Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-04 00:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,016 Commits 56 Branches 376 Tags
Commit Graph

2373 Commits

Author SHA1 Message Date
Johnny Lim
dac46dc57c Add a missing space in Secured.value() signature 2018-10-03 14:50:26 -04:00
Joe Grandja
58c9cbb471 Update to Spring 4.3.19 
Fixes gh-5826
 2018-09-07 18:12:55 -04:00
Spring Buildmaster
e0d95c7c8a Release version 4.2.7.RELEASES 2018-06-13 02:35:06 +00:00
Rob Winch
e923371724 Update SpringSecurityCoreVersion 2018-06-12 17:24:16 -05:00
Spring Buildmaster
2d8b6650db Release version 4.2.6.RELEASE 2018-05-08 17:14:29 +00:00
Rob Winch
c35c1c0643 Update Dependencies 2018-05-08 10:53:35 -05:00
Kazuki Shimizu
040fb6aa3c Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:45:09 -05:00
Rob Winch
b152218ee0 Add InMemoryUserDetailsManager(UserDetails...) 
Fixes: gh-5304
 2018-05-04 10:33:40 -05:00
Rob Winch
544e421157 Add UserBuilder Methods 
Fixes: gh-5303
 2018-05-04 10:33:25 -05:00
Rob Winch
0f612bf637 Add crypto PasswordEncoder from 5.0.x 
Fixes: gh-5302
 2018-05-04 10:32:53 -05:00
Spring Buildmaster
0065b55a75 Release version 4.2.5.RELEASE 2018-03-30 16:34:39 +00:00
Rob Winch
5dedbb6283 Update to jackson-databind-2.8.11.1 
Fixes: gh-5101
 2018-03-09 13:55:49 -06:00
Rob Winch
4cad151b57 Fix TestingAuthenticationTokenTests JDK 1.6 compile 
Issue: gh-5097
 2018-03-09 13:46:10 -06:00
Josh Cummings
72080bb5fe Authorities authenticate TestingAuthenticationToken 
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5097
 2018-03-09 13:27:27 -06:00
Spring Buildmaster
d1669b909f Release 4.2.4.RELEASE 2018-01-24 23:19:40 +00:00
Rob Winch
6f74162a1f Test Jackson HashMap in Whitelist 
Issue: gh-4889
 2018-01-03 16:08:57 -06:00
Chris Burrell
99a0baadfa Add HashMap to Jackson whitelist 
Issue: gh-4889
 2018-01-03 16:08:28 -06:00
Rob Winch
82168faf9d Update to jsonassert 1.4.0 
Fixes gh-4783
 2017-11-02 16:19:58 -05:00
Rob Winch
9d0f8977a9 Update to slfj4 1.7.25 
Fixes gh-4782
 2017-11-02 16:19:16 -05:00
Rob Winch
5ae615f3b4 Update Jackson to 2.8.10 
Fixes gh-4781
 2017-11-02 16:18:31 -05:00
Rob Winch
092c5aecf7 Update to Ehcache 2.10.4 
Fixes gh-4779
 2017-11-02 16:13:43 -05:00
Rob Winch
a5d56d8724 Update to Aspectj 1.8.12 
Fixes gh-4778
 2017-11-02 16:12:39 -05:00
Rob Winch
0f546dcb07 Update to Spring 4.3.12 
Fixes gh-4776
 2017-11-02 16:08:50 -05:00
Rob Winch
cb576d16e1 DelegatingApplicationListener uses CopyOnWriteArrayList 
Fixes gh-4417
 2017-11-02 14:41:20 -05:00
Greg Turnquist
3b4df40f47 Fix UsernamePasswordAuthenticationTokenMixin to handle null credentials/details 
Fixes gh-4773
 2017-11-02 14:41:20 -05:00
Gajendra kumar
6cbf71bd72 Allow inject Map into SessionRegistryImpl 
As principals and sessionIds are set in class itself so one can't share
user session count across nodes(Cluster). Using constructor for setting
principals and sessionIds we can pass Cache map to constructor which can
enable common session count in cluster otherwise user would be allowed to
logged in with multiple sessions. There is no point keeping principals
and sessionIds completely internal.

