8dc702c80f
Add null check in CsrfFilter and CsrfWebFilter
...
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.
When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.
ZiQiang Zhao<1694392889@qq.com>
Closes gh-9561
2021-04-09 21:57:14 -06:00
bd0247adef
Next Development Version
2021-02-11 12:22:42 -07:00
974156d5fb
Release 5.2.9.RELEASE
2021-02-11 10:37:22 -07:00
e2121532a2
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 09:38:04 -07:00
7cab7b06c5
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 09:38:04 -07:00
f60daa5152
Update to GAE 1.9.86
...
Closes gh-9442
2021-02-11 09:31:37 -07:00
f63b770ec5
Update to Tomcat 9.0.43
...
Closes gh-9441
2021-02-11 09:31:30 -07:00
44bb975f82
Update to Jetty 9.4.36.v20210114
...
Closes gh-9440
2021-02-11 09:31:25 -07:00
3cb6b3e5d6
Update to hibernate-validator 6.1.7.Final
...
Closes gh-9439
2021-02-11 09:31:20 -07:00
db07cea579
Update to hibernate-entitymanager 5.4.28.Final
...
Closes gh-9438
2021-02-11 09:31:15 -07:00
0fb60c3aa7
Update to thymeleaf-spring5 3.0.12
...
Closes gh-9437
2021-02-11 09:31:11 -07:00
31cb29cb2d
Update to Spring Data Moore-SR12
...
Closes gh-9436
2021-02-11 09:31:03 -07:00
46bfc00db2
Update to Reactor Dysprosium-SR16
...
Closes gh-9435
2021-02-11 09:30:57 -07:00
987b14d1d4
Update to Spring Framework 5.2.12.RELEASE
...
Closes gh-9434
2021-02-11 09:30:52 -07:00
1f19ee04e1
Update to Spring Boot 2.2.13.RELEASE
...
Closes gh-9433
2021-02-11 09:30:39 -07:00
005eca7bd9
Fix Test Configuration
...
- Typo in PlaceholderConfig was causing Windows builds to
resolve the CLASSPATH environment variable
Closes gh-9421
2021-02-10 11:37:32 -07:00
68ac3ef36b
Polish Tests
...
Issue gh-9331
2021-02-03 09:34:20 -07:00
7a5c34ca57
Configure CurrentSecurityContextArgumentResolver BeanResolver
...
Closes gh-9331
2021-02-03 09:34:13 -07:00
542c625d7d
Allow null or empty authorities for DefaultOAuth2User
...
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken
Closes gh-9366
2021-02-02 04:43:29 -05:00
4de2dbb4cd
Update to spring-build-conventions:0.0.23.1.RELEASE
...
Fixes use of repo.spring.io
2021-01-26 11:11:05 -06:00
98399c920a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 11:10:03 -05:00
52ad49074d
Migrate SAML 2.0 Tests and Docs to PCFOne
...
Issue gh-9362
2021-01-25 08:32:17 -07:00
6df5dc4ecf
Migrate SAML 2.0 Samples to PCFOne
...
Closes gh-9362
2021-01-22 13:51:46 -07:00
32acb04efe
Fix SAML 2.0 Javaconfig Sample
...
Issue gh-9362
2021-01-22 13:51:37 -07:00
57dfbeecbb
Provide artifactoryUsername/Password in docs and schema jobs
2021-01-22 16:07:17 +01:00
1181740f79
Constant Time Comparison for CSRF tokens
...
Closes gh-9291
2021-01-20 16:18:25 -06:00
628ea00ad4
Fix CsrfWebFilter error message when expected CSRF not found
...
Closes gh-9337
2021-01-12 11:31:26 -06:00
6dc22835fd
Renew Sample Certificate
...
Closes gh-9320
2021-01-04 12:12:17 -07:00
174b71c017
OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray or JSONObject
...
ObjectToListStringConverter and ObjectToMapStringObjectConverter were checking if the source object is of type List or Map and if the first element or key is a String. If we have a JSONArray containing Strings the above check will pass, meaning that a JSONArray will be returned which is not serializable (same applies to JSONObject)
With this change, even if the check is passing a new List or Map will be returned.
Closes gh-9210
2020-12-03 11:42:00 -05:00
c7b4e4a493
Next Development Version
2020-12-02 19:09:04 -07:00
d03d31c2e7
Release 5.2.8.RELEASE
2020-12-02 16:06:32 -07:00
9976eb9e3a
Update to Spring LDAP Core 2.3.3
...
Closes gh-9245
2020-12-02 16:04:41 -07:00
7cf1ca7ab1
Update to Powermock 2.0.9
...
Closes gh-9244
2020-12-02 16:04:36 -07:00
664d9f1ba6
Update to HSQLDB 2.5.1
...
Closes gh-9243
2020-12-02 16:04:31 -07:00
f7b160d7a8
Update to Hibernate EntityManager 5.4.25
...
Closes gh-9242
2020-12-02 16:04:26 -07:00
5b60098548
Update to Jetty 9.4.35
...
Closes gh-9241
2020-12-02 16:04:13 -07:00
e6b383a9c4
Update to HttpComponents HttpClient 4.5.13
...
Closes gh-9240
2020-12-02 16:04:07 -07:00
5342133494
Update to RSocket 1.0.3
...
Closes gh-9239
2020-12-02 16:04:01 -07:00
7498ad95a1
Update to Reactor Dysprosium-SR14
...
Closes gh-9238
2020-12-02 16:03:56 -07:00
04d382d8d8
Update to Google App Engine 1.9.83
...
Closes gh-9237
2020-12-02 16:03:51 -07:00
83a177d327
Update to Jackson 2.10.5.1
...
Closes gh-9236
2020-12-02 16:03:46 -07:00
ebb2afa5e8
Update to Spring Data Moore-SR11
...
Closes gh-9235
2020-12-02 16:03:41 -07:00
276a934bcd
Update to Spring 5.2.11
...
Closes gh-9234
2020-12-02 16:03:35 -07:00
e4b538146a
Update to Spring Boot 2.2.11
...
Closes gh-9233
2020-12-02 16:03:27 -07:00
5948f492f5
Add missing withCredentials in Jenkinsfile
2020-11-17 09:28:13 -06:00
1bac5498dd
Fix artifactoryUsername/Password in build.gradle
...
Missing )
2020-11-17 09:05:37 -06:00
07479dce6d
Use artifactoryUsername/Password in Jenkinsfile
2020-11-17 09:02:49 -06:00
05c0176b98
allprojects uses artifactoryUsername/Password
2020-11-17 09:02:21 -06:00
03c2cc846d
Use artifactoryUsername/Password for plugin repositories
2020-11-17 08:54:39 -06:00
ec7deca76f
add white space before strong notation.
2020-10-30 15:51:27 -06:00
佚名
Josh Cummings
Rob Winch
happier233
Joe Grandja
Benjamin Faal
Eleftheria Stein
Rob Winch
Ovidiu Popa
Hideaki Matsunami