Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 06:58:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,765 Commits 33 Branches 337 Tags
Commit Graph

5765 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
qwazer
fe117bc445 [minor] fix grammar error (#4013) 
add space: that"collects" -> that "collects"
 2016-08-15 09:42:36 -05:00
Rob Winch
bb997eecde Fix defaultMethodExpressionHandler autowiring 
Previously if a Bean for GlobalMethodSecurityConfiguration's
defaultMethodExpressionHandler was found on a Configuration that also
@Autowired a Bean that enabled method security, the Bean that was
@Autowired would not have security enabled.

This fixes the issue by delaying the lookup of Beans populated on
GlobalMethodSecurityConfiguration's defaultMethodExpressionHandler.

Fixes gh-4020
 2016-08-10 23:48:07 -05:00
Joe Grandja
e080905a79 MvcRequestMatcher servletPath Polish / XML Config 
Fixes gh-4014
 2016-08-09 16:29:30 -05:00
Rob Winch
3befb1c8a6 MvcRequestMatcher servletPath / JavaConfig 
Issue: gh-3987
 2016-08-09 16:29:30 -05:00
Rob Winch
050198e51b Fix csrf() when used then not used 
Previously if csrf() was used and subsequently not used, the
TestCsrfTokenRepository was still used. This makes it difficult to test
the actual CsrfTokenRepository implementation.

Now the TestCsrfTokenRepository is only used if explicitly enabled.

Fixes gh-4016
 2016-08-09 17:09:16 -04:00
Rob Winch
519c15efb3 Logout is 204 for XMLHttpRequest 
Fixes gh-3997
 2016-08-02 11:26:52 -07:00
Kevin Conaway
d2a37cb1d6 Improve field visibility in DefaultMethodSecurityExpressionHandler 
Fixes gh-210
 2016-07-26 09:56:00 -04:00
Rob Winch
c23c7982ca Add ObjectPostProcessor support for SmartInitializingSingleton 2016-07-21 08:59:17 -05:00
Artur Owczarek
0b14664a8c Fix typos in reference (#3979) 2016-07-19 15:42:23 -05:00
Rob Winch
ca170f8479 DummyRequest supports methods for MvcRequestMatcher 
To support MvcRequestMatcher DummyRequest needs to support
getCharacterEncoding() and getAttribute(String)
 2016-07-14 14:18:31 -05:00
Rob Winch
ada146244e Add HttpSecurity.mvcMatcher 
Fixes gh-3970
 2016-07-14 10:50:49 -04:00
Rob Winch
945e2e2ad4 Fix NPE requestMatchers().mvcMatchers 
Fixes gh-3969
 2016-07-14 10:50:49 -04:00
Marten Deinum
80ff267749 Check RememberMe in ExceptionTranslationFilter 
This commit adds a check for rememberme to the ExceptionTranslationFilter.
Using this when someone isn't fully authenticated he will be prompted with a
login screen and after that will be redirected to the original requested URI.

Fixes gh-2427
 2016-07-13 16:58:00 -04:00
Johnny Lim
69306a8b46 Fix typo (#3968) 
Fixes typo `advantadge`
 2016-07-13 12:37:26 -05:00
Rob Winch
8a17c23277 Bump PermGen 2016-07-12 10:08:01 -05:00
Rob Winch
0f608d59b6 Default to Spring IO Athens-SNAPSHOT 2016-07-12 10:07:49 -05:00
Rob Winch
70787fc548 Polish CompositeLogoutHandler 
Issue gh-3895
 2016-07-08 14:39:35 -05:00
Eddú Meléndez
1effc1882a Add CompositeLogoutHandler 
Fixes gh-3895
 2016-07-08 13:30:38 -05:00
Michael Simons
e5b1cb842e Document schema changes in CONTRIBUTING.md (#3965) 
Direct changes to XSD schemas will be overwritten by the build, it is necessary that the developer updates the RELAX NG schema instead.

See discussion on commit e297706e8bfda38117a99fd06dace74c5a8cc5f1.
 2016-07-08 13:27:23 -05:00
Rob Winch
885f074ddf Fix XsdDocumentedTests 2016-07-07 15:05:04 -05:00
Rob Winch
e297706e8b Polish allow unlimitted sessions 
Update the rnc file

Issue gh-3900
 2016-07-07 14:31:40 -05:00
Michael J. Simons
e3ff4130a5 Allow negative values to configure unlimited sessions 2016-07-07 14:29:18 -05:00
Rob Winch
50d7d3287f Add spring-security-4.2.xsd 2016-07-07 14:19:01 -05:00
Eddú Meléndez
26fa4a4bf0 Prevent HTTP response splitting 
Evaluate if http header value contains CR/LF.

