Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-14 14:23:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,933 Commits 46 Branches 348 Tags
Commit Graph

6933 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Grandja
7e470ff5bd Update to aspectjrt:1.9.0 
Fixes gh-5210
 2018-04-04 12:59:09 -04:00
Joe Grandja
df6a6e5991 Update to Reactor Bismuth SR8 
Fixes gh-5209
 2018-04-04 12:53:54 -04:00
Joe Grandja
1500a22439 Update to Spring Data Kay SR6 
Fixes gh-5167
 2018-04-04 10:31:04 -04:00
Joe Grandja
64cb256bb9 Update to Spring Framework 5.0.5 
Fixes gh-5166
 2018-04-04 10:27:43 -04:00
Joe Grandja
e6d68acfd6 Fix NPE with exp claim in NimbusJwtDecoderJwkSupport 
Fixes gh-5168
 2018-04-04 09:02:05 -04:00
Joe Grandja
bc2a7ac394 ClaimAccessor.getClaimAsInstant() converts Long or Date 
Fixes gh-5191, Fixes gh-5192
 2018-04-04 04:57:36 -04:00
Joe Grandja
55019b2f0b Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677 2018-04-03 11:16:50 -04:00
Rob Winch
151b545ed0 Polish Javadoc 
Fixes: gh-5186
 2018-03-29 15:33:31 -05:00
Rob Winch
c67ce144b9 Polish HeadersSpec 
Fixes: gh-5187
 2018-03-29 15:33:31 -05:00
Rob Winch
6729c39905 Fix JDK 9 
Issue: gh-5160
 2018-03-28 15:00:41 -05:00
Rob Winch
197439f9e1 Update to mockito 2.17.0 
Fixes: gh-5181
 2018-03-28 14:42:43 -05:00
Rob Winch
70a11267fa Update to hibernate-validator:6.0.9.Final 
Fixes: gh-5180
 2018-03-28 14:42:35 -05:00
Rob Winch
4e0c165d47 Update to hibernate-entitymanager:5.2.16.Final 
Fixes: gh-5178
 2018-03-28 14:42:09 -05:00
Rob Winch
93844b1823 Update to assertj 2.9.1 
Fixes: gh-5177
 2018-03-28 14:32:49 -05:00
Rob Winch
a30b3321c4 Update to thymeleaf-layout-dialect:2.3.0 
Fixes: gh-5176
 2018-03-28 14:32:30 -05:00
Rob Winch
ffb8c1978a Update to unbounded 4.0.5 
Fixes: gh-5175
 2018-03-28 14:32:13 -05:00
Rob Winch
4722ab21bf Update to oauth2-oidc-sdk:5.57 
Fixes: gh-5179
 2018-03-28 14:32:07 -05:00
Rob Winch
335735e227 Update to nimbus-jose-jwt:5.9 
Fixes: gh-5174
 2018-03-28 14:31:47 -05:00
Rob Winch
501269a51f Update to appengine 1.9.63 
Fixes: gh-5173
 2018-03-28 14:30:57 -05:00
Rob Winch
6b58218256 Update to Jackson 2.9.5 
Fixes: gh-5172
 2018-03-28 14:30:48 -05:00
Rob Winch
de1137fc5e Update mockwebserver 3.10.0 
Fixes: gh-5171
 2018-03-28 14:30:36 -05:00
Rob Winch
e68657216c Fixes for SPR-16624 
Fixes: gh-5165
 2018-03-27 22:36:03 -05:00
Rob Winch
bfada59a1e CookieClearingLogoutHandler adds uses contextPath + "/" 
Fixes: gh-5140
 2018-03-19 16:50:48 -05:00
Rob Winch
bc17860cb6 Fix ReactorContextTestExecutionListener with custom SecurityContext 
Fixes: gh-5139
 2018-03-19 09:33:34 -05:00
Oleh Dokuka
5e351a4f75 ReactorContextTestExecutionListener with multiple Threads 
Fixes: gh-5138
 2018-03-19 09:32:36 -05:00
Rob Winch
0458ca88e6 Relax assertions in HeaderSpecTests 
Fixes: gh-5117
 2018-03-15 08:31:21 -05:00
Rob Winch
a7a71d6cef Fix @since on GlobalAuthenticationConfigurerAdapter 
Fixes: gh-5109
 2018-03-13 14:25:40 -05:00
Josh Cummings
a7f180b2c7 Authorities authenticate TestingAuthenticationToken 
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5098
 2018-03-09 13:26:36 -06:00
Josh Cummings
87f266133b Update to Spring Boot 2.0.0.RELEASE 
Fixes: gh-5091
 2018-03-09 09:45:20 -06:00
Rob Winch
8f8deac0f4 Fix StrictHttpFirewall rules 
Fixes: gh-5092
 2018-03-08 21:29:31 -06:00
Vedran Pavic
9830d01acc Upgrade Nimbus JOSE + JWT to 5.6 
Fixes: gh-5089
 2018-03-08 16:43:05 -06:00
Vedran Pavic
d8fea5c6f1 Upgrade Nimbus OAuth + OIDC SDK to 5.56 
Fixes: gh-5088
 2018-03-08 16:42:54 -06:00
Rob Winch
4d410b0b61 Polish Javadoc HttpStatusServerAccessDeniedHandler 2018-03-07 12:34:15 -06:00
Rob Winch
24a4fbfe56 HttpStatusServerAccessDeniedHandler use injected HttpStatus 
Fixes: gh-5078
 2018-03-07 12:28:45 -06:00
Josh Cummings
d5d1c30d1d Update to Gradle 4.6 
Only thing of interest really is that the Jacoco Gradle plugin was bumped
to 0.8.0, which requires org.ow2.asm:asm:6.0.

