Compare commits

...

1304 Commits
6.4.8 ... main

Author SHA1 Message Date
Marcin Lewandowski
f61a8deccc Update index.adoc
Signed-off-by: Marcin Lewandowski <marcin@ravendb.net>
2025-07-31 11:09:06 -06:00
Tran Ngoc Nhan
d6e378e9bb Apply Diamond Operator
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-31 10:59:55 -06:00
Josh Cummings
bd98db4fe8 Update to Nimbus JOSE JWT 10.4
PR gh-17644

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
2025-07-31 10:57:22 -06:00
dependabot[bot]
c9bf821402 Bump com.nimbusds:oauth2-oidc-sdk from 11.26 to 11.26.1
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 11.26 to 11.26.1.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.26.1..11.26)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-version: 11.26.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 10:57:22 -06:00
Deep Dhamala
ca557a9880 Simplify Error Message for Unsupported Security XSD Versions
Closes gh-17153

Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
2025-07-31 10:40:54 -06:00
Andrey Litvitski
2fbe8dd8f6 Make Stricter IP Format Check
Closes gh-17499

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-31 10:30:57 -06:00
Josh Cummings
1af665d6c8 Merge branch '6.5.x' 2025-07-31 10:21:50 -06:00
Josh Cummings
c966139338 Merge branch '6.4.x' into 6.5.x 2025-07-31 10:21:36 -06:00
Josh Cummings
a411fb7b8d Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-31 10:21:26 -06:00
Michał Sobkiewicz
c963f4250e Update Angular documentation links in csrf.adoc
Replaced `angular.io` links with their corresponding `angular.dev` URLs.
This change ensures that users referencing CSRF documentation are
directed to the most current Angular resources.

Signed-off-by: Michał Sobkiewicz <perceptron8@users.noreply.github.com>
2025-07-31 10:21:06 -06:00
Tran Ngoc Nhan
1a56023f7f Use Spring Framework Nullability Annotations
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-31 10:18:51 -06:00
Josh Cummings
6873685fd0 Merge remote-tracking branch 'origin/6.5.x' 2025-07-31 10:12:39 -06:00
Tim Boeckstaens
f180a04b74 Use final values in equals and hashCode
Closes gh-17584

Signed-off-by: Tim Boeckstaens <boeckstaenstim@gmail.com>
2025-07-31 10:12:24 -06:00
Josh Cummings
0956846905 Merge branch '6.5.x' 2025-07-31 09:31:47 -06:00
Josh Cummings
940d378c3f Merge branch '6.4.x' into 6.5.x 2025-07-31 09:31:26 -06:00
Josh Cummings
3c93a6728d Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-31 09:31:07 -06:00
dependabot[bot]
97597389cc Bump org.gretty:gretty from 4.1.6 to 4.1.7
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:29:13 -06:00
dependabot[bot]
6dba7b5051 Bump io.spring.gradle:spring-security-release-plugin
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:28:43 -06:00
dependabot[bot]
aa83b852b8 Bump org.gretty:gretty from 4.1.6 to 4.1.7
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:28:20 -06:00
dependabot[bot]
c82dffc03f Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.23 to 0.0.24.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.23...v0.0.24)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:27:49 -06:00
dependabot[bot]
487c2c8ed0 Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.7 to 2024.1.8.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.7...2024.1.8)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:27:19 -06:00
dependabot[bot]
c84fd8a04b Bump io.spring.nullability:io.spring.nullability.gradle.plugin
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.1 to 0.0.2.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.1...v0.0.2)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 10:27:07 -05:00
dependabot[bot]
1a96b026f3 Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.23.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.20.Final to 6.6.23.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.23/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.20...6.6.23)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.23.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:26:48 -06:00
dependabot[bot]
0dd19fd7ef Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.23 to 0.0.24.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.23...v0.0.24)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:26:12 -06:00
dependabot[bot]
2866fa67ad Bump org.jfrog.buildinfo:build-info-extractor-gradle
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.34.1 to 4.34.2.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.34.1...build-info-gradle-extractor-4.34.2)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-version: 4.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:25:46 -06:00
dependabot[bot]
b6ab504c64 Bump org.hibernate.orm:hibernate-core from 7.0.6.Final to 7.0.8.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.6.Final to 7.0.8.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.8/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.6...7.0.8)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.8.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:25:27 -06:00
dependabot[bot]
4aebb36255 Bump org.jfrog.buildinfo:build-info-extractor-gradle
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.34.1 to 4.34.2.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.34.1...build-info-gradle-extractor-4.34.2)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-version: 4.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:25:02 -06:00
dependabot[bot]
7ef9b0bbf5 Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-31 09:24:33 -06:00
Josh Cummings
9baee6fb14 Merge branch '6.5.x' 2025-07-30 12:14:37 -06:00
Josh Cummings
368cb7d7aa Merge branch '6.4.x' into 6.5.x 2025-07-30 12:14:24 -06:00
Josh Cummings
63e4156b49 Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-30 12:14:03 -06:00
dependabot[bot]
c18c07011b Bump io.mockk:mockk from 1.14.4 to 1.14.5
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.4 to 1.14.5.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.4...1.14.5)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 12:12:58 -06:00
dependabot[bot]
99f689eb52 Bump @springio/antora-extensions from 1.14.6 to 1.14.7 in /docs
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.6 to 1.14.7.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:50:42 -06:00
dependabot[bot]
de14fb8f77 Bump @springio/antora-extensions from 1.14.6 to 1.14.7 in /docs
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.6 to 1.14.7.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:50:19 -06:00
dependabot[bot]
0ba2b3e0eb Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:47:23 -06:00
dependabot[bot]
4c0d1fcc60 Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:47:04 -06:00
dependabot[bot]
ccf66f338b Bump io.spring.gradle:spring-security-release-plugin
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:46:22 -06:00
dependabot[bot]
94cb87c696 Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:45:53 -06:00
dependabot[bot]
8b92f08c75 Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:45:26 -06:00
dependabot[bot]
78a102c502 Bump io.spring.gradle:spring-security-release-plugin
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:44:53 -06:00
dependabot[bot]
ce922b486b Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:44:25 -06:00
dependabot[bot]
ffda336276 Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:43:12 -06:00
dependabot[bot]
5cda51b5b8 Bump org.gretty:gretty from 4.1.6 to 4.1.7
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:42:30 -06:00
dependabot[bot]
7bd7ff6b42 Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.1 to 2.19.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.1...jackson-bom-2.19.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:41:52 -06:00
dependabot[bot]
6c19a355b5 Bump org.gretty:gretty from 4.1.6 to 4.1.7
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:41:20 -06:00
dependabot[bot]
ae514b320f Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.23 to 0.0.24.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.23...v0.0.24)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:40:49 -06:00
dependabot[bot]
5e783abbe7 Bump io.spring.gradle:spring-security-release-plugin
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:40:01 -06:00
dependabot[bot]
7e112bf652 Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.23.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.20.Final to 6.6.23.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.23/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.20...6.6.23)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.23.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-30 11:39:24 -06:00
Rob Winch
517a2b185f
Merge branch '6.5.x' 2025-07-29 15:30:58 -05:00
Rob Winch
4d4f13f1df
Merge branch '6.4.x' into 6.5.x 2025-07-29 15:30:34 -05:00
Rob Winch
f2769e6eff
Fix META-INF/LICENSE.txt
Previously the update put everything into META-INF

Issue gh-17638
2025-07-29 15:29:47 -05:00
Rob Winch
d5107dd752
Merge Add META-INF/LICENSE.txt to published jars 2025-07-29 10:55:43 -05:00
Rob Winch
a2e85dd187
Merge branch '6.5.x'
Closes gh-17640
2025-07-29 10:54:36 -05:00
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
2025-07-29 10:52:42 -05:00
Rob Winch
731cdacb77
Merge branch '6.4.x' into 6.5.x
Closes gh-17639
2025-07-29 10:47:22 -05:00
Rob Winch
ead8ec6e35
Add META-INF/LICENSE.txt to published jars
Closes gh-17638
2025-07-29 10:46:51 -05:00
Josh Cummings
4775fe41db Merge branch '6.5.x' 2025-07-29 09:28:20 -06:00
Josh Cummings
a9fcec8b46 Merge branch '6.4.x' into 6.5.x 2025-07-29 09:27:47 -06:00
Josh Cummings
452d311a9b Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-29 09:27:23 -06:00
Bernie Schelberg
edcb3b024e Update Shibboleth repository URL
Signed-off-by: Bernie Schelberg <bernard.schelberg@invicara.com>
2025-07-29 09:26:42 -06:00
Rob Winch
116bee1303
Merge branch '6.5.x'
Closes gh-17635
2025-07-29 09:50:09 -05:00
Rob Winch
2fdca16c1a
Merge branch '6.4.x' into 6.5.x
Closes gh-17634
2025-07-29 09:47:52 -05:00
Rob Winch
392129b616
Use 2004-present Copyright Header
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
2025-07-29 09:45:23 -05:00
Rob Winch
bf877a9864
Add OAuth2User to OidcUser Conversion Params
Previously the Oidc(Reactive)OAuth2UserService APIs allowed a strategy
for converting to the OidcUser with the OidcUserRequest and OidcUserInfo.
The input should also include the OAuth2User to make
it simple to use the OAuth2User as a part of the conversion.

This commit introduces OidcUserSource as a POJO containing
OidcUserRequest, OidcUserInfo, and OAuth2User.

It then updates the OidcUser conversion strategy in OidcUserService and
OidcReactiveOAuth2UserService to accept OidcUserSource as the source for
the Converter used to create OidUser.

Closes gh-17626
2025-07-25 09:09:24 -05:00
Rob Winch
34742c9743
Reapply "Move webauthn runtimehints to spring-security-webauthn"
This reverts commit 9489ab48abcbd192d87e5535f2459804d9826a80.
2025-07-23 13:32:34 -05:00
Rob Winch
4ffec6dcdd
Merge branch '6.5.x' 2025-07-23 09:42:57 -05:00
Rob Winch
8ab36cdf13
Merge branch '6.4.x' into 6.5.x 2025-07-23 09:42:49 -05:00
Rob Winch
c85aa61118
Bump org.gretty:gretty from 4.1.6 to 4.1.7 2025-07-23 09:41:51 -05:00
Rob Winch
4503947faa
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:41:49 -05:00
Rob Winch
d58b068098
Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2 2025-07-23 09:41:46 -05:00
Rob Winch
6bdab77302
Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 2025-07-23 09:41:44 -05:00
Rob Winch
7f25f67dd0
Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.1 to 0.0.2 2025-07-23 09:41:41 -05:00
Rob Winch
fc9696794b
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-23 09:40:53 -05:00
Rob Winch
3cc74ff8bc
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-23 09:40:51 -05:00
Rob Winch
d0033739e8
Bump org.gretty:gretty from 4.1.6 to 4.1.7 2025-07-23 09:40:48 -05:00
Rob Winch
ba5d3158db
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:40:46 -05:00
Rob Winch
1e9eeebcef
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-23 09:40:43 -05:00
Rob Winch
26600dab01
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 2025-07-23 09:39:47 -05:00
Rob Winch
bb279c166e
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-23 09:39:44 -05:00
Rob Winch
95c5851fbb
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-23 09:39:42 -05:00
Rob Winch
d5bde7f3ec
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:39:39 -05:00
Rob Winch
f32e1eb265
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-23 09:39:34 -05:00
Rob Winch
9489ab48ab
Revert "Move webauthn runtimehints to spring-security-webauthn"
This reverts commit fe411896af5ae5d5b50babfa292152335a3bf193.
2025-07-23 09:22:47 -05:00
Rob Winch
fe411896af
Move webauthn runtimehints to spring-security-webauthn
Issue gh-17586
2025-07-23 09:20:39 -05:00
dependabot[bot]
79f107de76
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:49:22 +00:00
dependabot[bot]
0d1b73e291
Bump io.spring.gradle:spring-security-release-plugin
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:49:13 +00:00
dependabot[bot]
dbd2ea2992
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:49:09 +00:00
dependabot[bot]
ec867129a8
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:49:07 +00:00
dependabot[bot]
0d434ee351
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:48:57 +00:00
dependabot[bot]
2d55fd5621
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:48:46 +00:00
dependabot[bot]
e11e8fe414
Bump io.spring.gradle:spring-security-release-plugin
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:48:41 +00:00
dependabot[bot]
7432554fa8
Bump org.gretty:gretty from 4.1.6 to 4.1.7
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:48:30 +00:00
dependabot[bot]
ff0b8f0138
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:48:20 +00:00
dependabot[bot]
9300146b99
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:48:04 +00:00
dependabot[bot]
176c3b8457
Bump io.spring.nullability:io.spring.nullability.gradle.plugin
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.1 to 0.0.2.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.1...v0.0.2)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:26:45 +00:00
dependabot[bot]
7e1a92b091
Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.23 to 0.0.24.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.23...v0.0.24)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:26:41 +00:00
dependabot[bot]
48533ede45
Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.1 to 2.19.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.1...jackson-bom-2.19.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:26:22 +00:00
dependabot[bot]
614763041e
Bump io.spring.gradle:spring-security-release-plugin
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:26:09 +00:00
dependabot[bot]
b672aae640
Bump org.gretty:gretty from 4.1.6 to 4.1.7
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-23 03:26:06 +00:00
Rob Winch
79cd982341
Extract spring-security-webauthn
Closes gh-17586
2025-07-22 17:18:38 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core
Closes gh-17534
2025-07-22 16:29:13 -05:00
Rob Winch
9db1ffbd79
Add Nullability to spring-security-crypto
Closes gh-17533
2025-07-22 16:29:13 -05:00
Rob Winch
bc4ec39fa5
Add spring nullability
Issue gh-16882
2025-07-22 16:28:40 -05:00
Josh Cummings
fca30e3d25
Update What's New in Spring Security 7
Closes gh-17582
2025-07-21 15:00:47 -06:00
github-actions[bot]
7da30c27e4 Next development version 2025-07-21 19:13:12 +00:00
github-actions[bot]
50586dff07 Next development version 2025-07-21 19:12:47 +00:00
github-actions[bot]
3512fc76f3 Release 6.5.2 2025-07-21 18:34:18 +00:00
github-actions[bot]
84d54b94c9 Next development version 2025-07-21 15:50:52 +00:00
github-actions[bot]
02b922ce5a Release 7.0.0-M1 2025-07-21 15:25:10 +00:00
Rob Winch
ef77d3f0cf
Merge branch '6.5.x' 2025-07-21 09:43:08 -05:00
Rob Winch
90584ef8ce
Merge branch '6.4.x' into 6.5.x 2025-07-21 09:42:59 -05:00
Rob Winch
7b606362f8
Fix samples branch 2025-07-21 09:42:51 -05:00
Rob Winch
85dc06bbdf
Merge branch '6.5.x'
Closes gh-17581
2025-07-21 09:30:11 -05:00
Rob Winch
80ccb9b3cf
Merge branch '6.4.x' into 6.5.x
Closes gh-17580
2025-07-21 09:29:20 -05:00
Rob Winch
4fa2d323fd
Merge branch '6.5.x' 2025-07-21 08:20:45 -05:00
Rob Winch
409f845db2
Merge branch '6.4.x' into 6.5.x 2025-07-21 08:20:35 -05:00
Rob Winch
f2886f0ffc
Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2 2025-07-21 08:19:48 -05:00
Rob Winch
fbaa15bae1
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-21 08:18:52 -05:00
Rob Winch
e21a80a96d
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 2025-07-21 08:18:49 -05:00
Rob Winch
236ef46cf8
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-21 08:18:47 -05:00
Rob Winch
a0b0d02965
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.22.Final 2025-07-21 08:18:45 -05:00
Rob Winch
97e5b103e8
Bump io.mockk:mockk from 1.14.4 to 1.14.5 2025-07-21 08:18:42 -05:00
Rob Winch
23cf29ba17
UnboundIdContainer Disables Pauses for Ephemeral Port
Closes gh-17543
2025-07-21 07:30:59 -05:00
Josh Cummings
63e0a56bee
Add setBasePath
Originally, it was thought that this feature would be rather uncommon;
however, given some feedback from the Boot team, it makes sense to make
this easier to configure.

Of specific note is migrating from an earlier version were the
servlet path did not need to be specified in authorizeHttpRequests.
Since it does in 7, this will be a significant migration for those
who have a servlet path configured. This setter simplifies that a great
deal, including simplifying Boot's support of it.

Closes gh-17579
2025-07-20 22:57:06 -06:00
dependabot[bot]
a5129a136d
Bump io.mockk:mockk from 1.14.4 to 1.14.5
---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-21 04:20:57 +00:00
dependabot[bot]
150615eba5
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.22.Final
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.22.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-21 04:18:57 +00:00
dependabot[bot]
fb07dc9d3a
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-21 04:18:31 +00:00
dependabot[bot]
32f909ff64
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-21 04:15:46 +00:00
dependabot[bot]
2aebb9ce9e
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-21 04:13:19 +00:00
dependabot[bot]
6fa82bc0e3
Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2
---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-21 03:58:43 +00:00
Josh Cummings
15fc898804
Make DataTargetVisitor package-private
Closes gh-17561
2025-07-18 11:03:21 -06:00
Rob Winch
55a2100d1a
Update to Spring Data 2025.1.0-M4
Closes gh-17560
2025-07-18 09:31:37 -05:00
Rob Winch
2e75929856
Update to Spring Framework 7.0.0-M7
Closes gh-17559
2025-07-18 09:31:37 -05:00
Rob Winch
ce6e8f9109
Force Snapshot Build is separate workflow
Previously builds against the forced snapshots would prevent releases.
This didn't work out in practice because breaking changes could be
introduced that were not intended to be picked up until after releases.

This change splits the snapshot builds into a separate workflow so that
we are still informed when there is a breaking change coming, but it
does not block the release.

Closes gh-17558
2025-07-18 09:31:37 -05:00
dependabot[bot]
66ddfb43a0 Bump @springio/antora-extensions from 1.14.4 to 1.14.6 in /docs
---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-18 09:15:29 -05:00
Rob Winch
b8741759ce
Merge branch '6.5.x' 2025-07-18 09:14:57 -05:00
Rob Winch
3db0b0ed95
Merge branch '6.4.x' into 6.5.x 2025-07-18 09:14:48 -05:00
Rob Winch
eaaadefa18
Merge branch '6.5.x' 2025-07-18 09:12:17 -05:00
Rob Winch
02dbb288d3
Merge branch '6.4.x' into 6.5.x 2025-07-18 09:12:01 -05:00
Rob Winch
a3df90405f
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.21.Final 2025-07-18 09:10:38 -05:00
Rob Winch
dd8763a572
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-18 09:10:36 -05:00
Rob Winch
cf9375f441
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-18 09:10:34 -05:00
Rob Winch
bf5496310e
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-18 09:10:32 -05:00
Rob Winch
f2452c3732
Bump io.mockk:mockk from 1.14.4 to 1.14.5 2025-07-18 09:10:30 -05:00
Joe Grandja
a1f5b343ab Merge branch '6.5.x' 2025-07-18 09:01:01 -04:00
Joe Grandja
ecec7cb98f Merge branch '6.4.x' into 6.5.x
Closes gh-17557
2025-07-18 08:40:31 -04:00
dependabot[bot]
382f2788d3
Bump io.mockk:mockk from 1.14.4 to 1.14.5
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.4 to 1.14.5.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.4...1.14.5)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-18 03:44:04 +00:00
dependabot[bot]
385d10ebf1
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-18 03:43:59 +00:00
dependabot[bot]
5f243de06b
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-18 03:43:48 +00:00
dependabot[bot]
6716a0c4fe
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-18 03:43:25 +00:00
dependabot[bot]
c1173dbab1
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.21.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.20.Final to 6.6.21.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.21/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.20...6.6.21)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.21.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-18 03:43:04 +00:00
Josh Cummings
25f69e92c7
Merge branch '6.5.x' 2025-07-17 18:04:52 -06:00
Josh Cummings
72eb3065de
Remove AuthorizationWebProxyConfiguration From Reactive
Closes gh-17545
2025-07-17 17:42:45 -06:00
Josh Cummings
a2d687f78b
Prepare for Publishing to Central 2025-07-17 15:29:43 -06:00
dependabot[bot]
ecad58310a Bump io.projectreactor:reactor-bom from 2025.0.0-M4 to 2025.0.0-M5
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.0-M4 to 2025.0.0-M5.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.0-M4...2025.0.0-M5)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.0-M5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-17 14:52:47 -05:00
dependabot[bot]
84dd6376a5 Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-17 14:52:38 -05:00
dependabot[bot]
ad5ccf2a39 Bump org.hibernate.orm:hibernate-core from 7.0.5.Final to 7.0.6.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.5.Final to 7.0.6.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.6/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.5...7.0.6)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.6.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-17 14:40:49 -05:00
dependabot[bot]
563163aab0 Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-17 14:40:21 -05:00
dependabot[bot]
644c7ac821 Bump io.mockk:mockk from 1.14.4 to 1.14.5
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.4 to 1.14.5.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.4...1.14.5)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-17 14:40:02 -05:00
Rob Winch
aaa34af4f7
Merge branch '6.5.x' 2025-07-17 13:03:14 -05:00
Rob Winch
d2fcba82f7
Merge branch '6.4.x' into 6.5.x 2025-07-17 13:03:06 -05:00
Rob Winch
ca108fe5dc
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-17 13:00:47 -05:00
Rob Winch
5ddbe18cb0
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.21.Final 2025-07-17 13:00:44 -05:00
Rob Winch
ea8aad7865
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-17 13:00:41 -05:00
Rob Winch
8e563d6324
Bump io.mockk:mockk from 1.14.4 to 1.14.5 2025-07-17 13:00:39 -05:00
Rob Winch
f96b9bb5cc
Work Around UnboundIdContainer Fails with TestContext
See gh-17543
2025-07-17 09:02:37 -05:00
Joe Grandja
b8796d84b7 Fix tests in ClientRegistrationsTests
Issue gh-17542
2025-07-17 09:52:55 -04:00
Joe Grandja
f0c5a85d9a Update com.nimbusds dependencies
Closes gh-17542
2025-07-17 09:52:17 -04:00
dependabot[bot]
bc746e260f
Bump io.mockk:mockk from 1.14.4 to 1.14.5
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.4 to 1.14.5.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.4...1.14.5)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-17 04:01:29 +00:00
dependabot[bot]
92116773ea
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-16 03:41:55 +00:00
DingHao
dadf4c0b8a Remove shouldFilterAllDispatcherTypes
Closes gh-12139

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-07-14 12:34:16 -06:00
dependabot[bot]
9377a9aad4
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.21.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.20.Final to 6.6.21.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.21/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.20...6.6.21)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.21.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-14 04:25:28 +00:00
dependabot[bot]
5d765f92b6
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-14 04:20:00 +00:00
DingHao
5fefdd5bb3 Remove AbstractConfiguredSecurityBuilder apply
Closes gh-13441

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-07-11 16:13:25 -06:00
Josh Cummings
0c42b61cc1
Restore legacy-websocket-configuration Link
In this way, links to this section will still arrive at something
helpful.

Issue gh-17295
2025-07-10 15:03:10 -06:00
Josh Cummings
9df668151b
Merge branch '6.5.x' 2025-07-10 14:53:51 -06:00
Josh Cummings
7960d2803d
Add Migration Steps for PathMatcher Usage
Issue gh-17509
2025-07-10 14:53:39 -06:00
Josh Cummings
4d3024cb49
Remove MessageSecurityMetadataSourceRegistry
Issue gh-17295
2025-07-10 14:38:03 -06:00
Josh Cummings
686cc5fc1f
Remove PathMatcher Messaging Components
Closes gh-17501
2025-07-10 14:38:03 -06:00
Josh Cummings
684775b46a
Use PathPatternMessageMatcher By Default
Issue gh-17501
2025-07-10 14:38:03 -06:00
Josh Cummings
ff7359b54a
Merge branch '6.5.x' 2025-07-10 13:19:54 -06:00
Josh Cummings
4b15b2b94e
Add Migration Steps for Messaging
Closes gh-17509
2025-07-10 13:19:42 -06:00
Josh Cummings
ec16322000
Merge branch '6.5.x' 2025-07-10 13:19:14 -06:00
Josh Cummings
bc0d706275
Use PathPatternMessageMatcher.Builder in XML Config
Closes gh-17508
2025-07-10 13:16:14 -06:00
Josh Cummings
b7ae9910b5
Remove Deprecated CookieServerCsrfTokenRepository Methods
Closes gh-14132
2025-07-10 11:13:37 -06:00
Josh Cummings
ee2b826362
Use setCookieCustomizer
Issue gh-14132
2025-07-10 11:13:21 -06:00
Josh Cummings
7f8b9c895f
Use with Instead of Apply
Issue gh-13204
2025-07-09 18:58:23 -06:00
Josh Cummings
728b5224cb
Add withDefaults Shortcut for Custom Configurers
Issue gh-13204
2025-07-09 18:58:23 -06:00
Josh Cummings
f1725b25a0
Remove authorizeRequests
Closes gh-15174
2025-07-09 17:33:11 -06:00
Josh Cummings
2c87270dbc
Use authorizeHttpRequests
Issue gh-15174
2025-07-09 17:33:11 -06:00
Josh Cummings
dadf10899c
Add WebExpressionAuthorizationManager.Builder
Closes gh-17504
2025-07-09 17:33:10 -06:00
Josh Cummings
c312d18191
Add Publishing Predicate
Closes gh-17503
2025-07-09 17:33:10 -06:00
Josh Cummings
901b386ca6
Merge branch '6.5.x' 2025-07-09 14:11:14 -06:00
Josh Cummings
9209a33678
Remove References to Deprecated OpenSaml Components
Issue gh-11658
2025-07-09 14:10:33 -06:00
Josh Cummings
da182a2d7c
Remove Deprecated OpenSaml Components
Closes gh-17306
2025-07-09 14:06:51 -06:00
Josh Cummings
571b6fe4a8
Fix Formatting
Issue gh-16858
2025-07-09 14:05:41 -06:00
Josh Cummings
9dea1c2eb5
Update to Latest HttpRequestValues Contract
Issue gh-16858
2025-07-09 13:47:06 -06:00
Josh Cummings
c06b1f4916
Remove LazyCsrfTokenRepository
Closes gh-13196
2025-07-09 13:47:06 -06:00
Rob Winch
e48fdd5ed4
Use UserWebTestClientConfigurer
Closes gh-17496
2025-07-07 15:15:51 -05:00
Rob Winch
dbb3b7e1f5
Remove Unused import 2025-07-07 15:15:51 -05:00
Rob Winch
bfa2a3613c
Fix frameworkVersion
Should not strip -SNAPSHOT
2025-07-07 15:15:51 -05:00
Josh Cummings
02d69ec864 Keep EnableWebMvcSecurity Link
So that links across the Internet that are pointed at
#mvc-enablewebmvcsecurity still arrive at a relevant place,
this commit re-adds the mvc-enablewebmvcsecurity link, even
though @EnableWebMvcSecurity itself is now removed.

Issue gh-17294
2025-07-07 13:46:03 -06:00
Tran Ngoc Nhan
a439bc65d6 Remove EnableWebMvcSecurity
Closes gh-17294

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:46:03 -06:00
Josh Cummings
19e88f5e35 Polish Tests
Issue gh-17298
2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan
242956a63c Remove deprecated elements from DaoAuthenticationProvider
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:38:34 -06:00
Rob Winch
ca5e307bf4
Merge branch '6.5.x' 2025-07-07 14:31:40 -05:00
dependabot[bot]
8e94157971
Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-07 14:31:35 -05:00
dependabot[bot]
e4155e8540
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-07 14:31:35 -05:00
dependabot[bot]
7aecd78920
Bump org.hibernate.orm:hibernate-core from 7.0.4.Final to 7.0.5.Final
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.5.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-07 14:31:35 -05:00
Rob Winch
7a7d2cacd2
Merge branch '6.4.x' into 6.5.x 2025-07-07 14:31:17 -05:00
dependabot[bot]
fa2e4c67a0
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-07 14:31:11 -05:00
dependabot[bot]
45ce51fe8d
Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-07 14:31:11 -05:00
dependabot[bot]
2d3a1dc210
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.20.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.20.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.20/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.20)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.20.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-07 14:31:10 -05:00
Tran Ngoc Nhan
e52987d03c Remove RoleHierarchyImpl Deprecations
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:22:22 -06:00
Matt Magoffin
62252c1232
Default to XorCsrfChannelInterceptor in XML
Change WebSocketMessageBrokerSecurityBeanDefinitionParser to use
XorCsrfChannelInterceptor by default, so WebSocket XML configuration
matches the default Xor-based configuration already in
WebSocketMessageBrokerSecurityConfiguration.

