Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,791 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

2459 Commits

Author SHA1 Message Date
Rob Winch cdc992b132 Remove SaltSource 
Fixes gh-4681
 2017-10-24 07:56:28 -05:00
Rob Winch 4529e09339 Remove PasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:56:28 -05:00
Rob Winch 6c69333df6 Remove PasswordEncoderUtils from core 
Issue: gh-4674
 2017-10-24 07:56:28 -05:00
Rob Winch 3a4a32e654 Remove LdapShaPasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:56:20 -05:00
Rob Winch 6a3e981c80 Remove BaseDigestPasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:55:40 -05:00
Rob Winch a8aa65b828 Remove Md4PasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:55:32 -05:00
Rob Winch 2dc4e326be Remove MessageDigestPasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch 12dbf2e961 Remove PlainTextPasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch 40fd8d7aa7 Remove ShaPasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch e98fc3556e Remove Md5PasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch 52560b560d PasswordEncodedUser 
Fixes gh-4680
 2017-10-23 22:27:16 -05:00
Rob Winch 1ea10a1e89 Add User.withDefaultPasswordEncoder() 
Fixes gh-4678
 2017-10-23 22:27:16 -05:00
Rob Winch a0fb324e1d Add passwordEncoder to UserBuilder 
Fixes gh-4677
 2017-10-23 22:27:16 -05:00
Rob Winch 7fd1cff3ce Fix PrePostAdviceReactiveMethodInterceptor tangle 
Issue: gh-4636
 2017-10-16 16:36:43 -05:00
Rob Winch 1dc49276f8 Fix P tangle 
Issue: gh-4636
 2017-10-16 16:36:15 -05:00
Rob Winch 96f6368214 Update to Spring Framework 5.0.1.BUILD-SNAPSHOT 
Fixes gh-4633
 2017-10-16 16:30:59 -05:00
Rob Winch 57d26ffa10 Polish 2017-10-11 13:57:59 -05:00
Rob Winch e99e2a9f09 PrePostAdviceMethodInterceptor->PrePostAdviceReactiveMethodInterceptor 
Issue gh-4615
 2017-10-11 13:57:54 -05:00
Rob Winch 5502856095 UserDetailsRepositoryAuthenticationManager->UserDetailsRepositoryReactiveAuthenticationManager 
Issue gh-4615
 2017-10-11 13:57:35 -05:00
Rob Winch 4681697581 UserDetailsRepository->ReactiveUserDetailsService 
Issue gh-4615
 2017-10-11 13:57:30 -05:00
Rob Winch f1bc82dcef AuthenticatedAuthorizationManager->AuthenticatedReactiveAuthorizationManager 
Issue gh-4615
 2017-10-11 13:57:26 -05:00
Rob Winch 866ce5eaec AuthorityAuthorizationManager->AuthorityReactiveAuthorizationManager 
Issue gh-4615
 2017-10-11 13:57:08 -05:00
Rob Winch fc84d31010 Fix Javadoc Encoding 2017-10-09 16:48:50 -05:00
Rob Winch 23f56f568c Update MockitJunitRunner import 
Issue: gh-4608
 2017-10-09 16:13:33 -05:00
Rob Winch 445834784a Update to Mockito 2.10.0 
Issue: gh-4608
 2017-10-09 16:13:11 -05:00
Rob Winch f3828924ff Fix equals and hashCode alignment 
Fixes gh-4588
 2017-09-28 17:25:00 -05:00
Rob Winch 1c9b627267 Update to Spring Framework 5.0.0.RELEASE 
Fixes gh-4585
 2017-09-28 17:24:38 -05:00
Rob Winch b59265c641 Add InMemoryUserDetailsManager(UserDetails... users) 2017-09-22 19:56:32 -05:00
Stephan Schroevers 9e719bc313 Drop the `aopalliance:aopalliance` dependency 
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.

This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)

The documentation is updated accordingly.

