Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-19 07:20:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,834 Commits 49 Branches 376 Tags
Commit Graph

602 Commits

Author SHA1 Message Date
Édouard Hue
e8dd1325fd Fixed misleading OAuth2 error messages 
Error messages sent by BearerTokenAccessDeniedHandler included
information about the scopes of the rejected token instead of
the scopes required by the resource.
* Removal of token scopes from error_description attribute.
* Removal of scope attribute from WWW-Authenticate response header.

Fixes gh-7089
 2019-07-18 07:01:33 -04:00
Michael Vitz
09e8ae42ed Allow configuration of SessionAuthenticationStrategy for CSRF 
Closes gh-5300
 2019-07-16 07:47:13 -05:00
Rob Winch
ea54d9014d
DSL nested builder for HTTP security 
DSL nested builder for HTTP security

Fixes gh-5557
 2019-07-12 16:09:19 -05:00
Eleftheria Stein
7961b819aa Allow configuration of session fixation and concurrency through nested builder 
Issue: gh-5557
 2019-07-12 13:53:55 -04:00
Lars Grefer
3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer
c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Eleftheria Stein
4b2539df10 Allow configuration of oauth2 resource server through nested builder 
Issue: gh-5557
 2019-07-09 16:11:26 -04:00
Eleftheria Stein
415760838f Allow configuration of oauth2 client through nested builder 
Issue: gh-5557
 2019-07-09 16:03:46 -04:00
Eleftheria Stein
e47389e60b Allow configuration of oauth2 login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
bf1bbd14e9 Allow configuration of openid login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
c3dad06ea6 Allow configuration of request matchers through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
1ad9f15e19 Allow configuration of requires channel through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
ae8e12f049 Allow configuration of anonymous through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
a5943fbafb Allow configuration of servlet api through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
04e0dcfe61 Allow configuration of security context through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
81d3cf1e7b Allow configuration of authorize requests through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
1445d1b012 Allow configuration of request cache through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
fcb119b94e Allow configuration of remember me through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
ae9eb6f56b Allow configuration of x509 through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
bfc9538da1 Allow configuration of jee through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
86f0f84740 Allow configuration of port mapper through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
6fbea88e1e Allow configuration of session management through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
6fd515813c Allow configuration of cors through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
a9a1f8ee53 Allow configuration of form login through nested builder 
Issue: gh-5557
 2019-07-09 15:37:28 -04:00
Eleftheria Stein
758397f102 Allow configuration of headers through nested builder 
Issue: gh-5557
 2019-07-09 15:35:37 -04:00
Eleftheria Stein
6986cf3ef3 Allow configuration of csrf through nested builder 
Issue: gh-5557
 2019-07-09 10:14:18 -04:00
Eleftheria Stein
1a31376dda Allow configuration of exception handling through nested builder 
Issue: gh-5557
 2019-07-09 10:14:18 -04:00
Eleftheria Stein
92314b0956 Allow configuration of logout through nested builder 
Issue: gh-5557
 2019-07-09 10:14:18 -04:00
Eleftheria Stein
d66d895e60 Migrate ServletApiConfigurerTests groovy->java 
Issue: gh-4939
 2019-07-04 12:14:49 -04:00
Clement Ng
491da9db03 Added OAuth2TokenAttributes to wrap attributes 
To simplify access to OAuth 2.0 token attributes

Fixes gh-6498
 2019-07-02 07:45:56 -06:00
Josh Cummings
ee8182dceb
NamespaceSessionManagementTests groovy->java 
Issue: gh-4939
 2019-07-02 07:34:36 -06:00
Tadaya Tsuyukubo
7782e29a58 Allow custom ReactiveAuthenticationManager for basic and form auth 
Prior to this change, "HttpBasicSpec#authenticationManager" and
"FormLoginSpec#authenticationManager" were always overridden by
"ServerHttpSecurity#authenticationManager".

This commit makes sure override only happens when custom authentication
manager was not specified.

Fixes: gh-5660
 2019-06-28 11:04:21 -05:00
Eleftheria Stein
39ba1006ba Migrate FormLoginConfigurerSpec groovy->java 
Issue: gh-4939
 2019-06-27 11:53:32 -04:00
Eleftheria Stein
3c240d0ce3 Migrate DefaultLoginPageConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-24 10:38:20 -04:00
Eleftheria Stein
12da990b6b Allow configuration of HTTP basic through nested builder 
Issue: gh-5557
Fixes: gh-6885
 2019-06-20 13:58:13 -05:00
Joe Grandja
06943d2d39 Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests 
Issue #5915
Commit 93ca45540556c4e8ade7f8948883f94fb0851ebb

Fixes gh-6890
 2019-06-19 16:06:38 -04:00
Rafiullah Hamedy
f6ed1db702 Introduced ReactiveAuthenticationManagerResolver 
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
 2019-06-13 08:52:19 -06:00
Eleftheria Stein
759e47ba84 Migrate OpenIDLoginConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-12 15:23:47 -04:00
Eleftheria Stein
e6ace0891f Migrate X509ConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-11 17:31:53 -04:00
Eleftheria Stein
6ad46da426 Migrate ExpressionUrlAuthorizationConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-11 15:46:37 -04:00
Eleftheria Stein
56b716d9f7 Migrate SessionManagementConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-11 09:24:42 -04:00
Eleftheria Stein
1ec040e554 Disable bean proxying in configuration classes 
Fixes gh-6967
 2019-06-10 20:40:06 -05:00
Eleftheria Stein
371a3b9c7f Migrate CorsConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-10 16:36:38 -04:00
Eleftheria Stein-Kousathana
c4dd800653
Merge pull request #6944 from eleftherias/gh-4939-channel-security-groovy-to-java 
Migrate ChannelSecurityConfigurerTests groovy->java
 2019-06-10 15:28:42 -04:00
Vishal Raj
b6e8997e95 Updates OAuth2ResourceServer configuration tests 
Refactores collapsed imports
 2019-06-07 11:56:03 -06:00
Eleftheria Stein
d285c6ab4c Migrate JeeConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-07 12:05:25 -05:00
Daniel Meier
fcd8a38f0b Add success handler modification of OAuth2LoginSpec 
Add the ability to modify the success handler used in OAuth2LoginSpec. The
default success handler remains unchanged.

Closes #6863
 2019-06-05 13:25:34 -04:00
Eleftheria Stein
abe7da6b85 Migrate RememberMeConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-04 15:12:11 -05:00
Eleftheria Stein
06d3b60947 Replace bean method calls with injection 
This is so that our configuration classes do not rely on CGLIB to proxy bean methods.

Fixes gh-6818
 2019-06-03 15:45:28 -05:00
Eleftheria Stein
4f042a4ff1 Migrate ChannelSecurityConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-03 11:09:49 -04:00