Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 04:52:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,499 Commits 55 Branches 348 Tags
Commit Graph

17499 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
ee13d19503 Merge branch '6.3.x' into 6.4.x 2025-04-10 03:34:09 +00:00
dependabot[bot]
eb83c35ded Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-09 20:33:22 -07:00
Steve Riesenberg
db34de59bc
Merge branch '6.3.x' into 6.4.x 
Closes gh-16901
 2025-04-07 10:55:51 -05:00
Steve Riesenberg
3c0fef59b5
Polish gh-16039 
Closes gh-16038
 2025-04-07 10:54:09 -05:00
Jonah Klöckner
da94fbe431
Evaluate URI query parameter only if enabled 
Issue gh-16038
 2025-04-07 10:54:07 -05:00
dependabot[bot]
a081402383 Bump org.hibernate.orm:hibernate-core from 6.6.12.Final to 6.6.13.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.12.Final to 6.6.13.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.13/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.12...6.6.13)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.13.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 20:55:51 -07:00
dependabot[bot]
f3c8262a00 Bump spring-io/spring-doc-actions from 0.0.19 to 0.0.20 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.19 to 0.0.20.
- [Commits](c203826512...e28269199d)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 17:22:18 -07:00
Josh Cummings
0954638d57
Merge branch '6.3.x' into 6.4.x 
Closes gh-16862
 2025-04-01 12:02:25 -06:00
DingHao
857ef6fe08 WithHttpOnlyCookie defaults to false 
Closes gh-16820

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-04-01 11:59:51 -06:00
dependabot[bot]
55815103a5 Bump org.hibernate.orm:hibernate-core from 6.6.11.Final to 6.6.12.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.11.Final to 6.6.12.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.12/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.11...6.6.12)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-30 21:00:22 -07:00
Steve Riesenberg
26c63aeb01
Merge branch '6.3.x' into 6.4.x 
Closes gh-16844
 2025-03-28 16:34:01 -05:00
Steve Riesenberg
b7df86197c
Apply request-handler-ref to CsrfAuthenticationStrategy 
Closes gh-16801
 2025-03-28 16:25:52 -05:00
Steve Riesenberg
c84c438075
Apply request-handler-ref to CsrfAuthenticationStrategy 
Closes gh-16801
 2025-03-28 16:08:36 -05:00
Josh Cummings
1ad4323cec
Merge branch '6.3.x' into 6.4.x 2025-03-27 16:43:43 -06:00
DingHao
1e7db094d1 Use correct message prompt 
Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-03-27 16:42:52 -06:00
Josh Cummings
6c5b6d1c51
Merge branch '6.3.x' into 6.4.x 
Closes gh-16837
 2025-03-27 16:32:12 -06:00
Josh Cummings
456604ab45 Sort Default Advisors and Added Advisors 
This commit ensures that the default advisors and added advisors
are sorted in the event that this component is not being published
as a Spring bean.

Issue gh-16819
 2025-03-27 16:18:00 -06:00
Josh Cummings
15b9a50060 Add Test 
Issue gh-16819
 2025-03-27 16:18:00 -06:00
Tran Ngoc Nhan
fcc1bd598d Sort Advisors AfterSingletonsInstantiated 
In order to make so that authorization advisors are sorted
only one time and also as part of the configuration lifecycle,
AuthorizationAdvisorProxyFactory now implements
SmartInitializingBean.

Closes gh-16819

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-27 16:18:00 -06:00
Rob Winch
1f3dd53bdf
Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity 
Closes gh-16606
 2025-03-25 16:14:58 -05:00
Rob Winch
a6b5c05da9
Additional WebAuthn4jRelyingPartyOperationTests 
- verify that anonymous users not saved
- verify that when user found the CredentialRecord is allowed

Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
9c054474a8
Use Test Name Conventions 
Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
593f7c4490
Use !isAuthenticated 
It's more verbose to see if the user is not null and not anonymous

Issue gh-16385
 2025-03-25 16:14:25 -05:00
Rob Winch
4e20d56d2d
Fix format for WebAuthn4jRelyingPartyOperations 
Issue gh-16385
 2025-03-25 16:14:25 -05:00
Josh Cummings
26aa253633
Merge branch '6.3.x' into 6.4.x 2025-03-25 15:11:42 -06:00
github-actions[bot]
af2668f7cb Bump Gradle Wrapper from 8.10.2 to 8.13. 
Release notes of Gradle 8.13 can be found here:
https://docs.gradle.org/8.13/release-notes.html

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-03-25 15:11:10 -06:00
Tomas Borghi
0a084135ec
Delete import unused 
Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 16:50:39 -03:00
Tomas Borghi
5571ad1b27
Fix issues identified in PR review 
Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 13:18:23 -03:00
Borghi
e3a715b8f5 Fix issues identified in PR review 
Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>
 2025-03-24 13:00:27 -03:00
dependabot[bot]
2f04512e01 Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.18 to 0.0.19.
- [Commits](852920ba3f...c203826512)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 18:49:53 -07:00
github-actions[bot]
23444dd13f Merge branch '6.3.x' into 6.4.x 2025-03-24 01:41:22 +00:00
dependabot[bot]
883765b2de Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.16 to 1.0.0-alpha.17.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.16...v1.0.0-alpha.17)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-23 18:40:37 -07:00
Rob Winch
c032b20178
Merge branch '6.3.x' into 6.4.x 2025-03-21 15:59:51 -05:00
Rob Winch
58e7ba4a4b
https docs download 2025-03-21 15:59:39 -05:00
Josh Cummings
db8b6322e2
Merge branch '6.3.x' into 6.4.x 2025-03-21 14:47:24 -06:00
Bragolgirith
72554f7f36 Update authorize-http-requests.adoc 
Fix patterns in the Security Matchers documentation

Signed-off-by: Bragolgirith <6455473+Bragolgirith@users.noreply.github.com>
 2025-03-21 14:46:53 -06:00
Rob Winch
af8786150e
Merge branch '6.3.x' into 6.4.x 
Closes gh-16799
 2025-03-21 15:11:18 -05:00
Rob Winch
65e83f8e7a
Add link to docs zip 
Closes gh-16798
 2025-03-21 15:10:52 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
ab6e9d2d1f
Clarify WebInvocationPrivilegeEvaluator JavaDoc 
Closes gh-16529

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:10 -05:00
Tran Ngoc Nhan
a53ca7c3d0
Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc 
Closes gh-16555

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:09 -05:00
Tran Ngoc Nhan
af40d7e35a
Fix typo 
Closes gh-16776

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:09 -05:00
Tran Ngoc Nhan
daf8cfe8d2
Fix Spring Framework reference link 
Closes gh-16699

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:08 -05:00
Tran Ngoc Nhan
75b537f99a
Fix WebFlux authentication reference link 
Closes gh-16702

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:07 -05:00
Josh Cummings
55d61224e5
Merge branch '6.3.x' into 6.4.x 2025-03-20 13:25:04 -06:00
Josh Cummings
d1b7f8a119
Update Gradle Wrapper Upgrade 
Issue gh-16221
 2025-03-20 13:23:49 -06:00
Josh Cummings
85c906290d
Merge branch '6.3.x' into 6.4.x 2025-03-20 13:22:45 -06:00
dependabot[bot]
68f08c26d0 Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.4 to 6.2.5.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.4...v6.2.5)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-19 21:08:40 -07:00
dependabot[bot]
5353d499b4 Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.17 to 1.5.18.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-18 20:41:11 -07:00
dependabot[bot]
60df37b026 Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.17 to 1.5.18.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-18 20:36:39 -07:00