spring-security

Commit Graph

Author	SHA1	Message	Date
Joe Grandja	a7bf8f7cc6	Require Locale argument for toLower/toUpperCase usage	1 year ago
Joe Grandja	0eaffb37e7	Require Locale argument for toLower/toUpperCase usage	1 year ago
DingHao	1399a82ea9	Return Null Request When Cookie Is Malformed Closes gh-15905	1 year ago
Rob Winch	4ce7cde155	Add Firewall for WebFlux Closes gh-15967	1 year ago
Steve Riesenberg	dcb8c563e8	Fix ArrayIndexOutOfBoundsException Issue gh-13310 Closes gh-15184	2 years ago
Marcus Hert Da Coregio	c7b739eb3f	Fix broken link to jaspan article Closes gh-14358	2 years ago
Josh Cummings	470e2c5c97	Address Build Issues Issue gh-14837	2 years ago
Josh Cummings	657760af5b	Improve Logging Closes gh-14837	2 years ago
Christian Becker	5f80468de3	Updated copyright date	2 years ago
Christian Becker	2f762fefe1	Allow tab in HTTP header values. Closes gh-14573	2 years ago
Josh Cummings	eaaa813ede	Fix header value typo Closes gh-11948	2 years ago
Josh Cummings	52675c80b3	Check For Null Exception Message Closes gh-13768	2 years ago
Marcus Da Coregio	64e2a2ff8b	Apply updated Code Style Closes gh-13881	2 years ago
Marcus Da Coregio	ce012a4661	CookieRequestCache Should Preserve Request Locale Closes gh-13792	2 years ago
Marcus Da Coregio	96d1763fc4	WWW-Authenticate header should not be added twice Closes gh-13737	2 years ago
Marcus Da Coregio	7813a9ba26	Use default PathPatternParser instance	2 years ago
Josh Cummings	40d61743b9	Replace Existing Continue Parameter Closes gh-13438	2 years ago
Christoph Zuleger	06e58e4c34	Update JavaDoc of BasicAuthenticationFilter Remove deprecated hint to use Digest Auth in favor of Basic Auth.	3 years ago
Marcus Da Coregio	a53cbb838b	Polish Issue gh-13155	3 years ago
joerg-richter-5234	8287289bcb	Fix XContentTypeOptionsServerHttpHeadersWriter set constant value to X-Content-Type-Options Closes gh-13155	3 years ago
Marcus Da Coregio	2d52fb8e4b	Clear Repository on Logout	3 years ago
Christian Marck	442faccb5f	Avoid NPE in FilterInvocation Handle unknown headers in dummy request wrapper. Closes gh-12998	3 years ago
Marcus Da Coregio	8d664bc4c2	DelegatingSecurityContextRepository should call loadContext Closes gh-12314	3 years ago
twosom	3d7e22a4e9	Add test to SimpleUrlAuthenticationSuccessHandlerTests	3 years ago
twosom	abd51f7b63	Polished DefaultLoginPageGeneratingFilterTests Validation Closes gh-12694	3 years ago
Marcus Da Coregio	84cca81edf	Use HttpSessionSecurityContextRepository by default in SwitchUserFilter Closes gh-12834	3 years ago
Josh Cummings	0d4c619648	Include continue in query string Closes gh-12665	3 years ago
Steve Riesenberg	c306df9b46	Add XorCsrfChannelInterceptor Issue gh-12378	3 years ago
Marcus Da Coregio	ffdb397830	Save the SecurityContext when switching user Closes gh-12504	3 years ago
Marcus Da Coregio	99d6d21554	Apply SecurityContextHolderFilter to all dispatcher types Closes gh-11962	3 years ago
Steve Riesenberg	2ed7cff643	Check for existing token before clearing Closes gh-12236	3 years ago
Steve Riesenberg	57b163bb78	Polish gh-12141	3 years ago
Steve Riesenberg	6b0ed0205b	Re-generate tokens in CookieCsrfTokenRepository Fixes support for re-generating tokens within a request such as when CsrfAuthenticationStrategy removes a null token and saves an empty cookie value on the response. Closes gh-12141	3 years ago
Marcus Da Coregio	1f481aafff	Fix AuthorizationFilter incorrectly extending OncePerRequestFilter Closes gh-12102	3 years ago
David Becker	2b426872a3	Use InetSocketAddress#getHostString Sometimes InetSocketAddress#getAddress#getHostAddress retuns null. In that case, call InetSocketAddress#getHostString instead. There is no performance loss since IpAddressMatcher#matches attemptsi to re-parse and resolve the address anyway. Closes gh-11888	3 years ago
Steve Riesenberg	acc35aeb18	Add DelegatingSecurityContextRepository Issue gh-12023	3 years ago
Steve Riesenberg	c75ca10900	Add DeferredSecurityContext Issue gh-12023	3 years ago
Josh Cummings	099aaa33ff	Remove Deprecation Markers Since Spring Security still needs these methods and classes, we should wait on deprecating them if we can. Instead, this commit changes the original classes to have a boolean property that is currently false, but will switch to true in 6.0. At that time, BearerTokenAuthenticationFilter can change to use the handler. Closes gh-11932	3 years ago
Daniel Garnier-Moiroux	200b7fecd3	Add (Server)AuthenticationEntryPointFailureHandlerAdapter Issue gh-11932, gh-9429 (Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead when an AuthenticationServiceException is thrown, instead of HTTP 401. This commit deprecates the current behavior and introduces an opt-in (Server)AuthenticationEntryPointFailureHandlerAdapter with the expected behavior. BearerTokenAuthenticationFilter uses the new adapter, but with a closure to keep the current behavior re: entrypoint.	3 years ago
Evgeniy Cheban	56b9badcfe	AnonymousAuthenticationFilter should cache its Supplier<SecurityContext> Closes gh-11900	3 years ago
Joe Grandja	185991a606	Revert "Add default AuthorizationManager" This reverts commit `4ddec07d0e`.	3 years ago
Steve Riesenberg	8bd25f90e4	Polish XorServerCsrfTokenRequestAttributeHandlerTests	3 years ago
Steve Riesenberg	804f20045e	Polish XorCsrfTokenRequestAttributeHandlerTests	3 years ago
Steve Riesenberg	05e4a1dd20	Cache Xor CsrfToken Closes gh-11988	3 years ago
Marcus Da Coregio	4b6fed0667	Add static factory method to AntPathRequestMather and RegexRequestMatcher Closes gh-11938	3 years ago
Steve Riesenberg	f462134e87	Add reactive support for BREACH Closes gh-11959	3 years ago
Steve Riesenberg	f4ca90e719	Add reactive interfaces for CSRF request handling Issue gh-11959	3 years ago
Josh Cummings	380a6a2564	Polish SecurityContextHolderStrategy Usage - Add to HttpSessionSecurityContextRepository#saveContext Issue gh-11060	3 years ago
Josh Cummings	f16d47c7b5	Polish DefaultHttpSecurityExpressionHandler Issue gh-11105	3 years ago
Josh Cummings	4ddec07d0e	Add default AuthorizationManager Closes gh-11963	3 years ago

1 2 3 4 5 ...

1366 Commits (5.8.x_update-antora-ui-spring)