Reference: https://www.owasp.org/index.php/HTTP_Response_Splitting

Fixes gh-3910
 2016-07-07 13:42:52 -05:00
Eddú Meléndez
13b0ddb7e6 Fix test assertions 2016-07-07 13:29:00 -05:00
Rob Winch
b4ab0483b1 Update version to 4.2.0.BUILD-SNAPSHOT 2016-07-07 12:56:20 -05:00
Spring Buildmaster
cc04392d9a Next development version 2016-07-07 00:57:53 +00:00
Spring Buildmaster
919f000c80 Release version 4.1.1.RELEASE 4.1.1.RELEASE 2016-07-07 00:57:35 +00:00
Johnny Lim
310bb39a0d Fix typo 2016-07-06 16:22:33 -05:00
Rob Winch
764a4d8414 Fix Error Message typo 
Fixes gh-3953
 2016-07-06 16:19:29 -05:00
Jakob Englisch
b17870ee07 LogoutConfigurer: only allow suitable http methods 2016-07-06 16:17:11 -05:00
Rob Winch
8ad91ef6a5 WithSecurityContextTestExecutionListener > SqlScriptsTestExecutionListener 
WithSecurityContextTestExecutionListener should order after
SqlScriptsTestExecutionListener so sql can setup the current user's info
in the database.

Fixes gh-3962
 2016-07-06 16:09:17 -05:00
Rob Winch
5f6312c5be Update to Spring 4.3.1 
Fixes gh-3963
 2016-07-06 15:47:44 -05:00
Rob Winch
9d50944cb2 AntPathRequestMatcher implements RequestVariableExtractor 
Issue gh-3964
 2016-07-06 15:47:34 -05:00
Rob Winch
e4c13e3c0e Add MvcRequestMatcher 
Fixes gh-3964
 2016-07-06 15:47:23 -05:00
Rob Winch
13bc70f693 Add CorsFilter support 2016-07-05 14:28:04 -05:00
Rob Winch
c935d857eb Add mvc namespace to XmlApplicationContext 2016-07-01 22:04:55 -05:00
Rob Winch
843ed3e437 Update to Spring 4.3.1.BUILD-SNAPSHOT 2016-07-01 22:04:55 -05:00
Rob Winch
7f3b3a8b59 Polish 
Issue gh-180
 2016-07-01 13:17:52 -05:00
Jakob Englisch
261c932b8e Upgrade Gradle to 2.14 
Issue gh-3946
 2016-06-28 13:13:08 -04:00
Rob Winch
1b4e20e97f Fix InsecureApplicationTests package 
Fixes gh-3951
 2016-06-28 10:17:17 -05:00
Rob Winch
bd5f71bb0d Polish 
Fix checkstyle for LDAP JavaConfig Authority mapping

Issue gh-2768
 2016-06-21 17:08:37 -05:00
Tony Dalbrekt
b76e3be822 LDAP Java Config supports GrantedAuthoritiesMapper 
Fixes gh-2768
 2016-06-21 16:43:13 -05:00
Rob Winch
26ad1cb4a5 Polish RememberMe Validation 
Issue gh-3909
 2016-06-21 14:57:15 -05:00
Eddú Meléndez
87224f62e4 RememberMe JavaConfig Validation 
Add validation when rememberMeServices and rememberMeCookieName are
provided

Fixes gh-3909
 2016-06-21 14:57:01 -05:00
Rob Winch
8f880aea0e Polish Pbkdf2PasswordEncoder 
Issue gh-3930
 2016-06-21 11:47:50 -05:00
vitaliy_kuzmich
5f658b3ffc Remove double salt in Pbkdf2PasswordEncoder 
Issue gh-3930
 2016-06-21 11:44:23 -05:00
Rob Winch
77a478ba0d Fix ApacheDSEmbeddedLdifTests checkstyle 
Issue gh-54
 2016-06-21 09:56:34 -05:00
Marcin Zajączkowski
a3c4a5fde7 SEC-2387 - add ignored failing test case 2016-06-21 09:53:38 -05:00
Rob Winch
bbeb7f94d7 Fix checkstyle 
Issue gh-3920
 2016-06-20 19:36:51 -05:00