Closes gh-17260

Signed-off-by: Matt Magoffin <matt@solarnetwork.net>
2025-07-07 13:02:15 -06:00
Josh Cummings
a9636c72d1
Merge branch '6.5.x' 2025-07-07 12:54:26 -06:00
Josh Cummings
bc20bd6340
Merge branch '6.4.x' into 6.5.x
Closes gh-17495
2025-07-07 12:53:59 -06:00
Josh Cummings
74771a3d42
Merge branch '6.5.x' 2025-07-07 11:43:25 -06:00
Andrey Litvitski
fdf52f021d Use LdapName instead of DistinguishedName
Closes gh-17301

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-07 11:40:45 -06:00
Tran Ngoc Nhan
6dc77bd98b Update JwtIssuerAuthenticationManagerResolver constructor javadoc
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 11:37:52 -06:00
Josh Cummings
ea3ba62022
Correct Servlet Path JavaDoc
Initially PathPatternRequestMatcher was designed to match relative
to the servlet path. However, this was changed to be relative to
the context path. This commit updates the documentation and removes
references to the servlet path other than in the context of setting
a basePath to remove boilerplate.

Issue gh-16430
2025-07-07 11:34:29 -06:00
Josh Cummings
42283a5c1d
Add Missing File
Issue gh-17484
2025-07-07 11:18:57 -06:00
Josh Cummings
5ae1b73bae
Fix Cyclic Bean Dependency
Closes gh-17484
2025-07-07 10:32:56 -06:00
Tran Ngoc Nhan
d8043dc8a7 Remove PrePostTemplateDefaults
Closes gh-17296

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan
21036c94b4 Remove Nimbus(Reactive)OpaqueTokenIntrospector
Closes gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan
519ae241f4 Fix Mock for Spring(Reactive)OpaqueTokenIntrospector
Issue gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 15:41:57 -06:00
Andrey Litvitski
596d44757a Remove RequestVariablesExtractor
Closes gh-17308

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-03 14:41:12 -06:00
Josh Cummings
639a9afaea
Merge branch '6.5.x' 2025-07-03 14:40:30 -06:00
Josh Cummings
8fb8e26c01
Merge branch '6.4.x' into 6.5.x 2025-07-03 14:40:04 -06:00
Tran Ngoc Nhan
9312fb7004 Remove Deprecated AuthorizationDecision Elements
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 14:32:49 -06:00
Josh Cummings
448283b30c
Merge branch '6.5.x' 2025-07-03 14:19:44 -06:00
Josh Cummings
b5ddf9ccd1
Merge branch '6.4.x' into 6.5.x 2025-07-03 14:19:31 -06:00
Josh Cummings
ce107795d8
Fix Broken JavaDoc Link
Issue gh-16886
2025-07-03 14:14:00 -06:00
Josh Cummings
af2985a269
Merge branch '6.5.x' 2025-07-03 13:43:24 -06:00
Josh Cummings
3bef5f9f40
Merge branch '6.4.x' into 6.5.x 2025-07-03 13:43:10 -06:00
Josh Cummings
d3e9e3138d
Remove AntPath and MvcRequestMatcher
Closes gh-16886
Closes gh-16887
2025-07-03 13:37:50 -06:00
Josh Cummings
b71a66bdaa
Use PathPatternRequestMatcher in docs
Issue gh-16886
Issue gh-16887
2025-07-03 13:37:50 -06:00
Josh Cummings
e9506776f1
Use PathPatternRequestMatcher in test
Issue gh-16887
2025-07-03 13:37:49 -06:00
Josh Cummings
b6d61b2f10
Use PathPatternRequestMatcher in itest
Issue gh-16887
2025-07-03 13:37:49 -06:00
Josh Cummings
919ae1d636
Use PathPatternRequestMatcher in oauth2
Issue gh-16887
2025-07-03 13:37:49 -06:00
Josh Cummings
7da352129c
Use PathPatternRequestMatcher in saml2
Issue gh-16887
2025-07-03 13:37:48 -06:00
Josh Cummings
558b7e0b47
Use PathPatternRequestMatcher in cas
Issue gh-16887
2025-07-03 13:37:48 -06:00
Josh Cummings
e8ed0f1b03
Use PathPatternRequestMatcher in web
Issue gh-16887
2025-07-03 13:37:48 -06:00
Josh Cummings
3e53cc2c4a
Use PathPatternRequestMatcher in config
This commit changes the config module to use
PathPatternRequestMatcher in favor of
MvcRequestMatcher and AntPathRequestMatcher.

This allows removing several HandlerMappingIntrospector
support classes as well which were in place to
support MvcRequestMatcher.

Issue gh-16886
Issue gh-16887
2025-07-03 13:37:47 -06:00
Josh Cummings
f709a9efef
Add pathPattern Factory Methods
Closes gh-17476
2025-07-03 13:37:47 -06:00
Josh Cummings
98686a5139
Standardize Mock Request Paths
Closes gh-17449
2025-07-03 13:37:47 -06:00
Josh Cummings
d869686d09
Add TestMockHttpServleRequests
Closes gh-17450
2025-07-03 13:37:46 -06:00
Josh Cummings
d5f986f733
Deprecate createMvcMatchers
Issue gh-16631
2025-07-03 13:37:46 -06:00
Josh Cummings
f0d523b0ab
Merge remote-tracking branch 'origin/6.5.x' 2025-07-03 13:20:53 -06:00
dependabot[bot]
86562760d9 Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 13:20:01 -06:00
Tran Ngoc Nhan
1583c90433 Remove Unused Method in TestOpenSamlObjects
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
Tran Ngoc Nhan
a9e28a2ae9 Remove OpenSamlRelyingPartyRegistration
Issue gh-17309

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
Tran Ngoc Nhan
8c100c5c27 Update RelyingPartyRegistration JavaDoc
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
Tran Ngoc Nhan
4d524b1fe1 Remove RelyingPartyRegistration Deprecations
Closes gh-17309

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
Deep Dhamala
081c92a9e5 Improve logging clarity in CsrfFilter
Update toString() method in DefaultRequiresCsrfMatcher to better reflect its logic during trace-level logging.

Closes gh-17250

Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
2025-07-03 13:00:55 -06:00
Josh Cummings
a22b2ffc94
Merge branch '6.5.x' 2025-07-03 12:52:08 -06:00
dependabot[bot]
eba43dc03f Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:51:14 -06:00
dependabot[bot]
0b872588d3 Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:51:04 -06:00
dependabot[bot]
cfaac1963c Bump org-apache-maven-resolver from 1.9.23 to 1.9.24
Bumps `org-apache-maven-resolver` from 1.9.23 to 1.9.24.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.23 to 1.9.24

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:50:51 -06:00
dependabot[bot]
8b5a43033f Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:50:45 -06:00
Soumik Sarker
06bd81b1da Removed deprecated class BearerTokenAuthenticationFilter
Closes gh-17309

Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-07-03 12:44:06 -06:00
Soumik Sarker
526f8a6200 Removed deprecated class BearerTokenAuthenticationToken
Issue gh-17309

Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-07-03 12:44:06 -06:00
Soumik Sarker
edb7a642c7 Removed deprecated class ObjectPostProcessor
Issue gh-17309

Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-07-03 12:44:06 -06:00
Soumik Sarker
dff5780e09 Removed deprecated class ServiceAuthenticationDetails
Issue gh-17309

Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-07-03 12:44:06 -06:00
dependabot[bot]
465d46caa1 Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:24:08 -06:00
dependabot[bot]
f8cb1b77fa Bump org-apache-maven-resolver from 1.9.23 to 1.9.24
Bumps `org-apache-maven-resolver` from 1.9.23 to 1.9.24.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.23 to 1.9.24

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:23:39 -06:00
Joe Grandja
e869bcdfa3 Remove deprecated implementations of OAuth2AccessTokenResponseClient
Closes gh-16909
2025-07-03 14:23:23 -04:00
Joe Grandja
cfe38957d7 Remove Resource Owner Password Credentials grant
Closes gh-17446
2025-07-03 14:23:23 -04:00
dependabot[bot]
ee171a1c17 Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:23:17 -06:00
dependabot[bot]
eb468316fc Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.4/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.4)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.4.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:22:49 -06:00
dependabot[bot]
eb3f32772f Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-03 12:22:07 -06:00
Josh Cummings
890049c6f7
Merge remote-tracking branch 'origin/6.5.x' 2025-07-02 13:19:00 -06:00
Andrey Litvitski
25d51a0d99 Include HTTP Method in equals and hashCode
Closes gh-17180

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-02 13:18:36 -06:00
Rob Winch
75efb17c49
Merge branch '6.5.x' 2025-07-02 10:54:10 -05:00
Rob Winch
bd020d8aea
Merge branch '6.4.x' into 6.5.x 2025-07-02 10:54:02 -05:00
Rob Winch
2e4259f359
Bump org-apache-maven-resolver from 1.9.23 to 1.9.24 2025-07-02 10:46:30 -05:00
Rob Winch
7153d7930b
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-07-02 10:46:27 -05:00
Rob Winch
d1aecb1ade
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final 2025-07-02 10:46:25 -05:00
Rob Winch
4d9c81e3d1
Bump com.webauthn4j:webauthn4j-core from 0.29.3.RELEASE to 0.29.4.RELEASE 2025-07-02 10:46:23 -05:00
Rob Winch
eed4ae751e
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-07-02 10:46:21 -05:00
Rob Winch
8685ab54a0
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-07-02 10:45:11 -05:00
Rob Winch
f8c27a404b
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-07-02 10:45:09 -05:00
Rob Winch
cbc1a0d49b
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-07-02 10:45:06 -05:00
Rob Winch
e11b2bcf62
Bump com.webauthn4j:webauthn4j-core from 0.29.3.RELEASE to 0.29.4.RELEASE 2025-07-02 10:45:02 -05:00
Rob Winch
7e3e5114a5
Bump org-apache-maven-resolver from 1.9.23 to 1.9.24 2025-07-02 10:44:59 -05:00
dependabot[bot]
f26d444ee9
Bump org-apache-maven-resolver from 1.9.23 to 1.9.24
Bumps `org-apache-maven-resolver` from 1.9.23 to 1.9.24.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.23 to 1.9.24

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:55:54 +00:00
dependabot[bot]
3c5845c922
Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:55:44 +00:00
dependabot[bot]
1286c6dfce
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:55:36 +00:00
dependabot[bot]
a983f04673
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:55:21 +00:00
dependabot[bot]
e09d0005e8
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:55:07 +00:00
dependabot[bot]
c43b128f1a
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:27:07 +00:00
dependabot[bot]
f22f41ba19
Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:26:57 +00:00
dependabot[bot]
3d9069ac4d
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.4/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.4)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.4.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:26:45 +00:00
dependabot[bot]
a5b7bf989e
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:26:34 +00:00
dependabot[bot]
3c5e6a32c2
Bump org-apache-maven-resolver from 1.9.23 to 1.9.24
Bumps `org-apache-maven-resolver` from 1.9.23 to 1.9.24.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.23 to 1.9.24
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.23...maven-resolver-1.9.24)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.23 to 1.9.24

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-02 03:26:29 +00:00
Rob Winch
725745defd
Merge branch '6.5.x' 2025-07-01 16:39:58 -05:00
Rob Winch
a5ea9912d9
Merge branch '6.4.x' into 6.5.x 2025-07-01 16:39:48 -05:00
Rob Winch
25a5105b86
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-07-01 16:37:35 -05:00
Rob Winch
7704b4e986
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final 2025-07-01 16:37:32 -05:00
Rob Winch
1c6fb12dde
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-07-01 16:37:30 -05:00
Rob Winch
f54c75f0f3
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-07-01 16:37:28 -05:00
Rob Winch
ff59dc35e9
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-07-01 16:37:25 -05:00
Rob Winch
703dd19a0b
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-07-01 16:33:46 -05:00
Rob Winch
4c2e5b6ea4
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-07-01 16:33:44 -05:00
Rob Winch
b8f75782d9
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.19.Final 2025-07-01 16:33:41 -05:00
Rob Winch
e214cf89f0
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-07-01 16:33:39 -05:00
Rob Winch
b80e966a1c
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-07-01 16:33:37 -05:00
dependabot[bot]
2cccfe88a1
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 08:00:31 +00:00
dependabot[bot]
0cc49b8788
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 08:00:16 +00:00
dependabot[bot]
4ca80cdd28
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 07:59:55 +00:00
dependabot[bot]
a979094a48
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.4/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.4)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.4.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 07:33:39 +00:00
dependabot[bot]
3f9bb81164
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 07:16:03 +00:00
dependabot[bot]
f7962003ec
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 06:53:57 +00:00
dependabot[bot]
6ab3e2b31d
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 06:53:30 +00:00
dependabot[bot]
3882cc2bf5
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.19.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.19.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/main/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/commits)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.19.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 06:37:51 +00:00
dependabot[bot]
fc754374a0
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 06:36:31 +00:00
dependabot[bot]
bd4cdf8c22
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-07-01 06:25:42 +00:00
Rob Winch
0137d0254c
Merge branch '6.5.x' 2025-06-30 14:01:26 -05:00
Rob Winch
f79c0bc734
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-30 13:57:24 -05:00
Rob Winch
d4c580ad49
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-06-30 13:57:22 -05:00
Rob Winch
418dc793ac
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-30 13:57:20 -05:00
Rob Winch
a2f756264a
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final 2025-06-30 13:57:18 -05:00
Rob Winch
20a486c83d
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-06-30 13:57:17 -05:00
Rob Winch
f5c70550ed
Merge branch '6.4.x' into 6.5.x 2025-06-30 13:55:49 -05:00
Rob Winch
ed3a9af8fd
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-06-30 13:55:22 -05:00
Rob Winch
fdea1ca4b6
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-30 13:55:20 -05:00
Rob Winch
c089066638
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-30 13:55:18 -05:00
Rob Winch
9223d14c02
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.19.Final 2025-06-30 13:55:16 -05:00
Rob Winch
f07b42f6b2
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-06-30 13:55:14 -05:00
dependabot[bot]
e7145680a9
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:44:04 +00:00
dependabot[bot]
68fe473741
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.19.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.19.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/main/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/commits)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.19.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:43:21 +00:00
dependabot[bot]
08cdf7d53b
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:39:09 +00:00
dependabot[bot]
11774cd32a
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:38:20 +00:00
dependabot[bot]
8f0f3343fa
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:38:00 +00:00
dependabot[bot]
91a5a97c50
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.4.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/main/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/commits)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.4.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:38:00 +00:00
dependabot[bot]
cca38a0067
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:37:39 +00:00
dependabot[bot]
a373ebd009
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:36:51 +00:00
dependabot[bot]
f34337a4e0
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:36:16 +00:00
dependabot[bot]
bc6d5ffa34
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-30 04:34:54 +00:00
Rob Winch
e37424c637 Fix cycle in DefaultOAuth2AuthorizationRequestResolver
DefaultOAuth2AuthorizationRequestResolver should not depend on
OAuth2AuthorizationRequestRedirectFilter because
OAuth2AuthorizationRequestRedirectFilter already depends on
DefaultOAuth2AuthorizationRequestResolver.

OAuth2AuthorizationRequestRedirectFilter also takes advantage of the
new constructor that defaults the base uri.

Polishes gh-16384
2025-06-27 15:49:28 -05:00
DingHao
7587048f95 Add default authorizationRequestBaseUri to DefaultOAuth2AuthorizationRequestResolver
Closes gh-16383

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-06-27 15:49:28 -05:00
Kevin Yue
7de4217469 Don't cache WebSocket request
PR gh-16741

Signed-off-by: Kevin Yue <yuezk001@gmail.com>
2025-06-27 15:47:05 -05:00
Soumik Sarker
2f53a2edb3 Removed deprecated Base64 of crypto package
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
2025-06-27 14:24:54 -05:00
Konstantin Filtschew
e4a2ac27d6 Fixed link to CSRF checks 2025-06-27 14:18:01 -05:00
Rob Winch
401f836051
Merge branch '6.5.x' 2025-06-27 09:02:23 -05:00
Rob Winch
57ee1d8261
Merge branch '6.4.x' into 6.5.x 2025-06-27 09:02:07 -05:00
Rob Winch
6798a0c2c4
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-06-27 09:00:58 -05:00
Rob Winch
a4012d60df
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-06-27 09:00:56 -05:00
Rob Winch
7bf0cba45d
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.3.Final 2025-06-27 09:00:54 -05:00
Rob Winch
f812a847df
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-27 09:00:53 -05:00
Rob Winch
4f602cb1a5
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-27 09:00:51 -05:00
Rob Winch
a61b6c8c7f
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-06-27 09:00:06 -05:00
Rob Winch
a67b817c0c
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-27 09:00:04 -05:00
Rob Winch
026140a459
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-06-27 09:00:02 -05:00
Rob Winch
5e743ba724
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final 2025-06-27 09:00:00 -05:00
Rob Winch
a274946883
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-06-27 08:59:58 -05:00
dependabot[bot]
4e6e25d3a5
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-27 13:35:27 +00:00
dependabot[bot]
feffe23a0e
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-27 13:35:12 +00:00
dependabot[bot]
5dce2ab500
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-27 13:35:01 +00:00
dependabot[bot]
586340b2ae
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-27 13:34:29 +00:00
dependabot[bot]
123ba5a81a
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.3.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.3.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.3/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.3)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.3.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-26 22:33:45 +00:00
Rob Winch
00ead7f24d Update to Kotlin 2.2 2025-06-26 17:29:12 -05:00
dependabot[bot]
ce8be6d523
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-26 04:01:46 +00:00
dependabot[bot]
581906c23f
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.18.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.18/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.18)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.18.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-26 04:01:36 +00:00
dependabot[bot]
953dbc6858
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-26 04:01:30 +00:00
dependabot[bot]
f9c0425954
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-26 04:01:06 +00:00
dependabot[bot]
6dcfd3c6b2
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-26 04:01:00 +00:00
Rob Winch
8fd2401a2e
Merge branch '6.5.x' 2025-06-25 10:10:08 -05:00
Rob Winch
12ff662fd7
Merge branch '6.4.x' into 6.5.x 2025-06-25 10:09:59 -05:00
Rob Winch
302d9a879f
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.3.Final 2025-06-25 10:09:23 -05:00
Rob Winch
71cd14a165
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-06-25 10:09:21 -05:00
Rob Winch
f7d5390e74
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-06-25 10:09:18 -05:00
Rob Winch
f6f8417c11
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-25 10:09:15 -05:00
Rob Winch
cd14e3d161
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-25 10:09:13 -05:00
Rob Winch
a297e5ef35
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-06-25 10:06:38 -05:00
Rob Winch
00e1872925
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-06-25 10:06:35 -05:00
Rob Winch
81609a8db2
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final 2025-06-25 10:06:33 -05:00
Rob Winch
7a14761e1c
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-25 10:06:30 -05:00
Rob Winch
5a01a60f4c
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-06-25 10:06:28 -05:00
Tran Ngoc Nhan
e686ac6b11 Remove AbstractSecurityWebSocketMessageBrokerConfigurer
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-24 12:56:05 -06:00
Tran Ngoc Nhan
a74ce06dae Remove JwtIssuer(Reactive)AuthenticationManagerResolver deprecations
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-24 12:33:00 -06:00
dependabot[bot]
f8e3c7bccf
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:35:21 +00:00
dependabot[bot]
8f49e0a148
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:35:09 +00:00
dependabot[bot]
8c8fb33c00
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.18.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.18/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.18)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.18.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:29:10 +00:00
dependabot[bot]
527946873d
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:29:03 +00:00
dependabot[bot]
edfae34178
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:28:50 +00:00
dependabot[bot]
d18909c2d4
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:14:18 +00:00
dependabot[bot]
a8bd1d0143
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:08:03 +00:00
dependabot[bot]
054909694b
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 04:03:54 +00:00
dependabot[bot]
fb6d29759c
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 03:58:33 +00:00
dependabot[bot]
3fb987ed17
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.3.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.3.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.3/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.3)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.3.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-24 03:58:18 +00:00
Rob Winch
afb3d5d571
Merge branch '6.5.x' 2025-06-23 10:25:02 -05:00
Rob Winch
638cfa3381
Merge branch '6.4.x' into 6.5.x 2025-06-23 10:24:51 -05:00
Rob Winch
6ccadbd880
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-23 10:23:37 -05:00
Rob Winch
b4a447a99e
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-06-23 10:23:34 -05:00
Rob Winch
8a0d746008
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.3.Final 2025-06-23 10:23:31 -05:00
Rob Winch
f04d5b9f05
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-23 10:23:29 -05:00
Rob Winch
14d9de2793
Bump io.mockk:mockk from 1.14.2 to 1.14.4 2025-06-23 10:23:26 -05:00
Rob Winch
f2e6dd5f2a
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-06-23 10:22:33 -05:00
Rob Winch
1cf2797b4b
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-06-23 10:22:31 -05:00
Rob Winch
301c404332
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-23 10:22:29 -05:00
Rob Winch
4f6cb52d80
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final 2025-06-23 10:22:26 -05:00
Rob Winch
d322bcda3f
Bump io-spring-javaformat from 0.0.46 to 0.0.47 2025-06-23 10:22:24 -05:00
dependabot[bot]
6b430c94be
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-23 04:15:51 +00:00
dependabot[bot]
d26d76ecb3
Bump io.mockk:mockk from 1.14.2 to 1.14.4
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.2 to 1.14.4.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.2...1.14.4)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-23 03:30:42 +00:00
dependabot[bot]
3fd697f9a6
Bump io-spring-javaformat from 0.0.46 to 0.0.47
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-23 03:30:22 +00:00
dependabot[bot]
90ddb00c00
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.3.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.3.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.3/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.3)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.3.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-23 03:28:29 +00:00
Josh Cummings
08cbdb4640
Merge remote-tracking branch 'origin/6.5.x' 2025-06-20 14:43:25 -06:00
Josh Cummings
9f88ef83eb Polish Post-Processor Test
Issue gh-17175

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
2025-06-20 14:41:58 -06:00
Maciej Kowalski
46283b3452 Relax ObjectPostProcessor Type Constraints
Closes gh-17175

Signed-off-by: Maciej Kowalski <f.kowal@gmail.com>
2025-06-20 14:41:58 -06:00
Josh Cummings
396809bf01 Polish Stream Advice
Issue gh-17097
2025-06-20 14:01:19 -06:00
Tran Ngoc Nhan
3e9d585410 Update Contribution Guidelines About Streams
Closes gh-17097

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-20 14:01:19 -06:00
Josh Cummings
a4c338f8a5
Format authorizeExchange Blocks
This commit formats authorizeExchange blocks to
use a common variable name and ensure the
variable and reference are on the same line.

Issue gh-13067
2025-06-20 10:46:52 -06:00
Josh Cummings
da6c7b8759
Format Lambda Usage
This commit updates Lambda DSL usage to favor
having the variable and reference on the same line

Issue gh-13067
2025-06-20 10:46:52 -06:00
Josh Cummings
777447e1d9
Format authorizeHttpRequests Blocks
This commit formats authorizeHttpRequests blocks
to use the same parameter name and places the
reference on the same line as the parameter.

Issue gh-13067
2025-06-20 10:46:51 -06:00
Josh Cummings
cf6b52d6f7
Format authorizeRequests Blocks
This commit changes all auhorizeRequests
declarations to use the same variable name
and declare the lambda parameter and reference
on the same line.

Issue gh-13067
2025-06-20 10:46:51 -06:00
Josh Cummings
5dd40a7f10
Remove ServerHttpSecurity and() DSL Methods
This commit removes all and() DSL methods with
the exception of featurePolicy, which will be
removed as a whole at another time.

Closes gh-13067
2025-06-20 10:46:43 -06:00
Josh Cummings
f789abc87f
Use ServerHttpSecurity Lambda DSL in JavaDoc
Issue gh-13067
2025-06-20 10:41:32 -06:00
Josh Cummings
461f00ed38
Use ServerHttpSecurity Lambda DSL in Config
Issue gh-13067
2025-06-20 10:41:31 -06:00
Josh Cummings
9fcfacf283
Use ServerHttpSecurity Lambda DSL in Tests
Issue gh-13067
2025-06-20 10:41:31 -06:00
Josh Cummings
1a7b1fcc7c
Remove HttpSecurity and() DSL Methods
This commit removes all and() methods that have been
deprecated in the HttpSecurity DSL with the exception
of featurePolicy, which will be removed when that
feature is removed. Note that since featurePolicy
does not have a lambda equivalent, the and support
needs to remain for the moment.

Issue gh-13067
2025-06-20 10:41:31 -06:00
Josh Cummings
45a1447e9b
Use HttpSecurity Lambda DSL in JavaDoc
Issue gh-13067
2025-06-20 10:41:30 -06:00
Josh Cummings
1435e0f3d3
Use HttpSecurity Lambda DSL in Config Tests
Issue gh-13067
2025-06-20 10:41:30 -06:00
Josh Cummings
13e738e733
Use HttpSecurity Lambda DSL in Test
Issue gh-13067
2025-06-20 10:41:29 -06:00
Josh Cummings
c43afbf5e1
Format Lambda Expressions
This commit updats lambda expressions so that
their variable is surrounded in parentheses.

Issue gh-13067
2025-06-20 10:41:29 -06:00
Josh Cummings
20a2213e11
Merge branch '6.5.x' 2025-06-19 11:56:03 -06:00
Josh Cummings
09983e2349
Add ApacheDS Migration Steps
Issue gh-13852
2025-06-19 11:55:44 -06:00
Josh Cummings
6ddb964c61
Remove ApacheDS Support
Closes gh-13852
2025-06-19 11:55:34 -06:00
dependabot[bot]
349451c8a5
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-18 04:01:03 +00:00
dependabot[bot]
e17c256fce
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-18 04:00:21 +00:00
dependabot[bot]
4322bf5550
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.18.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.18/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.18)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.18.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-18 03:51:17 +00:00
dependabot[bot]
7334e12167
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-18 03:51:08 +00:00
dependabot[bot]
5010f0f000
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-18 03:50:36 +00:00
dependabot[bot]
a66abaa292
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-18 03:50:29 +00:00
Josh Cummings
42e24aa53c Fix Formatting 2025-06-17 16:55:22 -06:00
evga7
06ed6ef342 Simplify Csrf Processor Decision Logic
Replaces repeated if-else string comparisons with a Set.contains() check
for known WebSocket handshake handler class names in MessageSecurityPostProcessor.

Improves readability and maintainability without changing behavior.

