Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,857 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

14857 Commits

Author SHA1 Message Date
Marcus Hert Da Coregio 2bfdb0c6cd Only run workflow for branches that matches [5-9]+.[5-9]+.x 
Issue gh-14535
 2024-02-14 01:15:16 -03:00
github-actions[bot] 22807b7803 Merge branch '5.8.x' into 6.1.x 2024-02-14 04:10:34 +00:00
dependabot[bot] 2ed7b857c3 Bump org-eclipse-jetty from 9.4.53.v20231009 to 9.4.54.v20240208 
Bumps `org-eclipse-jetty` from 9.4.53.v20231009 to 9.4.54.v20240208.

Updates `org.eclipse.jetty:jetty-server` from 9.4.53.v20231009 to 9.4.54.v20240208

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.53.v20231009 to 9.4.54.v20240208

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-14 03:57:50 +00:00
dependabot[bot] a0b1d6317c Bump org-aspectj from 1.9.20.1 to 1.9.21.1 
Bumps `org-aspectj` from 1.9.20.1 to 1.9.21.1.

Updates `org.aspectj:aspectjrt` from 1.9.20.1 to 1.9.21.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.20.1 to 1.9.21.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-14 03:57:41 +00:00
dependabot[bot] a7a5d64644 Bump org-aspectj from 1.9.21 to 1.9.21.1 
Bumps `org-aspectj` from 1.9.21 to 1.9.21.1.

Updates `org.aspectj:aspectjrt` from 1.9.21 to 1.9.21.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.21 to 1.9.21.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-14 03:52:00 +00:00
Marcus Hert Da Coregio 1ac0aef28c Merge branch '5.8.x' into 6.1.x 2024-02-13 10:45:53 -03:00
Marcus Hert Da Coregio 731cd6131b Do not try to run trigger dependabot automerge workflow in PRs 
Issue gh-14535
 2024-02-13 10:45:08 -03:00
github-actions[bot] e66e0afc6f Merge branch '5.8.x' into 6.1.x 2024-02-12 19:55:33 +00:00
dependabot[bot] c2a589734c Bump spring-io/spring-github-workflows 
Bumps [spring-io/spring-github-workflows](https://github.com/spring-io/spring-github-workflows) from eaf17a1890b1ef1b337f015d6eb263baaf8c6dab to 1e8b0587a1f4f01697f9753fa3339c3e0d30f396.
- [Release notes](https://github.com/spring-io/spring-github-workflows/releases)
- [Commits](eaf17a1890...1e8b0587a1)

---
updated-dependencies:
- dependency-name: spring-io/spring-github-workflows
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-12 00:57:15 +00:00
dependabot[bot] e5e67f91e9 Bump Gamesight/slack-workflow-status from 1.2.0 to 1.3.0 
Bumps [Gamesight/slack-workflow-status](https://github.com/gamesight/slack-workflow-status) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/gamesight/slack-workflow-status/releases)
- [Commits](https://github.com/gamesight/slack-workflow-status/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: Gamesight/slack-workflow-status
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-12 00:57:09 +00:00
dependabot[bot] 85404e1aa6 Bump Gamesight/slack-workflow-status from 1.2.0 to 1.3.0 
Bumps [Gamesight/slack-workflow-status](https://github.com/gamesight/slack-workflow-status) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/gamesight/slack-workflow-status/releases)
- [Commits](https://github.com/gamesight/slack-workflow-status/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: Gamesight/slack-workflow-status
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-12 00:31:05 +00:00
dependabot[bot] 66ab637068 Bump spring-io/spring-github-workflows 
Bumps [spring-io/spring-github-workflows](https://github.com/spring-io/spring-github-workflows) from eaf17a1890b1ef1b337f015d6eb263baaf8c6dab to 1e8b0587a1f4f01697f9753fa3339c3e0d30f396.
- [Release notes](https://github.com/spring-io/spring-github-workflows/releases)
- [Commits](eaf17a1890...1e8b0587a1)

---
updated-dependencies:
- dependency-name: spring-io/spring-github-workflows
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-12 00:31:00 +00:00
Josh Cummings 75fdcd10f7
Use synchronized 
Closes gh-14445
 2024-02-07 08:48:49 -07:00
Marcus Hert Da Coregio 54a407b159 Merge branch '5.8.x' into 6.1.x 2024-02-07 10:13:45 -03:00
Marcus Hert Da Coregio ccb2f06d0d Partially revert fc658d10 
OpenIDAuthenticationFilter exists in versions < 6.0

