Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-21 08:47:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,024 Commits 41 Branches 354 Tags
Commit Graph

71 Commits

Author SHA1 Message Date
Markus Engelbrecht
475a53233d
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 11:05:06 -06:00
Spring Operator
6cf279f52e URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://www.apache.org/licenses/ with 1 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2118 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 1 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).
 2019-03-14 20:23:37 -05:00
Aanuoluwapo Otitoola
9eb58c94e0 ReactorContextTestExecutionListener should use named hooks 
Fixes: gh-6075
 2018-11-30 11:18:13 -06:00
Rob Winch
ad2cb501b8 Add cross references to ReactorContextTestExecutionListener 
Fixes: gh-5418
 2018-06-11 17:16:15 -05:00
Rob Winch
e68657216c Fixes for SPR-16624 
Fixes: gh-5165
 2018-03-27 22:36:03 -05:00
Rob Winch
bc17860cb6 Fix ReactorContextTestExecutionListener with custom SecurityContext 
Fixes: gh-5139
 2018-03-19 09:33:34 -05:00
Oleh Dokuka
5e351a4f75 ReactorContextTestExecutionListener with multiple Threads 
Fixes: gh-5138
 2018-03-19 09:32:36 -05:00
Rob Winch
e1a8d250de Add authenticated().withAuthentication(Consumer<Authentication>) 
This allows arbitrary assertions of the authenticated user

Fixes: gh-4996
 2018-02-02 16:56:45 -06:00
Johnny Lim
57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Johnny Lim
d900f2a623 Remove unused imports 
This commit also adds UnusedImportsCheck Checkstyle module.
 2017-11-14 14:41:08 -06:00
Johnny Lim
cdcf65de1e Polish 
Fixes gh-4425
 2017-10-29 23:43:13 -05:00
Rob Winch
8da2c7f657 Add WebFlux CSRF Protection 
Fixes gh-4734
 2017-10-28 22:59:24 -05:00
Rob Winch
c467dcdbe1 SecurityMockServerConfiguers fixes 
Issue: gh-4719
 2017-10-27 18:17:36 -05:00
Rob Winch
77aedcf502 SecurityMockServerConfigurers updates 
Issue: gh-4719
 2017-10-27 18:17:33 -05:00
Rob Winch
3bceadd369 Only populate a Context once 
Fixes gh-4718
 2017-10-27 17:35:54 -05:00
Rob Winch
be593b95a8 Prefer existing Context in ReactorContextTestExecutionListener 
Issue gh-4718
 2017-10-27 17:35:54 -05:00
Rob Winch
3abec60188 SecurityMockServerConfigurers checkstyle 2017-10-27 17:33:08 -05:00
Rob Winch
747473257f Use ReactorSecurityContextHolder 
Issue gh-4713
 2017-10-26 20:11:42 -05:00
Johnny Lim
25052214ae Polish 2017-10-16 18:33:27 -05:00
Rob Winch
1f4082e754 Fix copyright lines 2017-09-18 11:11:25 -05:00
Rob Winch
3ecf3ea034 Fix double * in Copyright headers 2017-09-18 10:47:26 -05:00
Rob Winch
7ae4506a88 Add ReactorContextTestExecutionListener 
Fixes gh-4502
 2017-08-17 16:42:01 -05:00
Rob Winch
544f39f826 Add Annotated Support for WebTestClient 
Fixes gh-4457
 2017-07-15 22:05:54 -05:00
Rob Winch
03f2d654ad Fix WebTestClient Support 
Fixes gh-4419
 2017-07-13 21:02:07 -05:00
Rob Winch
915de03f42 Polish ExchangeMutatorWebFilter Support 
Issue gh-4343
 2017-05-31 13:23:55 -05:00
Rob Winch
7bc98db23c Add WebTestClient test support 
SecurityExchangeMutators

Fixes gh-4343
 2017-05-19 15:09:23 -05:00
Vedran Pavic
85719fcd64 Use Base64 implementation provided by Java 8 2017-05-10 00:27:36 -05:00
Rob Winch
9c03571bbb Use message in all Assert 
This ensures compatibility with Spring 5.

Fixes gh-4193
 2017-01-30 19:58:24 -06:00
Rob Winch
050198e51b Fix csrf() when used then not used 
Previously if csrf() was used and subsequently not used, the
TestCsrfTokenRepository was still used. This makes it difficult to test
the actual CsrfTokenRepository implementation.

Now the TestCsrfTokenRepository is only used if explicitly enabled.

Fixes gh-4016
 2016-08-09 17:09:16 -04:00
Rob Winch
8ad91ef6a5 WithSecurityContextTestExecutionListener > SqlScriptsTestExecutionListener 
WithSecurityContextTestExecutionListener should order after
SqlScriptsTestExecutionListener so sql can setup the current user's info
in the database.

