0ac8618eac
Align DefaultOAuth2AuthorizedClientManager.DefaultContextAttributesMapper
...
Fixes gh-7350
2019-09-04 14:07:45 -04:00
dcd997ea43
Add support for Resource Owner Password Credentials grant
...
Fixes gh-6003
2019-09-04 14:07:45 -04:00
d7f7e9d4b7
Add Jwt to BearerTokenAuthentication Converter
...
Fixes gh-7346
2019-09-03 15:58:05 -06:00
068f4f0147
Polish Opaque Token
...
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.
Fixes gh-7344
Fixes gh-7345
2019-09-03 15:58:05 -06:00
c019507770
Add BearerTokenAuthentication
...
Fixes gh-7343
2019-09-03 15:58:05 -06:00
346b8c2cff
Add OAuth2AuthenticatedPrincipal
...
Fixes gh-7342
2019-09-03 15:58:05 -06:00
f350988285
Add Servlet and ServerBearerExchangeFilterFunction
...
Fixes gh-5334
Fixes gh-7284
2019-09-03 15:29:06 -06:00
dbd1819ea4
add media type jwk-set+json to accept header
...
Fixes gh-7290
2019-09-03 14:12:50 -04:00
5e98b92273
In-memory ClientRegistration Repo Duplicate Check
...
Fixes gh-7338
2019-09-02 15:30:48 -06:00
f6c650db47
Replace Streams with Loops
...
First version of replacing streams
fix wwwAuthenticate and codestyle
fix errors in implementation to pass tests
Fix review notes
Remove uneccessary final to align with cb
Short circuit way to authorize
Simplify error message, make code readably
Return error while duplicate key found
Delete check for duplicate, checkstyle issues
Return duplicate error
Fixes gh-7154
2019-09-02 15:30:48 -06:00
ffc43e02c3
Fix NPE in RequestContextSubscriber
...
RequestContextSubscriber could cause NPE if Mono/Flux.subscribe()
was invoked outside of Web Context.
In addition it replaced source Context with its own without respect
to old data.
Now Request Context Data is Propagated within holder class and
it is added to existing reactor Context if Holder is not empty.
Fixes gh-7228
2019-08-30 16:49:38 +03:00
505882c944
Consolidate shared code between JwtDecoders and ReactiveJwtDecoders
...
Extract duplicated code from JwtDecoders and ReactiveJwtDecoders into a
package-private class.
Fixes gh-7263
2019-08-27 09:27:41 -06:00
95511331fa
fix checkstyle
2019-08-26 22:42:26 +02:00
323cf9fa92
Polish OAuth2AuthorizedClientResolver
2019-08-26 11:04:19 -04:00
2c2e8e5f24
Remove internal Optional usage in favor of null checks
...
Issue gh-7155
2019-08-26 09:27:40 -04:00
2c2d3b5d85
Use ConcurrentHashMap in InMemoryReactiveClientRegistrationRepository
...
Fixes gh-7299
2019-08-23 20:12:29 -04:00
bc38a4a3cc
Provide configurable Clock in OAuth2AuthorizedClientProvider impls
...
Fixes gh-7114
2019-08-23 16:43:32 -04:00
34dd5fea30
Remove redundant throws clauses
...
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
f0515a021c
Polish #7116
2019-08-22 12:01:10 -04:00
46756d2e6b
Introduce Reactive OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-7116
2019-08-21 14:12:38 -04:00
a377581951
Fix WebClient Memory Leaks
...
WebClient exchange requires that the body is consumed. Before this commit
there were places where an Exception was thrown without consuming the body
if the status was not successful. There was also the potential for the
statusCode invocation to throw an Exception of the status code was not
defined which would cause a leak.
This commit ensures that before the Exception is thrown the body is
consumed. It also uses the http status in a way that will ensure an
Exception is not thrown.
Fixes gh-7293
2019-08-21 12:46:11 -05:00
0209fbad08
Multiple JWS Algorithms
...
Fixes: gh-6883
2019-08-20 14:19:59 -04:00
766c4434d4
Improve test coverage of JwtGrantedAuthoritiesConverter
...
Some negative test cases were missing. Added these to have
full test coverage for JwtGrantedAuthoritiesConverter.
2019-08-19 21:14:07 -04:00
0a058c973a
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
...
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.
Fixes gh-7100
2019-08-19 21:14:07 -04:00
aa026f8526
Nimbus JWK Set Builders Take SignatureAlgorithm
...
Fixes gh-7270
2019-08-17 01:10:12 -06:00
efe8205985
Revert "Nimbus JWK Set Configs Take SignatureAlgorithm"
...
This reverts commit 9617ff6054
2019-08-16 17:33:09 -06:00
9617ff6054
Nimbus JWK Set Configs Take SignatureAlgorithm
...
Fixes gh-7270
2019-08-16 14:49:19 -06:00
b45e57cc40
Add setter for authority prefix in JwtGrantedAuthoritiesConverter
...
Prior to this change mapped authorities are always prefixed
with default value 'SCOPE_'. To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
authority prefix like e.g. 'ROLE_'. Without specifying a custom prefix
the default prefix still remains 'SCOPE_'.
