Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Spring Security
10,319 Commits 32 Branches 333 Tags 111 MiB
Java 94.5%
Kotlin 4.8%
JavaScript 0.3%
Groovy 0.2%
Go to file
Rob Winch 666f175225 LazyCsrfTokenRepository#loadToken Supports Deferring Delegation 
Previously LazyCsrfTokenRepository supported lazily saving the CsrfToken
which allowed for lazily saving the CsrfToken. However, it did not
support lazily reading the CsrfToken. This meant every request required
reading the CsrfToken (often the HttpSession).

This commit allows for lazily reading the CsrfToken and thus prevents
unnecessary reads to the HttpSession.

Closes gh-11700
 		2022-08-15 17:07:02 -05:00
.github Skip workflows on forks of spring-security 2022-07-28 15:07:02 -05:00
.idea Fix checkstyle rules could not be parsed 2020-11-23 14:33:18 -05:00
acl Use SecurityContextHolderStrategy for ACL 2022-06-28 08:05:15 -06:00
aspects Update aspectj-plugin to 6.3.0 2021-11-16 12:52:42 -06:00
bom fix bom 2021-05-17 22:29:45 -05:00
buildSrc GitHubMilestoneApiTests due_on Uses LocalDate 2022-08-15 13:01:58 -05:00
cas Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
config NamespaceLdapAuthenticationProviderTests use Dynamic Port 2022-08-15 15:26:12 -05:00
core Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer 2022-07-14 12:48:39 -06:00
crypto Correct input validation for 31 rounds 2022-07-11 14:06:15 -06:00
data Use SecurityContextHolderStrategy for Data 2022-06-27 16:35:02 -06:00
dependencies Update spring-ldap-core to 2.4.1 2022-07-15 12:42:57 -05:00
docs Next development version 2022-08-15 16:14:19 +00:00
etc Exclude JavadocPackageCheck from Spring Checks 2022-07-15 13:03:45 -05:00
gradle/wrapper Update to Gradle 7.3 2021-11-10 11:35:49 -03:00
itest Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
ldap Use SecurityContextHolderStrategy for Ldap 2022-06-27 15:55:27 -06:00
messaging Use SecurityContextHolderStrategy for Messaging 2022-06-27 15:55:28 -06:00
oauth2 Allow customization of redirect strategy 2022-08-08 15:35:49 -05:00
openid Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
remoting Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
rsocket Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
saml2/saml2-service-provider Add hash-based Content-Security-Policy for SAML pages 2022-07-27 17:59:42 -06:00
scripts Exclude duplicate issues from changelog 2022-04-20 09:02:55 -03:00
taglibs Use SecurityContextHolderStrategy for Taglibs 2022-06-27 17:45:01 -06:00
test Add SecurityContextHolderStrategy Test Support 2022-06-27 13:02:11 -06:00
web LazyCsrfTokenRepository#loadToken Supports Deferring Delegation 2022-08-15 17:07:02 -05:00
.editorconfig Fixed link in .editorconfig 2021-10-13 15:36:10 -06:00
.gitattributes Install Structure101 Plugin 2021-09-27 14:56:03 -06:00
.gitignore Ignore Lock Files 2020-02-07 13:59:05 -06:00
.sdkmanrc Add .sdkmanrc 2022-02-18 13:48:05 -06:00
CONTRIBUTING.adoc master->main 2021-04-26 16:55:43 -05:00
LICENSE.txt Add LICENSE.txt 2020-04-15 16:44:13 -05:00
README.adoc Fix README local Maven install command 2021-07-07 12:01:57 +02:00
RELEASE.adoc Document sagan Release tasks require read:org scope 2022-06-21 14:47:46 -05:00
build.gradle Update aspectj-plugin to 6.5.0.3 2022-07-15 12:40:07 -05:00
class_mapping_from_2.0.x.txt SEC-1148: Simple classname mapping from 2.0 to 3.0 2009-12-02 22:44:30 +00:00
gradle.properties Next development version 2022-08-15 16:14:19 +00:00
gradlew Update to Gradle 7.3 2021-11-10 11:35:49 -03:00
gradlew.bat Update to Gradle 6.6.1 2020-10-12 17:41:16 -06:00
local-antora-playbook.yml Add spring-security-docs-generated to local-antora-playbook.yml 2021-09-23 15:50:14 -05:00
notice.txt URL Cleanup 2019-03-19 23:53:23 -05:00
settings.gradle Bump up Gradle plugin dependencies 2022-01-18 13:40:58 +01:00

README.adoc 

image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]

image:https://github.com/spring-projects/spring-security/workflows/CI/badge.svg?branch=main["Build Status", link="https://github.com/spring-projects/spring-security/actions?query=workflow%3ACI"]

image:https://img.shields.io/badge/Revved%20up%20by-Gradle%20Enterprise-06A0CE?logo=Gradle&labelColor=02303A["Revved up by Gradle Enterprise", link="https://ge.spring.io/scans?search.rootProjectNames=spring-security"]

= Spring Security

Spring Security provides security services for the https://docs.spring.io[Spring IO Platform]. Spring Security 5.0 requires Spring 5.0 as
a minimum and also requires Java 8.

For a detailed list of features and access to the latest release, please visit https://spring.io/projects[Spring projects].

== Code of Conduct
Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct]

== Downloading Artifacts
See https://docs.spring.io/spring-security/site/docs/current/reference/html5/#getting[Getting Spring Security] for how to obtain Spring Security.

== Documentation
Be sure to read the https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference].
Extensive JavaDoc for the Spring Security code is also available in the https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API Documentation].

== Quick Start
See https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-hello[Hello Spring Security] to get started with a "Hello, World" application.

== Building from Source
Spring Security uses a https://gradle.org[Gradle]-based build system.
In the instructions below, https://vimeo.com/34436402[`./gradlew`] is invoked from the root of the source tree and serves as
a cross-platform, self-contained bootstrap mechanism for the build.

=== Prerequisites
https://help.github.com/set-up-git-redirect[Git] and the https://www.oracle.com/technetwork/java/javase/downloads[JDK11 build].

Be sure that your `JAVA_HOME` environment variable points to the `jdk-11` folder extracted from the JDK download.

=== Check out sources
[indent=0]
----
git clone git@github.com:spring-projects/spring-security.git
----

=== Install all spring-\* jars into your local Maven cache
[indent=0]
----
./gradlew publishToMavenLocal
----

=== Compile and test; build all jars, distribution zips, and docs
[indent=0]
----
./gradlew build
----

Discover more commands with `./gradlew tasks`.
See also the https://github.com/spring-projects/spring-framework/wiki/Gradle-build-and-release-FAQ[Gradle build and release FAQ].

== Getting Support
Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow].
https://spring.io/services[Commercial support] is available too.

== Contributing
https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/main/CONTRIBUTING.adoc[contributor guidelines] for details.

== License
Spring Security is Open Source software released under the
https://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].