Signed-off-by: Wonpyo Hong <evga7@naver.com>
2025-06-17 16:55:22 -06:00
Josh Cummings
676b44ebb0 Polish NimbusJwtEncoder Builders
- Simplify withKeyPair methods to match withPublicKey convention
in NimbusJwtDecoder
- Update tests to confirm support of other algorithms
- Update constructor to apply additional JWK properties
to the default header
- Deduce the possibly algorithms for a given key based
on curve and key size
- Remove algorithm method from EC builder since the
algorithm is determined by the Curve of the EC Key

Issue gh-16267

Co-Authored-By: Suraj Bhadrike <surajbh2233@gmail.com>
2025-06-17 16:47:39 -06:00
Suraj Bhadrike
ee09215f89 Add NimbusJwtEncoder Builders
Closes gh-16267

Signed-off-by: Suraj Bhadrike <surajbh2233@gmail.com>
2025-06-17 16:47:39 -06:00
Tran Ngoc Nhan
709f5db0e5 Polish Webauthn4JRelyingPartyOperations
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-17 13:35:52 -05:00
Rob Winch
18010f9914 Fix JwtAuthenticationProvider Checkstyle
Issue gh-17251
2025-06-17 13:32:43 -05:00
chanbinme
9cf5638914 Add null check for authentication token in JwtAuthenticationProvider
Add Assert.notNull validation to ensure the authentication token returned by jwtAuthenticationConverter is not null, preventing potential NullPointerException in subsequent operations.

Signed-off-by: chanbinme <gksmfcksqls@gmail.com>
2025-06-17 13:32:43 -05:00
Tran Ngoc Nhan
c2c84c4243 Update HttpSecurity javadoc
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-17 13:31:24 -05:00
Rob Winch
b2325e4176
Add OAuth Support for HTTP Interface Client
Closes gh-16858
2025-06-17 09:53:51 -05:00
Rob Winch
502b0b7f95
Merge branch '6.5.x' 2025-06-17 08:46:37 -05:00
Rob Winch
fc6650111a
Merge branch '6.4.x' into 6.5.x 2025-06-17 08:46:28 -05:00
Rob Winch
87bb5d4e2d
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-06-17 08:45:26 -05:00
Rob Winch
df676b3089
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-17 08:45:23 -05:00
Rob Winch
fc587913a7
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.2.Final 2025-06-17 08:45:21 -05:00
Rob Winch
fb3f4c60e1
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final 2025-06-17 08:44:11 -05:00
Rob Winch
f562de9a8e
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-17 08:44:09 -05:00
Rob Winch
b4a5e3ac6d
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-06-17 08:44:06 -05:00
Rob Winch
4d39af5806
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-06-17 08:44:04 -05:00
dependabot[bot]
f69aad2e54
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:49:39 +00:00
dependabot[bot]
fce40bc3ed
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.2.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.2.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.2/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.2)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.2.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:48:38 +00:00
dependabot[bot]
d933f1b881
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:47:26 +00:00
dependabot[bot]
c2ecc8b538
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:47:07 +00:00
dependabot[bot]
854375e390
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:37:19 +00:00
dependabot[bot]
bd31a40824
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:32:10 +00:00
dependabot[bot]
602aa1c46c
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.18.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.18/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.18)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.18.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-17 03:30:27 +00:00
github-actions[bot]
063ee71e0d Next development version 2025-06-16 18:47:03 +00:00
github-actions[bot]
ebdd6c22a8 Release 6.5.1 2025-06-16 15:07:59 +00:00
Rob Winch
6036e1ceb5
Merge branch '6.5.x' 2025-06-16 09:46:09 -05:00
Rob Winch
f7cff8deb5
Merge branch '6.4.x' into 6.5.x 2025-06-16 09:46:00 -05:00
Rob Winch
f33b7b5479
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 2025-06-16 09:45:47 -05:00
Rob Winch
32d0be9364
Merge branch '6.5.x' 2025-06-16 09:06:29 -05:00
Rob Winch
f2dbe28b81
Merge branch '6.4.x' into 6.5.x 2025-06-16 09:06:07 -05:00
Rob Winch
468a07b1a0
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.2.Final 2025-06-16 09:05:40 -05:00
Rob Winch
7da4712056
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-16 09:05:38 -05:00
Rob Winch
1828d56bf1
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 2025-06-16 08:56:25 -05:00
Rob Winch
71851de649
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 2025-06-16 08:56:23 -05:00
Rob Winch
60a930a49a
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final 2025-06-16 08:56:21 -05:00
Rob Winch
2b51705413
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 2025-06-16 08:56:19 -05:00
dependabot[bot]
3e6eda579f
Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.6 to 2024.1.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.6...2024.1.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-16 04:10:04 +00:00
dependabot[bot]
07bb38e5e5
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.18.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.18/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.18)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.18.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-16 04:09:40 +00:00
dependabot[bot]
1f57df6caa
Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.0 to 2.19.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.0...jackson-bom-2.19.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-16 03:37:16 +00:00
dependabot[bot]
5130cbb99f
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-13 03:48:15 +00:00
dependabot[bot]
043464fd3d
Bump org.hibernate.orm:hibernate-core from 7.0.1.Final to 7.0.2.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.1.Final to 7.0.2.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.2/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.1...7.0.2)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.2.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-13 03:47:51 +00:00
dependabot[bot]
1b2ac8567e
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-13 03:31:36 +00:00
dependabot[bot]
34ec5fd7a4
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-13 03:31:29 +00:00
Rob Winch
e1d8033ee3
Merge branch '6.5.x' 2025-06-12 12:26:43 -05:00
Rob Winch
2be756e9dd
Merge branch '6.4.x' into 6.5.x 2025-06-12 12:26:33 -05:00
Rob Winch
540ceef866
Merge branch 'gradle/6.5.x/com.fasterxml.jackson-jackson-bom-2.18.4.1' into 6.5.x 2025-06-12 12:26:07 -05:00
Rob Winch
8e57014c50
Merge branch 'gradle/main/org.hibernate.orm-hibernate-core-7.0.1.Final' 2025-06-12 12:22:35 -05:00
Rob Winch
025995ef97
Merge branch 'gradle/main/io.projectreactor-reactor-bom-2025.0.0-M4' 2025-06-12 12:22:06 -05:00
Rob Winch
040ffe17e5
Add SubjectX500PrincipalExtractor to Whats New
Issue gh-16984
2025-06-12 12:19:37 -05:00
Evgeniy Cheban
092bbfc8e7 ReactiveAuthorizationManager replace deprecated #check calls with #authorize
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
Evgeniy Cheban
b0cecb37d2 Replace deprecated #check calls with #authorize
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
Rob Winch
e3add59550 Update x509 Reference
- Use include-code
- Demo how to customize SubjectX500PrincipalExtractor
2025-06-12 12:09:20 -05:00
Rob Winch
7bf2730a53 Add x509@principal-extractor-ref
Enables customizing the X500PrincipalExtractor
2025-06-12 12:09:20 -05:00
Rob Winch
88ed4a5ccf Use principalExtractor reference instead of properties 2025-06-12 12:09:20 -05:00
Rob Winch
2b740b7f1f Update SubjectX500PrincipalExtractor Javadoc
- Provide more details on how the principalName is extracted
- Update to specify an OID is used for emailAddress
2025-06-12 12:09:20 -05:00
Rob Winch
f690a7f3df Encapsulate extractPrincipalNameFromEmail property
This simplifies the logic when extracting the principal and allows
more flexibility in the future by allowing the format and regex to be
added as setters.
2025-06-12 12:09:20 -05:00
Rob Winch
5f2efbea6a Remove unused statement 2025-06-12 12:09:20 -05:00
Max Batischev
aba437d469 Add Support SubjectX500PrincipalExtractor
Closes gh-16980

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-12 12:09:20 -05:00
Josh Cummings
e8f920e0ee Polish JdbcAssertingPartyMetadataRepository
- Remove GetBytes since it's not used yet
- Remove customizable RowMapper since this can be added
later
- Change signing_algorithms to be a String since the conversion
strategy is simple
- Standardize test names
- Simplify conversion of credentials using ThrowingFunction
- Change column names to match RelyingPartyRegistration
field names

Issue gh-16012
2025-06-11 18:08:31 -06:00
Josh Cummings
2bd05128ec Add JdbcAssertingPartyMetadataRepository#save
Issue gh-16012

Co-Authored-By: chao.wang <chao.wang@zatech.com>
2025-06-11 18:08:31 -06:00
Josh Cummings
e2e42a5580 Fix Checkstyle
Issue gh-16012
2025-06-11 18:08:31 -06:00
chao.wang
16fd24c002 Add JdbcAssertingPartyMetadataRepository
Closes gh-16012

Signed-off-by: chao.wang <chao.wang@zatech.com>
2025-06-11 18:08:31 -06:00
dependabot[bot]
9be7b37472
Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.4 to 2.18.4.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.4...jackson-bom-2.18.4.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.18.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-11 04:06:48 +00:00
dependabot[bot]
195fb7253c
Bump io.projectreactor:reactor-bom from 2023.0.18 to 2023.0.19
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.18 to 2023.0.19.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.18...2023.0.19)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2023.0.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-11 04:06:24 +00:00
dependabot[bot]
60f729156b
Bump org.hibernate.orm:hibernate-core from 7.0.0.Final to 7.0.1.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.0.Final to 7.0.1.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.0.1/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.0...7.0.1)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.1.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-11 03:15:08 +00:00
dependabot[bot]
220f49d86e
Bump io.projectreactor:reactor-bom from 2025.0.0-M3 to 2025.0.0-M4
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.0-M3 to 2025.0.0-M4.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.0-M3...2025.0.0-M4)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.0-M4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-11 03:14:31 +00:00
Josh Cummings
9b724377ce Rework Saml2 Authentication Statement
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.

Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.

As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.

Closes gh-10820
2025-06-10 17:21:03 -06:00
Christian Schuster
02a8c416aa Add NameID to SAML 2.0 Authentication Info
Issue gh-10820
2025-06-10 17:21:03 -06:00
Christian Schuster
36c7b91fb9 SAML 2.0 Single Logout Uses Saml2AuthenticationInfo
This allows SLO to be triggered without the authentication
principal needing to implement a given interface.

Issue gh-10820
2025-06-10 17:21:03 -06:00
Rob Winch
ffd6e3c0f7
Merge branch '6.5.x' 2025-06-10 10:49:13 -05:00
Rob Winch
b4418014aa
Merge branch '6.4.x' into 6.5.x 2025-06-10 10:49:05 -05:00
Rob Winch
2c5bd4c916
Explicit Permissions for codeql.yml 2025-06-10 10:46:23 -05:00
Rob Winch
dc954875f3
Merge branch '6.5.x' 2025-06-10 09:56:09 -05:00
Rob Winch
0299ba6027
Merge branch '6.4.x' into 6.5.x 2025-06-10 09:55:50 -05:00
dependabot[bot]
a060f7b462
Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-10 03:41:53 +00:00
dependabot[bot]
eaba293cc5
Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.7...v1.14.8)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-10 03:25:56 +00:00
Lidoca
d0db5e3ea3 Update database-schema.adoc
docs: match the database schema with https://github.com/spring-projects/spring-security/blob/6.5.0/docs/modules/ROOT/pages/servlet/authentication/passwords/jdbc.adoc

Signed-off-by: Lidoca <32785562+Lidoca@users.noreply.github.com>
2025-06-09 22:17:57 -05:00
Josh Cummings
aa3135169d Polish Documentation
Closes gh-14635
2025-06-09 16:49:36 -06:00
Liviu Gheorghe
3ddf201d66 Updated Copyrights
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
1livv
edfd7b9b43 Addressed review comments
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
1livv
358f6c96b5 Update config tests
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
Liviu Gheorghe
eaf8184142 Send saml logout response even when validation errors happen
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
Rob Winch
097640b72a
Merge branch '6.5.x' 2025-06-09 17:11:12 -05:00
Rob Winch
c9a67818d7
Merge branch '6.4.x' into 6.5.x 2025-06-09 17:11:04 -05:00
Rob Winch
d7452138ac
Merge branch 'gradle/6.5.x/org.apache.maven-maven-resolver-provider-3.9.10' into 6.5.x 2025-06-09 17:10:46 -05:00
Rob Winch
35e8aa6435
Merge branch 'gradle/main/org.apache.maven-maven-resolver-provider-3.9.10' 2025-06-09 17:09:36 -05:00
Rob Winch
8e1db3fe2b
Merge branch '6.5.x' 2025-06-09 17:06:04 -05:00
Rob Winch
1bd59c7fec
Merge branch '6.4.x' into 6.5.x 2025-06-09 17:05:55 -05:00
Rob Winch
28174a6d3e
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 2025-06-09 16:56:15 -05:00
Rob Winch
3948440ee4
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 2025-06-09 16:53:33 -05:00
Rob Winch
c5b41f50f5
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 2025-06-09 16:52:54 -05:00
Rob Winch
f0ba7500ff
Bump io-spring-javaformat from 0.0.45 to 0.0.46 2025-06-09 16:25:30 -05:00
Rob Winch
72b5e96a0d
Bump io-spring-javaformat from 0.0.45 to 0.0.46 2025-06-09 16:24:44 -05:00
Rob Winch
a47022799e
Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE 2025-06-09 16:20:57 -05:00
Rob Winch
aec876403f
Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE 2025-06-09 16:20:04 -05:00
Rob Winch
648882adc7
Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to 6.6.17.Final 2025-06-09 16:19:18 -05:00
Joe Grandja
98c3453aa4 Merge branch '6.5.x' 2025-06-06 07:19:08 -04:00
Joe Grandja
d622183e62 Merge branch '6.4.x' into 6.5.x
Closes gh-17216
2025-06-06 07:06:12 -04:00
dependabot[bot]
893d539c18
Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10
Bumps org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-06 03:55:31 +00:00
dependabot[bot]
adca1b31be
Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10
Bumps org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-06 03:52:18 +00:00
Joe Grandja
2e913d2af9 Merge branch '6.5.x' 2025-06-05 16:22:35 -04:00
Joe Grandja
dab989d7c3 Fix NPE with DPoP tokenAuthenticationManager
Closes gh-17172
2025-06-05 16:06:55 -04:00
Josh Cummings
c8b843c4c5
Merge branch '6.5.x' 2025-06-05 12:36:53 -06:00
damable-nuvolex
3b12e758d3
Fix inconsistent constructor declaration
Closes gh-16325

Signed-off-by: damable-nuvolex <damable@nuvolex.com>
2025-06-05 12:36:27 -06:00
Josh Cummings
eaab42a73c Polish BearerTokenAuthenticationConverter Support
- Moved to BearerTokenAuthenticationFilter constructor to align with
AuthenticationFilter
- Undeprecated BearerTokenResolver to reduce number of migration scenarios
- Updated to 7.0 schema
- Added migration docs

Issue gh-14750
2025-06-04 18:17:17 -06:00
Max Batischev
30577bd291 Add Additional Tests To BearerTokenAuthenticationFilterTests
Issue gh-14750

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-04 18:17:17 -06:00
Max Batischev
4967f3feee Add Support BearerTokenAuthenticationConverter
Closes gh-14750

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-04 18:17:17 -06:00
Josh Cummings
3f0326d3f1
Merge remote-tracking branch 'origin/6.5.x' 2025-06-04 12:49:12 -06:00
Evgeniy Cheban
33ae1711a7 Set Precedence Order for Spring MVC TargetVisitor
Closes gh-17185

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-04 12:47:36 -06:00
dependabot[bot]
0ec7a7a305
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.22 to 0.0.23.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.22...v0.0.23)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-04 03:47:25 +00:00
dependabot[bot]
1b081b0628
Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.22 to 0.0.23.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.22...v0.0.23)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-04 03:44:50 +00:00
Josh Cummings
492444c588
Update shouldConvertGetRequests Migration Steps
Issue gh-17099
2025-06-03 13:12:38 -06:00
Josh Cummings
f73f253beb
Add Switch for Processing GET Requests
Issue gh-17099
2025-06-03 13:12:37 -06:00
Josh Cummings
32c7e8a6ee
Use Saml2Error Static Factories 2025-06-03 13:12:37 -06:00
Josh Cummings
3de7312658
Add Saml2Error Static Factories 2025-06-03 13:12:37 -06:00
Josh Cummings
4ed131f6ab Add shouldConvertGetRequests Migration Steps
Issue gh-17099
2025-06-03 13:10:45 -06:00
Tran Ngoc Nhan
8953f464fb Add Switch for Processing GET Requests
Closes gh-17099

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-03 13:10:45 -06:00
dependabot[bot]
9872997cad
Bump io-spring-javaformat from 0.0.45 to 0.0.46
Bumps `io-spring-javaformat` from 0.0.45 to 0.0.46.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.45 to 0.0.46
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.45...v0.0.46)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.45 to 0.0.46
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.45...v0.0.46)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-03 04:05:48 +00:00
dependabot[bot]
b20cfceabb
Bump io-spring-javaformat from 0.0.45 to 0.0.46
Bumps `io-spring-javaformat` from 0.0.45 to 0.0.46.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.45 to 0.0.46
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.45...v0.0.46)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.45 to 0.0.46
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.45...v0.0.46)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-03 03:48:10 +00:00
dae won
9654e51bd4 Include UsernameNotFoundException in BadCredentialsException
Closes gh-16496

Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-06-02 16:12:47 -06:00
Josh Cummings
d52e0b6a05
Polish NimbusJwtDecoder
- Aligned JwkSourceJwtDecoderBuilder's relative position with its
corresponding static factory
- Added @since to JwkSourceJwtDecoderBuilder

PR gh-17046
2025-06-02 15:53:59 -06:00
Josh Cummings
195f933438
Allow Default Ordering for TargetVisitor
In tests, we want to both test that functionality works and also
demonstrate common or expected usage, where possible. It is likely
incorrect to use @Order(0) for a target visitor as this states that
it should take precedence over all Spring Security visitors defined
at a lower precedence.

Also, it appears this may have been added this way because of a mock
visitor that appears to be unused by any tests. Further, when an
application has multiple visitors, they should use the TargetVisitor.of
method to publish one bean with the order determined by the order
of the method parameters instead of having two separate beans.

This commit removes the @Order(0) annotation and also the mock
visitor, deferring to the natural ordering afforded by the
framework.

Issue gh-15994
2025-06-02 13:41:21 -06:00
Mark Bonnekessel
ada75e76a6 Add builder to create NimbusJwtDecoder with JwkSource
Signed-off-by: Mark Bonnekessel <2949525+marbon87@users.noreply.github.com>
2025-06-02 13:33:39 -06:00
dependabot[bot]
227a2cc0c7
Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.2.RELEASE to 0.29.3.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.2.RELEASE...0.29.3.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.3.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-02 03:51:03 +00:00
dependabot[bot]
72771c28c3
Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.2.RELEASE to 0.29.3.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.2.RELEASE...0.29.3.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.3.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-06-02 03:27:50 +00:00
Pat McCusker
5517d8fe3a Deprecate the X5T JOSE Header name
Closes gh-16979

Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
2025-05-30 06:45:02 -06:00
Evgeniy Cheban
fd4f06a66e Support Spring Data container types for AuthorizeReturnObject
Closes gh-15994

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-05-29 17:05:27 -06:00
dependabot[bot]
fed198f3f0
Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to 6.6.17.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.15.Final to 6.6.17.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.17/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.15...6.6.17)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.17.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-29 03:56:04 +00:00
Josh Cummings
6d3b54df21
Change Type Validation Default
NimbusJwtDecoder and NimbusReactiveJwtDecoder now use
Spring Security's JwtTypeValidator by default instead
of Nimbus's type validator.

Closes gh-17181
2025-05-28 16:11:13 -06:00
Josh Cummings
37a814bc29
Add 7.0 -> 8.0 Migration Guide
Closes gh-17182
2025-05-28 16:11:12 -06:00
Josh Cummings
215547f8c8
Use UsernameNotFoundException Factory
Issue gh-17179
2025-05-28 14:13:02 -06:00
Josh Cummings
da2d9aa868
Add Username Property to Exception
Closes gh-17179
2025-05-28 14:12:27 -06:00
Yanming Zhou
42790403da Use SpringReactiveOpaqueTokenIntrospector
Now that NimbusReactiveOpaqueTokenIntrospector is
deprecated, this commit changes the Spring
Security default to now use SpringReactiveOpaqueTokenIntrospector.

Issue gh-15988

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-05-27 14:25:31 -06:00
Maximilian Klose
ec05e65668 Add Equals and HashCode methods for better comparison.
Closes gh-16394

Signed-off-by: Maximilian Klose <maximilian.klose@adesso.de>
2025-05-27 13:53:07 -06:00
Ferenc Kemeny
bf05b8b430 Support Requiring exp and nbf in JwtTimestampsValidator
Closes gh-17004

Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
2025-05-27 12:22:25 -06:00
Ferenc Kemeny
91b21663db Polish JwtTimestampValidatorTests
This commit corrects the test that checks for both
nbf and exp missing. It also adds one for just exp
and on for just nbf.

Issue gh-17004

Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
2025-05-27 12:22:25 -06:00
Josh Cummings
596449d882 Polish
Issue gh-14149
2025-05-27 11:44:33 -06:00
Felix Hagemans
1a4de49977 Create CsrfCustomizer for SPA configuration
Closes gh-14149

Signed-off-by: Felix Hagemans <felixhagemans@gmail.com>
2025-05-27 11:44:33 -06:00
Josh Cummings
52394c1f07 Propagate Any AccessDeniedException
Any time a response handler throws an exception, we want to
propagate an underlying AccessDeniedException if their is one.

Issue gh-16058
2025-05-23 15:18:01 -06:00
Evgeniy Cheban
fae61b9426 Propagate AccessDeniedException for Authorized Objects Returned from a Controller
Closes gh-16058

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-05-23 15:18:01 -06:00
dae won
8612e952fe Make AuthorizationProxyFactory#proxy Generic
Closes gh-16706

Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-05-23 14:48:11 -06:00
Max Batischev
f4b8e2421a Add Support Credentialless COEP Header
Closes gh-16991

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-05-23 14:45:59 -06:00
John Niang
9ba5c7b2ce Add SwitchUserGrantedAuthority to Web Jackson Module
Closes gh-17041

Signed-off-by: John Niang <johnniang@foxmail.com>
2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan
8e2067bb3e Remove deprecated MemberCategory#DECLARED_FIELDS
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-23 14:36:54 -06:00
Tran Ngoc Nhan
88369cd252 Polish
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-23 14:36:54 -06:00
Josh Cummings
c9bbf3787b
Merge branch '6.5.x' 2025-05-23 11:36:22 -06:00
Josh Cummings
8aaa9c28fa
Merge branch '6.4.x' into 6.5.x 2025-05-23 11:36:01 -06:00
universe
50f8ad55a8 Remove Redundant Punctation in JavaDoc
Signed-off-by: universe <daofei8754@126.com>
2025-05-23 10:05:27 -05:00
Rob Winch
64d3397a9c
Add netty's SNAPSHOT repository to snapshot build 2025-05-22 15:44:26 -05:00
Rob Winch
ff22866c6d
RepositoryConventionPlugin supports arbitrary repositories 2025-05-22 15:43:38 -05:00
Rob Winch
cd27290260
Merge branch '6.5.x'
Closes gh-17163
2025-05-22 15:01:27 -05:00
Rob Winch
e686621e92
Merge branch '6.5.x'
Closes gh-17162
2025-05-22 15:01:13 -05:00
Rob Winch
6eee256e12
Demonstrate include-code usage
Closes gh-17161
2025-05-22 14:59:35 -05:00
Rob Winch
0fecaf4924
Add include-code extension setup for docs
Closes gh-17160
2025-05-22 14:59:35 -05:00
Josh Cummings
d9c894fae8
Merge branch '6.5.x' 2025-05-22 12:31:54 -06:00
Josh Cummings
d2d2b97b7d
Remove Conflict Markers 2025-05-22 12:31:40 -06:00
Josh Cummings
47338f7e56
Remove Conflict Markers 2025-05-22 12:29:05 -06:00
Josh Cummings
97923ebfaf Merge branch '6.5.x' 2025-05-21 16:47:45 -06:00
Josh Cummings
4bf03bde5b Merge branch '6.4.x' into 6.5.x 2025-05-21 16:47:25 -06:00
dependabot[bot]
c46f263483 Bump org.hibernate.orm:hibernate-core from 7.0.0.CR2 to 7.0.0.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.0.CR2 to 7.0.0.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/main/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.0.CR2...7.0.0)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.0.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-21 14:54:58 -06:00
dependabot[bot]
b3340536dc Bump io-spring-javaformat from 0.0.43 to 0.0.45
Bumps `io-spring-javaformat` from 0.0.43 to 0.0.45.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.43 to 0.0.45
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.43...v0.0.45)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.43 to 0.0.45
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.43...v0.0.45)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-21 14:54:45 -06:00
Josh Cummings
07575d2e2e
Merge remote-tracking branch 'origin/6.5.x' 2025-05-21 14:53:48 -06:00
dependabot[bot]
b5126f54bc Bump io-spring-javaformat from 0.0.43 to 0.0.45
Bumps `io-spring-javaformat` from 0.0.43 to 0.0.45.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.43 to 0.0.45
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.43...v0.0.45)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.43 to 0.0.45
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.43...v0.0.45)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-21 14:53:31 -06:00
Josh Cummings
7e4c72806c
Merge branch '6.5.x' 2025-05-21 14:52:47 -06:00
Josh Cummings
f169d31691
Merge branch '6.4.x' into 6.5.x 2025-05-21 14:52:36 -06:00
Josh Cummings
0ee3fe2a58
Merge branch '6.5.x' 2025-05-21 14:51:44 -06:00
Josh Cummings
d98e9c0ed9
Merge branch '6.4.x' into 6.5.x 2025-05-21 14:51:33 -06:00
Josh Cummings
45e81c2d0a
Merge branch '6.5.x' 2025-05-21 14:44:23 -06:00
Josh Cummings
7d49c41e03
Merge branch '6.4.x' into 6.5.x 2025-05-21 14:44:03 -06:00
Rob Winch
b7909a56c5
Merge branch '6.5.x' 2025-05-20 16:04:42 -05:00
Rob Winch
043acdae68
Merge branch '6.4.x' into 6.5.x 2025-05-20 16:03:39 -05:00
Rob Winch
6433f7ecc0
Merge branch '6.4.x' into 6.5.x 2025-05-20 15:59:40 -05:00
Josh Cummings
a339dbc893
Merge branch '6.5.x' 2025-05-19 11:18:54 -06:00
Josh Cummings
e772025646
Update What's New in 6.5 2025-05-19 11:18:38 -06:00
github-actions[bot]
b2576583e2 Next development version 2025-05-19 16:33:39 +00:00
github-actions[bot]
0fd0e9335a Release 6.5.0 2025-05-19 15:53:05 +00:00
Josh Cummings
e19c9995ae
Merge branch '6.5.x' 2025-05-19 09:46:36 -06:00
Josh Cummings
78dd02a4c1
Merge branch '6.4.x' into 6.5.x
Closes gh-17147
2025-05-19 09:46:24 -06:00
Josh Cummings
cc0faeaa9c
Merge branch '6.5.x' 2025-05-19 09:31:39 -06:00
Josh Cummings
9a8f9a91bc
Merge branch '6.4.x' into 6.5.x
Closes gh-17145
2025-05-19 09:31:22 -06:00
Josh Cummings
33a0a12a20
Merge branch '6.5.x' 2025-05-19 09:26:37 -06:00
Josh Cummings
c972de5369
Use .equals to Compare Methods
Closes gh-17143
2025-05-19 09:26:30 -06:00
Rob Winch
2041757607
Merge branch '6.5.x' 2025-05-19 08:45:17 -05:00
Rob Winch
6fb0591109
Merge branch 'gradle/6.5.x/org.springframework.data-spring-data-bom-2024.1.6' into 6.5.x 2025-05-19 08:44:52 -05:00
Rob Winch
9004897e2d
Merge branch '6.5.x' 2025-05-19 08:44:04 -05:00
Rob Winch
390972c4a0
Merge branch '6.4.x' into 6.5.x 2025-05-19 08:43:58 -05:00
Rob Winch
1cde8ca2c3
Merge branch '6.5.x' 2025-05-19 08:41:48 -05:00
Rob Winch
d19bfc7d67
Merge branch '6.4.x' into 6.5.x 2025-05-19 08:41:39 -05:00
dependabot[bot]
cceedd0bff
Bump org.springframework.data:spring-data-bom from 2024.1.5 to 2024.1.6
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.5 to 2024.1.6.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.5...2024.1.6)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-19 03:57:18 +00:00
Rob Winch
665a34da3a
Merge branch '6.5.x' 2025-05-16 10:43:06 -05:00
Rob Winch
86d57a2775
Merge branch '6.4.x' into 6.5.x
- Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7

Closes gh-17124
2025-05-16 10:41:38 -05:00
Josh Cummings
07a50b460a
Merge branch '6.5.x' 2025-05-15 18:17:05 -06:00
Josh Cummings
02a516d7f2
Merge branch '6.4.x' into 6.5.x 2025-05-15 18:16:53 -06:00
Josh Cummings
b5db32994f
Merge branch '6.5.x' 2025-05-15 17:20:23 -06:00
Josh Cummings
8548d8e18a
Merge branch '6.4.x' into 6.5.x 2025-05-15 17:20:08 -06:00
dependabot[bot]
4fb3dca953 Bump org.hibernate.orm:hibernate-core from 7.0.0.CR1 to 7.0.0.CR2
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.0.CR1 to 7.0.0.CR2.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/main/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.0.CR1...7.0.0.CR2)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.0.CR2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-15 14:48:44 -06:00
Junhyeok Lee
e30dc42d1e Update JdbcUserDetailsManager Javadoc and author
Signed-off-by: Junhyeok Lee <jhl221123@naver.com>
2025-05-14 13:41:02 -05:00
Junhyeok Lee
0722c2dc41 Implement UserDetailsPasswordService in JdbcUserDetailsManager
Signed-off-by: Junhyeok Lee <jhl221123@naver.com>
2025-05-14 13:41:02 -05:00
huhdy32
817938fa49 Add NullReturningMethodAuthorizationDeniedHandler
This implementation of MethodAuthorizationDeniedHandler returns null
when authorization is denied.