This way existing authorization checks using the standard 'ROLE_'
prefix can be reused without lots of effort.
Fixes gh-7101
2019-08-14 11:25:42 -04:00
4ed197e515
Rename OAuth2TokenIntrospectionClient
...
Renamed to OpaqueTokenIntrospector
Fixes gh-7245
2019-08-12 18:05:28 -04:00
c1db1aad91
Cleanup Code Style Issues
...
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
ff1070df36
remove redundant modifiers found by checkstyle
2019-08-10 00:18:56 +02:00
38de737663
Java 8: Statement lambda can be replaced with expression lambda
2019-08-09 16:59:07 -05:00
05f42a4995
Remove unused imports
2019-08-08 14:22:31 -04:00
2306d987e9
Cleanup unnecessary boxing
2019-08-06 10:17:38 -04:00
496579dde2
Add match result for servlet requests
...
Fixes gh-7148
2019-08-05 19:43:00 -04:00
2c836a171a
Add authenticationFailureHandler method in OAuth2LoginSpec
...
Allow to customize the failure handler.
Fixes gh-7051
2019-08-05 14:09:11 -05:00
d843818e48
Polish JwtGrantedAuthoritiesConverter
...
Rework the implementation so that it is clearer that authorities are
derived from a single claim.
Issue: gh-6273
2019-08-02 14:54:04 -06:00
50adb6abcb
Fix javadoc
2019-07-31 15:36:30 -04:00
4ca9e15595
Fix blocking in ServletOAuth2AuthorizedClientExchangeFilterFunction
...
Fixes gh-6589
2019-07-26 14:02:17 -04:00
c05b0765c1
Introduce OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-6845
2019-07-25 11:12:54 -04:00
e584207a85
Loggin Fix for printing the full stack trace, spring-projects/spring-security#7110
2019-07-23 16:48:37 -05:00
e8dd1325fd
Fixed misleading OAuth2 error messages
...
Error messages sent by BearerTokenAccessDeniedHandler included
information about the scopes of the rejected token instead of
the scopes required by the resource.
* Removal of token scopes from error_description attribute.
* Removal of scope attribute from WWW-Authenticate response header.
Fixes gh-7089
2019-07-18 07:01:33 -04:00
3ea9d376b2
Cleanup explicit type arguments
2019-07-10 09:32:41 -05:00
e554547593
Revert Map constructor for InMemoryReactiveClientRegistrationRepository
...
This commit reverts f6414e9a52e1b095df32
2019-07-08 15:32:52 -04:00
23d61d43e5
Polish #5994
2019-07-08 14:50:38 -04:00
9432670f1d
Allow InMemoryOAuth2AuthorizedClientService to be constructed with a Map
...
Fixes gh-5994
2019-07-08 12:46:26 -04:00
3c1472501f
Fixed validation in ClientRegistration.Builder
...
ClientRegistration.Builder defaulted to validating as an
authorization_code registration, though a custom grant type could be in
use. The actual grant_type is now verified for every case.
- Fixed validation in ClientRegistration.Builder
- New test that fails unless the issue is fixed.
Also made OAuth2AuthorizationGrantRequestEntityUtils public to help
implementing custom token response clients.
Fixes gh-7040
2019-07-03 16:07:19 -05:00
cd54808718
Update Opaque Token Sample and tests
...
Issue: gh-6498
2019-07-02 07:45:56 -06:00
491da9db03
Added OAuth2TokenAttributes to wrap attributes
...
To simplify access to OAuth 2.0 token attributes
Fixes gh-6498
2019-07-02 07:45:56 -06:00
f9747e6591
BearerTokenAuthenticationFilter exposes AuthenticationFailureHandler
...
Make BearerTokenAuthenticationFilter expose an AuthenticationFailureHandler which, by default, invokes the AuthenticationEntryPoint set in the filter.
Fixes gh-7009
2019-07-01 05:24:29 -06:00
ce79ef2634
Single-key Key Selector
...
Fixes: gh-7049
Fixes: gh-7056
2019-06-28 15:12:00 -06:00
37d108ccc2
Remove SignedJWT Check
...
JWTProcessor already does sufficient checking to confirm that the JWT
is of the appropriate type.
Fixes: gh-7034
2019-06-25 16:49:29 -06:00
6f5a443175
ServerBearerTokenAuthenticationConverter Handles Empty Tokens
...
Previously ServerBearerTokenAuthenticationConverter would throw an
IllegalArgumentException when the access token in a URI was empty String.
It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String
access token in the headers.
This changes ServerBearerTokenAuthenticationConverter to consistently
throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED
Fixes gh-7011
2019-06-24 13:57:29 -06:00
3f2108921e
Allow configurable accessible scopes for UserInfo resource
...
Fixes gh-6886
2019-06-20 10:32:58 -04:00
417ad40d10
Add generic getClaim() method in ClaimAccessor
...
Fixes gh-6947
2019-06-19 13:45:59 -04:00
b7ea7083c9
OAuth2LoginAuthenticationFilter sets AuthenticationDetails
...
Fixes gh-6866
2019-06-17 15:44:41 -05:00
ac38232a9e
ID Token validation uses JwtTimestampValidator
...
