Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 00:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,416 Commits 34 Branches 337 Tags
Commit Graph

83 Commits

Author SHA1 Message Date
Wyfrel
3b447b938c fix missing semi-colon java example in observability documentation 2023-03-03 15:04:16 -07:00
Steve Riesenberg
5286b78308
Merge branch '6.0.x' 
Closes gh-12684
 2023-02-16 13:27:17 -06:00
Steve Riesenberg
c4f68d83bf
Document default CsrfTokenRequestHandler in 6.0 
Closes gh-12651
 2023-02-16 13:26:23 -06:00
Joe Grandja
e139f1c2ba Polish gh-12438 2022-12-22 11:16:19 -05:00
Josh Cummings
c60c10792c
Fix Observability Opt-out Documentation Typo 
Issue gh-12268
 2022-11-29 16:24:57 -07:00
Josh Cummings
cca999c57d
Merge remote-tracking branch 'origin/5.8.x' 2022-11-01 13:46:08 -06:00
Josh Cummings
d29ab8bcae
Merge branch '5.7.x' into 5.8.x 2022-11-01 13:43:40 -06:00
Josh Cummings
c94e33b6c8
Merge branch '5.6.x' into 5.7.x 2022-11-01 13:42:35 -06:00
Ger Roza
8315545144 Update RP-Initiated Logout target URLs. 
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.

Fixes: gh-12081
 2022-11-01 12:35:39 -06:00
Josh Cummings
fe96a62dfc
Document Observability Support 
Issue gh-10964
 2022-10-12 20:32:25 -06:00
Daniel Garnier-Moiroux
27059ced87
Default X-Xss-Protection header value to "0" 
Closes gh-9631
 2022-10-07 17:42:55 -05:00
Steve Riesenberg
6753f9745e
Merge branch '5.8.x' 
# Conflicts:
#	config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt
#	docs/modules/ROOT/pages/reactive/exploits/csrf.adoc
 2022-10-07 17:29:07 -05:00
Steve Riesenberg
f462134e87
Add reactive support for BREACH 
Closes gh-11959
 2022-10-07 16:34:17 -05:00
Steve Riesenberg
181ee7410b
Change default authority for oauth2Login() 
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.

* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER

Documentation has been updated to include this implementation detail.

Closes gh-7856
 2022-09-26 10:06:31 -05:00
Josh Cummings
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main 2022-08-25 14:46:48 -06:00
Josh Cummings
070dce1baf
Document ReactiveMethodSecurity improvements 
Issue gh-9401
 2022-08-25 14:36:03 -06:00
Josh Cummings
27ce5936cf
Add Caveat about Spring Security's co-routine support 
Closes gh-10920
 2022-08-25 14:36:02 -06:00
Joshua Sattler
040111ae9e Remove Configuration meta-annotation from Enable* annotations 
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.

Closes gh-6613

Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
 2022-07-30 03:48:42 +02:00
Steve Riesenberg
a72c5a55db
Revert "Remove @Configuration from webflux config examples" 
This reverts commit aec9effb88f70151912971b2f8b05dc4a9afaa2f.
 2022-07-26 16:46:01 -05:00
Joshua Sattler
aec9effb88 Remove @Configuration from webflux config examples 2022-07-26 16:34:10 -05:00
Yuriy Savchenko
0f64d4c091 Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 14:04:16 -03:00
Yuriy Savchenko
7c7751635d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:56:41 -03:00
Yuriy Savchenko
5322352427 Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:49:21 -03:00
Yuriy Savchenko
db9d60e82d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:47:07 -03:00
André Luis Gomes
aca3fc2412 Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:51:44 -03:00
André Luis Gomes
0c31cb21dc Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:50:56 -03:00
André Luis Gomes
24701b547f Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:49:47 -03:00
André Luis Gomes
b9acdd5058 Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 13:43:42 +02:00
nor-ek
038266a94f
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 13:12:55 -06:00
nor-ek
9625382b22
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:57:56 -06:00
nor-ek
23cc1eb32b
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:56:51 -06:00
nor-ek
416f94f979 Update Junit5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:46:04 -06:00
Marcus Da Coregio
806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Steve Riesenberg
f0168c6c27
Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:53:16 -05:00
Steve Riesenberg
428216b322 Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:50:25 -05:00
Joe Grandja
54b033078b Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:36:10 -04:00
Joe Grandja
a2ffc88294 Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:33:12 -04:00
Lijamaija
660da6f4a0 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 17:49:43 +01:00
Lijamaija
bc2bb8cb96 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 16:18:09 +01:00
Yuriy Savchenko
f64181ab41 Update docs to use multi-tenancy 
Closes gh-10572
 2022-02-14 17:18:48 +01:00
Yuriy Savchenko
77ba94e1db Update docs to use multi-tenancy 
Closes gh-10572
 2022-02-14 11:07:42 +01:00
Talerngpong Virojwutikul
015036741b Add Kotlin example for logout configuration of reactive authentication 
Closes gh-10819
 2022-02-11 13:16:47 +01:00
Talerngpong Virojwutikul
d0faff62df Add Kotlin example for logout configuration of reactive authentication 
Closes gh-10819
 2022-02-11 13:01:43 +01:00
Rob Winch
ac990afa5d Document Authorize HTTP Requests for Reactive Security 
Closes gh-10801
 2022-02-03 13:47:35 -06:00
Rob Winch
c1dfe407bc Document Authorize HTTP Requests for Reactive Security 
Closes gh-10801
 2022-02-03 13:46:27 -06:00
Rob Winch
51fc4a4ca3 Document Authorize HTTP Requests for Reactive Security 
Closes gh-10801
 2022-02-03 13:46:05 -06:00
Joe Grandja
525f40490c Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:59:14 -05:00
Joe Grandja
214cfe807e Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:42:10 -05:00
Rob Winch
2fb056b5c1 Merge Clean up Reference Documentation 
Closes gh-9668
 2021-12-13 16:57:36 -06:00
Marcus Da Coregio
0beb725259 Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-08 11:07:09 +01:00