Issue gh-14531
 2024-02-07 10:13:34 -03:00
Marcus Hert Da Coregio ba1068e368 Merge branch '5.8.x' into 6.1.x 
Closes gh-14564
 2024-02-07 09:37:52 -03:00
DingHao fc658d10d3 fix security filter sort in javadoc 
Closes gh-14531
 2024-02-07 09:37:01 -03:00
Marcus Hert Da Coregio 547552ebd6 Merge branch '5.8.x' into 6.1.x 2024-02-06 11:06:02 -03:00
Marcus Hert Da Coregio e0fc8f37b0 Use latest version of spring-merge-dependabot-pr workflow 
Issue gh-14535
 2024-02-06 11:05:56 -03:00
Marcus Hert Da Coregio c1b9c9a4f0 Merge branch '5.8.x' into 6.1.x 2024-02-06 08:20:06 -03:00
Marcus Hert Da Coregio 43ced5291b Only run workflow for spring-projects repositories 
Issue gh-14535
 2024-02-06 08:18:31 -03:00
dependabot[bot] 27151837ee Bump org.slf4j:slf4j-api from 2.0.11 to 2.0.12 
Bumps org.slf4j:slf4j-api from 2.0.11 to 2.0.12.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-06 08:16:51 -03:00
Marcus Hert Da Coregio 6938cd9798 Merge branch '5.8.x' into 6.1.x 2024-02-06 08:07:54 -03:00
Marcus Hert Da Coregio 56c5fc281e Automatically trigger auto merge for Dependabot PRs 
Issue gh-14535
 2024-02-06 08:06:27 -03:00
Josh Cummings ffe9577487
Merge branch '5.8.x' into 6.1.x 2024-02-05 15:41:35 -07:00
Josh Cummings 7c3a6a567e Fix Compilation Errors 
Issue gh-14525
 2024-02-05 15:18:31 -07:00
Andreas Asplund 07e0b1dc37 Saml2 LogoutFilter Is Placed Before Common LogoutFilter 
Closes gh-14525
 2024-02-05 15:18:31 -07:00
Steve Riesenberg 91f0a5a434
Remove missed test 
Note: This test was missed when removing unused code in
f11ba8f7f1.

Issue gh-14242
 2024-02-05 14:43:26 -06:00
github-actions[bot] 0d82f9bf22 Bump Gradle Wrapper from 8.5 to 8.6 2024-02-05 08:59:10 -07:00
Steve Riesenberg f11ba8f7f1
Switch to reusable workflows 
Issue gh-14538
Closes gh-14242
Closes gh-13195
Closes gh-10460
Closes gh-11308
 2024-02-02 17:17:57 -06:00
Steve Riesenberg ad71f57143
Add spring-security-release-plugin 
Issue gh-14242
 2024-02-02 15:47:31 -06:00
Steve Riesenberg b5bd62130b
Support consistent build info 
Closes gh-14538
 2024-02-02 14:00:20 -06:00
Marcus Hert Da Coregio 4e5780a30c Fix setters not working for CasAuthenticationFilter 
The setSecurityContextRepository and setSecurityContextHolderStrategy only works for the parent class.
This commit overrides the method and make sure that we set the objects in the super class and the CasAuthenticationFilter.

Closes gh-14529
 2024-02-02 15:29:28 -03:00
dependabot[bot] 9fb2f73348 Bump org-eclipse-jetty from 11.0.19 to 11.0.20 
Bumps `org-eclipse-jetty` from 11.0.19 to 11.0.20.

Updates `org.eclipse.jetty:jetty-server` from 11.0.19 to 11.0.20

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.19 to 11.0.20

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-02 09:33:04 -03:00
Marcus Hert Da Coregio 2efc282f56 Merge branch '5.8.x' into 6.1.x 2024-02-02 09:31:46 -03:00
Marcus Hert Da Coregio 05d3c4b695 Add permission to Edit Dependabot PR workflow 
Issue gh-14486
 2024-02-02 09:30:50 -03:00
Marcus Hert Da Coregio 5f80cfc705 Automatically assign milestone to Dependabot PR 
Issue gh-14486
 2024-02-02 09:30:39 -03:00
Habin Song 49f447f3d0 Update session-management.adoc 
lambda expression typo. I changed '(session) - session' to '(session) -> session'
 2024-01-31 09:51:00 -03:00
Habin Song fbb35a1e3d Typo: Update ldap.adoc 
there is no word like 'byusing'. I fixed 'byusing' to 'by using'.
 2024-01-31 09:50:51 -03:00
y-tomida cb84efd06d Fix command in CONTRIBUTING.adoc 2024-01-31 09:50:31 -03:00
Josh Cummings ebfe8e3580
Merge branch '5.8.x' into 6.1.x 2024-01-29 17:45:04 -07:00
dependabot[bot] 7011930305 Bump gradle/gradle-build-action from 2 to 3 
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3.
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-29 17:44:51 -07:00
Josh Cummings b0fe1da98e
Merge branch '5.8.x' into 6.1.x 2024-01-29 17:42:29 -07:00
dependabot[bot] 8a75382b2d Bump slackapi/slack-github-action from 1.24.0 to 1.25.0 
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/slackapi/slack-github-action/releases)
- [Commits](https://github.com/slackapi/slack-github-action/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: slackapi/slack-github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-29 17:41:43 -07:00
Josh Cummings 44f22ee5cf
Merge branch '5.8.x' into 6.1.x 
Closes gh-14495
 2024-01-25 17:32:57 -07:00
Hans Lindner ca10187fd1 Enhance JWT decoding error handling 
Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality.

Closes gh-14467
 2024-01-25 17:32:10 -07:00
Marcus Hert Da Coregio ce5f5e6e33 Add native hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken 
Closes gh-14397
 2024-01-17 16:14:59 -03:00
Marcus Hert Da Coregio 2eba7eb672 Merge branch '5.8.x' into 6.1.x 2024-01-17 14:31:29 -03:00
dependabot[bot] 44b785bfb1 Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-17 14:31:11 -03:00
dependabot[bot] 56f486588f Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-17 14:31:01 -03:00