Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-22 22:46:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,226 Commits 33 Branches 337 Tags
Commit Graph

2650 Commits

Author SHA1 Message Date
Josh Cummings
746464e035
Merge branch '6.2.x' into 6.3.x 2024-09-30 17:21:13 -06:00
Josh Cummings
c1857c0308 Fix Formatting 
Issue gh-15771
 2024-09-30 16:19:26 -07:00
chao.wang
690e012fb1 Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing 
Closes gh-15771
 2024-09-30 16:19:26 -07:00
Daniel Garnier-Moiroux
51d0a8b57d Fix getBeansWithName in global authentication configurers 2024-09-11 10:46:24 -07:00
DingHao
5c20505b0e Support Class Attributes in Annotation Template Processing 
Closes gh-15721
 2024-09-04 13:41:46 -07:00
Josh Cummings
ff41521e1e
Merge branch '6.2.x' into 6.3.x 2024-09-03 16:33:46 -06:00
Josh Cummings
b22061d0b6
Merge branch '5.8.x' into 6.2.x 2024-09-03 16:33:22 -06:00
Josh Cummings
97cefa6830 Update Formatting 
Issue gh-15714
 2024-09-03 15:32:59 -07:00
tugjg
f836efb912 Address unnecessary method invocation 
Closes gh-15714
 2024-09-03 15:32:59 -07:00
Josh Cummings
279cb89eac
Merge branch '6.2.x' into 6.3.x 2024-08-26 16:32:58 -06:00
Hero Wanders
f372f5cf52 Replace OidcSessionStrategy References with OidcSessionRegistry 2024-08-26 15:32:35 -07:00
Josh Cummings
4c0d969f1f
Merge branch '6.2.x' into 6.3.x 
Closes gh-15676
 2024-08-22 12:37:45 -06:00
Josh Cummings
3ee5a96e53
Merge branch '5.8.x' into 6.2.x 
Closes gh-15675
 2024-08-22 12:24:56 -06:00
Josh Cummings
5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type 
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.

Closes gh-15651
 2024-08-22 12:10:25 -06:00
Josh Cummings
ae8e4d148e
Produce Exactly One AuthorizationAdvisor Per Annotation 
Closes gh-15592
 2024-08-19 12:30:03 -06:00
Josh Cummings
27af1df87d
Simplify Method Interceptor Configuration 
Simplifies to use only one ObjectProvider for easier
future maintenance

Issue gh-15592
 2024-08-19 12:27:56 -06:00
Daniel Garnier-Moiroux
b731623b3a Fix checkstyle errors with @Deprecated 2024-08-19 10:55:58 -03:00
Daniel Garnier-Moiroux
b92ed92548 Fix checkstyle errors with @Deprecated 2024-08-19 10:55:28 -03:00
Marcus Hert Da Coregio
912062d307 Merge branch '6.2.x' into 6.3.x 2024-08-19 09:11:10 -03:00
Daniel Garnier-Moiroux
79fb0113c8 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:11:05 -03:00
Daniel Garnier-Moiroux
3b8cdc323f Remove unused method 2024-08-08 15:29:41 -05:00
Daniel Garnier-Moiroux
109da2719f Use explicit types everywhere instead of var 2024-08-08 15:29:41 -05:00
Josh Cummings
f20ae1a71c
Revert gh-13783 
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
 2024-07-31 16:16:34 -06:00
Marcus Hert Da Coregio
c1b3b329af Merge branch '6.2.x' into 6.3.x 2024-07-29 14:56:09 -03:00
baezzys
3d4bcf1b44 fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource 
- Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present.
- Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.
 2024-07-29 14:55:55 -03:00
Josh Cummings
ba714d78ab
Merge branch '6.2.x' into 6.3.x 
Closes gh-15440
 2024-07-18 15:51:10 -06:00
Josh Cummings
3daeeb8789
Merge branch '5.8.x' into 6.2.x 
Closes gh-15439
 2024-07-18 15:50:58 -06:00
Josh Cummings
dab48d25b0
Improve Error Message When Registration Missing 
Closes gh-15363
 2024-07-18 15:50:41 -06:00
Josh Cummings
8ee497f4c5
Merge branch '6.2.x' into 6.3.x 
Closes gh-15410
 2024-07-12 11:04:08 -06:00
Josh Cummings
7422a1134a Allow logout+jwt JWT type 
Closes gh-15003
 2024-07-12 10:03:40 -07:00
Josh Cummings
22c7b8760a
Merge branch '6.2.x' into 6.3.x 
Closes gh-15211
 2024-06-06 13:36:20 -06:00
Josh Cummings
f231ea277d
Merge branch '5.8.x' into 6.2.x 
Closes gh-15210
 2024-06-06 13:35:56 -06:00
Josh Cummings
6aabd768a8
Pick MvcRequestMatcher for MockMvc requests 
Closes gh-13849
 2024-06-06 13:17:43 -06:00
Josh Cummings
0aed8df549
Merge branch '6.2.x' into 6.3.x 
Closes gh-15197
 2024-06-03 17:42:58 -06:00
Josh Cummings
d6228e0882
Merge branch '5.8.x' into 6.2.x 
Closes gh-15196
 2024-06-03 17:42:25 -06:00
Josh Cummings
cdd626644e Use Request-Level Servlet Context 
Spring Security cannot use the ServletContext attached
to the ApplicationContext since there may be child
ApplicationContext's with their own ServletContext.