Fixes gh-6964
2019-06-11 16:11:48 -04:00
3cb0975860
Accept Converter in ReactiveJwtAuthenticationConverterAdapter
...
Currently, "ReactiveJwtAuthenticationConverterAdapter" takes
"JwtAuthenticationConverter" as its constructor argument. However,
this limits the usage of this adapter.
In this commit, widen the constructor to take "Converter<Jwt,
AbstractAuthenticationToken>" and allow this adapter to be used by
generic converters.
2019-06-10 10:47:43 -06:00
1739ef8d3c
Polish ClientRegistrations, (Reactive)JwtDecoders
...
Simplifed some of the branching logic in the implementations. Updated
the JavaDocs. Simplified some of the test support.
Issue: gh-6500
2019-06-10 10:31:30 -06:00
f5b7706942
Support for OAuth 2.0 Authorization Server Metadata
...
Added support for OAuth 2.0 Authorization Server Metadata as per the
RFC 8414 specification. Updated the existing implementation of OpenId to
comply with the Compatibility Section of RFC 8414 specification.
Fixes: gh-6500
2019-06-10 10:31:30 -06:00
7cfb17a8a3
Finer variables for OAuth2 redirectUriTemplate expansion
...
Fixes #6239
2019-06-07 12:08:21 -05:00
132a78ddde
Fix test
...
Issue gh-6245
2019-06-04 20:34:08 -04:00
aa767ec8bf
Externalize coercion in ClaimAccessor
...
Fixes gh-6245
2019-06-04 17:16:39 -04:00
3c7aa4243f
DefaultServerOAuth2AuthorizationRequestResolver uses fromUri
...
Fixes gh-6952
2019-06-04 15:28:29 -05:00
38ba70bbdd
client_credentials client should not set Authorization header when ClientAuthenticationMethod.POST
...
Fixes gh-6911
2019-05-31 14:54:17 -04:00
56f1991240
Update AssertJ to version 3.12.2
...
Update the AssertJ dependency to version 3.12.2. Additionally fix
some tests not compiling due to API changes of AssertJ.
Fixes gh-6786
2019-05-31 11:45:20 -06:00
9fe8949883
Add @transient to OAuth2IntrospectionAuthenticationToken
...
fixes gh-6829
2019-05-29 08:42:09 -06:00
af3c6d4972
JwtAuthenticationTokenTests Polish
...
Using Jwt.Builder to clean up some of this test's config.
Issue: gh-6893
2019-05-23 11:24:40 -06:00
936d28d328
JwtAuthenticationToken Polish
...
Aligned JavaDoc and added tests to better assess getName's
functionality.
Issue: gh-6893
2019-05-23 10:59:45 -06:00
f84ab3a255
Added constructors to support custom principal name
...
closes #6893
2019-05-23 10:59:44 -06:00
d0f5b42884
Mock Jwt Test Support and Jwt.Builder Polish
...
Simplified the initial support to introduce fewer classes and only the
features described in the ticket.
Changed tests to align with existing patterns in the repository.
Added JavaDoc to remaining public methods introduced for this feature.
Issue: gh-6634
Issue: gh-6851
2019-05-22 14:23:02 -06:00
e59d8a529b
Mock Jwt Test Support and Jwt.Builder
...
Fixes: gh-6634
Fixes: gh-6851
2019-05-22 14:23:02 -06:00
5840e25732
Polish OAuth2TokenIntrospectionClient
...
Placed URI.create in constructor so that the code doesn't do that
processing on each request. Also moved the construction helper methods
up by the constructor for added readability.
Issue: gh-6798
2019-05-14 07:50:16 -06:00
0bc60dca69
Add custom parameters to token introspection requests
...
Added support for providing custom parameters to an OAuth 2.0 token
introspection request. This is done by explicitly instantiating a
NimbusOAuth2TokenIntrospectionClient instance and then setting a custom
Converter implementation.
Fixes gh-6798
2019-05-14 07:48:07 -06:00
047bd16b51
Propagate Exception in NimbusReactiveJwtDecoder
...
Fixes: gh-6823
2019-05-08 17:25:02 -06:00
7200fa2dce
Copy Token Introspection Attributes Map
...
Dereference Map passed into constructor for
OAuth2IntrospectionAuthenticationToken.
Fixes: gh-6843
2019-05-07 13:19:02 -06:00
2850b273ea
Reactive JwkSource Builder Parameter Type
...
Changed the parameter type from JWT to SignedJWT
Fixes: gh-6771
2019-05-01 09:10:17 -06:00
e6ac9759e2
Extract bearer token from arbitrary header.
2019-04-30 10:41:20 -06:00
b1195e7789
Opaque Token Intermediate Type
...
Introducing OAuth2TokenIntrospectionClient and also
ReactiveOAuth2TokenIntrospectionClient as configuration points.
The DSL looks in the application context for these types in the same
way it looks for JwtDecoder and ReactiveJwtDecoder, and exposes
similar configuration methods.
Fixes: gh-6632
2019-04-29 13:39:53 -06:00
bed3371b80
Support symmetric key for JwtDecoder
...
Fixes gh-5465
2019-04-12 13:21:50 -04:00
45891941b0
OidcIdTokenValidator ensures clockSkew is positive number
...
