Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-28 18:39:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,630 Commits 36 Branches 337 Tags
Commit Graph

2450 Commits

Author SHA1 Message Date
Josh Cummings
ba273aba43
Merge branch '6.4.x' 2025-02-24 12:54:21 -07:00
Olivier
71e12bb42e Fix @PostResult example in method-security 
Replace @PreFilter with @Postfilter in example

Signed-off-by: Olivier <Kuba15@users.noreply.github.com>
 2025-02-24 12:54:05 -07:00
Josh Cummings
55b83a0346
Merge branch '6.4.x' 2025-02-24 12:50:11 -07:00
Josh Cummings
d607364b50
Merge branch '6.3.x' into 6.4.x 2025-02-24 12:49:42 -07:00
Tran Ngoc Nhan
a0cfb2777c Fix typo 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-24 12:49:18 -07:00
dependabot[bot]
e8206b42d2 Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.2 to 1.14.4.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.2...v1.14.4)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-23 17:49:04 -08:00
dependabot[bot]
fae48d9553 Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.2 to 1.14.4.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.2...v1.14.4)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-23 16:21:13 -08:00
Josh Cummings
7d301f87d6
Add Opt-in PathPattern Strategy 
Closes gh-16573
 2025-02-21 13:40:24 -07:00
Josh Cummings
588220a020
Add PathPatterRequestMatcher 
Closes gh-16429
Clsoes gh-16430
 2025-02-21 13:40:23 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
0ccbd20f0a Add Support ServerFormPostRedirectStrategy 
Closes gh-16542

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Tran Ngoc Nhan
92c2e21522 Use Spring Framework Url attribute 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-14 09:56:22 -07:00
Tran Ngoc Nhan
396b04f355 Update reference Spring Framwork links 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-14 09:56:22 -07:00
Tran Ngoc Nhan
839269dbf5 Update Spring Security javadocs 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:19:56 -07:00
patpatpat123
b6f8046b2f Fix type for rest-client-access-token-response-client.adoc 
In line 260, there is the mention of "=== Customizing the `WebClient`" while it should be "=== Customizing the `RestClient`"

Signed-off-by: patpatpat123 <43899031+patpatpat123@users.noreply.github.com>
 2025-02-10 10:11:06 -06:00
Daniel Garnier-Moiroux
238f47ce5e One Time Token login registers the default login page 
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Max Batischev
be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver 
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Steve Riesenberg
54a6a19e05 Polish gh-16214 
This commit applies the following changes:

* Added local Content-Security-Policy with script-src nonce directive
* Removed form-redirect.js and associated changes
* Renamed to FormPostRedirectStrategy
* Removed HtmlUtils usage
* Moved to same package as DefaultRedirectStrategy
 2025-02-03 14:52:30 -06:00
Craig Andrews
58534e7f60 Add FormRedirectStrategy to enable POST OIDC Logout 
FormRedirectStrategy redirects using an autosubmitting HTML form using the POST method versus DefaultRedirectStrategy which redirects using the GET method.

Can be used to implement POST binding for relying party initiated OIDC logout by setting FormRedirectStrategy as the redirection strategy on OidcClientInitiatedLogoutSuccessHandler.

Closes gh-13002

Signed-off-by: Craig Andrews <candrews@integralblue.com>
 2025-02-03 14:52:30 -06:00
dependabot[bot]
7d5414b349 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.14 to 1.0.0-alpha.16.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.14...v1.0.0-alpha.16)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-02 16:52:21 -08:00
dependabot[bot]
e5583de8de Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.14 to 1.0.0-alpha.16.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.14...v1.0.0-alpha.16)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-02 16:26:12 -08:00
Max Batischev
474b5e151a Add Support GenerateOneTimeTokenRequestResolver 
Closes gh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-01-22 17:09:55 -06:00
Rob Winch
d3332e1956
Document JDBC Persistence for WebAuthn 
Issue gh-16282
 2025-01-17 21:37:27 -06:00
Rob Winch
1f9845485c
Document custom HttpMessageConverter support for WebAuthn 
Issue gh-16397
 2025-01-17 21:08:16 -06:00
Rob Winch
718c90d7ad
Document PublicKeyCredentialCreationOptionsRepository 
Issue gh-16396
 2025-01-17 20:51:43 -06:00
Rob Winch
85d7cc1335
Document requireProofKey 
Issue gh-16386
 2025-01-17 17:26:48 -06:00
Josh Cummings
aea7f333f7
Document OpaqueTokenIntrospector Migration 
Issue gh-15988
 2025-01-16 20:41:56 -07:00
Josh Cummings
a5af8503df
Update OpaqueTokenIntrospector Documentation 
Issue gh-15988
 2025-01-16 16:46:46 -07:00
Marco Haase
7c4448c588 Fix broken link to MockMvc documentation 
Link to Test chapter of Spring Framework documentation is broken,
this commit fixes it.