[1] https://jira.spring.io/browse/SPR-13984
 2017-09-22 11:11:04 -05:00
Rob Winch 8854414101 Polish for Gradle 5.0 2017-09-18 16:53:19 -05:00
Rob Winch 8a66d0c78d Polish PermissionEvaluator Autowired into Web Security 
Issue gh-4077
 2017-09-18 16:53:19 -05:00
Craig Andrews 3bf6bf10de Configure permissionEvaluator and roleHierarchy by default 
Implementations of AbstractSecurityExpressionHandler (such as the very commonly used DefaultWebSecurityExpressionHandler) get PermissionEvaluator and RoleHierarchy from the application context (if the application context is provided, and exactly one of such a bean exists in it). This approach matches that used in GlobalMethodSecurityConfiguration, making everything in Spring Security work the same way (including WebSecurity).

Issue gh-4077
 2017-09-18 16:35:16 -05:00
Rob Winch 1f4082e754 Fix copyright lines 2017-09-18 11:11:25 -05:00
Rob Winch 3ecf3ea034 Fix double * in Copyright headers 2017-09-18 10:47:26 -05:00
Rob Winch ae342dfcce Update to the lastest SNAPSHOTs 2017-09-18 10:17:21 -05:00
Rob Winch 7bb4367cf1 Prepare Versions for Release 2017-09-13 08:24:14 -05:00
Rob Winch 72f139a824 Mono.currentContext()->subscriberContext() 
Fixing refactoring by Reactor
 2017-09-01 16:14:42 -05:00
ladislav-bozek b3ad174ee2 Small typo in Javadoc 2017-08-30 15:27:53 -05:00
Rob Winch 895f0d108c Run PasswordEncoder on Schedulers.parallel() 2017-08-29 22:26:56 -05:00
Rob Winch a563689e6c Add PasswordEncoder for UserDetailsRepositoryAuthenticationManager 2017-08-29 21:19:42 -05:00
Rob Winch 416ff3c77a Add EnableReactiveMethodSecurity 
Issue gh-4496
 2017-08-17 16:42:01 -05:00
Rob Winch e16b8e7976 Fix logback-test.xml 2017-08-17 16:42:01 -05:00
Rob Winch 0f0563cd6f MethodSecurityMetadataSourceAdvisor supports MethodInterceptor 
Fixes gh-4480
 2017-07-31 16:46:51 -05:00
Joe Grandja a176a8c4ae Update to next development version 2017-07-24 11:54:43 -04:00
Joe Grandja abf34e0e67 Release 5.0.0.M3 2017-07-24 11:12:32 -04:00
Rob Winch 0b481cf4b6 Make UserBuilder.username public 
This allows for reusing a UserBuilder to create multiple UserDetails with
similar attributes but different usernames.

Fixes gh-4453
 2017-07-12 13:54:52 -05:00
Rob Winch 37011720c9 Update to latest Spring IO Cairo SNAPSHOT 
Fixes gh-4407
 2017-06-20 16:42:09 -05:00
Rob Winch fb85ad6bd7 Revert "Work Around SPR-15651" 
This reverts commit 6c286696b4.
 2017-06-15 15:25:36 -05:00
Rob Winch dcef3d6ebb Remove springIoVersion for release preparations 2017-06-15 13:34:51 -05:00
Rob Winch 6c286696b4 Work Around SPR-15651 
Issue gh-4386
 2017-06-09 22:26:02 -05:00
Rob Winch d09fb5b500 Move UserDetailsRepository to core.userdetails 
Fixes gh-4383
 2017-06-09 16:07:09 -05:00
Joe Grandja eb6bd9bea9 Update groupId io.projectreactor.addons -> io.projectreactor 
Fixes gh-4377
 2017-06-08 14:06:51 -04:00
Rob Winch 5dee8534cd Update SecurityJackson2Modules 
Fixes gh-4370
 2017-06-07 23:05:13 -05:00
Rob Winch a79a81cd24 Simplify webflux samples 
Remove the custom user from the hellowebflux and hellowebfluxfn samples.
 2017-05-23 15:59:16 -05:00
Rob Winch 07234f6255 Switch back to Spring Framework 5.0.0.BUILD-SNAPSHOT 2017-05-16 15:12:09 -05:00
Rob Winch 22c1685d70 Use AssertionsForClassType 2017-05-15 13:48:12 -05:00
Rob Winch d81b436e5d Remove pom.xml from build 
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.

