6114 Commits

Author SHA1 Message Date
Josh Cummings
eed8538071
Password Modify Extended Operation Support
LdapUserDetailsManager can be configured to either use direct
attribute modification or the LDAP Password Modify Extended Operation
to change a user's password.

Fixes: gh-3392
2018-10-15 11:37:30 -06:00
Josh Cummings
3df9ad1e8f
Introducing UnboundIdContainer
A container for running an embedded unboundid LDAP server.

Fixes: gh-5920
2018-10-15 11:37:23 -06:00
Johnny Lim
dac46dc57c Add a missing space in Secured.value() signature 2018-10-03 14:50:26 -04:00
Rob Winch
b5b2e2c50e Fix SwitchUserFilter matchers
Fixes: gh-4249
2018-09-14 09:51:53 -05:00
Rob Winch
72c99af0d4 AntPathRequestMatcher supports UrlPathHelper
Fixes: gh-5846
2018-09-14 09:51:53 -05:00
Joe Grandja
742e5fd7a9 Downgrade to spring-boot-gradle-plugin:1.5.2
Fixes gh-5829
2018-09-10 11:14:07 -04:00
Joe Grandja
795c073f48 Update to powermock:1.6.5
Fixes gh-5821
2018-09-10 09:06:41 -04:00
Joe Grandja
58c9cbb471 Update to Spring 4.3.19
Fixes gh-5826
2018-09-07 18:12:55 -04:00
Joe Grandja
e40bc262bb Update to Spring Data Commons 1.13.14
Fixes gh-5825
2018-09-07 17:43:55 -04:00
Joe Grandja
b0d865e28f Update tomcat:7.0.90
Fixes gh-5824
2018-09-07 17:43:55 -04:00
Joe Grandja
0f7f0042ac Update to Spring Boot 1.5.15
Fixes gh-5822
2018-09-07 17:43:55 -04:00
Joe Grandja
e0f1121d5b Update to javax.servlet.jsp.jstl-api:1.2.2
Fixes gh-5820
2018-09-07 17:35:35 -04:00
Joe Grandja
ea93ed4165 Update to jackson-databind:2.8.11.2
Fixes gh-5819
2018-09-07 17:35:35 -04:00
Joe Grandja
96acf33019 Update to httpcomponents:httpclient:4.2.5
Fixes gh-5818
2018-09-07 17:35:34 -04:00
Joe Grandja
35dbc0e6a8 Update to bcpkix-jdk15on:1.60
Fixes gh-5816
2018-09-07 17:35:34 -04:00
Joe Grandja
0526c5233c Update to aspectj:1.8.13
Fixes gh-5813
2018-09-07 15:56:38 -04:00
Joe Grandja
60c011a976 Update to org.jacoco.agent:0.7.9
Fixes gh-5812
2018-09-07 15:52:23 -04:00
Joe Grandja
916a19ccbd Update to logback-classic:1.1.11
Fixes gh-5811
2018-09-07 15:48:29 -04:00
Joe Grandja
8138fac3f9 Update to hsqldb:2.3.6
Fixes gh-5810
2018-09-07 15:42:45 -04:00
Joe Grandja
62fadfd28a Update to ehcache:2.10.5
Fixes gh-5809
2018-09-07 15:39:23 -04:00
Rob Winch
166f48e6ab Fix OptimizeAntPathRequestMatcher
Previously the logic for determining if the pathInfo should be appended
was inverted.

This correctly concatenates url + pathInfo if url is a non empty String.

