Branch: finalize

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.8

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'finalize'

${ noResults }

Commit Graph

3271 Commits (finalize)

Author	SHA1	Message	Date
Rob Winch	10e6a6f943	Remove compile warnings in AspectJMethodSecurityInterceptorTests	14 years ago
Rob Winch	9a9aafaeec	SEC-1967: Restore original SecurityContext in finally when RunAsManager is used ... Previously subclasses of AbstractSecurityInterceptor did not restore the original Authentication when RunAsManager was used and an Exception was thrown in the original method. AbstractSecurityInterceptor has added a new method finallyInvocation which should be invoked in a finally block immediately after the original invocation which will restore the original Authentication. All existing sub classes have been updated to use this new method.	14 years ago
Rob Winch	1d701a2d8f	SEC-2012: Remove additional incorrect javadoc from UserDetails#getPassword()	14 years ago
Rob Winch	b4fbabdbfd	SEC-2012: Remove incorrect javadoc from UserDetails#getPassword() ... Previously the javadoc stated that password could not be null. However, since the introduction of CredentialsContainer introduced in SEC-1493 the password can be null. The changes remove the statement that passwords cannot be null. While this is a non-passive change to the interface, the current state leaves no choice for a non-passive change. Removing the javadoc was determined the better option since erasing the credentials was an explicit feature request. Note that replacing the password with an obscure String can be risky as it introduces the risk that the value is used to authenticate.	14 years ago
Rob Winch	638e92a3f7	SEC-1992: Updated Spring version to 3.0.7	14 years ago
Rob Winch	f2345fcb21	SEC-1981: Remove dependency on Locale for the build	14 years ago
Rob Winch	a2452ab514	SEC-1906: Update to Gradle 1.0	14 years ago
Rob Winch	8b05d23832	SEC-1971: Allow injection of ExpressionParser in AbstractSecurityExpressionHandler	14 years ago
Luke Taylor	5d71d2a4fa	SEC-1887: Add MethodSecurityOperations interface. ... This should cater for implementations which want to use the full filtering capabilities while creating a custom expression root object. Also cleaning whitespace.	14 years ago
Andrei Stefan	0f9ee81df1	SEC-1887: Improve extensibility of expression-based security classes ... Introduces a new SecurityExpressionOperations interface which is implemented by SecurityExpressionRoot	14 years ago
Luke Taylor	f97463cdb5	Minor comment fixes	14 years ago
Rob Winch	1f835fec43	SEC-1867: Perform null check on Authentication.getCredentials() prior to calling toString()	14 years ago
Rob Winch	8ca2927761	Renamed **/Test.java to **/Tests.java to better follow conventions	14 years ago
Rob Winch	3dca70403d	Suppress compiler warnings and minor javadoc fix for ProviderManager	14 years ago
Luke Taylor	8fd2963e6b	Deprecate storage of Authentication object in AuthenticationException.	14 years ago
Luke Taylor	bce4d81142	Mark overriding "extraInformation" methods in account status exceptions as deprecated.	14 years ago
Luke Taylor	2953f56b2b	Remove ancient code formatter artifacts.	14 years ago
Luke Taylor	44364d0101	SEC-1826: Empty attribute list should be treated the same as null in DelegatingMethodSecurityMetadataSource.	14 years ago
Luke Taylor	be8ee61f82	PreInvocationAuthorizationAdviceVoter was checking the wrong type in its "supports" method. ... This isn't actually used, but is still incorrect.	14 years ago
Luke Taylor	359bd7c468	SEC-1804: Updated Javadoc wrt immutability of User class.	15 years ago
Luke Taylor	8ce6c73802	Add check for empty attributes list as well as null, in DelegatingMethodSecurityMetadataSource	15 years ago
Luke Taylor	d6b7b52a79	Update to Spring 3.0.6.	15 years ago
Luke Taylor	a4c05239e5	SEC-1719: Lithuanian messages translation.	15 years ago
Luke Taylor	59a07175a6	SEC-1744: Do not trust authorities contained in the authentication request in JaasAuthenticationProvider.	15 years ago
Luke Taylor	5fce0a58bd	SEC-1750: Make sure RunAs replacement is constrained to the SecurityContext of the current thread.	15 years ago
Luke Taylor	249610c7ed	SEC-1742: Remove deprecated "includeDetailsObject" field from DaoAuthenticationProvider.	15 years ago
Luke Taylor	1976cb1bf7	SEC-1742: Deprecate use of extraInformation field in AuthenticationException, making it transient and removing any sensitive data in UserDetails objects which are stored in it.	15 years ago
Luke Taylor	74daa68691	SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.	15 years ago
Rob Winch	7399c9a7a5	SEC-1792: Fixed NullPointerException in RunAsUserToken#toString()	15 years ago
Rob Winch	dfd467f26e	cleaned imports in RunAsUserToken	15 years ago
Luke Taylor	56e86dd36f	Adding assertions on constructor arg values.	15 years ago
Luke Taylor	2d271666a4	Add constructors to facilitate constructor-based injection for required/shared bean properties.	15 years ago
Rob Winch	c3a3a5bfbf	Updated core.gradle to include crypto as referenced project in eclipse	15 years ago
Luke Taylor	d253f5e109	SEC-1768: Use AopProxyUtils.ultimateTargetClass() to cater for the situation where the security interceptor is being applied to a proxy.	15 years ago
Luke Taylor	571bfc4869	Refactoring to use Utf8 encoder instead of String.getBytes("UTF-8").	15 years ago
Luke Taylor	361b77685d	Add crypto as an exported dependency of core in IDEA configuration.	15 years ago
Luke Taylor	2b8d4684a1	SEC-1764: Ensure password encoders use UTF-8 charset when creating strings from byte arrays.	15 years ago
Luke Taylor	e27f655e9d	SEC-1689: Re-instate crypto as separate library (for use in non-Spring Security apps), as well as packaging with core.	15 years ago
Luke Taylor	6d04670f87	SEC-1695: Allow customization of the session key under which the SecurityContext is stored.	15 years ago
Luke Taylor	42e0e158b4	Simplify Digester utility class.	15 years ago
Luke Taylor	21295a58e5	SEC-1751: Applied patch to use zero-IV for queryable text encryption.	15 years ago
Luke Taylor	5a4aed238c	SEC-1752: Fixed Utf8 codec to take account of the limit of the ByteBuffer returned by CharsetEncoder.encode().	15 years ago
Luke Taylor	63f160dc72	SEC-1749: Add support for PageContext lookup of objects and use of PermissionEvaluator when using web access expressions.	15 years ago
Luke Taylor	c758f36629	Forgot to add version information test previously	15 years ago
Luke Taylor	295ea27526	SEC-1743: Separate remoting from core into separate module.	15 years ago
Luke Taylor	396eced291	Add test to check version information.	15 years ago
Luke Taylor	6a2a636fd7	Update Javadoc for UserDetailsManager to reflect that the new password doesn't need to be stored in the security context (and probably shouldn't be).	15 years ago
Luke Taylor	a2858240f1	SEC-1728: Remove references to SUN provider and incorrect seeding of SecureRandom in SecureRandomBytesKeyGenerator.	15 years ago
Luke Taylor	73fb1764b8	SEC-1730: Fix broken KeyGenerators method.	15 years ago
Luke Taylor	614d8c0321	SEC-1723: Use standard SpEL syntax for accessing beans in the app context by name.	15 years ago