Fixes gh-3962
 2016-07-06 16:09:17 -05:00
Rob Winch
bbeb7f94d7 Fix checkstyle 
Issue gh-3920
 2016-06-20 19:36:51 -05:00
Micah Silverman
314828859e Added accept method call to buildRequest in SecurityMockMvcRequestBuilders with default of MediaType.APPLICATION_FORM_URLENCODED 2016-06-20 15:46:01 -05:00
Rob Winch
101190ad8b Format WithSecurityContextTestExecutionListener 2016-05-20 10:46:26 -05:00
Rob Winch
336de35874 Polish WithSecurityContextTestExecutionListener 
Extract method for reuse

SecurityContext createSecurityContext(AnnotatedElement annotated,
    WithSecurityContext withSecurityContext,
    TestContext context)

Issue gh-3888
 2016-05-20 10:46:26 -05:00
Eddú Meléndez
a53d022312 Support WithSecurityContextFactory on superclass 
Fixes gh-3888
 2016-05-20 10:46:14 -05:00
Rob Winch
7b61a44929 Fix test .standaloneSetup 
Previously, Spring Security's test support did not work well with the
standalone setup. This was because the springSecurityFilterChain was not
found by the WebTestUtils.

This commit ensures that the springSecurityFilterChain is added as a
servlet attribute if it is explicitly defined. WebTestUtils can then
find the springSecurityFilterChain in the ServletContext.

Fixes gh-3881
 2016-05-16 11:02:40 -04:00
Rob Winch
602bb457b8 Formatting 
Issue gh-3881
 2016-05-16 11:02:40 -04:00
Rob Winch
78bf6e2bd5 WithSecurityContextTestExecutionListener supports generic Annotation 
Previously Spring Security's WithSecurityContextTestExecutionListener
allowed a WithSecurityContextFactory<Annotation> to be used. This
was broken in SEC-3074.

This commit ensures that WithSecurityContextFactory<Annotation> is
supported again.

Fixes gh-3837
 2016-05-03 15:41:25 -04:00
Jens Goldhammer
ceef70946b Resolve springSecurityFilterChain to Filter 
When enabling debug for spring security, the FilterChainProxy will be wrapped by the DebugFilter.
This DebugFilter will be registered as bean springSecurityFilterChain. The WebTestUtils will now search for the bean by name instead of FilterChainProxy class.
In this case we have to cast to a Java ServletFilter to support both filter...

Fixes gh-3836
 2016-04-26 15:53:38 -04:00
Rob Winch
b2b53f7a81 Fix unauthenitcated() and AnonymousAuthenticationToken 
Previously if unauthenticated() experienced an AnonymousAuthenticationToken
it would not match.

This commit ensures that if the user is anonymous (not just null)
unauthenticated() works.

Fixes gh-3409
 2016-04-19 15:08:47 -05:00
Rob Winch
8a28a27225 Formatting Polish 2016-04-19 14:24:11 -05:00
Rob Winch
d3a9cc6eae Add CsrfTokenRepository (#3805) 
* Create LazyCsrfTokenRepository

Fixes gh-3790

* Add CookieCsrfTokenRepository

Fixes gh-3009
 2016-04-12 17:26:53 -04:00
Eddú Meléndez Gonzales
a5a5d9a1a9 Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities (#3793) 
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)

Fixes gh-3791
 2016-04-08 08:55:53 -05:00
Rob Winch
8abb882927 Rename poorly named withUser variable 
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.

This commit renames the variables to withSecurityContext.

Fixes gh-3775
 2016-04-01 10:27:14 -05:00
Rob Winch
f221920a19 Clean up code to conform to basic checkstyle 
Issue gh-3746
 2016-03-14 00:15:12 -05:00
Rob Winch
df5e3ba6ee Polish Imports 2016-03-09 16:24:50 -06:00
Rob Winch
835ac0a217 Add @WithUserDetails userDetailsServiceBeanName 
Fixes gh-3346
 2016-03-09 15:59:23 -06:00
Rob Winch
618b8a2d83 Fix WebTestUtils when no matching HttpSecurity found 
Previously a NullPointerException would be thrown if no HttpSecurity
matched on the request passed in. This was because findFilters would
return null rather than an empty List.

This commit returns null if findFilters gets a null result.

Fixes gh-3343
 2016-03-09 15:20:10 -06:00
Rob Winch
81e2778106 SEC-3097: Change CsrfRequestPostProcessor to use TestCsrfTokenRepository 
This ensures that when using a wrapped HttpServletRequest (i.e. Spring
Session) that the CSRF token test support still works.
 2015-09-02 00:21:40 -05:00
Rob Winch
35393098f8 SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor 2015-08-27 15:17:44 -05:00