Closes gh-16705

Signed-off-by: huhdy32 <mong3268@gmail.com>
2025-05-14 11:45:48 -05:00
Andrey Litvitski
3b492a9628 remove 32-byte minimum keyLength restriction in Base64StringKeyGenerator (#17012)
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-05-14 11:41:30 -05:00
dependabot[bot]
c22091d8be Bump io.projectreactor:reactor-bom from 2025.0.0-M2 to 2025.0.0-M3
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.0-M2 to 2025.0.0-M3.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.0-M2...2025.0.0-M3)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.0-M3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-14 11:15:35 -05:00
Rob Winch
aa4db57b89
Merge branch '6.5.x'
Preserve org.hibernate.orm:hibernate-core
2025-05-14 11:13:27 -05:00
Rob Winch
f9aa88acb3
Merge branch '6.4.x' into 6.5.x
- Bump org.hibernate.orm:hibernate-core from 6.6.14.Final to 6.6.15.Final

Closes gh-17105
2025-05-14 11:12:42 -05:00
Rob Winch
903cefceb3
Merge branch '6.5.x'
- Preserve io.projectreactor:reactor-bom (we want to keep the version in main)
2025-05-14 11:03:03 -05:00
Rob Winch
e79de2f63e
Merge branch '6.4.x' into 6.5.x
- Bump io.projectreactor:reactor-bom from 2023.0.17 to 2023.0.18

Closes gh-17111
2025-05-14 11:01:53 -05:00
Joe Grandja
a8edcca961 Merge branch '6.5.x' 2025-05-14 05:36:04 -04:00
Joe Grandja
5f7155bfc7 Implement internal cache in JtiClaimValidator
Closes gh-17107
2025-05-14 05:21:00 -04:00
Tran Ngoc Nhan
a511171309 Add test and update javadoc for CommonOAuth2Provider
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-13 12:45:38 -06:00
Tran Ngoc Nhan
86550fb84b Cleanup code
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-13 12:40:18 -06:00
Joe Grandja
44303d2c80 Polish gh-17080 2025-05-13 14:36:44 -04:00
David Kowis
462e38c0e3 Fix DPoP jkt claim to be JWK SHA-256 thumbprint
Just used the nimbus JOSE library to do it, because it already has a
compliant implementation.

Closes gh-17080

Signed-off-by: David Kowis <david@kow.is>
2025-05-13 14:36:44 -04:00
dependabot[bot]
8b925dc4fc Bump io.micrometer:micrometer-observation from 1.14.6 to 1.14.7
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:35:27 -06:00
Joe Grandja
a265ac6ae7 Polish gh-17080 2025-05-13 14:35:23 -04:00
David Kowis
2090f44f74 Fix DPoP jkt claim to be JWK SHA-256 thumbprint
Just used the nimbus JOSE library to do it, because it already has a
compliant implementation.

Closes gh-17080

Signed-off-by: David Kowis <david@kow.is>
2025-05-13 14:35:23 -04:00
Josh Cummings
3f91c3effc
Merge remote-tracking branch 'origin/6.5.x' 2025-05-13 12:34:40 -06:00
dependabot[bot]
eee7e5edaa Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.1.RELEASE to 0.29.2.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.1.RELEASE...0.29.2.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.2.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:34:22 -06:00
Josh Cummings
cb511f501a
Merge remote-tracking branch 'origin/6.5.x' 2025-05-13 12:33:13 -06:00
dependabot[bot]
b9a92e35b9 Bump io.micrometer:micrometer-observation from 1.14.6 to 1.14.7
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:32:42 -06:00
Josh Cummings
87434a7b05
Merge branch '6.5.x' 2025-05-13 12:31:47 -06:00
Josh Cummings
349377a13b
Merge remote-tracking branch 'origin/6.4.x' into 6.5.x 2025-05-13 12:31:27 -06:00
dependabot[bot]
f1e3f2a8d3 Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.1.RELEASE to 0.29.2.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.1.RELEASE...0.29.2.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.2.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:29:21 -06:00
Josh Cummings
f511d0a345
Merge remote-tracking branch 'origin/6.5.x' 2025-05-13 12:28:17 -06:00
dependabot[bot]
c326e394e1 Bump org.hibernate.orm:hibernate-core from 6.6.13.Final to 6.6.14.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.13.Final to 6.6.14.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.14/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.13...6.6.14)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.14.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:28:03 -06:00
Josh Cummings
64b26cbd1f
Merge branch '6.5.x' 2025-05-13 12:26:56 -06:00
Josh Cummings
e0e9a7e76d
Merge remote-tracking branch 'origin/6.4.x' into 6.5.x 2025-05-13 12:26:25 -06:00
dependabot[bot]
99330bfc60 Bump org-apache-maven-resolver from 1.9.22 to 1.9.23
Bumps `org-apache-maven-resolver` from 1.9.22 to 1.9.23.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.22 to 1.9.23
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.22...maven-resolver-1.9.23)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.22 to 1.9.23
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.22...maven-resolver-1.9.23)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.22 to 1.9.23

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:23:56 -06:00
Josh Cummings
21c56554c9
Merge remote-tracking branch 'origin/6.5.x' 2025-05-13 12:23:07 -06:00
dependabot[bot]
7a62f4eec8 Bump org-apache-maven-resolver from 1.9.22 to 1.9.23
Bumps `org-apache-maven-resolver` from 1.9.22 to 1.9.23.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.22 to 1.9.23
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.22...maven-resolver-1.9.23)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.22 to 1.9.23
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.22...maven-resolver-1.9.23)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.22 to 1.9.23

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-13 12:22:42 -06:00
Josh Cummings
c8339184a9
Merge branch '6.5.x' 2025-05-13 12:21:51 -06:00
Josh Cummings
518918e197
Merge remote-tracking branch 'origin/6.4.x' into 6.5.x 2025-05-13 12:21:31 -06:00
Josh Cummings
40a18fe63c
Merge branch '6.5.x' 2025-05-13 12:19:14 -06:00
Josh Cummings
26650b20fb
Merge branch '6.4.x' into 6.5.x 2025-05-13 12:18:51 -06:00
Josh Cummings
0698d3527d
Merge branch '6.5.x' 2025-05-13 11:18:43 -06:00
Josh Cummings
26f359a4db
Merge branch '6.4.x' into 6.5.x 2025-05-13 11:18:31 -06:00
Josh Cummings
93a7583aa4
Merge branch '6.5.x' 2025-05-12 18:52:47 -06:00
yybmion
d48c463c03
Add logging to CsrfTokenRequestHandler implementations
Add trace-level logging to show the logical path of CSRF token processing
- Log token source (header or parameter) in resolveCsrfTokenValue
- Log request attribute names in handle methods
- Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding)
- Add similar logging to XorServerCsrfTokenRequestAttributeHandler

Improves debugging capabilities without changing functionality.

Closes gh-13626

Signed-off-by: yybmion <yunyubin54@gmail.com>
2025-05-12 18:49:40 -06:00
yybmion
a90ce5142c Add logging to CsrfTokenRequestHandler implementations
Add trace-level logging to show the logical path of CSRF token processing
- Log token source (header or parameter) in resolveCsrfTokenValue
- Log request attribute names in handle methods
- Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding)
- Add similar logging to XorServerCsrfTokenRequestAttributeHandler

Improves debugging capabilities without changing functionality.

Closes gh-13626

Signed-off-by: yybmion <yunyubin54@gmail.com>
2025-05-12 18:48:45 -06:00
Joe Grandja
ba7be9c8b9 Merge branch '6.5.x' 2025-05-09 16:14:34 -04:00
Joe Grandja
e3c39f02bc Add documentation for DPoP support
Closes gh-17072
2025-05-09 16:02:14 -04:00
Rob Winch
ff8b77df29
Add Twitter/X to CommonOAuth2Provider
Add Twitter/X to CommonOAuth2Provider
2025-05-07 15:08:23 -05:00
Tran Ngoc Nhan
48eb243012 Update javadoc
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-07 14:59:14 -05:00
Tran Ngoc Nhan
1e4dd713c5 Remove APPLICATION_JSON_UTF8 usage
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-07 14:59:14 -05:00
Rob Winch
6118587ff8 SavedCookieMixinTests uses readValue(String,Object.class)
The test should not provide SavedCookie.class to the ObjectMapper
since this is not done in production. In particular, it provides the
type that it should be deserialized, but this must be provided in the
JSON since the type is unknown at the time of deserialization.

Issue gh-17006
2025-05-07 14:55:54 -05:00
M-Faheem-Khan
241c3cd35a Remove deprecated Cookie usage
Remove usage of comment and verison usage

Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>
2025-05-07 14:55:54 -05:00
Rob Winch
693a5beb24
Format CommonOAuth2Provider 2025-05-07 14:55:04 -05:00
Rob Winch
f13836c9c8
Add X to CommonOAuth2Provider Reference
Issue gh-16510

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-05-07 11:31:28 -05:00
kiruthiga1793
23e7c9eeaa
Add Twitter/X to CommonOAuth2Provider
Signed-off-by: kiruthiga1793 <pkiruthiga93@gmail.com>
2025-05-07 11:24:29 -05:00
Rob Winch
d52289bd7a Remove Unnecessary Backwards Compatability
Since this is going to be merged into Spring Security 7 (a major release) and AESFastEngine is deprecated,
we should no longer support it (as it will likely be removed from Bouncy Castle)
2025-05-07 11:19:27 -05:00
Steve Riesenberg
5eb232cd3d Polish gh-16164 2025-05-07 11:19:27 -05:00
Ferdinand Jacobs
2b22cf2877 Replace BouncyCastle's deprecated AESFastEngine with the default AESEngine
- Update AESEngine to use the default AES engine, following BouncyCastle's recommendations
  (see release-1-56 of changelog: https://www.bouncycastle.org/download/bouncy-castle-java/?filter=java%3Drelease-1-56).
- Migrate to the latest API 'newInstance()' method to allow removal of @SuppressWarnings("deprecation")
- Remove @SuppressWarnings("deprecation")
2025-05-07 11:19:27 -05:00
Rob Winch
5f833fa236 Fix Checkstyle Errors 2025-05-07 10:50:41 -05:00
milaneuh
7fda87aecd Remove deprecated methods from CookieServerCsrfTokenRepository 2025-05-07 10:50:41 -05:00
Shenker93
de622d1082 Improve JdbcUserDetailsManager.userExists method 2025-05-07 10:50:03 -05:00
Rob Winch
47f7d83ee4
Merge branch '6.5.x' 2025-05-07 10:10:35 -05:00
Rob Winch
69c52cc4f7
Merge branch 'remotes/origin/main'
- Ignore Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 in favor of 2.19.0
2025-05-07 10:05:39 -05:00
Rob Winch
3110f3679a
Merge branch '6.4.x' into 6.5.x
- Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4

Closes gh-17069
2025-05-07 10:01:39 -05:00
Josh Cummings
46ee6eda76
Merge branch '6.5.x' 2025-05-06 16:56:10 -06:00
Josh Cummings
1ec084886a
Revert "Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.19.0"
This reverts commit 226e81d7f55d38603f3f179d3e32caf3e7ed6a20.

Given that we are in the RC phase, we do not want to do minor version
upgrades
2025-05-06 16:55:22 -06:00
Josh Cummings
9c357984d7
Merge branch '6.5.x' 2025-05-06 16:45:14 -06:00
Josh Cummings
211b1b7285
Update Method Security Migration Steps 2025-05-06 16:44:20 -06:00
Josh Cummings
84db5bb312
Add Cookie Customizer Migration Steps 2025-05-06 16:43:04 -06:00
Josh Cummings
74a25c3fc1
Add shouldFilterAllDispatcherTypes Migration Steps 2025-05-06 16:40:10 -06:00
Josh Cummings
084990736e
Move Opaque Token Migration Steps 2025-05-06 16:39:16 -06:00
Josh Cummings
c6bba38458
Update SAML 2.0 Migration Steps 2025-05-06 16:38:32 -06:00
Josh Cummings
45b453f59b
Add ACL Migration Steps 2025-05-06 16:38:19 -06:00
Yanming Zhou
e61544c397 Improve OAuth2ResourceServerConfigurer to eliminate deprecated operations
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-05-06 15:38:19 -05:00
Rob Winch
506a801f29
Merge branch '6.5.x'
- WebAuthnConfigurer Code Cleanup

Closes gh-17063
2025-05-06 15:22:36 -05:00
Max Batischev
66e614cb0b WebAuthnConfigurer Code Cleanup
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-05-06 15:20:08 -05:00
Max Batischev
421fcaee12 Add Assertions To WebAuthnConfigurer
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-05-06 15:20:08 -05:00
Rob Winch
866d8d0eab
Disable samples build
Spring Boot doesn't support Framework 7 yet

Issue gh-17047
2025-05-06 13:42:13 -05:00
Rob Winch
e599a17303
Update SNAPSHOT tests
Issueh gh-17047
2025-05-06 13:40:06 -05:00
Rob Winch
276bb82e7e
Create Spring Security 7.0.0-SNAPSHOT branch
Closes gh-17047
2025-05-06 13:33:29 -05:00
Rob Winch
a80592a707
Use commons-logging directly
Closes gh-17061
2025-05-06 13:27:13 -05:00
Rob Winch
b453840c0a
HttpHeaders no longer a MultiValueMap
Closes gh-17060
2025-05-06 13:27:13 -05:00
Rob Winch
e5e962ef90
Jakarta Cookie HttpOnly Serialization
The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".

This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
2025-05-06 13:27:13 -05:00
Rob Winch
0e2d864b09
Update Versions 2025-05-06 13:27:11 -05:00
Rob Winch
607705347c
MediaType.sortBySpecificityAndQuality->sortBySpecificity
Closes gh-17059
2025-05-06 13:26:17 -05:00
Rob Winch
66319fc3bc
MockServerHttpRequest.method(String,String)->method(HttpMethod,String)
Closes gh-17058
2025-05-06 13:26:16 -05:00
Rob Winch
2dbf3a2d18
WebClient.exchange->exchangeToMono
Closes gh-17057
2025-05-06 13:26:16 -05:00
Rob Winch
5704582c52
ResponseErrorHandler.handleError(URI, HttpMethod,ClientHttpResponse)
Closes gh-17056
2025-05-06 13:26:16 -05:00
Rob Winch
3976e7d456
BodyInserters.fromObject -> fromProducer
Closes gh-17055
2025-05-06 13:26:16 -05:00
Rob Winch
b467c47ed5
ClientRequest.method->create
ClientRequest.method was deprecated in favor of the create method

Closes gh-17054
2025-05-06 13:26:15 -05:00
Rob Winch
11105a5c51
UriComponentsBuilder.fromHttpUrl->fromUriString
The fromHttpUrl method is deprecated and replaced with fromUriString

Closes gh-
2025-05-06 13:26:15 -05:00
Rob Winch
38a9aa1da9
Remove Deprecated PathMatchConfigurer usage
Closes gh-17052
2025-05-06 13:26:15 -05:00
Rob Winch
222faae1cb
Add junit-jupiter-engine
This fixes some of the compatability problems that can happen
with newer versions of junit
2025-05-06 13:26:15 -05:00
Rob Winch
cb0fdef236
Remove MediaType.APPLICATION_JSON_UTF
Closes gh-17050
2025-05-06 13:26:14 -05:00
Rob Winch
5abbcecccc
Update to 7.0.0-SNAPSHOT
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-05-06 13:26:14 -05:00
Rob Winch
c385a59b68
Improve SchemaZipPlugin Error Message
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-05-06 13:26:14 -05:00
Josh Cummings
184cd96ee6
Don't Update Minor Versions During RC Phase 2025-05-06 11:56:41 -06:00
Zhoudong
6624e302ac Favor Spring Framework NonNull over Reactor NonNull
Signed-off-by: Zhoudong <jearton@users.noreply.github.com>
2025-05-06 10:52:05 -06:00
dependabot[bot]
0c7e43a462 Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to 1.0.6
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.5 to 1.0.6.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.5...v1.0.6)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-06 10:15:28 -06:00
Rob Winch
9b79b99150
Merge branch '6.4.x'
- Correct method name in logout.adoc

Closes gh-17049
2025-05-06 10:24:14 -05:00
Josh Cummings
1a9f62dce4
Merge branch '6.4.x' 2025-05-05 16:00:59 -06:00
Josh Cummings
12a18c3792
Polish Serialization Tests
If Instancio fails to instatiate the class sample, it will
now also delete the serialized sample file. Otherwise, it will
leave a zero-byte file on the filesystem, confusing future test runs
2025-05-05 15:39:33 -06:00
Josh Cummings
d04f7071c2
Add Missing Serialization Samples
Closes gh-17038
2025-05-05 15:34:24 -06:00
Josh Cummings
8726e547d5
Add Serialization Samples for 6.5
Issue gh-16221
2025-05-05 15:31:51 -06:00
Josh Cummings
2949b5d5a4
Regenerate Incorrect Serialization Files
Given that these classes each have a consistent serialization UID
across minor versions, but that the 6.5.x serialized version is using a
different UID, these serialized files were likely generated in error.
As such, this commit replaces the serialized files with correct ones.

Issue gh-16432
2025-05-05 15:30:15 -06:00
Josh Cummings
34a9f57aa6
Merge branch '6.4.x' 2025-05-05 15:29:44 -06:00
Rob Winch
74e6bf2d11
Merge branch '6.4.x'
- remove update-dependabot action
2025-05-05 13:36:15 -05:00
Rob Winch
d4a0f8bbe8
Merge branch '6.4.x'
- Use pull-request: write for gradlew updates
2025-05-05 13:24:32 -05:00
Josh Cummings
df640f22dc
Merge branch '6.4.x' 2025-05-02 15:59:13 -06:00
Rob Winch
5c92d90e36
Align Dependabot PRs with CONTRIBUTING
Previously Dependabot was setup to submit PRs to every branch.
However, this does not align with the contributing guidelines which
state to only submit a PR on the oldest branch so that merge forward
strategy can be used.

This changes the dependabot configuration to better align with our
contributing guidelines:

- PRs for github actions are submitted against the oldest branch since
  all branches will need updated using a merge forward stategy. Merging a
  github action will require us to merge forward manually and preserve
  the changes in the oldest branch to pickup the github actions update.
- Java dependencieds are submitted against each branch since they will
  need to merge -s ours to preserve the correct major.minor semantics.
  Merging a java dependency will now require us to do the merging manually.
2025-05-02 15:04:20 -05:00
Josh Cummings
aa338e9b0d
Merge branch '6.4.x' 2025-05-02 10:58:22 -06:00
Rob Winch
084408c22c
Merge branch '6.4.x'
- codeql uses ubuntu-latest
2025-05-02 11:50:08 -05:00
Rob Winch
9bf1212420
Merge branch '6.4.x'
- rm mark-duplicate-dependabot-prs.yml
2025-05-02 11:26:59 -05:00
Rob Winch
771fe108b3
Merge branch '6.4.x'
- Remove automerge forward
2025-05-02 11:24:28 -05:00
Rob Winch
e062be6c99
Merge branch '6.4.x'
- Add .github/workflows/codeql.yml
2025-05-02 11:17:40 -05:00
Josh Cummings
28091c8563 Merge branch '6.4.x' 2025-05-01 12:03:19 -06:00
dependabot[bot]
742265375d Bump io.mockk:mockk from 1.14.0 to 1.14.2
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.0 to 1.14.2.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.0...1.14.2)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-01 07:32:16 -06:00
dependabot[bot]
71421c68ba Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.0.RELEASE to 0.29.1.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.0.RELEASE...0.29.1.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.1.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-01 07:31:50 -06:00
hammadirshad
1a4602c8c3 Add mapping for DPoP in DefaultMapOAuth2AccessTokenResponseConverter
Closes gh-16806

Signed-off-by: muha <muha@kreftregisteret.no>
2025-04-30 10:09:41 -04:00
Josh Cummings
126cb71856
Merge branch '6.4.x' 2025-04-29 14:49:12 -06:00
Josh Cummings
804d79d96a
Merge branch '6.4.x' 2025-04-29 14:27:47 -06:00
Josh Cummings
fe6ddd0c8f
Merge branch '6.4.x' 2025-04-29 14:26:44 -06:00
Josh Cummings
d0a97917ad
Merge branch '6.4.x' 2025-04-29 13:39:00 -06:00
Max Batischev
c855453e40 Fix Typo In SubjectDnX509PrincipalExtractorTests
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-04-29 12:25:41 -06:00
Josh Cummings
9df3a57d9e
Merge branch '6.4.x' 2025-04-28 11:27:17 -06:00
Josh Cummings
eda9142b6b
Merge branch '6.4.x' 2025-04-28 11:13:50 -06:00
dependabot[bot]
226e81d7f5 Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.19.0
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.3 to 2.19.0.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.3...jackson-bom-2.19.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-25 04:47:09 +01:00
dependabot[bot]
55de63447d Bump com.google.code.gson:gson from 2.13.0 to 2.13.1
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.13.0 to 2.13.1.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.13.0...gson-parent-2.13.1)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-version: 2.13.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-23 20:37:15 -07:00
Rob Winch
25e4b74cfa Delete .github/workflows/codeql.yml
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-04-23 15:42:22 -05:00
Tran Ngoc Nhan
29380a87a0 Polish javadoc
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-04-23 14:36:45 -06:00
Max Batischev
8525f0e3fd Add FunctionalInterface To X509PrincipalExtractor
Closes gh-16949

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-04-23 14:27:42 -06:00
Josh Cummings
f44ab7afdf
Update Deprecated Security Usage 2025-04-23 14:16:29 -06:00
Yanming Zhou
ce5a12b2f7 Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
2025-04-23 14:10:02 -06:00
Rob Winch
68ea952d5a
Update codeql.yml
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-04-23 15:09:15 -05:00
Max Batischev
4a12382d2b Remove unused classes
Remove DeferringObservationAuthorizationManager.java and DeferringObservationReactiveAuthorizationManager.java

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-04-23 14:09:05 -06:00
Rob Winch
21b4763d1c Explicitly disable the default codeql setup
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-04-23 14:56:46 -05:00
Rob Winch
5c407483a0 Create codeql.yml
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-04-23 14:49:25 -05:00
Josh Cummings
7d6bdfedc8
Add Null Guard for Authorization Result 2025-04-23 12:11:10 -06:00
Josh Cummings
a683a3a730
Favor PathPatternMessageMatcher when activated
Issue gh-16500
2025-04-23 12:11:10 -06:00
Josh Cummings
bc9ae1eed6
Improve NPE Handling 2025-04-23 12:11:09 -06:00
Josh Cummings
61d6fbc2a9
Update Documentation for PathPatternRequestMatcher
Issue gh-16765
2025-04-23 12:11:09 -06:00
Josh Cummings
0ab01eac14
Update Deprecated Security Usage 2025-04-23 12:11:08 -06:00
Josh Cummings
eecd7d9559
Update Deprecated Reactor Usage 2025-04-23 12:11:08 -06:00
Josh Cummings
834370d8eb
Update Deprecated Spring Web Usage 2025-04-23 11:29:19 -06:00
Josh Cummings
216680bb50
Update Deprecated Spring Jdbc Usage 2025-04-23 11:29:18 -06:00
Josh Cummings
2ad859a63c
Add Missing Deprecation Markers 2025-04-23 11:29:18 -06:00
Josh Cummings
3f7f3dabe7
Correct JavaDoc Class Reference 2025-04-23 11:29:18 -06:00
github-actions[bot]
bb2fd24cd9 Merge branch '6.4.x' 2025-04-23 03:56:15 +00:00
github-actions[bot]
1720e1d452 Merge branch '6.4.x' 2025-04-23 03:50:20 +00:00
dependabot[bot]
74ec3761f6 Bump org.springframework.data:spring-data-bom from 2024.1.4 to 2024.1.5
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.4 to 2024.1.5.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.4...2024.1.5)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-22 20:28:40 -07:00
github-actions[bot]
fb44fd0c16 Next development version 2025-04-21 19:19:09 +00:00
github-actions[bot]
6273ba5989 Release 6.5.0-RC1 2025-04-21 19:01:34 +00:00
Rob Winch
3a1c905d07
Merge branch '6.4.x'
- io.spring.gradle:spring-security-release-plugin:1.0.5

Closes gh-6.3.10 in 6.4.x in 6.5.x
2025-04-21 13:48:11 -05:00
Rob Winch
3cfdc4980c
Merge branch '6.4.x' (early part) 2025-04-21 13:48:03 -05:00
Rob Winch
56a0a54999
Revert "Release 6.5.0-RC1"
This reverts commit 3dd3c1883aeb4a96c1750e46f07ac524c2264370.
2025-04-21 13:47:37 -05:00
github-actions[bot]
3dd3c1883a Release 6.5.0-RC1 2025-04-21 15:58:34 +00:00
Josh Cummings
b79d81a80f
Merge branch '6.4.x' 2025-04-21 08:32:54 -06:00
github-actions[bot]
39b195ca7c Merge branch '6.4.x' 2025-04-18 03:58:41 +00:00
github-actions[bot]
da970d8a31 Merge branch '6.4.x' 2025-04-18 03:50:03 +00:00
github-actions[bot]
c08a317751 Merge branch '6.4.x' 2025-04-18 03:37:29 +00:00
dependabot[bot]
37402360b6 Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.5 to 6.2.6.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.5...v6.2.6)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-17 20:35:01 -07:00
dependabot[bot]
1516cffb3a Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.11 to 3.2.12.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.11...3.2.12)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-17 20:21:09 -07:00
Joe Grandja
ef4479a554 Merge branch '6.4.x' 2025-04-17 05:31:29 -04:00
Joe Grandja
19090e7873 Add request_uri in OAuth2ParameterNames
Closes gh-16947
2025-04-16 10:23:10 -04:00
github-actions[bot]
ba320fb78d Merge branch '6.4.x' 2025-04-16 04:23:42 +00:00
dependabot[bot]
757d1c74ba Bump io.projectreactor:reactor-bom from 2023.0.16 to 2023.0.17
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.16 to 2023.0.17.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.16...2023.0.17)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2023.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-15 21:04:59 -07:00
github-actions[bot]
9b323eae42 Merge branch '6.4.x' 2025-04-16 03:51:45 +00:00
github-actions[bot]
62c5a25d5e Merge branch '6.4.x' 2025-04-15 03:34:52 +00:00
Josh Cummings
f86c4ad383
Polish Native Support
- Remove unneeded deprecateion marker
- Add missing reflected class

Issue gh-16536
2025-04-14 14:08:57 -06:00
Joe Grandja
791feee355 Prevent downgraded usage of DPoP-bound access tokens
Issue gh-16574

Closes gh-16937
2025-04-14 15:54:41 -04:00
Josh Cummings
178ca73673
Fix Type Check
Issue gh-16536
2025-04-14 13:42:44 -06:00
Josh Cummings
ae82be70c3
Add Needed Runtime Hints
Issue gh-16536
2025-04-14 11:06:18 -06:00
dependabot[bot]
a5fa197105 Bump io.micrometer:micrometer-observation from 1.14.5 to 1.14.6
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.5 to 1.14.6.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.5...v1.14.6)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-13 20:55:40 -07:00
dependabot[bot]
fdff4eca1a Bump org.junit:junit-bom from 5.12.1 to 5.12.2
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.12.1 to 5.12.2.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.12.1...r5.12.2)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 5.12.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-13 20:42:35 -07:00
dependabot[bot]
cbfb1e002f Bump org-aspectj from 1.9.22.1 to 1.9.24
Bumps `org-aspectj` from 1.9.22.1 to 1.9.24.