This commit removes the pom.xml files from the build.

Fixes gh-4283
 2017-05-11 14:32:36 -05:00
Vedran Pavic e9427e421b Update Spring version 2017-05-10 00:27:36 -05:00
Vedran Pavic 85719fcd64 Use Base64 implementation provided by Java 8 2017-05-10 00:27:36 -05:00
Rob Winch b4f2777755 Add WebFlux 
Fixes gh-4128
 2017-05-10 00:13:02 -05:00
Rob Winch 051e3fb079 Add UserBuilders.withUserDetails 2017-05-10 00:12:12 -05:00
Rob Winch 5c7ff5c24a Update to spring 5.0.0.RC1 2017-05-09 02:35:46 -05:00
Rob Winch e1ef0477fb Build Leverages tests-configuration plugin 2017-05-01 17:10:20 -05:00
Rob Winch d108bf58bf Remove commons-logging 
Issue: gh-4308
 2017-04-24 19:40:22 -05:00
Rob Winch dd6fc48dd8 Standardize Build 
The build now uses spring build conventions to simplify the build

Fixes gh-4284
 2017-04-21 10:55:05 -05:00
Joe Grandja 71e491fcf0 Provide abstraction for an Authenticated Principal 2017-04-10 16:18:40 -04:00
Joe Grandja 2ce174dbf0 Update poms to 5.0.0.BUILD-SNAPSHOT 2017-04-07 16:49:50 -04:00
Joe Grandja 2b81983f7c Update to Java 8 compatibility 
* Spring IO Athens-BUILD-SNAPSHOT -> Cairo-BUILD-SNAPSHOT
* CGLib 3.1 -> 3.2.5 latest release Issue related to ASM https://github.com/cglib/cglib/issues/20
* AssertJ 2.2.0 -> 3.6.2 latest release
* PowerMock 1.6.2 -> 1.6.5 latest release is 1.6.6 but has regression Issue https://github.com/powermock/powermock/issues/717
* Update maven-compiler-plugin source/target to 1.8
 2017-04-07 16:49:38 -04:00
Rob Winch 3ca78df15f Fix Security version Test 2017-03-08 19:12:39 -06:00
Rob Winch d2524eadfc Update poms to new to SNAPSHOT version 2017-03-02 09:20:34 -06:00
Spring Buildmaster 081f0c4d94 Release version 4.2.2.RELEASE 2017-03-02 07:29:42 +00:00
pkovacs f99fe36e02 Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl 
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.

Fixes gh-4163.
 2017-03-02 00:09:14 -06:00
stonio 901a4e183a Update SecurityContextHolder.java 
Use StringUtils.hasText
 2017-03-01 23:54:04 -06:00
Rob Winch b64cdb5765 Fix RoleHiearchyUtilsTests on Windows 
Fixes gh-4228
 2017-03-01 23:27:11 -06:00
Rob Winch 9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Spring Buildmaster 7a7ce11ebb Release version 4.2.1.RELEASE 2016-12-21 17:23:28 +00:00
Rob Winch 6bec625e68 Update to Spring 4.3.5.RELEASE 
Fixes gh-4167
 2016-12-21 09:04:16 -06:00
Spring Buildmaster 24fcb6c45a Release version 4.2.0.RELEASE 2016-11-09 23:42:11 +00:00
Rob Winch a9024de734 Polish Spring Version Update 
Fix related tests.