Fixes gh-6443
2019-04-10 15:17:59 -04:00
9520e3a1c0
Make UnAuthenticatedServerOAuth2AuthorizedClientRepository threadsafe
...
Previously UnAuthenticatedServerOAuth2AuthorizedClientRepository used a HashMap for storing OAuth2AuthorizedClients.
UnAuthenticatedServerOAuth2AuthorizedClientRepository and its HashMap are potentially accessed by multiple threads without any synchronization.
Since HashMap is not threadsafe itself, this makes UnAuthenticatedServerOAuth2AuthorizedClientRepository not threadsafe.
Now UnAuthenticatedServerOAuth2AuthorizedClientRepository uses a ConcurrentHashMap for storing OAuth2AuthorizedClients.
Since ConcurrentHashMap is threadsafe, UnAuthenticatedServerOAuth2AuthorizedClientRepository will now be threadsafe as well.
Fixes gh-6717
2019-04-01 17:03:58 -04:00
9593f9cae2
Defer downstream filter execution if no OAuth2AuthorizedClient is found
...
Prior to this change, ServerOAuth2AuthorizedClientExchangeFilterFunction would invoke next.exchange:
- first at assembly time inside the .switchIfEmpty call.
- second at execution time inside .flatMap when a OAuth2AuthorizedClient is found.
While this double-call should not technically cause any functional problems, since the Mono returned by the first call will not be subscribed if a OAuth2AuthorizedClient is found,
it does result in a lot of unnecessary execution and object creation. There is no technical need to invoke the downstream filters twice.
This change defers the call inside .switchIfEmpty, so that it will only execute at execution time if an OAuth2AuthorizedClient is not found.
After this change, ServerOAuth2AuthorizedClientExchangeFilterFunction will not invoke next.exchange at assembly time, and will only execute next.exchange once per subscription at execution time.
Fixes gh-6719
2019-04-01 16:15:46 -04:00
7e8aadeb96
Multi-tenancy for Resource Server
...
Fixes: gh-5351
2019-03-29 15:00:48 -06:00
e9e7f7d9bc
Polish URL Cleanup
...
Fixes: gh-6628
2019-03-20 00:26:43 -05:00
3b89754926
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated:
([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html ) result ClosedChannelException).
* http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated:
([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html ) result SSLHandshakeException).
* http://cujojs.com/ (200) with 1 occurrences could not be migrated:
([https](https://cujojs.com/ ) result SSLHandshakeException).
* http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated:
([https](https://erik.eae.net/archives/2007/07/27/18.54.15/ ) result SSLHandshakeException).
* http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated:
([https](https://javascript.nwbox.com/IEContentLoaded/ ) result SSLHandshakeException).
* http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated:
([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html ) result SSLHandshakeException).
* http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated:
([https](https://monkeymachine.co.uk/ ) result SSLHandshakeException).
* http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated:
([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/ ) result SSLHandshakeException).
* http://somesite.com/login (200) with 3 occurrences could not be migrated:
([https](https://somesite.com/login ) result AnnotatedConnectException).
* http://someurl.com/ (200) with 2 occurrences could not be migrated:
([https](https://someurl.com/ ) result SSLHandshakeException).
* http://sscce.org/ (200) with 1 occurrences could not be migrated:
([https](https://sscce.org/ ) result SSLHandshakeException).
* http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated:
([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf ) result 404).
* http://www.example.com:80/ (200) with 1 occurrences could not be migrated:
([https](https://www.example.com:80/ ) result NotSslRecordException).
* http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/qa/rfcc-1940.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc1945.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc3548.html ) result AnnotatedConnectException).
* http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated:
([https](https://www.zytrax.com/books/ldap/ ) result AnnotatedConnectException).
* http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated:
([https](https://blindsignals.com/index.php/2009/07/jquery-delay/ ) result SSLHandshakeException).
* http://www.faqs.org/ (301) with 1 occurrences could not be migrated:
([https](https://www.faqs.org/ ) result AnnotatedConnectException).
* http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated:
([https](https://sam.zoy.org/wtfpl/ ) result SSLHandshakeException).
* http://hey.openid.com/ (302) with 1 occurrences could not be migrated:
([https](https://hey.openid.com/ ) result SSLHandshakeException).
* http://iharder.net/base64 (303) with 2 occurrences could not be migrated:
([https](https://iharder.net/base64 ) result AnnotatedConnectException).
* http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated:
([https](https://jaspan.com/improved_persistent_login_cookie_best_practice ) result AnnotatedConnectException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://www.relaxng.org/ (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org/ ) result SSLHandshakeException).
* http://www.relaxng.org (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org ) result SSLHandshakeException).
* http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to:
https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ) result ReadTimeoutException).
* http://foo.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://foo.test.com ) result SSLHandshakeException).
* http://abc.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://abc.test.com ) result SSLHandshakeException).
* http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to:
https://192.168.1:8080 ([https](https://192.168.1:8080 ) result ConnectTimeoutException).
* http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page ) result ConnectTimeoutException).
* http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to:
https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ) result ReadTimeoutException).
* http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/ ([https](https://axschema.org/ ) result UnknownHostException).
