Branch: 6.3.x

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '6.3.x'

${ noResults }

Commit Graph

1749 Commits (6.3.x)

Author	SHA1	Message	Date
Andrey Litvitski	b0f8aa5ea0	Fix to allow multiple AuthenticationFilter instances to process each request ... Closes gh-17173 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	7 months ago
Joaquin Santana	c0568ea9b0	Log Request Mismatch Only When Mismatches ... Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>	7 months ago
Mark Putsiata	cae3467a8d	Improve AbstractPreAuthenticatedProcessingFilter docs ... Clarify misleading SecurityContextRepository setter documentation. Note that AbstractPreAuthenticatedProcessingFilter saves the SecurityContext upon successful authentication, and this behavior can be customized via the setSecurityContextRepository setter. Closes gh-14137 Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>	8 months ago
Josh Cummings	e48f26e51e	Propagate StrictFirewallRequest Wrapper ... Closes gh-16978	8 months ago
DingHao	857ef6fe08	WithHttpOnlyCookie defaults to false ... Closes gh-16820 Signed-off-by: DingHao <dh.hiekn@gmail.com>	9 months ago
Tran Ngoc Nhan	ab6e9d2d1f	Clarify WebInvocationPrivilegeEvaluator JavaDoc ... Closes gh-16529 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	10 months ago
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher ... Closes gh-16755	10 months ago
Rob Winch	6a0b683e60	StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest ... Closes gh-16069	1 year ago
Josh Cummings	96a9cf0d2d	Restore Previous Behavior for Servlet 5 ... Closes gh-16173	1 year ago
Joe Grandja	fa5fc6dd62	Fix checkstyle errors for toLower/toUpperCase usage	1 year ago
Joe Grandja	a8c4d6cead	Require Locale argument for toLower/toUpperCase usage	1 year ago
Joe Grandja	a7bf8f7cc6	Require Locale argument for toLower/toUpperCase usage	1 year ago
Steve Riesenberg	285d16b046	Polish IpAddressMatcher ... (cherry picked from commit 83a79159b8)	1 year ago
Steve Riesenberg	ddf4542a9e	Add hasText assertion to IpAddressMatcher constructor ... Issue gh-15527 (cherry picked from commit 3a298196512de5f3002707e2af8298d650033df7)	1 year ago
Steve Riesenberg	554df6fab6	Fix NPE in IpAddressMatcher ... Closes gh-15527 (cherry picked from commit 52de894c3c0a812562d6822db30f5c6c88526181)	1 year ago
Joe Grandja	0eaffb37e7	Require Locale argument for toLower/toUpperCase usage	1 year ago
DingHao	308e408b13	Polish DelegatingAuthenticationConverter	1 year ago
DingHao	1399a82ea9	Return Null Request When Cookie Is Malformed ... Closes gh-15905	1 year ago
Rob Winch	0e257b56ce	Add Firewall for WebFlux ... Closes gh-15967	1 year ago
Rob Winch	4ce7cde155	Add Firewall for WebFlux ... Closes gh-15967	1 year ago
Josh Cummings	8917cdb404	Improve Performance of IPv4 Check ... Closes gh-15324	2 years ago
Steve Riesenberg	dcb8c563e8	Fix ArrayIndexOutOfBoundsException ... Issue gh-13310 Closes gh-15184	2 years ago
Josh Cummings	7288fecc24	Verify ipAddress Not A Hostname ... Closes gh-15172	2 years ago
Josh Cummings	6956ed693c	Polish DefaultSecurityFilterChain Logs ... Reuse String manipulation logic in Spring Framework Compress whitespace Closes gh-15096	2 years ago
baezzys	ac9bdf5cbf	Change DefaultSecurityFilterChain logging to DEBUG level and simplify filter log ... - Change DefaultSecurityFilterChain logging level from INFO to DEBUG to align with FilterChainProxy. - Log filter class names instead of the toString() of filter.	2 years ago
Marcus Hert Da Coregio	c7b739eb3f	Fix broken link to jaspan article ... Closes gh-14358	2 years ago
Joaquin Santana	927840fe88	Do Not Invalidate Current Session When It Is Registered ... Closes gh-15066	2 years ago
Marcus Hert Da Coregio	08f11f06ab	Revert unnecessary commits from main ... Issue gh-15016	2 years ago
Marcus Hert Da Coregio	b3c7f3ff19	Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision ... Issue gh-7395	2 years ago
Josh Cummings	470e2c5c97	Address Build Issues ... Issue gh-14837	2 years ago
Josh Cummings	657760af5b	Improve Logging ... Closes gh-14837	2 years ago
Marcus Hert Da Coregio	61eba00654	Move HaveIBeenPwnedRestApiPasswordChecker to spring-security-web ... Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module. Issue gh-7395	2 years ago
DingHao	f689f3c3fc	Fix continueOnError default value in java doc ... Closes gh-14870	2 years ago
erie0210	7faae83ebb	docs: fix typo	2 years ago
Thomas Hagelberg	ce9f1821b1	Improve logging in AuthenticationWebFilter ... Closes #14091	2 years ago
Thomas Hagelberg	091976fffb	Improve logging in AuthenticationWebFilter ... Closes #14091	2 years ago
ruabtmh	c0928bf198	Add DelegatingAuthenticationConverter ... Closes gh-14644	2 years ago
DingHao	8885707674	Add DelegatingServerAuthenticationConverter ... Closes gh-14644	2 years ago
Steve Riesenberg	bd345fb2a8	Polish gh-11758	2 years ago
Markus Heiden	5c5503924b	Add SwitchUserGrantedAuthorityMixIn ... Closes gh-11775	2 years ago
Marcus Hert Da Coregio	f8ff056eb6	Update Max Sessions on WebFlux ... Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler Issue gh-6192	2 years ago
Marcus Hert Da Coregio	a5ce8ae87f	Polish Max Sessions on WebFlux ... This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry Issue gh-6192	2 years ago
Christian Becker	5f80468de3	Updated copyright date	2 years ago
Christian Becker	2f762fefe1	Allow tab in HTTP header values. ... Closes gh-14573	2 years ago
Rob Winch	750cb30ce4	Add AuthenticationTrustResolver.isAuthenticated	2 years ago
Josh Cummings	75fdcd10f7	Use synchronized ... Closes gh-14445	2 years ago
Marcus Hert Da Coregio	915d68e216	Remove includeExpiredSessions parameter ... The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter Issue gh-6192	2 years ago
Federico Herrera	c1adeef0da	Add validation IpAddressMatcher ... Closes gh-13621	2 years ago
Nermin Karapandzic	6e1bcfed11	Add argument resolver for SecurityContext ... Closes gh-13425	2 years ago
ahmd-nabil	a808c139ad	Enhance IpAddressMatcher performance ... Closes gh-14493 Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>	2 years ago