Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-01 10:59:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,400 Commits 36 Branches 337 Tags
Commit Graph

1742 Commits

Author SHA1 Message Date
Rob Winch
6a0b683e60 StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest 
Closes gh-16069
 2024-12-11 15:46:31 -06:00
Josh Cummings
0f85da77be
Merge branch '6.2.x' into 6.3.x 
Closes gh-16219
 2024-12-05 09:52:32 -07:00
Josh Cummings
96a9cf0d2d
Restore Previous Behavior for Servlet 5 
Closes gh-16173
 2024-12-05 09:52:06 -07:00
Joe Grandja
fa5fc6dd62 Fix checkstyle errors for toLower/toUpperCase usage 2024-11-18 04:56:17 -05:00
Joe Grandja
709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja
a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Steve Riesenberg
285d16b046
Polish IpAddressMatcher 
(cherry picked from commit 83a79159b81d3ee9f15f91cf9384f0267aafed4a)
 2024-11-15 10:17:39 -06:00
Steve Riesenberg
ddf4542a9e
Add hasText assertion to IpAddressMatcher constructor 
Issue gh-15527

(cherry picked from commit 3a298196512de5f3002707e2af8298d650033df7)
 2024-11-15 10:17:39 -06:00
Steve Riesenberg
554df6fab6
Fix NPE in IpAddressMatcher 
Closes gh-15527

(cherry picked from commit 52de894c3c0a812562d6822db30f5c6c88526181)
 2024-11-15 10:17:38 -06:00
DingHao
308e408b13 Polish DelegatingAuthenticationConverter 2024-10-24 20:47:46 -07:00
Josh Cummings
5048a68ab7
Merge branch '6.2.x' into 6.3.x 
Closes gh-15986
 2024-10-24 11:56:41 -06:00
Josh Cummings
addc7c53b2
Merge branch '5.8.x' into 6.2.x 
Closes gh-15985
 2024-10-24 11:56:16 -06:00
DingHao
1399a82ea9 Return Null Request When Cookie Is Malformed 
Closes gh-15905
 2024-10-24 10:55:36 -07:00
Rob Winch
1528c421bd Merge branch '6.2.x' into 6.3.x 
Add Firewall for WebFlux

Closes gh-15967
 2024-10-21 09:43:48 -05:00
Rob Winch
0e257b56ce Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 09:42:24 -05:00
Rob Winch
542071b1f8 Merge Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 08:56:42 -05:00
Rob Winch
4ce7cde155 Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 08:46:13 -05:00
Josh Cummings
8917cdb404
Improve Performance of IPv4 Check 
Closes gh-15324
 2024-07-01 11:40:28 -06:00
Steve Riesenberg
1e4aff2bdb
Merge branch '6.2.x' into 6.3.x 
Closes gh-15186
 2024-05-31 19:02:31 -05:00
Steve Riesenberg
3fc7b6e921
Merge branch '5.8.x' into 6.2.x 
Closes gh-15185
 2024-05-31 18:34:14 -05:00
Steve Riesenberg
dcb8c563e8
Fix ArrayIndexOutOfBoundsException 
Issue gh-13310
Closes gh-15184
 2024-05-31 18:12:21 -05:00
Josh Cummings
7288fecc24
Verify ipAddress Not A Hostname 
Closes gh-15172
 2024-05-30 17:50:56 -06:00
Josh Cummings
6956ed693c
Polish DefaultSecurityFilterChain Logs 
Reuse String manipulation logic in Spring Framework
Compress whitespace

Closes gh-15096
 2024-05-23 12:20:14 -06:00
baezzys
ac9bdf5cbf Change DefaultSecurityFilterChain logging to DEBUG level and simplify filter log 
- Change DefaultSecurityFilterChain logging level from INFO to DEBUG to align with FilterChainProxy.
- Log filter class names instead of the toString() of filter.
 2024-05-23 12:02:35 -06:00
Marcus Hert Da Coregio
0acf6cca6e Merge branch '6.2.x' 
Closes gh-15149
 2024-05-23 14:05:06 -03:00
Marcus Hert Da Coregio
47ad405063 Merge branch '5.8.x' into 6.2.x 
Closes gh-15148
 2024-05-23 14:04:35 -03:00
Marcus Hert Da Coregio
c7b739eb3f Fix broken link to jaspan article 
Closes gh-14358
 2024-05-23 14:04:10 -03:00
Joaquin Santana
927840fe88 Do Not Invalidate Current Session When It Is Registered 
Closes gh-15066
 2024-05-14 10:01:54 -03:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Marcus Hert Da Coregio
b3c7f3ff19 Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision 
Issue gh-7395
 2024-04-30 08:38:03 -03:00
Josh Cummings
36cd48474d
Merge branch '6.2.x' 2024-04-17 17:01:24 -06:00
Josh Cummings
3887f33f81
Merge branch '6.1.x' into 6.2.x 2024-04-17 17:01:03 -06:00
Josh Cummings
61df8e493d
Merge branch '5.8.x' into 6.1.x 2024-04-17 17:00:24 -06:00
Josh Cummings
470e2c5c97
Address Build Issues 
Issue gh-14837
 2024-04-17 16:59:40 -06:00
Josh Cummings
ff473313df
Merge branch '6.2.x' 2024-04-17 16:45:47 -06:00
Josh Cummings
f16a434f0c
Merge branch '6.1.x' into 6.2.x 
Closes gh-14922
 2024-04-17 16:45:30 -06:00
Josh Cummings
ade45771b2
Merge branch '5.8.x' into 6.1.x 
Closes gh-14921
 2024-04-17 16:44:50 -06:00
Josh Cummings
657760af5b
Improve Logging 
Closes gh-14837
 2024-04-17 16:43:29 -06:00
Marcus Hert Da Coregio
61eba00654 Move HaveIBeenPwnedRestApiPasswordChecker to spring-security-web 
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.

Issue gh-7395
 2024-04-10 14:58:01 -03:00
DingHao
f689f3c3fc Fix continueOnError default value in java doc 
Closes gh-14870
 2024-04-10 13:28:06 -03:00
erie0210
7faae83ebb docs: fix typo 2024-04-08 14:44:12 -03:00
Josh Cummings
c439cfef0f
Merge branch '6.1.x' into 6.2.x 2024-03-21 17:24:34 -06:00
Thomas Hagelberg
ce9f1821b1
Improve logging in AuthenticationWebFilter 
Closes #14091
 2024-03-21 17:24:10 -06:00
Thomas Hagelberg
091976fffb Improve logging in AuthenticationWebFilter 
Closes #14091
 2024-03-21 17:22:35 -06:00
ruabtmh
c0928bf198 Add DelegatingAuthenticationConverter 
Closes gh-14644
 2024-03-13 14:33:45 -06:00
DingHao
8885707674 Add DelegatingServerAuthenticationConverter 
Closes gh-14644
 2024-03-05 08:21:59 -07:00
Steve Riesenberg
bd345fb2a8
Polish gh-11758 2024-02-29 12:15:30 -06:00
Markus Heiden
5c5503924b
Add SwitchUserGrantedAuthorityMixIn 
Closes gh-11775
 2024-02-29 11:07:21 -06:00
Marcus Hert Da Coregio
f8ff056eb6 Update Max Sessions on WebFlux 
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler

Issue gh-6192
 2024-02-28 10:06:45 -03:00
Marcus Hert Da Coregio
a5ce8ae87f Polish Max Sessions on WebFlux 
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry

Issue gh-6192
 2024-02-27 11:12:50 -03:00