Issue gh-4123
 2016-11-09 17:05:25 -06:00
Rob Winch f97f38fd57 jacksonDatavindVersion->jacksonDatabindVersion 
Issue gh-4122
 2016-11-09 16:46:38 -06:00
Rob Winch f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Spring Buildmaster 97b4cb0b73 Release version 4.2.0.RC1 2016-10-26 02:49:23 +00:00
Rob Winch e62596f36d Polish PasswordEncoderUtils do not leak length 
Fix possible / 0 if expected is empty String.

Issue gh-255
 2016-10-24 12:50:46 -05:00
Rob Winch d3685d89c5 Polish PasswordEncoderUtils do not leak length 
Issue gh-255
 2016-10-24 11:26:43 -05:00
avri-schneider a98389fa98 PasswordEncoderUtils do not leak length 
Enforce constant time even when expectedLength != actualLength.

Fixes gh-255
 2016-10-24 11:26:34 -05:00
Rob Winch dc9f9b140f Polish PasswordEncoderUtilsTests 
* Add more tests
* Smaller tests
* Follow new naming convention
 2016-10-24 11:24:24 -05:00
Rob Winch f432c04111 Create UserBuilder 
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
 2016-10-21 16:42:03 -05:00
Rob Winch 08c1f500a7 Version bumps for Spring 5 
Issue gh-4080
 2016-10-17 17:00:17 -05:00
Jitendra Singh 48ff518a41 Fix Jackson 2.7+ 
UnmodifiableSetDeserializer added which will ensure
Collection$UnmodifiableSet deserialize properly with jackson-databind 2.7+

Fixes gh-4073
 2016-10-13 07:42:07 -05:00
Spring Buildmaster c1b8150439 Release version 4.2.0.M1 2016-09-23 19:39:33 +00:00
Rob Winch b443baef04 Polish GrantedAuthorityDefaults 
* Move GrantedAuthorityDefaults to config module
* Move setting of default role into config module vs
  ApplicationContextAware

Issue gh-3701
 2016-09-22 15:13:05 -05:00
Eddú Meléndez eabeaf35d6 Make single definition of `defaultRolePrefix` and `rolePrefix` 
Previous to this commit, role prefix had to be set in every class
causing repetition. Now, bean `GrantedAuthorityDefaults` can be used to
define the role prefix in a single point.

Fixes gh-3701
 2016-09-21 14:55:41 -05:00
Joe Grandja c75a5b7279 Polish RoleHierarchyUtils and add tests 2016-09-19 14:07:34 -04:00
Thomas Darimont 06c67070a6 Add convenience method for constructing RoleHierarchy from Map. 
Introduced `RoleHierarchyUtils` which enables convenient
construction of `RoleHierarchy` from map based representation.
Where the map key is the role name and the map value is a list
of implied role names.

Here is a small example for that in action:
https://gist.github.com/thomasdarimont/ee9fffdef1adb9243b12ad247478aad4

Fixes #3990.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
 2016-09-19 14:07:34 -04:00
Rob Winch 92a59e0df7 Fix checkstyle 
Issue gh-3736
 2016-09-02 12:02:39 -05:00
Rob Winch 8ad0003456 Polish Whitespace 
Issue gh-3736
 2016-09-02 11:37:21 -05:00
Rob Winch 3531cc93c2 JSON tests ObjectMapper Cleanup 
* Move to @Setup
* Consistently extend from AbstractMixinTests and reuse ObjectMapper

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch bd925313af Improve Readablility of JSON test strings 
This improves the readability of the JSON strings used for
testing JSON serialize / deserialize of Spring Security

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch d4c48dd3e1 Remove MockitoJUnitRunner from JSON tests 
Previously the JSON tests unnecessarily had MockitoJUnitRunner.

This commit removes MockitoJUnitRunner from the JSON tests.

Issue gh-3736
 2016-09-02 11:37:20 -05:00
Rob Winch df613ed4cc JSON UserDetails deserializes null 
JSON UserDetails null use to be treated as "".

This changes null to be treated as a null

Issue gh-3736
 2016-09-02 11:37:16 -05:00