* http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder ) result UnknownHostException).
* http://default (UnknownHostException) with 12 occurrences migrated to:
https://default ([https](https://default ) result UnknownHostException).
* http://endpoint (UnknownHostException) with 4 occurrences migrated to:
https://endpoint ([https](https://endpoint ) result UnknownHostException).
* http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token ) result UnknownHostException).
* http://example.com¶m1=value1¶m2=value2 (UnknownHostException) with 1 occurrences migrated to:
https://example.com¶m1=value1¶m2=value2 ([https](https://example.com¶m1=value1¶m2=value2 ) result UnknownHostException).
* http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to:
https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah ) result UnknownHostException).
* http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder ) result UnknownHostException).
* http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to:
https://id.openid.zz ([https](https://id.openid.zz ) result UnknownHostException).
* http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token ) result UnknownHostException).
* http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/user ([https](https://invalid-provider.com/user ) result UnknownHostException).
* http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to:
https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json ) result UnknownHostException).
* http://issuer/certs (UnknownHostException) with 1 occurrences migrated to:
https://issuer/certs ([https](https://issuer/certs ) result UnknownHostException).
* http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/ ) result UnknownHostException).
* http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to:
https://joe.myopenid.com/ ([https](https://joe.myopenid.com/ ) result UnknownHostException).
* http://logout (UnknownHostException) with 2 occurrences migrated to:
https://logout ([https](https://logout ) result UnknownHostException).
* http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token ) result UnknownHostException).
* http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to:
https://openid.aol.com/ ([https](https://openid.aol.com/ ) result UnknownHostException).
* http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to:
https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server ) result UnknownHostException).
* http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue ) result UnknownHostException).
* http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to:
https://some.site.org/index.html ([https](https://some.site.org/index.html ) result UnknownHostException).
* http://something/ (UnknownHostException) with 1 occurrences migrated to:
https://something/ ([https](https://something/ ) result UnknownHostException).
* http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to:
https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0 ) result UnknownHostException).
* http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to:
https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select ) result UnknownHostException).
* http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to:
https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules ) result UnknownHostException).
* http://www.faqs (UnknownHostException) with 1 occurrences migrated to:
https://www.faqs ([https](https://www.faqs ) result UnknownHostException).
* http://www.test123.com (UnknownHostException) with 1 occurrences migrated to:
https://www.test123.com ([https](https://www.test123.com ) result UnknownHostException).
* http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 ) result 400).
* http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to:
https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ) result 404).
* http://example.com/auth (404) with 2 occurrences migrated to:
https://example.com/auth ([https](https://example.com/auth ) result 404).
* http://example.com/info (404) with 2 occurrences migrated to:
https://example.com/info ([https](https://example.com/info ) result 404).
* http://example.com/jwkset (404) with 2 occurrences migrated to:
https://example.com/jwkset ([https](https://example.com/jwkset ) result 404).
* http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id ) result 404).
* http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2 ) result 404).
* http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to:
https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d ) result 404).
* http://example.com/pkp-report (404) with 5 occurrences migrated to:
https://example.com/pkp-report ([https](https://example.com/pkp-report ) result 404).
* http://example.com/token (404) with 2 occurrences migrated to:
https://example.com/token ([https](https://example.com/token ) result 404).
* http://example.net/pkp-report (404) with 7 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to:
https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ) result 404).
* http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to:
https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js ) result 404).
* http://json.org/json2.js (404) with 1 occurrences migrated to:
https://json.org/json2.js ([https](https://json.org/json2.js ) result 404).
* http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to:
https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/ ) result 404).
* http://provider.com/user (302) with 2 occurrences migrated to:
https://provider.com/user ([https](https://provider.com/user ) result 404).
* http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to:
https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0 ) result 404).
* http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to:
https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello ) result 404).
* http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to:
https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ) result 404).
* http://www.example.com/identity (404) with 1 occurrences migrated to:
https://www.example.com/identity ([https](https://www.example.com/identity ) result 404).
* http://www.example.com/login/openid (404) with 2 occurrences migrated to:
https://www.example.com/login/openid ([https](https://www.example.com/login/openid ) result 404).
* http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld ) result 404).
* http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html ) result 404).
* http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar ) result 404).
* http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to:
https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html ) result 404).
* http://www.example.com/realm (404) with 1 occurrences migrated to:
https://www.example.com/realm ([https](https://www.example.com/realm ) result 404).
* http://www.example.com/redirect (404) with 1 occurrences migrated to:
https://www.example.com/redirect ([https](https://www.example.com/redirect ) result 404).
* http://www.example.org/do/something (404) with 4 occurrences migrated to:
https://www.example.org/do/something ([https](https://www.example.org/do/something ) result 404).
* http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to:
https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ) result 404).
* http://www.json.org/json2.js (404) with 1 occurrences migrated to:
https://www.json.org/json2.js ([https](https://www.json.org/json2.js ) result 404).
* http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to:
https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to:
https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ) result 200).
* http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282 ) result 200).
* http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359 ) result 200).
* http://claimid.com/ with 2 occurrences migrated to:
https://claimid.com/ ([https](https://claimid.com/ ) result 200).