Fixes: gh-5473
2018-08-21 11:53:22 -05:00
Christoph Dreis
0f97086c86 Optimize AntPathRequestMatcher.getRequestPath() 2018-08-21 11:53:22 -05:00
Johnny Lim
fe5c6d6621 Fix typo
Closes #5579
2018-08-03 09:58:58 -05:00
Rob Winch
c642de537a BasicAuthenticationFilter case insenstive
Fixes: gh-5617
2018-07-31 09:14:38 -05:00
Spring Buildmaster
fd27c07b55 Next development version 2018-06-13 02:35:13 +00:00
Spring Buildmaster
e0d95c7c8a Release version 4.2.7.RELEASES 4.2.7.RELEASE 2018-06-13 02:35:06 +00:00
Rob Winch
9d76c98791 Fix Checkstyle
Issue: gh-5323
2018-06-12 20:47:49 -05:00
Rob Winch
e923371724 Update SpringSecurityCoreVersion 2018-06-12 17:24:16 -05:00
Rob Winch
216512bc54 Update to Spring Framework 4.3.18.RELEASE
Fixes: gh-5437
2018-06-12 17:21:46 -05:00
Rob Winch
8445e91b22 Add Assumptions.assumeMinimumJdk8
Certain cryptographic algorithms are only supported on JDK8+. This
causes failures in JDK 7. This commit adds a JUnit assumption on
tests that leverage JDK8 specific cryptographic algorithms.

Issue: gh-5323
2018-05-10 10:53:18 -05:00
Rob Winch
13ccb83d6f Remove java.util.Base64
java.util.Base64 was not added until JDK8, so we should use
Spring Security's Base64 in 4.x

Issue: gh-5323
2018-05-10 10:53:18 -05:00
Rob Winch
127d9eece9 Default Spring IO version Brussels-SR9
Fixes: gh-5326
2018-05-10 10:53:18 -05:00
Spring Buildmaster
7891787a53 Next development version 2018-05-08 17:14:38 +00:00
Spring Buildmaster
2d8b6650db Release version 4.2.6.RELEASE 4.2.6.RELEASE 2018-05-08 17:14:29 +00:00
Rob Winch
78995ff0a9 Use Spring Boot 1.5.2 to prevent deploy error 2018-05-08 11:35:18 -05:00
Rob Winch
7974f3161d spring-boot-gradle-plugin:1.5.0.RELEASE 2018-05-08 11:27:32 -05:00
Rob Winch
c35c1c0643 Update Dependencies 2018-05-08 10:53:35 -05:00
Trygve Aasjord
2162221589 Pass username as second parameter for search filter.
Allows the username only (without domain) to be used in custom search filter like "sAMAccountName={1}",
in eg. situations where the userPrincipalName has a different suffix than domain.

Thanks to contributors in issue.

fixes gh-2448

(cherry picked from commit 8d717c62afd5d98b0aba467035389d3011434b51)
2018-05-04 10:51:14 -05:00
Kazuki Shimizu
040fb6aa3c Fix incorrect explanation for customizing query on JdbcDaoImpl 2018-05-04 10:45:09 -05:00
Rob Winch
b152218ee0 Add InMemoryUserDetailsManager(UserDetails...)
Fixes: gh-5304
2018-05-04 10:33:40 -05:00
Rob Winch
544e421157 Add UserBuilder Methods
Fixes: gh-5303
2018-05-04 10:33:25 -05:00
Rob Winch
0f612bf637 Add crypto PasswordEncoder from 5.0.x
Fixes: gh-5302
2018-05-04 10:32:53 -05:00
Rob Winch
c683bc10bf Fixes: gh-5190 2018-04-16 17:51:51 -05:00
Spring Buildmaster
11ab23f4f4 Next development version 2018-03-30 16:34:47 +00:00
Spring Buildmaster
0065b55a75 Release version 4.2.5.RELEASE 4.2.5.RELEASE 2018-03-30 16:34:39 +00:00
Rob Winch
d6f9d2e34a CookieClearingLogoutHandler adds uses contextPath + "/"
Fixes: gh-5141
2018-03-19 16:52:14 -05:00
Rob Winch
5dedbb6283 Update to jackson-databind-2.8.11.1
Fixes: gh-5101
2018-03-09 13:55:49 -06:00
Rob Winch
4cad151b57 Fix TestingAuthenticationTokenTests JDK 1.6 compile
Issue: gh-5097
2018-03-09 13:46:10 -06:00
Josh Cummings
72080bb5fe Authorities authenticate TestingAuthenticationToken
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.

This change brings `TestingAuthenticationToken` in line with that
convention.

Note that this was done once already to one of the constructors
(ee13be4) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.

Fixes: gh-5097
2018-03-09 13:27:27 -06:00
Rob Winch
5854f00977 Fix StrictHttpFirewall rules
Fixes: gh-5093
2018-03-08 21:31:37 -06:00