Fixes: gh-5077
 2018-03-06 20:27:31 -06:00
Johnny Lim
d316803596 Polish DaoAuthenticationProviderTests 2018-03-02 08:55:37 -06:00
Josh Cummings
1ed51033cc Migrate config-debug groovy->java 
All tests in `org.springframework.security.config.debug` are migrated.

Note that `SecurityDebugBeanFactoryPostProceessorTest` preserves the original structure-verifying strategy used in the Groovy test. Verifying debug behavior turns out to be fairly tricky since being behaviorally invisible is in its nature.

Issue: gh-4939
 2018-03-02 08:55:07 -06:00
Vedran Pavic
b8ae110b7b Upgrade Nimbus JOSE + JWT to 5.5 2018-03-02 08:48:16 -06:00
Rob Winch
458b571d02 Next Development Version 2018-02-28 08:36:16 -06:00
Rob Winch
ce8bea69ae Release 5.0.3.RELEASE 5.0.3.RELEASE 2018-02-28 07:05:44 -06:00
Rob Winch
ab5a760380 Update to Spring Data Kay SR5 
Fixes: gh-5049
 2018-02-28 07:05:08 -06:00
Rob Winch
ec3534ac8d Update to Reactor Bismuth SR7 
Fixes: gh-5050
 2018-02-27 20:47:00 -06:00
Rob Winch
68afb2475a Update Selenium Dependencies 
Fixes: gh-5056
 2018-02-27 20:45:53 -06:00
Rob Winch
0e1060e736 Update to oauth2-oidc-sdk:5.54 
Fixes: gh-5055
 2018-02-27 20:45:43 -06:00
Rob Winch
c9ef2549b2 Update to appengine-gradle-plugin:1.3.5 
Fixes: gh-5054
 2018-02-27 20:45:27 -06:00
Rob Winch
51ddd2b36d Update to GAE 1.9.62 
Fixes: gh-5053
 2018-02-27 20:45:09 -06:00
Rob Winch
822129cebd Update to Spring Boot 2.0.0.RC2 
Fixes: gh-5052
 2018-02-27 20:44:54 -06:00
Rob Winch
3205f68f29 Update to spring-build-conventions:0.0.15.RELEASE 
Fixes: gh-5048
 2018-02-27 16:23:49 -06:00
Josh Cummings
1b69c62d20 PortMapperConfigurerTests groovy->java 
Issue: gh-4939
 2018-02-27 11:44:21 -05:00
Josh Cummings
e08d4cc90c AnonymousConfigurerTests groovy->java 
This test now checks key and principal both, which differs from the original Groovy test

In order to keep from needing to execute logic internal to `AnonymousAuthenticationToken`, this test changed from the original Groovy test. In the Groovy test, `key` is tested; however in this new test, `principal` is tested instead.

A concern was raised that if `AnonymousAuthenticationProvider` were invoked in this test, then testing only `principal` would not confirm that `key` was correctly propagated to `AnonymousAuthenticationProvider`. So, the test now configures both `key` and `principal`. The former to confirm correct wiring of `AnonymousAuthenticationProvider` and the latter to confirm correct wiring of `AnonymousAuthenticationFilter`.

Issue: gh-4939
 2018-02-27 11:30:02 -05:00