* http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to:
https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ) result 200).
* http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ) result 200).
* http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ) result 200).
* http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ) result 200).
* http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ) result 200).
* http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ) result 200).
* http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to:
https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking ) result 200).
* http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting ) result 200).
* http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep ) result 200).
* http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to:
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ) result 200).
* http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ) result 200).
* http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack ) result 200).
* http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern ) result 200).
* http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record ) result 200).
* http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy ) result 200).
* http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to:
https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation ) result 200).
* http://example.com with 8 occurrences migrated to:
https://example.com ([https](https://example.com ) result 200).
* http://example.com/ with 1 occurrences migrated to:
https://example.com/ ([https](https://example.com/ ) result 200).
* http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to:
https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ) result 200).
* http://flywaydb.org/ with 1 occurrences migrated to:
https://flywaydb.org/ ([https](https://flywaydb.org/ ) result 200).
* http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to:
https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css ) result 200).
* http://gradle.org with 1 occurrences migrated to:
https://gradle.org ([https](https://gradle.org ) result 200).
* http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to:
https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ) result 200).
* http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to:
https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ) result 200).
* http://jquery.com/ with 1 occurrences migrated to:
https://jquery.com/ ([https](https://jquery.com/ ) result 200).
* http://knockoutjs.com/ with 1 occurrences migrated to:
https://knockoutjs.com/ ([https](https://knockoutjs.com/ ) result 200).
* http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to:
https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools ) result 200).
* http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to:
https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ) result 200).
* http://openid.net with 1 occurrences migrated to:
https://openid.net ([https](https://openid.net ) result 200).
* http://openid.net/ with 1 occurrences migrated to:
https://openid.net/ ([https](https://openid.net/ ) result 200).
* http://openid.net/certification/ with 4 occurrences migrated to:
https://openid.net/certification/ ([https](https://openid.net/certification/ ) result 200).
* http://openid.net/connect/ with 4 occurrences migrated to:
https://openid.net/connect/ ([https](https://openid.net/connect/ ) result 200).
* http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to:
https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to:
https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to:
https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html ) result 200).
* http://sizzlejs.com/ with 2 occurrences migrated to:
https://sizzlejs.com/ ([https](https://sizzlejs.com/ ) result 200).
* http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to:
https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ) result 200).
* http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ ) result 200).
* http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ ) result 200).
* http://spring.io/projects with 1 occurrences migrated to:
https://spring.io/projects ([https](https://spring.io/projects ) result 200).
* http://spring.io/services with 1 occurrences migrated to:
https://spring.io/services ([https](https://spring.io/services ) result 200).
* http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to:
https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security ) result 200).
* http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to:
https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ) result 200).
* http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to:
https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797 ) result 200).
* http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to:
https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469 ) result 200).
* http://vimeo.com/34436402 with 1 occurrences migrated to:
https://vimeo.com/34436402 ([https](https://vimeo.com/34436402 ) result 200).
* http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to:
https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ) result 200).
* http://www.ja-sig.org/cas (301) with 1 occurrences migrated to:
https://www.apereo.org ([https](https://www.ja-sig.org/cas ) result 200).
* http://ehcache.sourceforge.net (301) with 2 occurrences migrated to:
https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net ) result 200).
* http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to:
https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ) result 200).
* http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to:
https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt ) result 200).
* http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to:
https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt ) result 200).
* http://www.liquibase.org/ with 1 occurrences migrated to:
https://www.liquibase.org/ ([https](https://www.liquibase.org/ ) result 200).
* http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to:
https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.test.com with 9 occurrences migrated to:
https://www.test.com ([https](https://www.test.com ) result 200).
* http://www.thymeleaf.org with 25 occurrences migrated to:
https://www.thymeleaf.org ([https](https://www.thymeleaf.org ) result 200).
* http://www.thymeleaf.org/ with 3 occurrences migrated to:
https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/ ) result 200).
* http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to:
https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ) result 200).
* http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to:
https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ) result 200).
* http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to:
https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ) result 200).
* http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to:
https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ) result 200).
* http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to:
https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html ) result 200).
* http://www.w3.org/TR/selectors/ with 3 occurrences migrated to:
https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/ ) result 200).
* http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to:
https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU ) result 200).
* http://api.jquery.com/jQuery.browser with 1 occurrences migrated to:
https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ) result 301).
* http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ) result 301).
* http://code.google.com/p/openid-selector/ with 3 occurrences migrated to:
https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/ ) result 301).
* http://contributor-covenant.org with 1 occurrences migrated to:
https://contributor-covenant.org ([https](https://contributor-covenant.org ) result 301).
* http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to:
https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/ ) result 301).
* http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to:
https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/ ) result 301).
* http://docs.spring.io with 1 occurrences migrated to:
https://docs.spring.io ([https](https://docs.spring.io ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ) result 301).
* http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to:
https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ) result 301).
* http://help.github.com/set-up-git-redirect with 1 occurrences migrated to:
https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect ) result 301).
* http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to:
https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ) result 301).
* http://jquery.org/license with 1 occurrences migrated to:
https://jquery.org/license ([https](https://jquery.org/license ) result 301).
* http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647 ) result 301).
* http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941 ) result 301).