Because of that, it is necessary to always use the
ServletContext attached to the request.

Closes gh-14418
 2024-06-03 17:41:51 -06:00
Josh Cummings
5a798e93f1 Polish MVC Tests 
Issue gh-14418
 2024-06-03 17:41:51 -06:00
Marcus Hert Da Coregio
ddcaeb5c20 Serialize objects from 6.3.x 
Issue gh-3737
 2024-05-24 09:47:29 -03:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Marcus Hert Da Coregio
b3c7f3ff19 Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision 
Issue gh-7395
 2024-04-30 08:38:03 -03:00
Josh Cummings
47775f5167
Merge branch '6.2.x' 2024-04-26 17:09:29 -06:00
Josh Cummings
29d3b438b9
Merge branch '6.1.x' into 6.2.x 2024-04-26 17:09:17 -06:00
Josh Cummings
1ecb036fba
Merge branch '5.8.x' into 6.1.x 2024-04-26 17:09:05 -06:00
sheheryarumair
0e211382ee Remove useBase64 parameter 2024-04-26 17:05:49 -06:00
Josh Cummings
11421c6385
Merge branch '6.2.x' 2024-04-25 14:03:27 -06:00
Josh Cummings
664dfd9b45
Defer Anonymous Filter Construction 
By delaying when the AnonymousAuthenticationFilter is constructed,
it's now possible to call the principal and filter methods inside
of a custom DSL implementation.

This does not extend to setting the key or the authentication provider
though, as these must be set during the init phase.

Closes gh-14941
 2024-04-25 14:03:10 -06:00
Daniel Garnier-Moiroux
7ddc00521e Improve logging for Global Authentication 
Closes gh-14663
 2024-04-25 11:35:59 -06:00
Josh Cummings
2bcbef1695
Add Saml2Logout DSL Support 
Closes gh-14935
 2024-04-22 11:12:45 -06:00
Josh Cummings
a4dbf458ab
Add relying-party-registrations#id 
Closes gh-14487
 2024-04-18 12:56:56 -06:00
Marcus Hert Da Coregio
2fbbcc4bd0 Polish Method Authorization Denied Handling 
- Renamed @AuthorizationDeniedHandler to @HandleAuthorizationDenied
- Merged the post processor interface into MethodAuthorizationDeniedHandler , it now has two methods handleDeniedInvocation and handleDeniedInvocationResult
- @HandleAuthorizationDenied now handles AuthorizationDeniedException thrown from the method

Issue gh-14601
 2024-04-12 15:55:25 -03:00