Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 15:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,058 Commits 33 Branches 337 Tags
Commit Graph

1827 Commits

Author SHA1 Message Date
Marcus Da Coregio
a8d6c1d21f Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:58:22 -03:00
Rob Winch
faf9fb7337 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:46 -05:00
Marcus Da Coregio
d66ad22652 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:32:44 -03:00
Juny Tse
649428b49a
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:06:27 -06:00
Marcus Da Coregio
e45dcb3ab2 Update copyright headers 
Issue gh-10956
 2022-05-06 14:18:42 -03:00
Marcus Da Coregio
d3a451fffb Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:18:36 -03:00
Marcus Da Coregio
9d378103b0 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:43:50 -03:00
Josh Cummings
963251314b Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:40:11 -07:00
Josh Cummings
f53c65b3a0 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 15:07:29 -07:00
Manuel Jordan
0be772ff5b Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 15:07:29 -07:00
Rob Winch
4f3072b3d9 Exclude javax from hibernate dependency 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
13c467734a Remove javax.transaction 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
c01b2b946b Additional removal of javax.inject 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
58090c37ea jsr250-api -> jakarta.annotation-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
04f3bbcefa javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
c67ee6f2a8 javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
5902b46e9b Remove jcl-over-slf4j 
Issue gh-10499

# Conflicts:
#	dependencies/spring-security-dependencies.gradle
 2022-01-19 15:32:01 -06:00
Rob Winch
62449d6fa2 Remove commons-logging 
Closes gh-10499
 2022-01-19 15:31:22 -06:00
Marcus Da Coregio
e1cb375fbf Make source code compatible with JDK 8 
Closes gh-10695
 2022-01-12 16:39:50 -03:00
Marcus Da Coregio
994e93741b Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2022-01-05 14:06:47 -03:00
Josh Cummings
76ebbb84f7 Separate Namespace Servlet Docs 
Issue gh-10367
 2021-11-05 12:45:46 -06:00
Marcus Da Coregio
2f1638ec57 Fix javadoc 
Closes gh-10382
 2021-10-22 11:20:37 -03:00
Emil Sierżęga
cb70b6a39b Fixed invalid usage of & tag in Javadocs 2021-10-21 11:47:04 +02:00
Emil Sierżęga
04b47c5928 Fixed various broken links in Javadocs 2021-10-21 11:47:04 +02:00
Emil Sierżęga
a188138715 Javadocs author tag doesn't work in methods 2021-10-21 11:47:04 +02:00
Emil Sierżęga
6b26032ce7 Fixed invalid usege of > tag in Javadocs 2021-10-21 11:47:04 +02:00
Rob Winch
f836897190 Checkstyle Fixes 
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
 2021-10-18 21:03:35 -05:00
Philipp Neuschwander
6db58cbf8a Conditionally resolve bearer token from request parameters 
Before this commit, the DefaultBearerTokenResolver unconditionally
resolved the request parameters to check whether multiple tokens
are present in the request and reject those requests as invalid.

This commit changes this behaviour to resolve the request parameters
only if parameter token is supported for the specific request
according to spec (RFC 6750).

Closes gh-10326
 2021-10-13 17:10:50 -05:00
Gaurav Tiwari
33708e61fb Add postProcess support to Saml2LogoutConfigurer 
Closes gh-10311
 2021-10-13 12:05:48 -06:00
Josh Cummings
fbb7691be4 Polish SecurityNamespaceHandler Tests 
Issue gh-8974
 2021-10-13 11:50:14 -06:00
Emil Sierżęga
8daa6ec1fd SecurityNamespaceHandler: update schema version to 5.6 
Closes gh-8974
 2021-10-13 11:49:57 -06:00
Eleftheria Stein
ba8844a67e Deprecate Kotlin methods that don't use reified types 
Closes gh-10365
 2021-10-13 10:16:37 +02:00
Marcus Da Coregio
02b2fcc6f0 Restore ManagementConfigurationPlugin 
Issue gh-9615
 2021-10-05 11:23:29 -03:00
Marcus Da Coregio
d2e5f2ae0d Update Gradle to 7.2 
Closes gh-9615
 2021-10-04 15:19:40 -03:00
Marcus Da Coregio
7112ee3eaa Allow SAML 2.0 loginProcessingURL without registrationId 
Closes gh-10176
 2021-10-04 09:54:40 -03:00
Marcus Da Coregio
e36e2b2a97 Move Saml2AuthnRequestRepository to web package 
Moving to solve package tangles

Issue gh-9185
 2021-09-29 14:10:39 -03:00
Rob Winch
3b64cdfc03 Fix XsdDocumentedTests 
Issue gh-5835
 2021-09-24 10:25:26 -05:00
Josh Cummings
c3ba2332da Wire BeanResolver into DefaultMethodSecurityExpressionHandler 
Closes gh-10305
 2021-09-22 14:14:29 -06:00
Josh Cummings
7b599d4770 Share JWKSource Instances 
Closes gh-10312
 2021-09-22 13:28:08 -06:00
Marcus Da Coregio
0364518b69 Update Saml2LoginConfigurer to pick up Saml2AuthenticationTokenConverter bean 
Closes gh-10268
 2021-09-17 08:13:19 -03:00
Eleftheria Stein
1e76b11b3c Remove duplicate entry from test LDIF file 
Closes gh-10274
 2021-09-16 10:26:06 +02:00
Josh Cummings
4f06fc6ed1 Add Saml2LogoutConfigurer 
Closes gh-9497
 2021-09-13 16:39:48 -06:00
Josh Cummings
6488295cad Add RelyingPartyRegistrationResolver 
Closes gh-9486
 2021-09-13 16:39:48 -06:00
Derek Van Blerkom
58d50888df Fix return type to allow further security config 2021-09-13 15:31:02 -03:00
Yanming Zhou
f2b2e6002f Replace static "ROLE_" with customized role prefix 
Fix gh-4134
 2021-09-09 11:48:25 -06:00
Eleftheria Stein
3ab6bee856 Make method static to prevent circular dependency error 
Workaround for circular dependency between ServerHttpSecurityConfiguration and WebFluxConfigurationSupport.

Closes gh-10076
 2021-08-11 13:46:45 +02:00
Marcus Da Coregio
662ab10416 Fix test getting stuck 
The tests are getting stuck when running a single test class and the mock is performed in a static variable inside an inner class

Issue gh-6025
 2021-07-27 14:55:53 -06:00
Marcus Da Coregio
16e17d242e Add Saml2AuthenticationRequestRepository 
Closes gh-9185
 2021-07-27 14:55:53 -06:00
Josh Cummings
6b68a6d62b
Apply rnc2Xsd 
Issue gh-8657
 2021-07-27 13:22:42 -06:00
Josh Cummings
6370906ead
Add SpringOpaqueTokenIntrospector 
Closes gh-9354
 2021-07-26 10:50:50 -06:00