e238b721bb
Fix imports in DelegatingSecurityContextRepository
...
Issue gh-12023
2022-10-17 19:36:25 -05:00
bd43c1f28a
Merge branch '5.8.x'
...
# Conflicts:
# web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
# web/src/test/java/org/springframework/security/web/context/SecurityContextRepositoryTests.java
2022-10-17 19:35:27 -05:00
acc35aeb18
Add DelegatingSecurityContextRepository
...
Issue gh-12023
2022-10-17 19:33:58 -05:00
c75ca10900
Add DeferredSecurityContext
...
Issue gh-12023
2022-10-17 19:33:58 -05:00
36ac7b3c5f
Update to Reactor 2022.0.0-RC1
...
Closes gh-12045
2022-10-17 18:17:04 -05:00
0999ef80f1
Update to Micrometer 1.10.0-RC1
...
Closes gh-12046
2022-10-17 18:16:53 -05:00
ee77669695
Update to Spring Framework 6.0.0-RC1
...
Closes gh-12047
2022-10-17 18:16:42 -05:00
359cac159b
Update org.slf4j to 2.0.3
...
Closes gh-12033
2022-10-17 18:03:17 -05:00
5b96c971ff
Update htmlunit-driver to 2.65.0
...
Closes gh-12034
2022-10-17 18:03:05 -05:00
7f515dc8bb
Update org.mockito to 4.8.1
...
Closes gh-12035
2022-10-17 18:02:55 -05:00
c170216793
Update junit-bom to 5.9.1
...
Closes gh-12036
2022-10-17 18:02:44 -05:00
bdc707ef9f
Update org.jetbrains.kotlin to 1.7.20
...
Closes gh-12037
2022-10-17 18:02:32 -05:00
3da03e27f7
Update hibernate-core to 6.1.4.Final
...
Closes gh-12038
2022-10-17 18:02:24 -05:00
9e90990e6d
Update htmlunit to 2.65.1
...
Closes gh-12039
2022-10-17 18:02:14 -05:00
cceb03f47f
Update io.spring.javaformat to 0.0.35
...
Closes gh-12040
2022-10-17 18:02:01 -05:00
aa87426c8f
Update mockk to 1.13.2
...
Closes gh-12041
2022-10-17 18:01:48 -05:00
4e5332033e
Update jackson-bom to 2.13.4.20221013
...
Closes gh-12042
2022-10-17 18:01:38 -05:00
692b5e7ea3
Update logback-classic to 1.4.4
...
Closes gh-12043
2022-10-17 18:01:25 -05:00
f2ddeaface
Merge remote-tracking branch 'origin/5.8.x'
2022-10-17 15:01:30 -06:00
cfb7c87dfd
Merge remote-tracking branch 'origin/5.7.x' into 5.8.x
2022-10-17 15:00:40 -06:00
d5354db6f4
Next Development Version
2022-10-17 14:59:47 -06:00
6b25307339
Merge remote-tracking branch 'origin/5.6.x' into 5.7.x
2022-10-17 14:57:39 -06:00
730359f144
Next Development Version
2022-10-17 14:56:34 -06:00
89c815032c
Fix Index Out of Bounds
2022-10-17 14:52:03 -06:00
154f6d7316
Merge remote-tracking branch 'origin/5.6.x' into 5.7.x
2022-10-17 14:30:39 -06:00
ff055cf07a
Remote antoraUpdateVersion task from CI
2022-10-17 14:24:13 -06:00
b08a06aa76
Release 5.6.8
2022-10-17 18:55:50 +00:00
53cdec799b
Release 5.7.4
2022-10-17 18:55:41 +00:00
3d92e22891
Merge branch '5.8.x'
2022-10-17 15:52:00 -03:00
7994222436
Merge branch '5.7.x' into 5.8.x
2022-10-17 15:51:39 -03:00
31fd098b8e
Merge branch '5.6.x' into 5.7.x
2022-10-17 15:51:19 -03:00
465d80c162
Remove antoreUpdateVersion task from release automation
2022-10-17 15:50:44 -03:00
4ba8f8bfe0
Update What's New
...
Closes gh-12024
2022-10-13 20:08:31 -06:00
f4cc27c375
Change Default for (Server)AuthenticationEntryPointFailureHandler
...
Closes gh-9429
2022-10-13 20:03:03 -06:00
5afc7cb04f
Merge remote-tracking branch 'origin/5.8.x'
2022-10-13 19:48:05 -06:00
099aaa33ff
Remove Deprecation Markers
...
Since Spring Security still needs these methods and classes, we
should wait on deprecating them if we can.
Instead, this commit changes the original classes to have a
boolean property that is currently false, but will switch to true
in 6.0.
At that time, BearerTokenAuthenticationFilter can change to use
the handler.
Closes gh-11932
2022-10-13 19:47:22 -06:00
200b7fecd3
Add (Server)AuthenticationEntryPointFailureHandlerAdapter
...
Issue gh-11932, gh-9429
(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.
BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
2022-10-13 19:25:04 -06:00
9090f62d9b
Merge branch '5.8.x'
2022-10-13 16:46:53 -05:00
56b9badcfe
AnonymousAuthenticationFilter should cache its Supplier<SecurityContext>
...
Closes gh-11900
2022-10-13 16:44:48 -05:00
d6356415f9
Polish whats-new.adoc
2022-10-13 13:42:04 -05:00
74e0616451
Update What's New for 6.0
2022-10-13 13:42:04 -05:00
46538ff33d
Merge branch '5.8.x'
...
Merged using the ours strategy.
2022-10-13 12:53:22 -05:00
5a55987d6e
Add links to reference in What's New for 5.8
...
Issue gh-4001
Issue gh-11959
2022-10-13 12:52:01 -05:00
45a963a011
Remove CsrfWebFilter.setTokenFromMultipartDataEnabled
...
Closes gh-12019
2022-10-13 11:29:16 -05:00
819529f5ea
Remove CsrfSpec.tokenFromMultipartDataEnabled
...
Also removed ServerCsrfDsl.tokenFromMultipartDataEnabled
Closes gh-12020
2022-10-13 11:29:15 -05:00
db7732dd4a
Merge remote-tracking branch 'origin/5.8.x'
2022-10-13 10:19:54 -06:00
59c4538798
Update What's New
...
Closes gh-12021
2022-10-13 10:13:20 -06:00
753e113a13
RequestMatcherDelegatingAuthorizationManager defaults to deny
...
Closes gh-11958
2022-10-13 11:12:00 -04:00
d0653afec3
Remove Duplicate Property
2022-10-13 09:02:35 -06:00
2407d07890
Default to Xor CSRF tokens in CsrfWebFilter
...
Closes gh-11960
2022-10-13 09:39:57 -05:00
Steve Riesenberg
Rob Winch
Josh Cummings
github-actions[bot]
Marcus Da Coregio
Daniel Garnier-Moiroux
Evgeniy Cheban
Joe Grandja