh Cummings
7f106f0419
Merge branch '5.8.x' into 6.1.x 2024-02-22 13:20:29 -07:00
Christian Becker
5f80468de3 Updated copyright date 2024-02-22 13:19:05 -07:00
Christian Becker
2f762fefe1 Allow tab in HTTP header values. 
Closes gh-14573
 2024-02-22 13:19:05 -07:00
Marcus Hert Da Coregio
21580fd27d Merge branch '6.2.x' 2024-02-16 13:31:20 -03:00
Marcus Hert Da Coregio
15306c1007 Merge branch '6.1.x' into 6.2.x 2024-02-16 13:21:15 -03:00
Rob Winch
750cb30ce4 Add AuthenticationTrustResolver.isAuthenticated 2024-02-16 13:08:29 -03:00
Marcus Hert Da Coregio
915d68e216 Remove includeExpiredSessions parameter 
The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter

Issue gh-6192
 2024-02-06 10:43:00 -03:00
Federico Herrera
c1adeef0da Add validation IpAddressMatcher 
Closes gh-13621
 2024-01-30 17:16:18 -07:00
Nermin Karapandzic
6e1bcfed11 Add argument resolver for SecurityContext 
Closes gh-13425
 2024-01-29 17:30:38 -07:00
Marcus Hert Da Coregio
06278157fa Merge branch '6.2.x' 
Closes gh-14471
 2024-01-17 16:16:40 -03:00
Marcus Hert Da Coregio
148e0b41d2 Merge branch '6.1.x' into 6.2.x 
Closes gh-14470
 2024-01-17 16:16:27 -03:00
Marcus Hert Da Coregio
ce5f5e6e33 Add native hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken 
Closes gh-14397
 2024-01-17 16:14:59 -03:00
Josh Cummings
d7a9a19161
Merge branch '6.2.x' 2023-12-18 11:47:39 -07:00
Josh Cummings
03e48905c7
Merge branch '6.1.x' into 6.2.x 
Closes gh-14346
 2023-12-18 11:47:23 -07:00
Josh Cummings
b855ccdb09
Merge branch '5.8.x' into 6.1.x 
Closes gh-14345
 2023-12-18 11:46:04 -07:00
Josh Cummings
eaaa813ede
Fix header value typo 
Closes gh-11948
 2023-12-18 10:42:50 -07:00
Rob Winch
465642828a Merge branch '6.2.x' 
Add HandlerMappingIntrospector Caching

Closes gh-14333
 2023-12-14 16:11:08 -06:00
Rob Winch
6dd29520b0 Merge branch '6.1.x' into 6.2.x 
Add HandlerMappingIntrospector Caching

Closes gh-14332
 2023-12-14 16:10:50 -06:00
Rob Winch
70dfb3d391 Add HandlerMappingIntrospector Caching 
Closes gh-14128
 2023-12-14 16:08:36 -06:00
Marcus Da Coregio
57ab15127a Add Max Sessions on WebFlux 
Closes gh-6192
 2023-12-11 09:48:34 -03:00
Marcus Hert Da Coregio
e920bfb3a2 Merge branch '6.1.x' 
Closes gh-14138
 2023-11-14 10:56:57 -03:00
Marcus Hert Da Coregio
921afba134 Use addCookie instead of addHeader in CookieCsrfTokenRepository 
By using addCookie we make sure that configured Tomcat's CookieProcessors are invoked

Closes gh-14131
 2023-11-14 10:56:24 -03:00
Josh Cummings
621ab3e7cb
Merge remote-tracking branch 'origin/6.1.x' 2023-11-07 17:33:09 -07:00
Josh Cummings
bcef8f98aa
Merge branch '6.0.x' into 6.1.x 
Closes gh-14117
 2023-11-07 17:32:51 -07:00
Josh Cummings
4990373cf9
Merge branch '5.8.x' into 6.0.x 
Closes gh-14116
 2023-11-07 17:22:36 -07:00