* http://openid.net/get/ with 2 occurrences migrated to:
https://openid.net/get/ ([https](https://openid.net/get/ ) result 301).
* http://openid.net/what/ with 2 occurrences migrated to:
https://openid.net/what/ ([https](https://openid.net/what/ ) result 301).
* http://technorati.com/people/technorati/ with 2 occurrences migrated to:
https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/ ) result 301).
* http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to:
https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html ) result 301).
* http://www.jasig.org/cas with 1 occurrences migrated to:
https://www.jasig.org/cas ([https](https://www.jasig.org/cas ) result 301).
* http://www.modernizr.com/ with 1 occurrences migrated to:
https://www.modernizr.com/ ([https](https://www.modernizr.com/ ) result 301).
* http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to:
https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php ) result 301).
* http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to:
https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads ) result 301).
* http://www.springframework.org/security with 1 occurrences migrated to:
https://www.springframework.org/security ([https](https://www.springframework.org/security ) result 301).
* http://www.springsource.com/ with 2 occurrences migrated to:
https://www.springsource.com/ ([https](https://www.springsource.com/ ) result 301).
* http://www.springsource.org with 1 occurrences migrated to:
https://www.springsource.org ([https](https://www.springsource.org ) result 301).
* http://www.springsource.org/sts with 1 occurrences migrated to:
https://www.springsource.org/sts ([https](https://www.springsource.org/sts ) result 301).
* http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to:
https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/ ) result 301).
* http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to:
https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/ ) result 301).
* http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to:
https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/ ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ) result 302).
* http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to:
https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ) result 302).
* http://example2.com with 3 occurrences migrated to:
https://example2.com ([https](https://example2.com ) result 302).
* http://flickr.com/ with 2 occurrences migrated to:
https://flickr.com/ ([https](https://flickr.com/ ) result 302).
* http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to:
https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html ) result 302).
* http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to:
https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ) result 302).
* http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
* http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ) result 302).
* http://spring.io/spring-security with 1 occurrences migrated to:
https://spring.io/spring-security ([https](https://spring.io/spring-security ) result 302).
* http://spring.io/spring-security/ with 2 occurrences migrated to:
https://spring.io/spring-security/ ([https](https://spring.io/spring-security/ ) result 302).
* http://spring.io/tools/sts with 1 occurrences migrated to:
https://spring.io/tools/sts ([https](https://spring.io/tools/sts ) result 302).
* http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to:
https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ) result 302).
* http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to:
https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html ) result 302).
* http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to:
https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ) result 302).
* http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to:
https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://java.sun.com/JSP/Page with 14 occurrences
* http://java.sun.com/jsp/jstl/core with 31 occurrences
* http://java.sun.com/jsp/jstl/fmt with 6 occurrences
* http://java.sun.com/jsp/jstl/functions with 1 occurrences
* http://java.sun.com/jstl/core with 1 occurrences
* http://java.sun.com/xml/ns/j2ee with 2 occurrences
* http://java.sun.com/xml/ns/javaee with 6 occurrences
* http://localhost with 20 occurrences
* http://localhost/ with 6 occurrences
* http://localhost/Test</value></property> with 1 occurrences
* http://localhost/appcontext/page with 1 occurrences
* http://localhost/authenticated with 1 occurrences
* http://localhost/authentication/login with 2 occurrences
* http://localhost/authorize/oauth2/code/registration-id with 3 occurrences
* http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences
* http://localhost/callback/client-1 with 1 occurrences
* http://localhost/callback/client-1?error=invalid_grant with 1 occurrences
* http://localhost/client-1 with 9 occurrences
* http://localhost/cookie with 1 occurrences
* http://localhost/cookie/delete with 1 occurrences
* http://localhost/custom-login with 1 occurrences
* http://localhost/custom-logout with 1 occurrences
* http://localhost/form-page with 1 occurrences
* http://localhost/iss with 1 occurrences
* http://localhost/issuer with 2 occurrences
* http://localhost/login with 38 occurrences
* http://localhost/login/oauth2/code/ with 4 occurrences
* http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences
* http://localhost/login/oauth2/code/registration-id with 3 occurrences