Updates `org.aspectj:aspectjrt` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-13 20:42:28 -07:00
dependabot[bot]
cfe2a9c39f Bump io.micrometer:context-propagation from 1.1.2 to 1.1.3
Bumps [io.micrometer:context-propagation](https://github.com/micrometer-metrics/context-propagation) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/micrometer-metrics/context-propagation/releases)
- [Commits](https://github.com/micrometer-metrics/context-propagation/compare/v1.1.2...v1.1.3)

---
updated-dependencies:
- dependency-name: io.micrometer:context-propagation
  dependency-version: 1.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-13 20:42:19 -07:00
dependabot[bot]
ce1532703a Bump com.google.code.gson:gson from 2.12.1 to 2.13.0
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.12.1 to 2.13.0.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.12.1...gson-parent-2.13.0)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-13 20:41:39 -07:00
github-actions[bot]
c441b5951b Merge branch '6.4.x' 2025-04-14 03:30:46 +00:00
github-actions[bot]
848daec943 Merge branch '6.4.x' 2025-04-14 03:23:18 +00:00
Steve Riesenberg
15c2b156f1
Update Client Authentication examples
Closes gh-16925

987d9c9788ba0343f543083c87613fb5
2025-04-11 15:10:05 -05:00
Josh Cummings
0e70482725
Fix Formatting 2025-04-10 15:55:00 -06:00
Josh Cummings
09ba5397fb
Add Support for Authorizing Spring MVC Return Types
Closes gh-16059
2025-04-10 15:48:10 -06:00
Josh Cummings
6438603cb6
Pick Up TargetVisitor Beans
Closes gh-16923
2025-04-10 15:48:09 -06:00
Josh Cummings
5841e35cae
Invert AuthorizeReturnObjectMethodInterceptor Dependency
Closes gh-16922
2025-04-10 15:48:09 -06:00
Joe Grandja
1ca33cae70 Make DPoP IatClaimValidator public to allow configuring clock and clockSkew
Issue gh-16574

Closes gh-16921
2025-04-10 16:04:37 -04:00
github-actions[bot]
546dba7dc2 Merge branch '6.4.x' 2025-04-10 04:13:30 +00:00
dependabot[bot]
923491628b Bump io.mockk:mockk from 1.13.17 to 1.14.0
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.17 to 1.14.0.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.17...1.14.0)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-09 20:52:41 -07:00
dependabot[bot]
1e6fd62bed Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-09 20:52:10 -07:00
github-actions[bot]
a9982971ae Merge branch '6.4.x' 2025-04-10 03:34:09 +00:00
Josh Cummings
3869b13e68
Add ResponseAuthenticationConverter
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.

Closes gh-12136
2025-04-09 17:38:24 -06:00
Josh Cummings
3e686abf50
Add ResponseValidator
Issue gh-14264
Closes gh-16915
2025-04-09 17:32:40 -06:00
Risto Virtanen
47e1fc045f Formatted
Signed-off-by: Risto Virtanen <818702+mapsu@users.noreply.github.com>
2025-04-09 17:09:54 -06:00
Risto Virtanen
1db557e395 Replace ClientRegistrationMixinTests with StdConvertersTest
Signed-off-by: Risto Virtanen <818702+mapsu@users.noreply.github.com>
2025-04-09 17:09:54 -06:00
Risto Virtanen
368fe2e7a0 Add missing ClientAuthenticationMethods to jackson2 converter
Closes gh-16825

Signed-off-by: Risto Virtanen <818702+mapsu@users.noreply.github.com>
2025-04-09 17:09:54 -06:00
Daeho Kwon
9908d96644
DeferredCsrfToken Implements Supplier
Closes gh-16870

Signed-off-by: Daeho Kwon <trewq231@naver.com>
2025-04-09 14:24:11 -06:00
Steve Riesenberg
43ef4262da
Update whats-new.adoc
Issue gh-16913
2025-04-09 11:19:50 -05:00
Steve Riesenberg
9d442c13de
Mark password grant for removal
This commit also updates link to the document "Best Current Practice for
OAuth 2.0 Security" to point to RFC 9700.

Closes gh-16913
2025-04-09 11:15:09 -05:00
Steve Riesenberg
197ee38aa0
Mark deprecated response clients for removal
Issue gh-16913
2025-04-09 11:15:06 -05:00
dependabot[bot]
9ca02082dc Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.10.1 to 1.10.2
Bumps [org.jetbrains.kotlinx:kotlinx-coroutines-bom](https://github.com/Kotlin/kotlinx.coroutines) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md)
- [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.10.1...1.10.2)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-bom
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-08 20:46:41 -07:00
Michael Samborski
bfb4878e29 Update kotlin.adoc to add required spread operator(*)
Signed-off-by: Michael Samborski <msamborski@orbiscommunications.com>
2025-04-08 14:12:09 -05:00
Tran Ngoc Nhan
d864e51ff6 Format OpaqueTokenIntrospector
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-04-08 13:56:54 -05:00
Tran Ngoc Nhan
d899bc5240 Polish javadoc
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-04-08 13:56:54 -05:00
James Howe
8d7f6acab6 Typo in Base64StringKeyGenerator exception message
Signed-off-by: James Howe <675056+OrangeDog@users.noreply.github.com>
2025-04-08 09:56:14 -06:00
Josh Cummings
f93a7a2f85
Deprecate HandlerMappingIntrospectorRequestTransformer
Closes gh-16536
2025-04-07 13:56:18 -06:00
Steve Riesenberg
1fb3fc80f9
Polish gh-15819
Closes gh-15818
2025-04-07 10:57:49 -05:00
Jonah Klöckner
9674532f4d
Add support for access token in body parameter as per rfc 6750 Sec. 2.2
Issue gh-15818
2025-04-07 10:57:49 -05:00
Steve Riesenberg
03e090c2d7
Merge branch '6.4.x'
Closes gh-16902
2025-04-07 10:57:12 -05:00
Joe Grandja
9c073dbcde Add AuthenticationEntryPoint for DPoP
Issue gh-16574

Closes gh-16900
2025-04-07 09:38:51 -04:00
dependabot[bot]
21a85e3520 Bump org.mockito:mockito-bom from 5.16.1 to 5.17.0
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.16.1 to 5.17.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.16.1...v5.17.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-version: 5.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-06 21:00:37 -07:00
dependabot[bot]
0a2b9d4978 Bump org.hibernate.orm:hibernate-core from 6.6.12.Final to 6.6.13.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.12.Final to 6.6.13.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.13/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.12...6.6.13)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.13.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-06 20:59:30 -07:00
dependabot[bot]
ff29c1b547 Bump org.seleniumhq.selenium:selenium-java from 4.30.0 to 4.31.0
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.30.0 to 4.31.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.30.0...selenium-4.31.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-version: 4.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-06 20:59:24 -07:00
github-actions[bot]
16527fec06 Merge branch '6.4.x' 2025-04-07 03:56:36 +00:00
github-actions[bot]
87300c491d Merge branch '6.4.x' 2025-04-07 00:23:05 +00:00
dependabot[bot]
1eff176776 Bump spring-io/spring-doc-actions from 0.0.19 to 0.0.20
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.19 to 0.0.20.
- [Commits](c203826512...e28269199d)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-06 17:17:16 -07:00
Josh Cummings
a283700ef8
Add CacheSaml2AuthenticationRequestRepository
Closes gh-14793
2025-04-03 17:43:48 -06:00
chu3la
8cbe02e3aa Update WebAuthn Test Objects Class Names
Closes gh-16604

Signed-off-by: chu3la <elmansouri.houssam@gmail.com>
2025-04-03 16:33:34 -06:00
Josh Cummings
67c21de1cf
Support Continue Filter Chain When No Relying Party
Closes gh-16000
2025-04-03 15:32:23 -06:00
Josh Cummings
5436fd5574
Remove Unecessary Code 2025-04-03 14:28:54 -06:00
Josh Cummings
4cdc6dab21
Fix Formatting
Issue gh-16604
2025-04-03 12:55:51 -06:00
Vasanth
04d7130975
Update WebAuthn Test Objects Class Names
Renamed the WebAuthn test object class names

Closes gh-16604

Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>
2025-04-03 12:55:50 -06:00
Josh Cummings
f280593566 Move Preparation Steps
Closes gh-16873
2025-04-03 11:08:24 -06:00
Josh Cummings
09b75719c2 Merge branch '6.4.x' 2025-04-03 11:08:11 -06:00
Josh Cummings
5ecf093025 Merge branch '6.3.x' into 6.4.x 2025-04-03 11:06:24 -06:00
Josh Cummings
616b43f261 Restore 6.x Migration Steps
Issue gh-16873
2025-04-03 11:05:53 -06:00
Josh Cummings
91b0936189
Add AssertionValidator
- Ships with support for customizing the OpenSAML validators to use
- Or, you can supply your own instance of SAML20AssertionValidator

Closes gh-15578
2025-04-02 17:44:40 -06:00
Josh Cummings
2885b0f75f Add valueOf
This commit adds a static factory for returning a constant
ClientAuthenticationMethod or creating a new one when there
is no match.

Issue gh-16825
2025-04-02 11:16:30 -06:00
dependabot[bot]
2a24bb0b26 Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.28.6.RELEASE to 0.29.0.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.28.6.RELEASE...0.29.0.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 20:54:31 -07:00
Josh Cummings
b7d399ab89
Merge branch '6.4.x' 2025-04-01 12:02:53 -06:00
Max Batischev
9a897d0b62 Add Support Postgres To JdbcUserCredentialRepository
Closes gh-16832

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-31 16:43:36 -06:00
Josh Cummings
4703f9cf1c
Update format + check command
Issue gh-14575
2025-03-31 14:06:45 -06:00
Tran Ngoc Nhan
ee84d37435 Use SpringCacheBasedTicketCache
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-31 13:54:48 -06:00
github-actions[bot]
455a2ecbcf Merge branch '6.4.x' 2025-03-31 04:01:11 +00:00
dependabot[bot]
0a44f7a726 Bump org.hibernate.orm:hibernate-core from 6.6.11.Final to 6.6.12.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.11.Final to 6.6.12.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.12/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.11...6.6.12)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-30 20:32:28 -07:00
Steve Riesenberg
7a937ca369
Merge branch '6.4.x'
Closes gh-16845
2025-03-28 16:34:35 -05:00
minseok.park
88a38013bb Add validation for auth checks in AbstractUserDetailsAuthenticationProvider
Add assertions to validate that preAuthenticationChecks and
postAuthenticationChecks are not null during initialization.
This allows errors to be detected earlier in the application lifecycle.

Closes PR-16710

Signed-off-by: minseok.park <minseok.park@hyosung.com>
2025-03-27 16:46:23 -06:00
Josh Cummings
349964620e
Merge branch '6.4.x' 2025-03-27 16:44:12 -06:00
Tran Ngoc Nhan
3be8e92187 Fix typo
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-27 16:40:35 -06:00
wtigerhyunsu
bdbf6a2be3 Add toString() to IpAddressMatcher.java
Closes gh-16795

Signed-off-by: wtigerhyunsu <jack951@naver.com>
2025-03-27 16:38:53 -06:00
Josh Cummings
40b84d3e44
Merge branch '6.4.x' 2025-03-27 16:34:39 -06:00
Hao
6159e089d4 Fix inline code formatting in documentation
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-26 21:51:52 -06:00
Hao
8c7d2e8922 Fix typo in multitenancy documentation
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-26 21:51:52 -06:00
dependabot[bot]
071906b944 Bump org.seleniumhq.selenium:htmlunit3-driver from 4.29.0 to 4.30.0
Bumps [org.seleniumhq.selenium:htmlunit3-driver](https://github.com/SeleniumHQ/htmlunit-driver) from 4.29.0 to 4.30.0.
- [Release notes](https://github.com/SeleniumHQ/htmlunit-driver/releases)
- [Commits](https://github.com/SeleniumHQ/htmlunit-driver/compare/4.29.0...4.30.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:htmlunit3-driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-26 20:46:40 -07:00
dependabot[bot]
e2d2df43d6 Bump org.htmlunit:htmlunit from 4.11.0 to 4.11.1
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.11.0...4.11.1)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-26 20:46:36 -07:00
Tran Ngoc Nhan
7bca17cb5a Polish
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-26 17:02:06 -06:00
Josh Cummings
37b8d019fa
Polish RequestMatcher Migration Path for OAuth 2.0 Login DSL
Issue gh-16573
2025-03-26 16:38:39 -06:00
Josh Cummings
99345537d6
Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter
Issue gh-16417
2025-03-26 16:38:39 -06:00
Josh Cummings
91ee5e7f2b
Add RequestMatcher Migration Path for CAS
Issue gh-16417
2025-03-26 16:38:38 -06:00
Josh Cummings
15d9c13984
Add RequestMatcher MigrationPath for SwitchUserFilter
To simplify migration, the filter's setter methods still use AntPathRequestMatcher.
Users can call the equivalent RequestMatcher setter methods to opt-in to the change early.

Issue gh-16417
2025-03-26 16:38:38 -06:00
Josh Cummings
1eec51ab6c
Polish SwitchUserFilterTests
Ensure that the appropriate HTTP Method is specified in tests

Issue gh-16417
2025-03-26 16:38:38 -06:00
Steve Riesenberg
860f130bc4
Add additional validation when refreshing ID tokens
Issue gh-16589
2025-03-26 15:34:17 -05:00
Steve Riesenberg
5f98ce5ecc
Polish gh-16589 2025-03-26 15:34:17 -05:00
Josh Cummings
d2d9da0a39
Favor PathPatternRequestMatcher
Issue gh-16828
2025-03-26 14:33:46 -06:00
Josh Cummings
e65e32bb42
Polish CorsConfigurationSource Selection Logic
Issue gh-16501
2025-03-26 13:44:47 -06:00
Josh Cummings
1618963255
Deprecate AntPathRequestMatcher
Closes gh-16632
2025-03-26 13:40:05 -06:00
Josh Cummings
59f08e861e
Use PathPatternRequestMatcher in Docs
Update documenation references from PathPatternRequestMatcher to AntPathRequestMatcher

Issue gh-16632
2025-03-26 13:40:04 -06:00
Josh Cummings
ff52e05b24
Favor PathPatternRequestMatcher in XML Configuration
Update BeanDefinitionParsers to use PathPatternRequestMatcher conditionally
on the presence of a PathPatternRequestMatcher.Builder bean

Closes gh-16828
2025-03-26 13:40:04 -06:00
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
2025-03-26 13:28:58 -06:00
Josh Cummings
50ad378a29
Polish MockHttpServletRequest Usage
This commit makes so that the requestURI is set to a value that makes
sense with the other properties being mocked.

Issue gh-16632
2025-03-26 13:27:17 -06:00
Evgeniy Cheban
ad1ee28f01 Update HandlerMappingIntrospector Usage in CORS support
Closes gh-16501

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-03-26 13:11:05 -06:00
dependabot[bot]
ba1045e61d Bump org.htmlunit:htmlunit from 4.10.0 to 4.11.0
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.10.0...4.11.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-25 20:43:41 -07:00
dependabot[bot]
4cf90dbd5f Bump io.freefair.gradle:aspectj-plugin from 8.13 to 8.13.1
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.13 to 8.13.1.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.13...8.13.1)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-25 20:42:38 -07:00
Rob Winch
491d28b6bb
Merge branch '6.4.x'
- Fix WebAuthn saves Anonymous PublicKeyCredentialUserEntity

Closes gh-16821
2025-03-25 16:19:14 -05:00
Josh Cummings
388acbac00
Merge branch '6.4.x' 2025-03-25 15:11:59 -06:00
Josh Cummings
c21295f8d1
Fix Formatting 2025-03-25 14:56:52 -06:00
Josh Cummings
3aec6c2f6e
Deprecate Access API in ACL
Issue gh-11302
2025-03-25 12:21:13 -06:00
Josh Cummings
05fdcd6a08
Deprecate MvcRequestMatcher
Closes gh-16631
2025-03-24 22:03:22 -06:00
dependabot[bot]
6927566668 Bump org.seleniumhq.selenium:selenium-java from 4.29.0 to 4.30.0
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.29.0 to 4.30.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.29.0...selenium-4.30.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-23 21:06:02 -07:00
github-actions[bot]
ee962b51cc Merge branch '6.4.x' 2025-03-24 01:50:41 +00:00
github-actions[bot]
8fff17070d Merge branch '6.4.x' 2025-03-24 01:41:23 +00:00
dependabot[bot]
a9acb6dabc Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.18 to 0.0.19.
- [Commits](852920ba3f...c203826512)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-23 17:32:20 -07:00
dependabot[bot]
4f8b757b2b Bump @springio/asciidoctor-extensions in /docs
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.16 to 1.0.0-alpha.17.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.16...v1.0.0-alpha.17)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-23 17:22:31 -07:00
Josh Cummings
56e757a2a1 Provide Authentication to AuthenticationExceptions
Issue gh-16444
2025-03-21 21:54:32 -06:00
Josh Cummings
464e506429 Polish ExceptionTranslateWebFilter
- Isolated exception construction
- Isolated entry point subscription

Issue gh-16444
2025-03-21 21:54:32 -06:00
Josh Cummings
60bed7f68a Polish AuthenticationRequest Property
- Add getter for reading the request
- Update BadCredentialsMixing to ignore authentication
- Allow exception to be mutable

Issue gh-16444
2025-03-21 21:54:32 -06:00
amm0124
3b6aca0d9c Add authRequest field to AuthenticationException
Store the authentication request details in the `authRequest` field of
`AuthenticationException` when an authentication exception occurs.

Closes gh-16444

Signed-off-by: amm0124 <amm0124@naver.com>
2025-03-21 21:54:32 -06:00
Josh Cummings
7f22a3459f Polish Tests
Issue gh-16444
2025-03-21 21:54:32 -06:00
DingHao
10ed5009e6 Method Security templates support use deep non-aliased attributes
Closes gh-16498

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-03-21 15:05:33 -06:00
Rob Winch
bc012ef121
Merge branch '6.4.x' 2025-03-21 16:00:01 -05:00
Rob Winch
b9a8da0a45
Merge branch '6.4.x' 2025-03-21 15:59:19 -05:00
Rob Winch
4fa5b45745
Merge branch '6.3.x' into 6.4.x 2025-03-21 15:59:02 -05:00
Rob Winch
d14a9ae068
https docs download 2025-03-21 15:58:53 -05:00
Josh Cummings
f910d47c67
Merge branch '6.4.x' 2025-03-21 14:47:33 -06:00
Josh Cummings
bfc12d55eb
Polish Tests
Issue gh-16771
2025-03-21 14:43:05 -06:00
Josh Cummings
3d96878d43
Cache RequestPath
In this way PathPatternRequestMatcher won't need to reparse for each
request matcher.

Issue gh-16771
2025-03-21 14:43:05 -06:00
Rob Winch
2a275b1966
Add link to docs zip
Closes gh-16798
2025-03-21 15:12:28 -05:00
Steve Riesenberg
6745576186 Polish basic.adoc
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
2025-03-21 15:05:22 -05:00
Steve Riesenberg
eb510ab59d Polish gh-16280 2025-03-21 15:05:22 -05:00
Martin Emrich
21fb5f92cf Explain behaviour with XMLHttpRequest on 401 response
Relates to / Closes gh-16103
2025-03-21 15:05:22 -05:00
Josh Cummings
86599afd43
Rename servletPath to basePath
Closes gh-16765
2025-03-21 12:04:46 -06:00
Josh Cummings
c53bf2befe
PathPatternRequestParser Retains Servlet Path
Issue gh-16765
2025-03-21 12:04:45 -06:00
Josh Cummings
1966ff3ce8
Parse RequestPath when cache is empty
Closes gh-16771
2025-03-21 12:03:56 -06:00
Josh Cummings
861a9a914e
OneTimeToken Missing Token Propagates Request
Closes gh-16780
2025-03-20 17:23:06 -06:00
Josh Cummings
8199015e79
Add Support for AuthenticationConverter
Closes gh-16793
2025-03-20 17:22:53 -06:00
Daeho Kwon
90dd31cae5 Replace dynamic error message with static "Access Denied"
Closes gh-16514

Signed-off-by: Daeho Kwon <trewq231@naver.com>
2025-03-20 15:20:54 -05:00
Daeho Kwon
24b7287d55 Replace dynamic error message with static "Access Denied"
Closes gh-16514

Signed-off-by: Daeho Kwon <trewq231@naver.com>
2025-03-20 15:20:54 -05:00
nobletrout
555fe1f147 Update anonymous.adoc
make the example code return the same thing for the do and don't do.

Signed-off-by: nobletrout <nobletrout@gmail.com>
2025-03-20 15:17:35 -05:00
mmck328
5ded04da6c Fix javadocs on WebFlux CSRF classes
Signed-off-by: mmck328 <20348295+mmck328@users.noreply.github.com>
2025-03-20 14:59:42 -05:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x'
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
2025-03-20 14:47:07 -05:00
Josh Cummings
86f8129bbb
Merge branch '6.4.x' 2025-03-20 13:25:11 -06:00
Josh Cummings
f91d937a1d
Merge branch '6.4.x' 2025-03-20 13:23:01 -06:00
Josh Cummings
c91656c27a Add Authorization Event Tests
- These ensure that the parameterized version of authorization events
can be listened to

Issue gh-16700
2025-03-20 13:12:36 -06:00
Max Batischev
ed79efc5fa Add support ResolvableTypeProvider to authorization events
Closes gh-16700

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-20 13:12:36 -06:00
Tran Ngoc Nhan
6c9071211f Fix typo code tag
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-03-20 12:48:11 -06:00
ayoub anbara
8167022ada Update data.adoc
No need to declare the method that create a bean as a public, and no need to declare interface that extends PagingAndSortingRepository with @Repository

Signed-off-by: ayoub anbara <anbara.ayoub@gmail.com>
2025-03-20 12:47:33 -06:00
github-actions[bot]
262a0abfb3 Merge branch '6.4.x' 2025-03-20 04:09:29 +00:00
dependabot[bot]
1e21d68f8f Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.4 to 6.2.5.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.4...v6.2.5)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-19 20:50:59 -07:00
Josh Cummings
cfe70a5fc7 Restore authorizedClientParametersMapper Assertion
Issue gh-16726
2025-03-19 18:13:54 -06:00
Max Batischev
a50a8b2f17 Improve JdbcPublicKeyCredentialUserEntityRepository save
Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-19 18:13:54 -06:00
Max Batischev
6c24a1e717 Improve JdbcOAuth2AuthorizedClientService saveAuthorizedClient
Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-19 18:13:54 -06:00
Filip Hrisafov
cd9d6ce5c9 Fix typos Open SAML 5 Javadoc referencing Open SAML 4
Signed-off-by: Filip Hrisafov <filip.hrisafov@gmail.com>
2025-03-19 18:06:26 -06:00
Josh Cummings
1120733e27
Update Copyright 2025-03-19 17:43:01 -06:00
Josh Cummings
116ef5fd54
Add HttpsRedirectFilter
- Added missing JavaDoc

Issue gh-16678
2025-03-19 17:41:20 -06:00
Josh Cummings
85b48f8392
Deprecate AccessDecisionManager
Closes gh-11302
2025-03-19 17:41:20 -06:00
Josh Cummings
bb438578cb
Deprecate SecurityMetadataSource
- Updated FAQ to replace SecurityMetadataSource recommendation with
 AuthorizationManager

Issue gh-16772
2025-03-19 17:41:00 -06:00
Josh Cummings
8e9634d25c
Deprecate ConfigAttribute
Closes gh-16774
2025-03-19 17:39:38 -06:00
Josh Cummings
89bd670fb1
Deprecate SecurityConfig
Closes gh-16773
2025-03-19 17:39:26 -06:00
Josh Cummings
a884c3c906
Address XsdDocumentedTests Errors
Issue gh-16775
2025-03-19 16:39:27 -06:00
Josh Cummings
0091cf697c
Add RedirectToHttps Migration Doc
Issue gh-16775
Issue gh-16678
2025-03-19 15:27:09 -06:00
Josh Cummings
e6008b6067
Add RedirectToHttps to XML
Closes gh-16775
2025-03-19 15:26:05 -06:00
Josh Cummings
989aee244b
Deprecate SecurityMetadataSource
Closes gh-16772
2025-03-19 15:26:05 -06:00
Josh Cummings
44d553946e PathPatternMessageMatcher Polish
Issue gh-16500

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
2025-03-19 08:48:54 -06:00
Pat McCusker
33272ef0f4 Add PathPatternMessageMatcher
Closes gh-16500

Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
2025-03-19 08:48:54 -06:00
Pat McCusker
df897cd2c7 Add the MatchResult class to MessageMatcher
Closes gh-16766

Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
2025-03-19 08:48:54 -06:00
dependabot[bot]
4dd4813ccb Bump ch.qos.logback:logback-classic from 1.5.17 to 1.5.18
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.17 to 1.5.18.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.17...v_1.5.18)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-18 20:38:02 -07:00
github-actions[bot]
2d9aff579a Merge branch '6.4.x' 2025-03-19 03:37:21 +00:00
Steve Riesenberg
5bb5d0f6be Polish gh-16589 2025-03-18 18:07:56 -05:00
Hao
fc1469ad5e Ensure ID Token is updated after refresh token
Signed-off-by: Hao <kyrieeeee2@gmail.com>
2025-03-18 18:07:56 -05:00
Josh Cummings
ece7489f5b
Merge branch '6.4.x' 2025-03-18 16:35:23 -06:00
Josh Cummings
030989b83b
Merge branch '6.4.x' 2025-03-18 16:34:53 -06:00
DingHao
96b9820e19 Annotation parameter scan finds first-level conflicts
Closes PR-16312
2025-03-18 14:23:53 -06:00
dependabot[bot]
103ccb3b9d Bump org-eclipse-jetty from 11.0.24 to 11.0.25
Bumps `org-eclipse-jetty` from 11.0.24 to 11.0.25.