Fixes gh-4772
 2017-11-02 14:41:20 -05:00
Antoine
be50cd8ada Polish more AssertJ assertions 
Issue gh-4770
 2017-11-02 14:40:53 -05:00
Antoine
21efbb6ba7 Polish AssertJ assertions 
Fixes gh-4770
 2017-11-02 14:40:53 -05:00
Frank Pavageau
6cc0f6c054 Deserialize the principal in a neutral way 
When the principal of the Authentication is an object, it is not necessarily
an User: it could be another implementation of UserDetails, or even a
completely unrelated type. Since the type of the object is serialized as a
property and used by the deserialization anyway, there's no point in
enforcing a stricter type.
 2017-10-31 16:42:50 -05:00
Frank Pavageau
22ea835643 Map values directly from the JSON nodes 
Not only is it more efficient without converting to an intermediate String,
using JsonNode.toString() may not even produce valid JSON according to its
Javadoc (ObjectMapper.writeValueAsString() should be used).
 2017-10-31 16:42:50 -05:00
Spring Buildmaster
9e8994a2b7 Release version 4.2.3.RELEASE 2017-06-08 04:34:34 +00:00
Rob Winch
8b2faff7ad Update to Spring 4.3.9.RELEASE 
Fixes gh-4375
 2017-06-07 22:52:58 -05:00
Rob Winch
947d11f433 Update SecurityJackson2Modules 
Fixes gh-4370
 2017-06-07 22:52:58 -05:00
Rob Winch
d2524eadfc Update poms to new to SNAPSHOT version 2017-03-02 09:20:34 -06:00
Spring Buildmaster
081f0c4d94 Release version 4.2.2.RELEASE 2017-03-02 07:29:42 +00:00
pkovacs
f99fe36e02 Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl 
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.

Fixes gh-4163.
 2017-03-02 00:09:14 -06:00
stonio
901a4e183a Update SecurityContextHolder.java 
Use StringUtils.hasText
 2017-03-01 23:54:04 -06:00
Rob Winch
b64cdb5765 Fix RoleHiearchyUtilsTests on Windows 
Fixes gh-4228
 2017-03-01 23:27:11 -06:00
Rob Winch
9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Spring Buildmaster
7a7ce11ebb Release version 4.2.1.RELEASE 2016-12-21 17:23:28 +00:00
Rob Winch
6bec625e68 Update to Spring 4.3.5.RELEASE 
Fixes gh-4167
 2016-12-21 09:04:16 -06:00
Spring Buildmaster
24fcb6c45a Release version 4.2.0.RELEASE 2016-11-09 23:42:11 +00:00
Rob Winch
a9024de734 Polish Spring Version Update 
Fix related tests.

Issue gh-4123
 2016-11-09 17:05:25 -06:00
Rob Winch
f97f38fd57 jacksonDatavindVersion->jacksonDatabindVersion 
Issue gh-4122
 2016-11-09 16:46:38 -06:00
Rob Winch
f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Spring Buildmaster
97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch
e62596f36d Polish PasswordEncoderUtils do not leak length 
Fix possible / 0 if expected is empty String.

Issue gh-255
 2016-10-24 12:50:46 -05:00
Rob Winch
d3685d89c5 Polish PasswordEncoderUtils do not leak length 
Issue gh-255
 2016-10-24 11:26:43 -05:00
avri-schneider
a98389fa98 PasswordEncoderUtils do not leak length 
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
 2016-10-24 11:26:34 -05:00
Rob Winch
dc9f9b140f Polish PasswordEncoderUtilsTests 
* Add more tests
* Smaller tests
* Follow new naming convention
 2016-10-24 11:24:24 -05:00