* http://localhost/login/oauth2/code/registration-id& with 2 occurrences
* http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences
* http://localhost/login/openid with 1 occurrences
* http://localhost/login2 with 1 occurrences
* http://localhost/loginPage with 2 occurrences
* http://localhost/logout with 1 occurrences
* http://localhost/messages with 4 occurrences
* http://localhost/oauth2/authorization/google with 1 occurrences
* http://localhost/openid-page with 1 occurrences
* http://localhost/saved-request with 1 occurrences
* http://localhost/secured with 2 occurrences
* http://localhost/signin with 1 occurrences
* http://localhost/some-url with 1 occurrences
* http://localhost/tosave with 1 occurrences
* http://localhost/user with 1 occurrences
* http://localhost:123456 with 3 occurrences
* http://localhost:1280/certs with 1 occurrences
* http://localhost:314 with 1 occurrences
* http://localhost:4080 with 1 occurrences
* http://localhost:543 with 1 occurrences
* http://localhost:8080 with 16 occurrences
* http://localhost:8080/ with 4 occurrences
* http://localhost:8080/SomeService with 1 occurrences
* http://localhost:8080/contacts with 1 occurrences
* http://localhost:8080/login/oauth2/code with 1 occurrences
* http://localhost:8080/login/oauth2/code/client-id with 2 occurrences
* http://localhost:8080/login/oauth2/code/facebook with 2 occurrences
* http://localhost:8080/login/oauth2/code/github with 2 occurrences
* http://localhost:8080/login/oauth2/code/google with 4 occurrences
* http://localhost:8080/login/oauth2/code/okta with 2 occurrences
* http://localhost:8080/path/page.html?query=string with 1 occurrences
* http://localhost:8080/sample/ with 15 occurrences
* http://localhost:8080/secure with 1 occurrences
* http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences
* http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences
* http://localhost:9080/protected with 2 occurrences
* http://localhost:9080/secured with 1 occurrences
* http://localhost:9080/unsecured with 1 occurrences
* http://localhost:9080/user with 1 occurrences
* http://test.com with 1 occurrences
* http://test.foobar.com with 1 occurrences
* http://testopenid.com?openid.return_to= with 1 occurrences
* http://www.springframework.org/schema/aop with 2 occurrences
* http://www.springframework.org/schema/beans with 8 occurrences
* http://www.springframework.org/schema/context with 2 occurrences
* http://www.springframework.org/schema/mvc with 2 occurrences
* http://www.springframework.org/schema/security with 45 occurrences
* http://www.springframework.org/schema/security/spring-security- with 1 occurrences
* http://www.springframework.org/schema/websocket with 2 occurrences
* http://www.springframework.org/security/tags with 17 occurrences
* http://www.springframework.org/tags with 12 occurrences
* http://www.springframework.org/tags/form with 14 occurrences
* http://www.w3.org/1999/XSL/Transform with 1 occurrences
* http://www.w3.org/1999/xhtml with 26 occurrences
* http://www.w3.org/2001/XMLSchema with 15 occurrences
* http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
2019-03-19 23:53:23 -05:00
a45df2c802
Move OIDC Reactive Packaging
2019-03-19 09:00:46 -06:00
8f5493acce
Move OIDC Servlet Packaging
2019-03-19 09:00:46 -06:00
fba31dfb6a
Reactive Oidc RP-Initiated Logout
...
Issue: gh-5350
2019-03-19 09:00:46 -06:00
248a8c030b
Support for OIDC RP-Initiated Logout
...
Fixes: gh-5350
2019-03-19 09:00:46 -06:00
55e8df1efe
NimbusReactiveJwtDecoder Takes Reactive Processor
...
Fixes: gh-5937
2019-03-18 12:32:44 -06:00
9478abebd2
Internalize Nimbus JwtDecoder Builder
...
Issue: gh-6010
2019-03-18 12:32:44 -06:00
b93528138e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 15:46:20 -05:00
7739a0e91a
Add PKCE OAuth2 client support
...
- Support has been added for "RFC7636: Proof Key for Code Exchange by OAuth Public Clients" (PKCE, pronounced "pixy") to mitigate against attacks targeting the interception of the authorization code
- PkceParameterNames was added for the 3 additional parameters used by PKCE (i.e. code_verifier, code_challenge, and code_challenge_method)
- Default code_verifier length has been set to 128 characters--the maximum allowed by RFC7636
- ClientAuthenticationMethod.NONE was added to allow clients to request tokens without providing a client secret
Fixes gh-6446
2019-02-28 11:38:48 -05:00
fba25614bf
Reactive Opaque Token Support
...
Fixes: gh-6513
2019-02-15 15:59:25 -06:00
752733e8de
Polish WebSessionOAuth2ServerAuthorizationRequestRepository Format
...
Issue: gh-6215
2019-02-15 15:01:11 -06:00
a60fd43534
Fix OAuth2 Client with Ditributed Session
...
Fixes: gh-6215
2019-02-15 15:01:11 -06:00
0c27f64338
ServletOAuth2AuthorizedClientExchangeFilterFunction supports chaining
...
Fixes gh-6483
2019-02-13 11:19:44 -05:00
17e774d8c7
Preserve existing refresh token if new refresh token not returned
...
During an oauth2 refresh if the authorization server doesn't return a new refresh token, preserve the existing one.
Fixes: gh-6503
2019-02-07 15:11:23 -05:00
ef9c3e4771
Opaque Token Support
...
Fixes: gh-5200
2019-02-07 12:40:12 -07:00
Joe Grandja
Josh Cummings
Bouke Nijhuis
kostya05983
Roman Matiushchenko
Thomas Vitale
Lars Grefer
Eleftheria Stein
watsta
Ebert Toribio
Rob Winch
Andreas Falk
Eddú Meléndez
matkocsis
Édouard Hue
Vedran Pavic
Clement Ng
Dennis Devriendt
Tadaya Tsuyukubo
Rafiullah Hamedy
Marek Sabo
Daniel Meier
Florian Aumeier
HaydenMeloche
Jérôme Wacongne
MD Sayem Ahmed
Sharad Alury
Elena Felder
Vishal Raj
Phil Clay
Spring Operator
Stephen Doxsee
Zhanwei Wang
Fabien Arrault