Updates `org.eclipse.jetty:jetty-server` from 11.0.24 to 11.0.25

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.24 to 11.0.25

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 21:06:46 -07:00
dependabot[bot]
f717e94b4b Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.3 to 2024.1.4.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.3...2024.1.4)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 21:06:24 -07:00
github-actions[bot]
305e8bbf94 Next development version 2025-03-17 21:23:43 +00:00
github-actions[bot]
f87a9ea126 Release 6.5.0-M3 2025-03-17 20:59:52 +00:00
dependabot[bot]
32069f550a Bump org.junit:junit-bom from 5.11.4 to 5.12.1
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.4 to 5.12.1.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.4...r5.12.1)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 13:57:10 -07:00
Rob Winch
c8fea962a0
Merge branch '6.4.x'
- 04f530b opensamlFiveTest.extendsFrom testRuntimeOnly

Issue gh-16757
2025-03-17 15:41:13 -05:00
dependabot[bot]
40d064278a Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.3 to 6.2.4.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.4)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 13:11:51 -07:00
github-actions[bot]
1ccd407e19 Merge branch '6.4.x' 2025-03-17 20:10:04 +00:00
github-actions[bot]
5df61790e5 Merge branch '6.4.x' 2025-03-17 20:02:38 +00:00
github-actions[bot]
7e5c02d308 Merge branch '6.4.x' 2025-03-17 19:56:02 +00:00
dependabot[bot]
821c465ec6 Bump org.mockito:mockito-bom from 5.16.0 to 5.16.1
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.16.0 to 5.16.1.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.16.0...v5.16.1)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 12:54:26 -07:00
dependabot[bot]
bc154f9f19 Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.10.Final to 6.6.11.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.11/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.10...6.6.11)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 12:53:28 -07:00
github-actions[bot]
1622d8c224 Merge branch '6.4.x' 2025-03-17 19:50:08 +00:00
Rob Winch
e6223dede3
Merge branch '6.4.x'
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
2025-03-17 14:34:18 -05:00
Rob Winch
3a11d1529d
Merge branch '6.4.x'
- Disable Flaky WebAuthnWebDriverTests

Closes gh-16754
2025-03-17 13:57:37 -05:00
Joe Grandja
b97b555fde Merge branch '6.4.x' 2025-03-17 14:05:46 -04:00
Josh Cummings
3468b7f85f
Merge branch '6.4.x' 2025-03-17 11:02:47 -06:00
Josh Cummings
6ce8307885
Merge branch '6.4.x' 2025-03-17 09:50:07 -06:00
Steve Riesenberg
0938ca01a4
Add support for automatic context-propagation with Micrometer
Closes gh-16665
2025-03-13 15:29:08 -05:00
github-actions[bot]
10838133d4 Merge branch '6.4.x' 2025-03-12 03:59:17 +00:00
dependabot[bot]
e15911f3f4 Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.15 to 2023.0.16.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.15...2023.0.16)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-11 20:36:37 -07:00
dependabot[bot]
695b9bc66c Bump io.freefair.gradle:aspectj-plugin from 8.12.2.1 to 8.13
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.12.2.1 to 8.13.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.12.2.1...8.13)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-11 20:36:31 -07:00
dependabot[bot]
d150986b49 Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.4 to 1.14.5.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.4...v1.14.5)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-10 20:44:27 -07:00
github-actions[bot]
138d353b66 Merge branch '6.4.x' 2025-03-11 03:30:26 +00:00
dependabot[bot]
2afd2b92c1 Bump org.hibernate.orm:hibernate-core from 6.6.9.Final to 6.6.10.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.9.Final to 6.6.10.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.10/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.9...6.6.10)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-09 20:58:46 -07:00
github-actions[bot]
b1317360ec Merge branch '6.4.x' 2025-03-10 03:56:57 +00:00
Max Batischev
c7673e8f2f Polish AbstractAuthenticationTargetUrlRequestHandler
PR gh-16557

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-07 14:03:13 -07:00
mgreene57005
56d255018c Fix ordering for security filter configuration
Signed-off-by: Matthew Greene <mgreene57005@gmail.com>
Signed-off-by: mgreene57005 <mgreene57005@gmail.com>
2025-03-07 14:00:22 -07:00
Juha-1
19a5a9c970 Update logout.adoc
typos

Signed-off-by: Juha-1 <52188855+Juha-1@users.noreply.github.com>
2025-03-07 13:59:05 -07:00
Max Batischev
47630ca354 Fix JdbcUserCredentialRepository Save
Closes gh-16620

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-07 13:57:41 -07:00
Max Batischev
58a665e5aa Add Support SingleResultAuthorizationManager
Closes gh-16590

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-03-07 13:46:23 -07:00
dependabot[bot]
29f1ea50b6 Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17
Bumps org.slf4j:slf4j-api from 2.0.16 to 2.0.17.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-07 09:40:37 -08:00
yelm-212
cfefccad1f Update Http403ForbiddenEntryPoint to Use HttpStatus
Closes gh-16615

Signed-off-by: yelm-212 <21yrshin@naver.com>
2025-03-07 12:17:14 -05:00
Josh Cummings
39a80497c2
Merge branch '6.4.x' 2025-03-04 09:53:06 -07:00
dependabot[bot]
ea81371c6b Bump org.mockito:mockito-bom from 5.15.2 to 5.16.0
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.15.2 to 5.16.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.15.2...v5.16.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-03 19:42:58 -08:00
dependabot[bot]
fb05a928ae Bump io.freefair.gradle:aspectj-plugin from 8.12.2 to 8.12.2.1
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.12.2 to 8.12.2.1.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.12.2...8.12.2.1)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-03 19:41:36 -08:00
github-actions[bot]
a219f0cfed Merge branch '6.4.x' 2025-03-03 04:26:41 +00:00
github-actions[bot]
71a776f96a Merge branch '6.4.x' 2025-03-03 04:20:40 +00:00
dependabot[bot]
ebed2d4f65 Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.2 to 2.18.3.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.2...jackson-bom-2.18.3)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-02 20:02:02 -08:00
dependabot[bot]
7650348f5f Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.28.5.RELEASE to 0.28.6.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.28.5.RELEASE...0.28.6.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-02 20:01:52 -08:00
Vedran Pavic
401e237082 Introduce JwtAudienceValidator
Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>
2025-02-28 12:38:18 -07:00
Josh Cummings
ab52fd858a
Deprecate ChannelDecisionManager
Closes gh-16681
2025-02-28 12:35:21 -07:00
Josh Cummings
72070cd191
Deprecate ChannelSecurityConfigurer
Closes gh-16680
2025-02-28 09:38:45 -07:00
Josh Cummings
be23268c37
Add redirectToHttps DSL Configurer
Closes gh-16679
2025-02-28 09:38:07 -07:00
Josh Cummings
2d96fba5cf
Add HttpsRedirectFilter
Closes gh-16678
2025-02-28 09:30:53 -07:00
github-actions[bot]
ec19efbf2a Merge branch '6.4.x' 2025-02-28 03:41:00 +00:00
github-actions[bot]
ff447fc403 Merge branch '6.4.x' 2025-02-28 03:38:23 +00:00
dependabot[bot]
a4bdae14b6 Bump io.mockk:mockk from 1.13.16 to 1.13.17
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.16 to 1.13.17.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/commits)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-27 19:24:12 -08:00
Josh Cummings
e569c7a39e
Fix Tests
Issue gh-16517
2025-02-27 14:07:49 -07:00
topiam
85f0f3f34a
Support Custom RequestMatchers for WebAuthn
Closes gh-16517

Signed-off-by: topiam <support@topiam.cn>
2025-02-27 14:07:49 -07:00
Max Batischev
fa35c5b4d8 Make DefaultOneTimeToken Serializable
Closes gh-16617

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-27 12:49:48 -07:00
Josh Cummings
7df85a2ed9 Polish NimbusJwtDecoder 2025-02-27 12:40:01 -07:00
Josh Cummings
ab43a660b9 Add RFC 9068 Support
Closes gh-13185
2025-02-27 12:40:01 -07:00
Josh Cummings
81e2fd2fe8 Add Type Validation
Closes gh-16672
2025-02-27 12:40:01 -07:00
dependabot[bot]
0c7b05a0e3 Bump org.jfrog.buildinfo:build-info-extractor-gradle
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.33.23 to 4.34.1.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.33.23...build-info-gradle-extractor-4.34.1)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-26 20:11:21 -08:00
github-actions[bot]
f27e278cf4 Merge branch '6.4.x' 2025-02-27 03:39:06 +00:00
github-actions[bot]
83476cf20f Merge branch '6.4.x' 2025-02-27 03:35:39 +00:00
Rob Winch
9417f02790
Deprecate PortResolver
Closes gh-15972
2025-02-26 16:13:10 -06:00
Rob Winch
76a566265c
Use PortResolver Beans by Default
Closes gh-16664
2025-02-26 16:13:10 -06:00
Rob Winch
5f5427bd03
PortResolver.NO_OP
Closes gh-16666
2025-02-26 16:13:10 -06:00
Rob Winch
e64102b83c
Fix migration source type
Previously the migration-7/web.adoc source type was kotlin for the xml
source. This commit fixes that.

Closes gh-16662
2025-02-26 16:13:09 -06:00
Rob Winch
3e0be28602
Ad section summary toc
Closes gh-16663
2025-02-26 16:13:09 -06:00
Rob Winch
615d302e50
Add migration-7/web.adoc to nav
Closes gh-16661
2025-02-26 16:13:09 -06:00
Josh Cummings
f2d78a01c3
Fix JavaDoc Typos 2025-02-26 11:31:02 -07:00
Josh Cummings
ada6460f12
Merge branch '6.4.x' 2025-02-26 11:30:47 -07:00
dependabot[bot]
ec3cc66b64 Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.16 to 1.5.17.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-25 20:24:37 -08:00
github-actions[bot]
de81b253f8 Merge branch '6.4.x' 2025-02-26 03:58:25 +00:00
github-actions[bot]
034bacfc06 Merge branch '6.4.x' 2025-02-26 03:56:08 +00:00
github-actions[bot]
33ed74072d Merge branch '6.4.x' 2025-02-26 03:32:58 +00:00
Josh Cummings
eb5252c4f0
Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Josh Cummings
ae2894ab25
Update Copyright
Issue gh-16600
2025-02-24 15:09:04 -07:00
dae won
45b51fe3c8 Add grantedAuthorityMapper as a class member
- Add unit tests for setGrantedAuthorityMapper method

Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-02-24 15:05:55 -07:00
dae won
cb07031259 Add unit tests for setUserDetailsMapper method
Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-02-24 15:05:55 -07:00
dae won
22511aac7f Refactor mapToUser method visibility to private
Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-02-24 15:05:55 -07:00
dae won
6ac3426e39 Add userDetailsMapper as a class member
Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-02-24 15:05:55 -07:00
dae won
e8fe003c4c Make mapToUser and mapToGrantedAuthority protected in JdbcUserDetailsManager
- Closes gh-16540

Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-02-24 15:05:55 -07:00
Josh Cummings
ba273aba43
Merge branch '6.4.x' 2025-02-24 12:54:21 -07:00
Josh Cummings
55b83a0346
Merge branch '6.4.x' 2025-02-24 12:50:11 -07:00
github-actions[bot]
f4486cf913 Merge branch '6.4.x' 2025-02-24 03:37:07 +00:00
dependabot[bot]
62a9c50cc6 Bump org.hibernate.orm:hibernate-core from 6.6.8.Final to 6.6.9.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.8.Final to 6.6.9.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.9/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.8...6.6.9)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 19:24:31 -08:00
dependabot[bot]
f5776e288e Bump org.seleniumhq.selenium:htmlunit3-driver from 4.28.0 to 4.29.0
Bumps [org.seleniumhq.selenium:htmlunit3-driver](https://github.com/SeleniumHQ/htmlunit-driver) from 4.28.0 to 4.29.0.
- [Release notes](https://github.com/SeleniumHQ/htmlunit-driver/releases)
- [Commits](https://github.com/SeleniumHQ/htmlunit-driver/compare/4.28.0...4.29.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:htmlunit3-driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 19:24:29 -08:00
dependabot[bot]
9fb85726f6 Bump org.htmlunit:htmlunit from 4.9.0 to 4.10.0
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.9.0 to 4.10.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.9.0...4.10.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 19:24:14 -08:00
dependabot[bot]
5585c871c6 Bump io.freefair.gradle:aspectj-plugin from 8.12.1 to 8.12.2
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.12.1 to 8.12.2.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.12.1...8.12.2)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 19:24:10 -08:00
github-actions[bot]
9f1f3f6caa Merge branch '6.4.x' 2025-02-24 01:53:00 +00:00
dependabot[bot]
fae48d9553 Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.2 to 1.14.4.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.2...v1.14.4)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 16:21:13 -08:00
Josh Cummings
7d301f87d6
Add Opt-in PathPattern Strategy
Closes gh-16573
2025-02-21 13:40:24 -07:00
Josh Cummings
588220a020
Add PathPatterRequestMatcher
Closes gh-16429
Clsoes gh-16430
2025-02-21 13:40:23 -07:00
dependabot[bot]
4f25f0b90f Bump org.seleniumhq.selenium:selenium-java from 4.28.1 to 4.29.0
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.28.1 to 4.29.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.29.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-20 19:24:42 -08:00
Josh Cummings
b6c813c5a2 ClientRegistrations supports hostnames with underscores
Issue gh-15852
2025-02-20 16:54:24 -07:00
Josh Cummings
3d15be1b06 JwtDecoders Supports Hostnames with Underscores
In the process of verifying gh-15852, another issue with URI was discovered.
This commit adds tests to the uri-computing methods and changes them to use
UriComponents instead of URI.

Issue gh-15852
2025-02-20 16:54:24 -07:00
Bodo Graumann
0cd6a19b87 Avoid UriComponentsBuilder.fromUri
Closes gh-15852
2025-02-20 16:54:24 -07:00
Josh Cummings
43ddf73ddb
Polish Exception Message
This error message provides more context around which credentials failed.

Issue gh-16494
2025-02-20 13:31:59 -07:00
Max Batischev
08f71461b4 Add Support BadCredentialsException to OneTimeTokenAuthenticationProvider
Closes gh-16494

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-20 13:26:11 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
00cd95be76 Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler
Closes gh-16556

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-19 13:53:30 -06:00
Max Batischev
0ccbd20f0a Add Support ServerFormPostRedirectStrategy
Closes gh-16542

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-19 13:53:30 -06:00
Steve Riesenberg
cb7f6d84c1
Merge branch '6.4.x' 2025-02-19 12:32:16 -06:00
Josh Cummings
51ce91f07b
Merge branch '6.4.x' 2025-02-18 15:11:08 -07:00
github-actions[bot]
b6c0bde6e0 Next development version 2025-02-18 17:11:47 +00:00
github-actions[bot]
60459ef16e Release 6.5.0-M2 2025-02-18 16:51:50 +00:00
Josh Cummings
6793334575 Polish setJwkSelector
Make so that it runs only when selection is needed.
Require the provided selector be non-null.
Add Tests.

Issue gh-16170
2025-02-18 09:14:45 -07:00
douxiaofeng99
e22bc11cc9 Support JWK Selection Strategy
Closes gh-16170

Signed-off-by: douxiaofeng99 <18600127780@163.com>
2025-02-18 09:14:45 -07:00
github-actions[bot]
776eb76c58 Merge branch '6.4.x' 2025-02-17 03:56:05 +00:00
github-actions[bot]
55a530b436 Merge branch '6.4.x' 2025-02-17 03:55:22 +00:00
dependabot[bot]
4691124d43 Bump org.hibernate.orm:hibernate-core from 6.6.7.Final to 6.6.8.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.7.Final to 6.6.8.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.8/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.7...6.6.8)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-16 19:39:52 -08:00
dependabot[bot]
4df72eab82 Bump org.springframework.data:spring-data-bom from 2024.1.2 to 2024.1.3
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.2 to 2024.1.3.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.2...2024.1.3)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-16 19:39:04 -08:00
github-actions[bot]
571644b59f Merge branch '6.4.x' 2025-02-17 03:30:33 +00:00
Josh Cummings
6fdfeb3413
Polish Debug Messages
Issue gh-16484
2025-02-14 16:05:42 -07:00
tejas-teju
291162a195 Add debug messages for auth exceptions in ProviderManager
Issue gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
2025-02-14 16:01:22 -07:00
tejas-teju
c4b223266c Return Invalid Credentials message on login error
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
2025-02-14 16:01:22 -07:00
Josh Cummings
e42865b926
Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
plll0123
f9e04594a7 Refactor authorization manager variable naming
- Renamed PERMIT_ALL_AUTHORIZATION_MANAGER to snake_case style
- Introduced AUTHORIZATION_DECISION for reuse

Signed-off-by: plll0123 <jsh951227@gmail.com>
2025-02-14 10:02:55 -07:00
Tran Ngoc Nhan
92c2e21522 Use Spring Framework Url attribute
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-14 09:56:22 -07:00
Tran Ngoc Nhan
396b04f355 Update reference Spring Framwork links
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-14 09:56:22 -07:00
github-actions[bot]
a44a490f9e Merge branch '6.4.x' 2025-02-14 04:36:21 +00:00
github-actions[bot]
70d230dba8 Merge branch '6.4.x' 2025-02-14 04:28:55 +00:00
github-actions[bot]
b75211110d Merge branch '6.4.x' 2025-02-14 04:22:14 +00:00
github-actions[bot]
ce2a62a78d Merge branch '6.4.x' 2025-02-14 04:16:30 +00:00
dependabot[bot]
571c6bfffb Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.2 to 6.2.3.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.2...v6.2.3)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-13 19:36:51 -08:00
dependabot[bot]
4632370a28 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-13 19:23:23 -08:00
dependabot[bot]
78a2d74271 Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-13 19:22:33 -08:00
Josh Cummings
666d3a4af6
Merge branch '6.4.x' 2025-02-13 17:25:39 -07:00
Tran Ngoc Nhan
839269dbf5 Update Spring Security javadocs
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-13 16:19:56 -07:00
Tran Ngoc Nhan
51e9f073dd Fix format
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-13 16:18:28 -07:00
Tran Ngoc Nhan
3cf1686c0b Revert Nullable annotation
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-13 16:18:28 -07:00
Tran Ngoc Nhan
5d089f680e Consistently NonNull annotation
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-13 16:18:28 -07:00
Joe Grandja
31fb7feed5 Merge branch '6.4.x' 2025-02-12 06:18:42 -05:00
dependabot[bot]
61dcbc4d5b Bump serialize-javascript and mocha in /javascript
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) to 6.0.2 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together.


Updates `serialize-javascript` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](https://github.com/yahoo/serialize-javascript/compare/v6.0.0...v6.0.2)

Updates `mocha` from 10.2.0 to 10.8.2
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.2.0...v10.8.2)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-type: indirect
- dependency-name: mocha
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-12 02:28:05 -08:00
dependabot[bot]
21b77b9cf7 Bump esbuild from 0.23.0 to 0.25.0 in /javascript
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.23.0 to 0.25.0.
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.23.0...v0.25.0)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-12 02:15:55 -08:00
dependabot[bot]
36dd74b124 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-11 19:48:54 -08:00
github-actions[bot]
58afbb494d Merge branch '6.4.x' 2025-02-12 03:27:54 +00:00
github-actions[bot]
8e969d0f47 Merge branch '6.4.x' 2025-02-12 03:26:48 +00:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP)
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
2025-02-11 14:10:23 -05:00
dependabot[bot]
27cb1154f2 Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.3 to 1.14.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-10 20:04:39 -08:00
dependabot[bot]
28f842c46c Bump org.hibernate.orm:hibernate-core from 6.6.6.Final to 6.6.7.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.6.Final to 6.6.7.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.7/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.6...6.6.7)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-10 20:03:17 -08:00
github-actions[bot]
9c51507785 Merge branch '6.4.x' 2025-02-11 03:28:27 +00:00
ying.li
6494ea9b18 fix for typo 2025-02-10 12:22:57 -06:00
patpatpat123
b6f8046b2f Fix type for rest-client-access-token-response-client.adoc
In line 260, there is the mention of "=== Customizing the `WebClient`" while it should be "=== Customizing the `RestClient`"

Signed-off-by: patpatpat123 <43899031+patpatpat123@users.noreply.github.com>
2025-02-10 10:11:06 -06:00
Daniel Garnier-Moiroux
238f47ce5e One Time Token login registers the default login page
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-02-10 09:55:51 -06:00
Daniel Garnier-Moiroux
5ee6b83953 Introduce OneTimeTokenAuthenticationFilter
closes gh-16539

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-02-10 09:55:51 -06:00
dependabot[bot]
8e2a4bf356 Bump org.seleniumhq.selenium:htmlunit3-driver from 4.27.0 to 4.28.0
Bumps [org.seleniumhq.selenium:htmlunit3-driver](https://github.com/SeleniumHQ/htmlunit-driver) from 4.27.0 to 4.28.0.
- [Release notes](https://github.com/SeleniumHQ/htmlunit-driver/releases)
- [Commits](https://github.com/SeleniumHQ/htmlunit-driver/compare/4.27.0...4.28.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:htmlunit3-driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-05 15:06:50 -08:00
Josh Cummings
8e19b8039c
Merge branch '6.4.x' 2025-02-05 15:49:20 -07:00
Max Batischev
9676739c88 TestServerOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-05 14:14:16 -07:00
Max Batischev
be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-05 14:14:16 -07:00
Josh Cummings
981e3fd779
Merge branch '6.4.x' 2025-02-05 13:59:12 -07:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation
Issue gh-16251
2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests
Issue gh-16251
2025-02-05 09:28:07 -07:00
DingHao
f7e0f7fa8a Polish OneTimeTokenLoginConfigurer
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-02-04 12:38:27 -07:00
github-actions[bot]
fc19bf8769 Merge branch '6.4.x' 2025-02-04 04:23:51 +00:00
github-actions[bot]
df2bc8f394 Merge branch '6.4.x' 2025-02-04 04:00:20 +00:00
dependabot[bot]
60f14c2df6 Bump io.rsocket:rsocket-bom from 1.1.4 to 1.1.5
Bumps [io.rsocket:rsocket-bom](https://github.com/rsocket/rsocket-java) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/rsocket/rsocket-java/releases)
- [Commits](https://github.com/rsocket/rsocket-java/compare/1.1.4...1.1.5)

---
updated-dependencies:
- dependency-name: io.rsocket:rsocket-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-03 19:57:07 -08:00
dependabot[bot]
e8e41e936f Bump io.freefair.gradle:aspectj-plugin from 8.12 to 8.12.1
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.12 to 8.12.1.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.12...8.12.1)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-03 19:55:43 -08:00
Steve Riesenberg
54a6a19e05 Polish gh-16214
This commit applies the following changes:

* Added local Content-Security-Policy with script-src nonce directive
* Removed form-redirect.js and associated changes
* Renamed to FormPostRedirectStrategy
* Removed HtmlUtils usage
* Moved to same package as DefaultRedirectStrategy
2025-02-03 14:52:30 -06:00
Craig Andrews
58534e7f60 Add FormRedirectStrategy to enable POST OIDC Logout
FormRedirectStrategy redirects using an autosubmitting HTML form using the POST method versus DefaultRedirectStrategy which redirects using the GET method.

Can be used to implement POST binding for relying party initiated OIDC logout by setting FormRedirectStrategy as the redirection strategy on OidcClientInitiatedLogoutSuccessHandler.

Closes gh-13002

Signed-off-by: Craig Andrews <candrews@integralblue.com>
2025-02-03 14:52:30 -06:00
Josh Cummings
e63ef3cdc4
Merge branch '6.4.x' 2025-02-03 12:35:53 -07:00
dae won
6a94a294ea Lazily compose debug message in AbstractUserDetailsAuthenticationProvider
Closes gh-16495

Signed-off-by: dae won <eodnjs01477@gmail.com>
2025-02-03 12:27:49 -07:00
Max Batischev
61d92e9db9 Fix assertion message in DefaultGenerateOneTimeTokenRequestResolver
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-03 12:15:20 -07:00
Josh Cummings
b98ece3e03
Clarify Commit Message Guideline
We typically use imperative; however, this can feel unnatural on occasion.
For example 'S101 Depends On Assemble' would sound unnatural as 'S101 Depend On Assemble'
2025-02-03 11:31:54 -07:00
Josh Cummings
6730167445
Correct Link Anchor Syntax 2025-02-03 10:33:23 -07:00
Josh Cummings
0f8e1936ff
Merge branch '6.4.x' 2025-02-03 10:19:31 -07:00
Josh Cummings
5efc60d380
Merge branch '6.4.x' 2025-02-03 10:13:37 -07:00
Steve Riesenberg
b32f4f1afc Polish gh-16502 2025-02-03 09:21:53 -06:00
earlgrey02
1fa1848f9f Add HttpStatusAccessDeniedHandler
Signed-off-by: earlgrey02 <san06036@naver.com>
2025-02-03 09:21:53 -06:00
github-actions[bot]
22605be60e Merge branch '6.4.x' 2025-02-03 04:16:01 +00:00
github-actions[bot]
043ec05334 Merge branch '6.4.x' 2025-02-03 04:14:47 +00:00
dependabot[bot]
df1b3032c7 Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.28.4.RELEASE to 0.28.5.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.28.4.RELEASE...0.28.5.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-02 19:53:23 -08:00
dependabot[bot]
330489e04a Bump org.hibernate.orm:hibernate-core from 6.6.5.Final to 6.6.6.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.5.Final to 6.6.6.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.6/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.5...6.6.6)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-02 19:52:02 -08:00
github-actions[bot]
db41f7e1ca Merge branch '6.4.x' 2025-02-03 00:53:13 +00:00
dependabot[bot]
e5583de8de Bump @springio/asciidoctor-extensions in /docs
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.14 to 1.0.0-alpha.16.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.14...v1.0.0-alpha.16)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-02 16:26:12 -08:00
Rob Winch
10394c8f2a
OTT Tests use Mocks Instead of Comparing Expires
Previously, expires was compared to test if a custom implementations
were used. Now the tests verify this through mocks.

Closes gh-16515
2025-01-31 16:47:50 -06:00
Christian
b56650100a
Removes the use of StringUtils from DelegatingPasswordEncoder
Closes gh-16442

Signed-off-by: Christian Hösel <ChristianHoesel@users.noreply.github.com>
2025-01-31 15:43:24 -06:00
dependabot[bot]
2aa2e646d4 Bump com.google.code.gson:gson from 2.12.0 to 2.12.1
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.12.0 to 2.12.1.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.12.0...gson-parent-2.12.1)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-30 19:33:34 -08:00
tejas-teju
e724ea16a4 Update UsernameNotFoundException message
Closes gh-16497

Signed-off-by: tejas-teju <tejas8196@gmail.com>
2025-01-30 18:25:52 -07:00
Josh Cummings
5af4b9a2ad
Merge branch '6.4.x' 2025-01-30 18:06:01 -07:00
Josh Cummings
4b5bacf71a
Make Saml2AuthenticationToken Serializable
Issue gh-16286
2025-01-30 18:05:17 -07:00
Tran Ngoc Nhan
e50415de85
Make RelyingPartyRegistration Serializable
Closes gh-16286
2025-01-30 17:45:41 -07:00
guesshe
67c1438282
Update settings.gradle
Closes gh-16322

Signed-off-by: guesshe <42242590+guesshe@users.noreply.github.com>
2025-01-30 13:51:40 -06:00
dependabot[bot]
cb16f48041 Bump com.google.code.gson:gson from 2.11.0 to 2.12.0
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.11.0...gson-parent-2.12.0)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-29 19:28:39 -08:00
Josh Cummings
174f17e8a7
Merge branch '6.4.x' 2025-01-27 16:36:56 -07:00
Josh Cummings
7030a62c76
Merge branch '6.4.x' 2025-01-24 11:48:13 -07:00
Josh Cummings
6707b06fcc
Merge branch '6.4.x' 2025-01-24 11:31:53 -07:00
Josh Cummings
351f6c9a1e
Merge branch '6.4.x' 2025-01-24 11:26:09 -07:00
dependabot[bot]
5d9011b745 Bump org.seleniumhq.selenium:selenium-java from 4.28.0 to 4.28.1
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.28.0 to 4.28.1.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-23 19:39:59 -08:00
dependabot[bot]
abd7e2160b Bump com.github.ben-manes:gradle-versions-plugin from 0.51.0 to 0.52.0
Bumps com.github.ben-manes:gradle-versions-plugin from 0.51.0 to 0.52.0.

