Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-13 23:52:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,163 Commits 44 Branches 345 Tags
Commit Graph

1950 Commits

Author SHA1 Message Date
Josh Cummings
8199015e79
Add Support for AuthenticationConverter 
Closes gh-16793
 2025-03-20 17:22:53 -06:00
Daeho Kwon
24b7287d55 Replace dynamic error message with static "Access Denied" 
Closes gh-16514

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-03-20 15:20:54 -05:00
mmck328
5ded04da6c Fix javadocs on WebFlux CSRF classes 
Signed-off-by: mmck328 <20348295+mmck328@users.noreply.github.com>
 2025-03-20 14:59:42 -05:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x' 
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
 2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
ab6e9d2d1f
Clarify WebInvocationPrivilegeEvaluator JavaDoc 
Closes gh-16529

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:10 -05:00
Max Batischev
a50a8b2f17 Improve JdbcPublicKeyCredentialUserEntityRepository save 
Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-19 18:13:54 -06:00
Josh Cummings
1120733e27
Update Copyright 2025-03-19 17:43:01 -06:00
Josh Cummings
8e9634d25c
Deprecate ConfigAttribute 
Closes gh-16774
 2025-03-19 17:39:38 -06:00
Josh Cummings
989aee244b
Deprecate SecurityMetadataSource 
Closes gh-16772
 2025-03-19 15:26:05 -06:00
Josh Cummings
ece7489f5b
Merge branch '6.4.x' 2025-03-18 16:35:23 -06:00
AB
d9a937f0c1
Correct Closing Tag 
Closes gh-16600

Signed-off-by: AB <a.bierler@xdev-software.de>
 2025-03-18 16:35:15 -06:00
Rob Winch
e6223dede3
Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch
05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch
adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Steve Riesenberg
0938ca01a4
Add support for automatic context-propagation with Micrometer 
Closes gh-16665
 2025-03-13 15:29:08 -05:00
Max Batischev
c7673e8f2f Polish AbstractAuthenticationTargetUrlRequestHandler 
PR gh-16557

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 14:03:13 -07:00
Max Batischev
47630ca354 Fix JdbcUserCredentialRepository Save 
Closes gh-16620

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 13:57:41 -07:00
Max Batischev
58a665e5aa Add Support SingleResultAuthorizationManager 
Closes gh-16590

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 13:46:23 -07:00
yelm-212
cfefccad1f Update Http403ForbiddenEntryPoint to Use HttpStatus 
Closes gh-16615

Signed-off-by: yelm-212 <21yrshin@naver.com>
 2025-03-07 12:17:14 -05:00
Josh Cummings
ab52fd858a
Deprecate ChannelDecisionManager 
Closes gh-16681
 2025-02-28 12:35:21 -07:00
Josh Cummings
2d96fba5cf
Add HttpsRedirectFilter 
Closes gh-16678
 2025-02-28 09:30:53 -07:00
Josh Cummings
e569c7a39e
Fix Tests 
Issue gh-16517
 2025-02-27 14:07:49 -07:00
topiam
85f0f3f34a
Support Custom RequestMatchers for WebAuthn 
Closes gh-16517

Signed-off-by: topiam <support@topiam.cn>
 2025-02-27 14:07:49 -07:00
Rob Winch
9417f02790
Deprecate PortResolver 
Closes gh-15972
 2025-02-26 16:13:10 -06:00
Rob Winch
5f5427bd03
PortResolver.NO_OP 
Closes gh-16666
 2025-02-26 16:13:10 -06:00
Josh Cummings
588220a020
Add PathPatterRequestMatcher 
Closes gh-16429
Clsoes gh-16430
 2025-02-21 13:40:23 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
0ccbd20f0a Add Support ServerFormPostRedirectStrategy 
Closes gh-16542

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Borghi
0bc9313fdd Fix bug PublicKeyCredentialUserEntityRepository saves anonymousUser 
Issue gh-16385

Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>
 2025-02-16 22:50:34 -03:00
tejas-teju
c4b223266c Return Invalid Credentials message on login error 
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
 2025-02-14 16:01:22 -07:00
Josh Cummings
e42865b926
Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
Josh Cummings
946812691e
Make AuthenticatorAttestation Serializable 
Issue gh-16481
 2025-02-14 13:07:56 -07:00
Max Batischev
b5a4218a0b Make WebAuthnAuthenticationRequestToken Serializable 
Closes gh-16481

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-14 11:51:46 -07:00
Max Batischev
879b44f9a1 Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-13 17:17:16 -07:00
ying.li
6494ea9b18 fix for typo 2025-02-10 12:22:57 -06:00
Daniel Garnier-Moiroux
238f47ce5e One Time Token login registers the default login page 
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Daniel Garnier-Moiroux
5ee6b83953 Introduce OneTimeTokenAuthenticationFilter 
closes gh-16539

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Max Batischev
be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver 
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Steve Riesenberg
54a6a19e05 Polish gh-16214 
This commit applies the following changes:

* Added local Content-Security-Policy with script-src nonce directive
* Removed form-redirect.js and associated changes
* Renamed to FormPostRedirectStrategy
* Removed HtmlUtils usage
* Moved to same package as DefaultRedirectStrategy
 2025-02-03 14:52:30 -06:00
Craig Andrews
58534e7f60 Add FormRedirectStrategy to enable POST OIDC Logout 
FormRedirectStrategy redirects using an autosubmitting HTML form using the POST method versus DefaultRedirectStrategy which redirects using the GET method.

Can be used to implement POST binding for relying party initiated OIDC logout by setting FormRedirectStrategy as the redirection strategy on OidcClientInitiatedLogoutSuccessHandler.

Closes gh-13002

Signed-off-by: Craig Andrews <candrews@integralblue.com>
 2025-02-03 14:52:30 -06:00
Max Batischev
61d92e9db9 Fix assertion message in DefaultGenerateOneTimeTokenRequestResolver 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-03 12:15:20 -07:00
Josh Cummings
0f8e1936ff
Merge branch '6.4.x' 2025-02-03 10:19:31 -07:00
NeoTraveler
e31f04bebc
withValue used incorrectly 
Closes gh-16525
Closes gh-16527

Signed-off-by: NeoTraveler <55753029+NeoTraveler@users.noreply.github.com>
 2025-02-03 10:18:33 -07:00
Steve Riesenberg
b32f4f1afc Polish gh-16502 2025-02-03 09:21:53 -06:00
earlgrey02
1fa1848f9f Add HttpStatusAccessDeniedHandler 
Signed-off-by: earlgrey02 <san06036@naver.com>
 2025-02-03 09:21:53 -06:00
Max Batischev
c7bc4c98db
Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-01-23 20:13:10 -06:00
Josh Cummings
e1a42db845
Merge branch '6.4.x' 2025-01-23 17:03:53 -07:00
Josh Cummings
d043884e32
Support Serialization 
Issue gh-16276
 2025-01-23 16:44:45 -07:00
Rob Winch
177ce59a4b
Merge branch '6.4.x' 
Implement Serializable for WebAuthnAuthentication

Closes gh-16474
 2025-01-23 14:12:30 -06:00