Signed-off-by: Marco Haase <marco.haase@de.bosch.com>
 2025-01-16 16:30:47 -07:00
Josh Cummings
352a6a0d53
Add Breaking Change Section for 6.5 
Issue gh-16422
 2025-01-16 14:30:12 -07:00
Tran Ngoc Nhan
38006fea2c Fix broken link 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-16 14:24:07 -07:00
Josh Cummings
7b8ff72c4e
Fix MVC Documentation for Kotlin 
Closes gh-16426
 2025-01-15 17:45:05 -07:00
Muhammad N. Fadhil
b7b915d7c9 Improved sentence phrasing in the docs. 2025-01-12 22:25:22 -06:00
Muhammad N. Fadhil
a78e888ce0 Fixed grammatical mistakes in the docs. 2025-01-12 22:25:22 -06:00
Muhammad N. Fadhil
fdd50ca3bf Fixed a grammatical mistake in the docs. 2025-01-12 22:25:22 -06:00
Simão Gomes Viana
980564838d method-security: fix invalid Kotlin syntax 
val/var on function parameters is invalid Kotlin syntax. It has been removed quite some time ago. This change updates the method-security page to reflect that.

Signed-off-by: Simão Gomes Viana <simao.gomes@toowoxx.de>
 2025-01-08 09:53:42 -06:00
mskim
0e3cfd1efb Fix logout code snippet for Kotlin: Corrected deleteCookies syntax 2025-01-07 15:36:52 -06:00
Meehdi
e67b5f8356 Fix incorrect rendering of SpEL expression example tabs 2025-01-07 15:29:17 -06:00
Tran Ngoc Nhan
5fdacef398 Remove obsolete typo in OAuth 2.0 Client page 2025-01-07 14:05:45 -06:00
Mehdi Rahimi
29997d8980 Change deprecated FilterSecurityInterceptor to AuthorizationFilter with a link to authorization page. 2025-01-07 13:35:01 -06:00
wndyd
4bc6e5b9d2 Fix missing space in documentation 2025-01-07 11:40:31 -06:00
Josh Cummings
1104b45832
Polish SessionLimit 
- Move to the web.authentication.session package since it is only needed
by web.authentication.session elements and does not access any other web
element itself.
- Add Kotlin support
- Add documentation

Issue gh-16206
 2024-12-18 18:32:28 -07:00
Claudenir Machado
1864577e98 Address SessionLimitStrategy 
Closes gh-16206
 2024-12-18 18:32:12 -07:00
Josh Cummings
3eeb4317f6 Add setFavorRelativeUris 
This places the new functionality behind a setting so that
we can remain passive until we can change the setting in
the next major release.

Issue gh-7273
 2024-12-17 22:35:41 -07:00
Josh Cummings
b9f3a28678 Add UserDetailsService Constructor 
Closes gh-15973
 2024-12-16 17:59:16 -07:00
Rob Winch
2fcd305509 Increment to 6.5.0-SNAPSHOT 
Closes gh-16221
 2024-12-12 21:47:11 -06:00
Yoshikazu Nojima
ee1ede8b2d Update document regarding PublicKeyCredentialCreationOptions.attestation value 
Follow up for #16252
 2024-12-12 09:02:42 -06:00
Josh Cummings
55ea78d441 Update GA Release Guidance 2024-12-10 20:08:19 -07:00
Josh Cummings
a731af103e Polish 
Issue gh-16228
 2024-12-10 20:08:19 -07:00
Harpreet Singh
d1a4fac520 Use Tabs for Maven and Gradle Snippets 
Closes gh-16228
 2024-12-10 20:08:19 -07:00