---
updated-dependencies:
- dependency-name: com.github.ben-manes:gradle-versions-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-23 19:39:26 -08:00
Rob Winch
5bc443a095
Make PublicKeyCredentialRequestOptions Serializable
Closes gh-16438
2025-01-23 20:13:23 -06:00
Rob Winch
a841737941
Use credPropsField.getType()
Using the type from a field retains generics information.

Issue gh-16432
2025-01-23 20:13:11 -06:00
Max Batischev
c7bc4c98db
Make PublicKeyCredentialRequestOptions Serializable
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-23 20:13:10 -06:00
Josh Cummings
e1a42db845
Merge branch '6.4.x' 2025-01-23 17:03:53 -07:00
Rob Winch
177ce59a4b
Merge branch '6.4.x'
Implement Serializable for WebAuthnAuthentication

Closes gh-16474
2025-01-23 14:12:30 -06:00
Rob Winch
f8132018d5
Merge branch '6.4.x'
TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable

Closes gh-16472
2025-01-23 12:45:09 -06:00
dependabot[bot]
09b6e4c325 Bump org.htmlunit:htmlunit from 4.8.0 to 4.9.0
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.8.0 to 4.9.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.8.0...4.9.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-22 19:52:06 -08:00
dependabot[bot]
eb8dd88199 Bump io.freefair.gradle:aspectj-plugin from 8.11 to 8.12
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.11 to 8.12.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.11...8.12)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-22 19:51:53 -08:00
Steve Riesenberg
4f860a5481
Merge branch '6.4.x'
# Conflicts:
#	config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
2025-01-22 17:30:29 -06:00
Max Batischev
474b5e151a Add Support GenerateOneTimeTokenRequestResolver
Closes gh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-22 17:09:55 -06:00
Rob Winch
68c8a5ad99
Remove debug test
Issue gh-16443
2025-01-22 16:11:25 -06:00
Rob Winch
dddab8e356
Merge branch '6.4.x'
Closes gh-16465
2025-01-22 16:04:19 -06:00
Rob Winch
6149489b70
Merge branch '6.4.x'
fix flakey test in WebAuthnWebDriverTests

Closes gh-16464
2025-01-22 14:46:05 -06:00
Rob Winch
4ee9358900
Add serializeAndDeserializeAreEqual
Checks that serialization/deserialization can be performed.

Issue gh-16443
2025-01-22 14:06:11 -06:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-01-21 18:14:52 -06:00
Rob Winch
5da7f0e9f1
Merge branch '6.4.x'
checkstyleNohttp maxHeapSize=1g
2025-01-21 15:13:36 -06:00
Rob Winch
081dee042e
Merge branch '6.4.x'
Add TestBytes

Closes gh-16462
2025-01-21 15:12:49 -06:00
Max Batischev
80e8e14500 Add GenerateOneTimeTokenFilterTests 2025-01-21 10:59:57 -06:00
dependabot[bot]
b555593904 Bump org.seleniumhq.selenium:selenium-java from 4.27.0 to 4.28.0
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.27.0 to 4.28.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.27.0...selenium-4.28.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-20 20:14:50 -08:00
github-actions[bot]
d5c2b6b3c9 Next development version 2025-01-20 15:50:53 +00:00
github-actions[bot]
9ec4dfa1a2 Release 6.5.0-M1 2025-01-20 15:28:02 +00:00
github-actions[bot]
3edb01c6df Merge branch '6.4.x' 2025-01-20 04:17:23 +00:00
github-actions[bot]
41565c5811 Merge branch '6.4.x' 2025-01-20 03:53:17 +00:00
dependabot[bot]
a23b8c5861 Bump org.assertj:assertj-core from 3.27.2 to 3.27.3
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.2 to 3.27.3.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.2...assertj-build-3.27.3)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-19 19:23:32 -08:00
dependabot[bot]
a02f0136cc Bump org.springframework.data:spring-data-bom from 2024.1.1 to 2024.1.2
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.1 to 2024.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.1...2024.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-19 19:22:44 -08:00
dependabot[bot]
88ce68cb06 Bump org.hibernate.orm:hibernate-core from 6.6.4.Final to 6.6.5.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.4.Final to 6.6.5.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.5/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.4...6.6.5)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-19 19:22:35 -08:00
Rob Winch
d3332e1956
Document JDBC Persistence for WebAuthn
Issue gh-16282
2025-01-17 21:37:27 -06:00
Rob Winch
1f9845485c
Document custom HttpMessageConverter support for WebAuthn
Issue gh-16397
2025-01-17 21:08:16 -06:00
Rob Winch
a2abe3c33e
Add HttpMessageConverter WebAuthnDsl Support
Issue gh-16397
2025-01-17 21:07:46 -06:00
Rob Winch
683f1f4bc5
Set PublicKeyCredentialCreationOptionsRepository by DSL or Bean
Closes gh-16396
2025-01-17 20:52:01 -06:00
Rob Winch
718c90d7ad
Document PublicKeyCredentialCreationOptionsRepository
Issue gh-16396
2025-01-17 20:51:43 -06:00
Rob Winch
4314e68329
Add WebAuthenticationDsl.creationOptionsRepository
Issue gh-16396
2025-01-17 20:51:43 -06:00
Rob Winch
bea232237f
Fix whitespace 2025-01-17 20:51:43 -06:00
DingHao
f4491f388e
Set PublicKeyCredentialCreationOptionsRepository by DSL or Bean
Closes gh-16369

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-01-17 18:57:08 -06:00
Rob Winch
4dc1dcbf24
WebAuthnConfigurer Supports HttpMessageConverter
Closes gh-16397
2025-01-17 18:29:40 -06:00
Rob Winch
5462b4c358
webauthnWhenConfiguredMessageConverter uses mock
Issue gh-16397
2025-01-17 18:29:23 -06:00
Rob Winch
0d4f786484
Fix WebAuthnConfigurer Javadoc
Issue gh-16397
2025-01-17 18:29:23 -06:00
DingHao
8181cec06c
Set HttpMessageConverter by DSL
Closes gh-16369

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-01-17 18:29:23 -06:00
Rob Winch
4fc99aa9e1
Add ClientRegistration.clientSettings.requireProofKey
Setting ClientRegistration.clientSettings.requireProofKey=true will
enable PKCE for clients using authorization_code grant type.

Closes gh-16386
2025-01-17 17:27:04 -06:00
Rob Winch
85d7cc1335
Document requireProofKey
Issue gh-16386
2025-01-17 17:26:48 -06:00
Rob Winch
004f38639d
Move ClientSettings to ClientRegistration
Initially it was proposed to put ClientSettings as a top level class, but
to be consistent with ProviderDetails, this commit moves ClientSettings to
be an inner class of ClientRegistration

Issue gh-16382


# Conflicts:
#	oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java
2025-01-17 17:26:48 -06:00
Rob Winch
4c533569bb
Ensure missing ClientRegistration.clientSettings JSON node works
Issue gh-16382
2025-01-17 17:26:48 -06:00
Rob Winch
f9498d3885
PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE
PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the
code should validate this.

Issue gh-16382
2025-01-17 17:26:47 -06:00
Rob Winch
ab629cc1ca
Add AuthorizationGrantType.toString()
This adds AuthorizationGrantType.toString() which makes debuging easier.
In particular, it will help when performing unit tests which validate the
AuthorizationGrantType.

Issue gh-16382
2025-01-17 17:26:47 -06:00
Rob Winch
b0a4dcb89e
ClientSettings equals, hashCode, toString
Issue gh-16382
2025-01-17 17:26:47 -06:00
Rob Winch
2665a92107
Ensure that ClientSettings cannot be null
This ensures that ClientRegistration.Builder.ClientSettings cannot be null.
This has a slight advantage in terms of null safety to making this check
happen in the build method since the Builder does not have a null field
either.

Issue gh-16382
2025-01-17 17:26:47 -06:00
Rob Winch
0ed7b18f42
DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support
When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver
enables PKCE support.

Issue gh-16382
2025-01-17 17:26:46 -06:00
DingHao
8d3e0844c5
Add ClientRegistration.clientSettings.requireProofKey to Enable PKCE
Closes gh-16382

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-01-17 17:26:46 -06:00
Rob Winch
8acd1d3f51
Fix checkstyleNohttp OutOfMemoryError 2025-01-17 17:26:46 -06:00
Josh Cummings
c2a5709e0f
Merge branch '6.4.x' 2025-01-17 16:09:01 -07:00
Josh Cummings
9a3bbf8d00
Merge branch '6.4.x' 2025-01-17 14:17:16 -07:00
Rob Winch
fd0024730e
Merge branch '6.4.x'
Closes gh-16441
2025-01-17 08:45:39 -06:00
Rob Winch
b098739349
Case insenstive 2025-01-17 08:45:30 -06:00
github-actions[bot]
d8783b30d9 Merge branch '6.4.x' 2025-01-17 04:01:38 +00:00
Josh Cummings
aea7f333f7
Document OpaqueTokenIntrospector Migration
Issue gh-15988
2025-01-16 20:41:56 -07:00
dependabot[bot]
d3fe73fb92 Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.1...v6.2.2)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-16 19:24:21 -08:00
Josh Cummings
a5af8503df
Update OpaqueTokenIntrospector Documentation
Issue gh-15988
2025-01-16 16:46:46 -07:00
Tran Ngoc Nhan
aced3bcf16 Encode Introspection clientId and clientSecret
Closes gh-15988

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-01-16 16:32:01 -07:00
Marco Haase
7c4448c588 Fix broken link to MockMvc documentation
Link to Test chapter of Spring Framework documentation is broken,
this commit fixes it.

Signed-off-by: Marco Haase <marco.haase@de.bosch.com>
2025-01-16 16:30:47 -07:00
2-say
33ecb443ea Suggest replacing size() == 0 with isEmpty() for collection check
Consider using isEmpty() instead of size() == 0 to improve code readability
and follow modern Java practices.

Signed-off-by: 2-say <dev2say@gmail.com>
2025-01-16 16:27:50 -07:00
Max Batischev
17fb4d1c0d Fixed typo in WebAuthnDsl
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-16 14:33:57 -07:00
Josh Cummings
352a6a0d53
Add Breaking Change Section for 6.5
Issue gh-16422
2025-01-16 14:30:12 -07:00
DingHao
45f22a46e3 Use spring.security prefix instead of security.security
Closes gh-16422

Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-01-16 14:29:25 -07:00
Tran Ngoc Nhan
38006fea2c Fix broken link
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-01-16 14:24:07 -07:00
Max Batischev
ed3f3d17b2 Add support customizing redirect URI
Closes gh-14778
2025-01-16 14:14:11 -07:00
Josh Cummings
7b8ff72c4e
Fix MVC Documentation for Kotlin
Closes gh-16426
2025-01-15 17:45:05 -07:00
Josh Cummings
443af32314
Move Servlet Mocks to Web
Issue gh-13551
2025-01-15 17:32:58 -07:00
Josh Cummings
8827b2e564
Polish Using Request ServletContext
Issue gh-14418
2025-01-15 17:27:08 -07:00
Josh Cummings
75a35793dc
Polish requestMatchers Logic
Issue gh-13551
2025-01-15 17:27:00 -07:00
Steve Riesenberg
ddca7dc629
Merge branch '6.4.x'
Closes gh-16425
2025-01-15 11:47:18 -06:00
github-actions[bot]
c78ac116f9 Merge branch '6.4.x' 2025-01-15 04:02:08 +00:00
github-actions[bot]
1cb775ba0b Merge branch '6.4.x' 2025-01-15 03:59:51 +00:00
dependabot[bot]
25109cffb5 Bump io.projectreactor:reactor-bom from 2023.0.13 to 2023.0.14
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.13 to 2023.0.14.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.13...2023.0.14)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-14 19:50:24 -08:00
dependabot[bot]
360c6b3c80 Bump org-bouncycastle from 1.79 to 1.80
Bumps `org-bouncycastle` from 1.79 to 1.80.

Updates `org.bouncycastle:bcpkix-jdk18on` from 1.79 to 1.80
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

Updates `org.bouncycastle:bcprov-jdk18on` from 1.79 to 1.80
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

---
updated-dependencies:
- dependency-name: org.bouncycastle:bcpkix-jdk18on
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.bouncycastle:bcprov-jdk18on
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-14 19:50:03 -08:00
Josh Cummings
6019803064
Merge branch '6.4.x' 2025-01-14 18:38:14 -07:00
Josh Cummings
acd1bb1777
Merge branch '6.4.x' 2025-01-14 17:35:45 -07:00
Josh Cummings
0af4cdbf5c
Merge branch '6.4.x' 2025-01-14 17:05:21 -07:00
Josh Cummings
8035815e56
Merge branch '6.4.x' 2025-01-14 16:29:06 -07:00
Josh Cummings
28644aa966
Merge branch '6.4.x' 2025-01-14 16:17:34 -07:00
dependabot[bot]
a11944e19a Bump io.micrometer:micrometer-observation from 1.14.2 to 1.14.3
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.2 to 1.14.3.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.2...v1.14.3)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-13 20:18:15 -08:00
github-actions[bot]
1d688a9ea3 Merge branch '6.4.x' 2025-01-14 04:01:02 +00:00
Max Batischev
7fae738a9b Add support fullyAuthenticated to Kotlin DSL
Closes gh-16162
2025-01-13 17:03:14 -07:00
Rob Winch
bb38fd3483 Merge branch '6.4.x'
Closes gh-16409
2025-01-13 17:33:32 -06:00
Steve Riesenberg
071e414bbc
Update release-scheduler.yml
Remove 5.8.x and 6.2.x branches from release-scheduler.yml

Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
2025-01-13 09:41:43 -06:00
github-actions[bot]
b63e8f50a5 Merge branch '6.4.x' 2025-01-13 04:35:17 +00:00
Muhammad N. Fadhil
b7b915d7c9 Improved sentence phrasing in the docs. 2025-01-12 22:25:22 -06:00
Muhammad N. Fadhil
a78e888ce0 Fixed grammatical mistakes in the docs. 2025-01-12 22:25:22 -06:00
Muhammad N. Fadhil
fdd50ca3bf Fixed a grammatical mistake in the docs. 2025-01-12 22:25:22 -06:00
Rob Winch
85b854c61c Merge branch '6.4.x'
- Fix Kotlin DSL webAuthn { }
- Add Support disableDefaultRegistrationPage to WebAuthnDsl

Closes gh-16403
Closes gh-16404
2025-01-12 22:17:10 -06:00
dependabot[bot]
cc481a1bb3 Bump org.htmlunit:htmlunit from 4.7.0 to 4.8.0
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.7.0 to 4.8.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.7.0...4.8.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-12 20:14:56 -08:00
dependabot[bot]
05b63cfed9 Bump io.mockk:mockk from 1.13.14 to 1.13.16
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.14 to 1.13.16.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.14...1.13.16)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-12 20:14:44 -08:00
github-actions[bot]
3f84500fe8 Merge branch '6.4.x' 2025-01-13 04:09:13 +00:00
Max Batischev
bf9b95a481 Add Support OAuth2AuthorizationRequestResolver As Bean
Closes gh-16380

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-10 16:25:03 -06:00
Rob Winch
72a2831f76 CustomBeanPostProcessor -> CountHttpSecurityBeanPostProcessor
Issue gh-16370

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
2025-01-09 17:23:58 -06:00
DingHao
c631afcf5b Avoid unnecessary instantiation of HttpSecurity when a SecurityFilterChain bean is provided
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-01-09 17:23:58 -06:00
DingHao
6cfc372f70 Polish remove unused code
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-01-09 14:27:22 -06:00
Simão Gomes Viana
980564838d method-security: fix invalid Kotlin syntax
val/var on function parameters is invalid Kotlin syntax. It has been removed quite some time ago. This change updates the method-security page to reflect that.

Signed-off-by: Simão Gomes Viana <simao.gomes@toowoxx.de>
2025-01-08 09:53:42 -06:00
mskim
0e3cfd1efb Fix logout code snippet for Kotlin: Corrected deleteCookies syntax 2025-01-07 15:36:52 -06:00
Meehdi
e67b5f8356 Fix incorrect rendering of SpEL expression example tabs 2025-01-07 15:29:17 -06:00
Tran Ngoc Nhan
5fdacef398 Remove obsolete typo in OAuth 2.0 Client page 2025-01-07 14:05:45 -06:00
Mehdi Rahimi
29997d8980 Change deprecated FilterSecurityInterceptor to AuthorizationFilter with a link to authorization page. 2025-01-07 13:35:01 -06:00
DingHao
5937ba9a06 Polish use getBeanProvider instead of getBeanNamesForType 2025-01-07 13:20:39 -06:00
wndyd
4bc6e5b9d2 Fix missing space in documentation 2025-01-07 11:40:31 -06:00
dependabot[bot]
86d5e28876 Bump org.assertj:assertj-core from 3.27.1 to 3.27.2
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.1 to 3.27.2.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.1...assertj-build-3.27.2)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-07 09:38:59 -08:00
Rob Winch
34342c316e CLA -> DCO 2025-01-06 16:33:11 -06:00
dependabot[bot]
d28190bd6e Bump ch.qos.logback:logback-classic from 1.5.15 to 1.5.16
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.15 to 1.5.16.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.15...v_1.5.16)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-05 20:02:01 -08:00
github-actions[bot]
5e473de563 Merge branch '6.4.x' 2025-01-06 04:00:18 +00:00
github-actions[bot]
7dea299cb7 Merge branch '6.4.x' 2025-01-06 03:55:46 +00:00
dependabot[bot]
8eee71a0a0 Bump org.mockito:mockito-bom from 5.14.2 to 5.15.2
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.14.2 to 5.15.2.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.14.2...v5.15.2)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-02 19:37:23 -08:00
dependabot[bot]
f1f79b4702 Bump org.assertj:assertj-core from 3.27.0 to 3.27.1
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.0...assertj-build-3.27.1)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-01 19:56:10 -08:00
dependabot[bot]
e8597c126b Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.28.3.RELEASE to 0.28.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.28.3.RELEASE...0.28.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-01 19:54:32 -08:00
github-actions[bot]
0145e3cb7e Merge branch '6.4.x' 2025-01-02 03:51:12 +00:00
dependabot[bot]
fe9edc8d22 Bump ch.qos.logback:logback-classic from 1.5.14 to 1.5.15
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.14 to 1.5.15.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.14...v_1.5.15)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-22 20:15:51 -08:00
dependabot[bot]
b6a5d1cca1 Bump io.mockk:mockk from 1.13.13 to 1.13.14
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.13 to 1.13.14.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.13...1.13.14)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-22 20:15:35 -08:00
dependabot[bot]
2aedf84077 Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.10.0 to 1.10.1
Bumps [org.jetbrains.kotlinx:kotlinx-coroutines-bom](https://github.com/Kotlin/kotlinx.coroutines) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md)
- [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.10.0...1.10.1)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-22 20:15:03 -08:00
github-actions[bot]
350071f5b7 Merge branch '6.4.x' 2024-12-23 04:02:03 +00:00
github-actions[bot]
a6f0a5d2b1 Merge branch '6.4.x' 2024-12-23 03:43:14 +00:00
Max Batischev
fd267dfb71 Add Support JdbcPublicKeyCredentialUserEntityRepository
Closes gh-16224
2024-12-20 16:54:51 -06:00
Max Batischev
7b07ef5ff3 Add Support JdbcUserCredentialRepository
Closes gh-16224
2024-12-20 16:54:51 -06:00
Max Batischev
38523faaa0 Remove Unused loggers
Closes gh-16319
2024-12-20 16:51:38 -06:00
dependabot[bot]
c72359bf4b Bump org.assertj:assertj-core from 3.26.3 to 3.27.0
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.26.3 to 3.27.0.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.26.3...assertj-build-3.27.0)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-19 20:14:04 -08:00
dependabot[bot]
82272dac25 Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.9.0 to 1.10.0
Bumps [org.jetbrains.kotlinx:kotlinx-coroutines-bom](https://github.com/Kotlin/kotlinx.coroutines) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md)
- [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.9.0...1.10.0)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-19 20:13:44 -08:00
dependabot[bot]
5c812d49ba Bump ch.qos.logback:logback-classic from 1.5.13 to 1.5.14
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.13 to 1.5.14.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.13...v_1.5.14)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-19 20:13:29 -08:00
github-actions[bot]
fd235dcc04 Merge branch '6.4.x' 2024-12-20 03:58:23 +00:00
github-actions[bot]
b29b385e0b Merge branch '6.4.x' 2024-12-20 03:43:02 +00:00
github-actions[bot]
95ec49a21d Support Meta-Annotation Parameters on Parameter Annotations
Closes gh-16248
2024-12-19 15:14:22 -07:00
Josh Cummings
9ae432f0d2 Add Filter Chain Validation Test
Issue gh-15982
2024-12-19 15:04:01 -07:00
Max Batischev
624a8fb252 Add Alerting About Deprecated Authorize Config
Closes gh-16213
2024-12-19 15:04:01 -07:00
Max Batischev
e257af8854 Add Support Same Request Matchers Checking
Closes gh-15982
2024-12-19 15:04:01 -07:00
Max Batischev
e9bdb5b96e Polish SecurityFilterChain Validation
Issue gh-15982
2024-12-19 15:04:01 -07:00
Josh Cummings
fa58ebbc0c
Merge branch '6.4.x' 2024-12-19 08:55:44 -07:00
dependabot[bot]
0c12677a66 Bump ch.qos.logback:logback-classic from 1.5.12 to 1.5.13
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.12 to 1.5.13.
- [Commits](https://github.com/qos-ch/logback/commits)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-18 20:09:07 -08:00
dependabot[bot]
a7f1a5ebc8 Bump org.hibernate.orm:hibernate-core from 6.6.3.Final to 6.6.4.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.3.Final to 6.6.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.4/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.3...6.6.4)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-18 20:08:55 -08:00
github-actions[bot]
be9e4fa26f Merge branch '6.4.x' 2024-12-19 04:03:27 +00:00
github-actions[bot]
03ad6e52d0 Merge branch '6.4.x' 2024-12-19 03:37:26 +00:00
Josh Cummings
1104b45832
Polish SessionLimit
- Move to the web.authentication.session package since it is only needed
by web.authentication.session elements and does not access any other web
element itself.
- Add Kotlin support
- Add documentation

Issue gh-16206
2024-12-18 18:32:28 -07:00
Claudenir Machado
1864577e98 Address SessionLimitStrategy
Closes gh-16206
2024-12-18 18:32:12 -07:00
Steve Riesenberg
6bc6946ad9
Make TokenType constructor public
Closes gh-16086
2024-12-18 16:51:47 -06:00
Steve Riesenberg
a7b6c63442
Polish gh-16087 2024-12-18 16:48:25 -06:00
ThomasKasene
9404aaf010
Added a constant for DPOP in OAuth2AccessToken.TokenType
Issue gh-14915
2024-12-18 16:44:38 -06:00
Josh Cummings
3eeb4317f6 Add setFavorRelativeUris
This places the new functionality behind a setting so that
we can remain passive until we can change the setting in
the next major release.

Issue gh-7273
2024-12-17 22:35:41 -07:00
Michal Okosy
7848b959da Use relative URLs in /login redirects
Closes gh-7273
2024-12-17 22:35:41 -07:00
Josh Cummings
25740db819
Merge branch '6.4.x' 2024-12-17 13:10:52 -07:00
Josh Cummings
d233b70285
Merge branch '6.4.x' 2024-12-17 09:37:01 -07:00
Josh Cummings
b9f3a28678 Add UserDetailsService Constructor
Closes gh-15973
2024-12-16 17:59:16 -07:00
Evgeniy Cheban
f45cc22e11 Allow configuring custom ServerHttpHeadersWriter for Kotlin DSL
Closes gh-16009
2024-12-16 17:54:04 -07:00
dependabot[bot]
12a6431496 Bump org.junit:junit-bom from 5.11.3 to 5.11.4
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.3 to 5.11.4.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-16 16:38:05 -08:00
dependabot[bot]
036f6f27bf Bump org.springframework.data:spring-data-bom from 2024.1.0 to 2024.1.1
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.0 to 2024.1.1.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.0...2024.1.1)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-16 11:49:52 -08:00
github-actions[bot]
a2176fe58c Merge branch '6.4.x' 2024-12-16 17:25:47 +00:00
Steve Riesenberg
5610b35a2f
Ignore updates to org.apache.directory.shared
Related gh-16277

[skip ci]
2024-12-16 11:10:38 -06:00
Steve Riesenberg
472d0e2f82
Merge branch '6.4.x' 2024-12-16 10:44:42 -06:00
github-actions[bot]
ec75622b30 Merge branch '6.4.x' 2024-12-16 03:48:39 +00:00
github-actions[bot]
6df0fbbe1b Merge branch '6.4.x' 2024-12-16 03:26:46 +00:00
Josh Cummings
a5b0304596
Move AnyRequest Validation
This will make way for other adding other checks

Issue gh-15982
2024-12-13 18:24:57 -07:00
Josh Cummings
c1f5eb3192
Merge branch '6.4.x' 2024-12-13 18:24:39 -07:00
Josh Cummings
9d02949fa9
Merge branch '6.4.x' 2024-12-13 16:58:17 -07:00
Josh Cummings
77f76f8465
Merge branch '6.4.x' 2024-12-13 11:53:51 -07:00
Rob Winch
a6354e5137 Merge branch '6.4.x'
Closes gh-16283
2024-12-13 10:10:21 -06:00
Rob Winch
5a81a1fe66 Merge branch '6.4.x' 2024-12-12 22:21:44 -06:00
github-actions[bot]
5f9b84a0ff Merge branch '6.4.x' 2024-12-13 04:07:33 +00:00
Rob Winch
2fcd305509 Increment to 6.5.0-SNAPSHOT
Closes gh-16221
2024-12-12 21:47:11 -06:00
4464 changed files with 49552 additions and 42560 deletions

2
.github/dco.yml vendored Normal file
View File

@ -0,0 +1,2 @@
require:
members: false

View File

@ -4,6 +4,58 @@ registries:
type: maven-repository type: maven-repository
url: https://repo.spring.io/milestone url: https://repo.spring.io/milestone
updates: updates:
- package-ecosystem: gradle
target-branch: 6.5.x
directory: /
schedule:
interval: daily
time: '03:00'
timezone: Etc/UTC
labels:
- 'type: dependency-upgrade'
registries:
- spring-milestones
ignore:
- dependency-name: com.nimbusds:nimbus-jose-jwt
- dependency-name: org.python:jython
- dependency-name: org.apache.directory.server:*
- dependency-name: org.apache.directory.shared:*
- dependency-name: org.junit:junit-bom
update-types:
- version-update:semver-major
- dependency-name: org.mockito:mockito-bom
update-types:
- version-update:semver-major
- dependency-name: '*'
update-types:
- version-update:semver-major
- version-update:semver-minor
- package-ecosystem: gradle
target-branch: 6.4.x
directory: /
schedule:
interval: daily
time: '03:00'
timezone: Etc/UTC
labels:
- 'type: dependency-upgrade'
registries:
- spring-milestones
ignore:
- dependency-name: com.nimbusds:nimbus-jose-jwt
- dependency-name: org.python:jython
- dependency-name: org.apache.directory.server:*
- dependency-name: org.apache.directory.shared:*
- dependency-name: org.junit:junit-bom
update-types:
- version-update:semver-major
- dependency-name: org.mockito:mockito-bom
update-types:
- version-update:semver-major
- dependency-name: '*'
update-types:
- version-update:semver-major
- version-update:semver-minor
- package-ecosystem: gradle - package-ecosystem: gradle
target-branch: 6.3.x target-branch: 6.3.x
directory: / directory: /
@ -19,6 +71,7 @@ updates:
- dependency-name: com.nimbusds:nimbus-jose-jwt - dependency-name: com.nimbusds:nimbus-jose-jwt
- dependency-name: org.python:jython - dependency-name: org.python:jython
- dependency-name: org.apache.directory.server:* - dependency-name: org.apache.directory.server:*
- dependency-name: org.apache.directory.shared:*
- dependency-name: org.junit:junit-bom - dependency-name: org.junit:junit-bom
update-types: update-types:
- version-update:semver-major - version-update:semver-major
@ -44,6 +97,7 @@ updates:
- dependency-name: com.nimbusds:nimbus-jose-jwt - dependency-name: com.nimbusds:nimbus-jose-jwt
- dependency-name: org.python:jython - dependency-name: org.python:jython
- dependency-name: org.apache.directory.server:* - dependency-name: org.apache.directory.server:*
- dependency-name: org.apache.directory.shared:*
- dependency-name: org.junit:junit-bom - dependency-name: org.junit:junit-bom
update-types: update-types:
- version-update:semver-major - version-update:semver-major
@ -57,6 +111,7 @@ updates:
- dependency-name: '*' - dependency-name: '*'
update-types: update-types:
- version-update:semver-major - version-update:semver-major
- version-update:semver-minor
- package-ecosystem: github-actions - package-ecosystem: github-actions
target-branch: 6.3.x target-branch: 6.3.x
@ -66,14 +121,8 @@ updates:
labels: labels:
- 'type: task' - 'type: task'
- 'in: build' - 'in: build'
- package-ecosystem: github-actions ignore:
target-branch: main - dependency-name: sjohnr/*
directory: /
schedule:
interval: weekly
labels:
- 'type: task'
- 'in: build'
- package-ecosystem: github-actions - package-ecosystem: github-actions
target-branch: docs-build target-branch: docs-build
directory: / directory: /

38
.github/workflows/check-snapshots.yml vendored Normal file
View File

@ -0,0 +1,38 @@
name: CI
on:
schedule:
- cron: '0 10 * * *' # Once per day at 10am UTC
workflow_dispatch: # Manual trigger
env:
DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
permissions:
contents: read
jobs:
snapshot-test:
name: Test Against Snapshots
uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1
strategy:
matrix:
include:
- java-version: 21-ea
toolchain: 21
- java-version: 17
toolchain: 17
with:
java-version: ${{ matrix.java-version }}
test-args: --refresh-dependencies -PforceMavenRepositories=snapshot,https://oss.sonatype.org/content/repositories/snapshots -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=7.+ -PreactorVersion=2025.+ -PspringDataVersion=2025.+ --stacktrace
secrets: inherit
send-notification:
name: Send Notification
needs: [ snapshot-test ]
if: ${{ !success() }}
runs-on: ubuntu-latest
steps:
- name: Send Notification
uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1
with:
webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }}

View File

@ -27,60 +27,24 @@ jobs:
java-version: ${{ matrix.jdk }} java-version: ${{ matrix.jdk }}
distribution: temurin distribution: temurin
secrets: inherit secrets: inherit
test:
name: Test Against Snapshots
uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1
strategy:
matrix:
include:
- java-version: 21-ea
toolchain: 21
- java-version: 17
toolchain: 17
with:
java-version: ${{ matrix.java-version }}
test-args: --refresh-dependencies -PforceMavenRepositories=snapshot -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=6.2.+ -PreactorVersion=2023.0.+ -PspringDataVersion=2024.0.+ --stacktrace
secrets: inherit
check-samples:
name: Check Samples
runs-on: ubuntu-latest
if: ${{ github.repository_owner == 'spring-projects' }}
steps:
- uses: actions/checkout@v4
- name: Set up gradle
uses: spring-io/spring-gradle-build-action@v2
with:
java-version: 17
distribution: temurin
- name: Check samples project
env:
LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos
SAMPLES_DIR: ../spring-security-samples
run: |
# Extract version from gradle.properties
version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}')
# Extract samplesBranch from gradle.properties
samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}')
./gradlew publishMavenJavaPublicationToLocalRepository
./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR"
./gradlew --refresh-dependencies --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" test integrationTest
deploy-artifacts: deploy-artifacts:
name: Deploy Artifacts name: Deploy Artifacts
needs: [ build, test, check-samples ] needs: [ build]
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1 uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1
with: with:
should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }} should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }}
default-publish-milestones-central: true
secrets: inherit secrets: inherit
deploy-docs: deploy-docs:
name: Deploy Docs name: Deploy Docs
needs: [ build, test, check-samples ] needs: [ build ]
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1 uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1
with: with:
should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }} should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }}
secrets: inherit secrets: inherit
deploy-schema: deploy-schema:
name: Deploy Schema name: Deploy Schema
needs: [ build, test, check-samples ] needs: [ build ]
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1 uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1
with: with:
should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }} should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }}
@ -92,7 +56,7 @@ jobs:
with: with:
should-perform-release: ${{ needs.deploy-artifacts.outputs.artifacts-deployed }} should-perform-release: ${{ needs.deploy-artifacts.outputs.artifacts-deployed }}
project-version: ${{ needs.deploy-artifacts.outputs.project-version }} project-version: ${{ needs.deploy-artifacts.outputs.project-version }}
milestone-repo-url: https://repo.spring.io/artifactory/milestone milestone-repo-url: https://repo1.maven.org/maven2
release-repo-url: https://repo1.maven.org/maven2 release-repo-url: https://repo1.maven.org/maven2
artifact-path: org/springframework/security/spring-security-core artifact-path: org/springframework/security/spring-security-core
slack-announcing-id: spring-security-announcing slack-announcing-id: spring-security-announcing

View File

@ -26,7 +26,7 @@ jobs:
java-version: '17' java-version: '17'
distribution: 'temurin' distribution: 'temurin'
- name: Set up Gradle - name: Set up Gradle
uses: gradle/gradle-build-action@v3 uses: gradle/gradle-build-action@v2
- name: Upgrade Wrappers - name: Upgrade Wrappers
run: ./gradlew clean upgradeGradleWrapperAll --continue -Porg.gradle.java.installations.auto-download=false run: ./gradlew clean upgradeGradleWrapperAll --continue -Porg.gradle.java.installations.auto-download=false
env: env:

View File

@ -11,7 +11,7 @@ jobs:
strategy: strategy:
matrix: matrix:
# List of active maintenance branches. # List of active maintenance branches.
branch: [ main, 6.3.x, 6.2.x, 5.8.x ] branch: [ main, 6.5.x, 6.4.x, 6.3.x ]
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout - name: Checkout

View File

@ -79,7 +79,10 @@ See https://github.com/spring-projects/spring-security/tree/main#building-from-s
The wiki pages https://github.com/spring-projects/spring-framework/wiki/Code-Style[Code Style] and https://github.com/spring-projects/spring-framework/wiki/IntelliJ-IDEA-Editor-Settings[IntelliJ IDEA Editor Settings] define the source file coding standards we use along with some IDEA editor settings we customize. The wiki pages https://github.com/spring-projects/spring-framework/wiki/Code-Style[Code Style] and https://github.com/spring-projects/spring-framework/wiki/IntelliJ-IDEA-Editor-Settings[IntelliJ IDEA Editor Settings] define the source file coding standards we use along with some IDEA editor settings we customize.
To format the code as well as check the style, run `./gradlew format check`. Additionally, since Streams are https://github.com/spring-projects/spring-security/issues/7154[much slower] than `for` loops, please use them judiciously.
The team may ask you to change to a `for` loop if the given code is along a hot path.
To format the code as well as check the style, run `./gradlew format && ./gradlew check`.
[[submit-a-pull-request]] [[submit-a-pull-request]]
=== Submit a Pull Request === Submit a Pull Request
@ -89,41 +92,30 @@ We are excited for your pull request! :heart:
Please do your best to follow these steps. Please do your best to follow these steps.
Don't worry if you don't get them all correct the first time, we will help you. Don't worry if you don't get them all correct the first time, we will help you.
[[sign-cla]] 1. [[sign-cla]] All commits must include a __Signed-off-by__ trailer at the end of each commit message to indicate that the contributor agrees to the Developer Certificate of Origin.
1. If you have not previously done so, please sign the https://cla.spring.io/sign/spring[Contributor License Agreement]. For additional details, please refer to the blog post https://spring.io/blog/2025/01/06/hello-dco-goodbye-cla-simplifying-contributions-to-spring[Hello DCO, Goodbye CLA: Simplifying Contributions to Spring].
You will be reminded automatically when you submit the PR. 2. [[create-an-issue-list]] Must you https://github.com/spring-projects/spring-security/issues/new/choose[create an issue] first? No, but it is recommended for features and larger bug fixes. It's easier discuss with the team first to determine the right fix or enhancement.
[[create-an-issue]]
1. Must you https://github.com/spring-projects/spring-security/issues/new/choose[create an issue] first? No, but it is recommended for features and larger bug fixes. It's easier discuss with the team first to determine the right fix or enhancement.
For typos and straightforward bug fixes, starting with a pull request is encouraged. For typos and straightforward bug fixes, starting with a pull request is encouraged.
Please include a description for context and motivation. Please include a description for context and motivation.
Note that the team may close your pull request if it's not a fit for the project. Note that the team may close your pull request if it's not a fit for the project.
[[choose-a-branch]] 3. [[choose-a-branch]] Always check out the branch indicated in the milestone and submit pull requests against it (for example, for milestone `5.8.3` use the `5.8.x` branch).
1. Always check out the branch indicated in the milestone and submit pull requests against it (for example, for milestone `5.8.3` use the `5.8.x` branch).
If there is no milestone, choose `main`. If there is no milestone, choose `main`.
Once merged, the fix will be forwarded-ported to applicable branches including `main`. Once merged, the fix will be forwarded-ported to applicable branches including `main`.
[[create-a-local-branch]] 4. [[create-a-local-branch]] Create a local branch
1. Create a local branch
If this is for an issue, consider a branch name with the issue number, like `gh-22276`. If this is for an issue, consider a branch name with the issue number, like `gh-22276`.
[[write-tests]] 5. [[write-tests]] Add documentation and JUnit Tests for your changes.
1. Add documentation and JUnit Tests for your changes. 6. [[update-copyright]] In all files you edited, if the copyright header is of the form 2002-20xx, update the final copyright year to the current year.
[[update-copyright]] 7. [[add-since]] If on `main`, add `@since` JavaDoc attributes to new public APIs that your PR adds
1. In all files you edited, if the copyright header is of the form 2002-20xx, update the final copyright year to the current year. 8. [[change-rnc]] If you are updating the XSD, please instead update the RNC file and then run `./gradlew :spring-security-config:rncToXsd`.
[[add-since]] 9. [[format-code]] For each commit, build the code using `./gradlew format && ./gradlew check`.
1. If on `main`, add `@since` JavaDoc attributes to new public APIs that your PR adds
[[change-rnc]]
1. If you are updating the XSD, please instead update the RNC file and then run `./gradlew :spring-security-config:rncToXsd`.
[[format-code]]
1. For each commit, build the code using `./gradlew format check`.
This command ensures the code meets most of <<code-style,the style guide>>; a notable exception is import order. This command ensures the code meets most of <<code-style,the style guide>>; a notable exception is import order.
[[commit-atomically]] 10. [[commit-atomically]] Choose the granularity of your commits consciously and squash commits that represent
1. Choose the granularity of your commits consciously and squash commits that represent
multiple edits or corrections of the same logical change. multiple edits or corrections of the same logical change.
See https://git-scm.com/book/en/Git-Tools-Rewriting-History[Rewriting History section of Pro Git] for an overview of streamlining the commit history. See https://git-scm.com/book/en/Git-Tools-Rewriting-History[Rewriting History section of Pro Git] for an overview of streamlining the commit history.
[[format-commit-messages]] 11. [[format-commit-messages]] Format commit messages using 55 characters for the subject line, 72 characters per line
1. Format commit messages using 55 characters for the subject line, 72 characters per line
for the description, followed by the issue fixed, for example, `Closes gh-22276`. for the description, followed by the issue fixed, for example, `Closes gh-22276`.
See the https://git-scm.com/book/en/Distributed-Git-Contributing-to-a-Project#Commit-Guidelines[Commit Guidelines section of Pro Git] for best practices around commit messages, and use `git log` to see some examples. See the https://git-scm.com/book/en/Distributed-Git-Contributing-to-a-Project#Commit-Guidelines[Commit Guidelines section of Pro Git] for best practices around commit messages, and use `git log` to see some examples.
Present tense is preferred. Favor imperative tense over present tense (use "Fix" instead of "Fixes"); avoid past tense (use "Fix" instead of "Fixed").
+ +
[indent=0] [indent=0]
---- ----

View File

@ -96,7 +96,11 @@ import org.springframework.util.StringUtils;
* All comparisons and prefixes are case sensitive. * All comparisons and prefixes are case sensitive.
* *
* @author Ben Alex * @author Ben Alex
* @deprecated please use {@link AclPermissionEvaluator} instead. Spring Method Security
* annotations may also prove useful, for example
* {@code @PreAuthorize("hasPermission(#id, ObjectsReturnType.class, read)")}
*/ */
@Deprecated
public class AclEntryVoter extends AbstractAclVoter { public class AclEntryVoter extends AbstractAclVoter {
private static final Log logger = LogFactory.getLog(AclEntryVoter.class); private static final Log logger = LogFactory.getLog(AclEntryVoter.class);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -20,6 +20,7 @@ import java.util.List;
import org.springframework.security.access.AfterInvocationProvider; import org.springframework.security.access.AfterInvocationProvider;
import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.acls.AclPermissionEvaluator;
import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl; import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl;
import org.springframework.security.acls.domain.SidRetrievalStrategyImpl; import org.springframework.security.acls.domain.SidRetrievalStrategyImpl;
import org.springframework.security.acls.model.Acl; import org.springframework.security.acls.model.Acl;
@ -39,7 +40,11 @@ import org.springframework.util.ObjectUtils;
* services. * services.
* *
* @author Ben Alex * @author Ben Alex
* @deprecated please use {@link AclPermissionEvaluator} instead. Spring Method Security
* annotations may also prove useful, for example
* {@code @PostAuthorize("hasPermission(filterObject, read)")}
*/ */
@Deprecated
public abstract class AbstractAclProvider implements AfterInvocationProvider { public abstract class AbstractAclProvider implements AfterInvocationProvider {
protected final AclService aclService; protected final AclService aclService;

View File

@ -26,6 +26,7 @@ import org.springframework.core.log.LogMessage;
import org.springframework.security.access.AccessDeniedException; import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.AuthorizationServiceException; import org.springframework.security.access.AuthorizationServiceException;
import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.acls.AclPermissionEvaluator;
import org.springframework.security.acls.model.AclService; import org.springframework.security.acls.model.AclService;
import org.springframework.security.acls.model.Permission; import org.springframework.security.acls.model.Permission;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -62,7 +63,11 @@ import org.springframework.security.core.Authentication;
* *
* @author Ben Alex * @author Ben Alex
* @author Paulo Neves * @author Paulo Neves
* @deprecated please use {@link AclPermissionEvaluator} instead. Spring Method Security
* annotations may also prove useful, for example
* {@code @PostFilter("hasPermission(filterObject, read)")}
*/ */
@Deprecated
public class AclEntryAfterInvocationCollectionFilteringProvider extends AbstractAclProvider { public class AclEntryAfterInvocationCollectionFilteringProvider extends AbstractAclProvider {
protected static final Log logger = LogFactory.getLog(AclEntryAfterInvocationCollectionFilteringProvider.class); protected static final Log logger = LogFactory.getLog(AclEntryAfterInvocationCollectionFilteringProvider.class);

View File

@ -27,6 +27,7 @@ import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor; import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.access.AccessDeniedException; import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.acls.AclPermissionEvaluator;
import org.springframework.security.acls.model.AclService; import org.springframework.security.acls.model.AclService;
import org.springframework.security.acls.model.Permission; import org.springframework.security.acls.model.Permission;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -59,7 +60,12 @@ import org.springframework.security.core.SpringSecurityMessageSource;
* granted and <code>null</code> will be returned. * granted and <code>null</code> will be returned.
* <p> * <p>
* All comparisons and prefixes are case sensitive. * All comparisons and prefixes are case sensitive.
*
* @deprecated please use {@link AclPermissionEvaluator} instead. Spring Method Security
* annotations may also prove useful, for example
* {@code @PostAuthorize("hasPermission(filterObject, read)")}
*/ */
@Deprecated
public class AclEntryAfterInvocationProvider extends AbstractAclProvider implements MessageSourceAware { public class AclEntryAfterInvocationProvider extends AbstractAclProvider implements MessageSourceAware {
protected static final Log logger = LogFactory.getLog(AclEntryAfterInvocationProvider.class); protected static final Log logger = LogFactory.getLog(AclEntryAfterInvocationProvider.class);

View File

@ -32,7 +32,9 @@ import org.springframework.core.log.LogMessage;
* *
* @author Ben Alex * @author Ben Alex
* @author Paulo Neves * @author Paulo Neves
* @deprecated please see {@code PostFilter}
*/ */
@Deprecated
class ArrayFilterer<T> implements Filterer<T> { class ArrayFilterer<T> implements Filterer<T> {
protected static final Log logger = LogFactory.getLog(ArrayFilterer.class); protected static final Log logger = LogFactory.getLog(ArrayFilterer.class);

View File

@ -31,7 +31,9 @@ import org.springframework.core.log.LogMessage;
* *
* @author Ben Alex * @author Ben Alex
* @author Paulo Neves * @author Paulo Neves
* @deprecated please see {@code PostFilter}
*/ */
@Deprecated
class CollectionFilterer<T> implements Filterer<T> { class CollectionFilterer<T> implements Filterer<T> {
protected static final Log logger = LogFactory.getLog(CollectionFilterer.class); protected static final Log logger = LogFactory.getLog(CollectionFilterer.class);

View File

@ -23,7 +23,9 @@ import java.util.Iterator;
* *
* @author Ben Alex * @author Ben Alex
* @author Paulo Neves * @author Paulo Neves
* @deprecated please use {@code PreFilter} and {@code @PostFilter} instead
*/ */
@Deprecated
interface Filterer<T> extends Iterable<T> { interface Filterer<T> extends Iterable<T> {
/** /**

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2013 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -100,8 +100,8 @@ public class JdbcAclService implements AclService {
@Override @Override
public List<ObjectIdentity> findChildren(ObjectIdentity parentIdentity) { public List<ObjectIdentity> findChildren(ObjectIdentity parentIdentity) {
Object[] args = { parentIdentity.getIdentifier().toString(), parentIdentity.getType() }; Object[] args = { parentIdentity.getIdentifier().toString(), parentIdentity.getType() };
List<ObjectIdentity> objects = this.jdbcOperations.query(this.findChildrenSql, args, List<ObjectIdentity> objects = this.jdbcOperations.query(this.findChildrenSql,
(rs, rowNum) -> mapObjectIdentityRow(rs)); (rs, rowNum) -> mapObjectIdentityRow(rs), args);
return (!objects.isEmpty()) ? objects : null; return (!objects.isEmpty()) ? objects : null;
} }

View File

@ -190,8 +190,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
* @return the primary key or null if not found * @return the primary key or null if not found
*/ */
protected Long createOrRetrieveClassPrimaryKey(String type, boolean allowCreate, Class idType) { protected Long createOrRetrieveClassPrimaryKey(String type, boolean allowCreate, Class idType) {
List<Long> classIds = this.jdbcOperations.queryForList(this.selectClassPrimaryKey, new Object[] { type }, List<Long> classIds = this.jdbcOperations.queryForList(this.selectClassPrimaryKey, Long.class, type);
Long.class);
if (!classIds.isEmpty()) { if (!classIds.isEmpty()) {
return classIds.get(0); return classIds.get(0);
@ -242,8 +241,8 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
* @return the primary key or null if not found * @return the primary key or null if not found
*/ */
protected Long createOrRetrieveSidPrimaryKey(String sidName, boolean sidIsPrincipal, boolean allowCreate) { protected Long createOrRetrieveSidPrimaryKey(String sidName, boolean sidIsPrincipal, boolean allowCreate) {
List<Long> sidIds = this.jdbcOperations.queryForList(this.selectSidPrimaryKey, List<Long> sidIds = this.jdbcOperations.queryForList(this.selectSidPrimaryKey, Long.class, sidIsPrincipal,
new Object[] { sidIsPrincipal, sidName }, Long.class); sidName);
if (!sidIds.isEmpty()) { if (!sidIds.isEmpty()) {
return sidIds.get(0); return sidIds.get(0);
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -109,7 +109,7 @@ public class JdbcAclServiceTests {
List<ObjectIdentity> result = new ArrayList<>(); List<ObjectIdentity> result = new ArrayList<>();
result.add(new ObjectIdentityImpl(Object.class, "5577")); result.add(new ObjectIdentityImpl(Object.class, "5577"));
Object[] args = { "1", "org.springframework.security.acls.jdbc.JdbcAclServiceTests$MockLongIdDomainObject" }; Object[] args = { "1", "org.springframework.security.acls.jdbc.JdbcAclServiceTests$MockLongIdDomainObject" };
given(this.jdbcOperations.query(anyString(), eq(args), any(RowMapper.class))).willReturn(result); given(this.jdbcOperations.query(anyString(), any(RowMapper.class), eq(args))).willReturn(result);
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 1L); ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 1L);
List<ObjectIdentity> objectIdentities = this.aclService.findChildren(objectIdentity); List<ObjectIdentity> objectIdentities = this.aclService.findChildren(objectIdentity);
assertThat(objectIdentities).hasSize(1); assertThat(objectIdentities).hasSize(1);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2025 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,6 @@
plugins { plugins {
id "java-gradle-plugin" id "java-gradle-plugin"
id "groovy-gradle-plugin"
id "java" id "java"
id "groovy" id "groovy"
} }
@ -63,6 +64,7 @@ configurations {
dependencies { dependencies {
implementation platform(libs.io.projectreactor.reactor.bom) implementation platform(libs.io.projectreactor.reactor.bom)
implementation libs.spring.nullability
implementation libs.com.google.code.gson.gson implementation libs.com.google.code.gson.gson
implementation libs.com.thaiopensource.trag implementation libs.com.thaiopensource.trag
implementation libs.net.sourceforge.saxon.saxon implementation libs.net.sourceforge.saxon.saxon
@ -76,6 +78,7 @@ dependencies {
implementation libs.com.github.spullara.mustache.java.compiler implementation libs.com.github.spullara.mustache.java.compiler
implementation libs.io.spring.javaformat.spring.javaformat.gradle.plugin implementation libs.io.spring.javaformat.spring.javaformat.gradle.plugin
implementation libs.io.spring.nohttp.nohttp.gradle implementation libs.io.spring.nohttp.nohttp.gradle
implementation libs.org.jetbrains.kotlin.kotlin.gradle.plugin
implementation (libs.net.sourceforge.htmlunit) { implementation (libs.net.sourceforge.htmlunit) {
exclude group: 'org.eclipse.jetty.websocket', module: 'websocket-client' exclude group: 'org.eclipse.jetty.websocket', module: 'websocket-client'
} }

View File

@ -1,5 +1,5 @@
@rem @rem
@rem Copyright 2015 the original author or authors. @rem Copyright 2004-present the original author or authors.
@rem @rem
@rem Licensed under the Apache License, Version 2.0 (the "License"); @rem Licensed under the Apache License, Version 2.0 (the "License");
@rem you may not use this file except in compliance with the License. @rem you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2019 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of
@ -79,4 +79,4 @@ public class DeployDocsPlugin implements Plugin<Project> {
} }
} }
} }
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2023 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -61,7 +61,7 @@ public class ManagementConfigurationPlugin implements Plugin<Project> {
PublishingExtension publishing = project.getExtensions().getByType(PublishingExtension.class); PublishingExtension publishing = project.getExtensions().getByType(PublishingExtension.class);
publishing.getPublications().withType(MavenPublication.class, (mavenPublication -> { publishing.getPublications().withType(MavenPublication.class, (mavenPublication -> {
mavenPublication.versionMapping((versions) -> mavenPublication.versionMapping((versions) ->
versions.allVariants(versionMapping -> versionMapping.fromResolutionResult()) versions.allVariants((versionMapping) -> versionMapping.fromResolutionResult())
); );
})); }));
}); });
@ -71,4 +71,4 @@ public class ManagementConfigurationPlugin implements Plugin<Project> {
})); }));
}); });
} }
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2018 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of
@ -80,6 +80,11 @@ class RepositoryConventionPlugin implements Plugin<Project> {
} }
url = 'https://repo.spring.io/release/' url = 'https://repo.spring.io/release/'
} }
forceMavenRepositories.findAll { it.startsWith('https://') || it.startsWith('file://') }.each { mavenUrl ->
maven {
url mavenUrl
}
}
} }
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2019 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -32,10 +32,13 @@ public class SchemaZipPlugin implements Plugin<Project> {
for (def key : schemas.keySet()) { for (def key : schemas.keySet()) {
def shortName = key.replaceAll(/http.*schema.(.*).spring-.*/, '$1') def shortName = key.replaceAll(/http.*schema.(.*).spring-.*/, '$1')
assert shortName != key assert shortName != key
def schemaResourceName = schemas.get(key)
File xsdFile = module.sourceSets.main.resources.find { File xsdFile = module.sourceSets.main.resources.find {
it.path.endsWith(schemas.get(key)) it.path.endsWith(schemaResourceName)
}
if (xsdFile == null) {
throw new IllegalStateException("Could not find schema file for resource name " + schemaResourceName + " in src/main/resources")
} }
assert xsdFile != null
schemaZip.into (shortName) { schemaZip.into (shortName) {
duplicatesStrategy 'exclude' duplicatesStrategy 'exclude'
from xsdFile.path from xsdFile.path

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2019 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of
@ -19,6 +19,7 @@ package io.spring.gradle.convention;
import org.gradle.api.Project import org.gradle.api.Project
import org.gradle.api.plugins.JavaLibraryPlugin; import org.gradle.api.plugins.JavaLibraryPlugin;
import org.gradle.api.plugins.PluginManager import org.gradle.api.plugins.PluginManager
import org.gradle.api.tasks.bundling.Jar
import org.springframework.gradle.classpath.CheckClasspathForProhibitedDependenciesPlugin; import org.springframework.gradle.classpath.CheckClasspathForProhibitedDependenciesPlugin;
import org.springframework.gradle.maven.SpringMavenPlugin; import org.springframework.gradle.maven.SpringMavenPlugin;
@ -41,6 +42,11 @@ class SpringModulePlugin extends AbstractSpringJavaPlugin {
if (!Utils.isRelease(project)) { if (!Utils.isRelease(project)) {
deployArtifacts.dependsOn project.tasks.artifactoryPublish deployArtifacts.dependsOn project.tasks.artifactoryPublish
} }
project.tasks.withType(Jar) {
from(project.rootProject.files('LICENSE.txt')) {
into('META-INF')
}
}
} }
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2017 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -0,0 +1,17 @@
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
plugins {
id 'kotlin'
}
project.plugins.withId("org.jetbrains.kotlin.jvm", (kotlinProject) -> {
project.tasks.withType(KotlinCompile).configureEach {
kotlinOptions {
languageVersion = '2.2'
apiVersion = '2.2'
freeCompilerArgs = ["-Xjsr305=strict", "-Xsuppress-version-warnings"]
jvmTarget = '17'
}
}
})

View File

@ -0,0 +1,3 @@
plugins {
id 'io.spring.nullability'
}

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2012-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -81,9 +81,6 @@ public class CheckClasspathForProhibitedDependencies extends DefaultTask {
if (group.startsWith("javax")) { if (group.startsWith("javax")) {
return true; return true;
} }
if (group.equals("commons-logging")) {
return true;
}
if (group.equals("org.slf4j") && id.getName().equals("jcl-over-slf4j")) { if (group.equals("org.slf4j") && id.getName().equals("jcl-over-slf4j")) {
return true; return true;
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2012-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2012-2022 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2019 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may not * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of * use this file except in compliance with the License. You may obtain a copy of

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2004-present the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

Some files were not shown because too many files have changed in this diff Show More