Rename to a class that isn't focused on the synthesis implementation detail.
Also add Security to the front of the name to clarify that it is only intended
for security annotations, reminiscent of SecurityMetadataSource.
Refine method signatures to better articulate supported use cases.
Issue gh-15286
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
in air-gapped or offline scenarios, and no dependency on an external CDN that may
go away some day.
Introduced public static final Predicates for allowed header names,
header values, parameter names, and parameter values for building
expressions.
Closes gh-13639
- Change DefaultSecurityFilterChain logging level from INFO to DEBUG to align with FilterChainProxy.
- Log filter class names instead of the toString() of filter.
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.
Issue gh-7395
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler
Issue gh-6192
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry
Issue gh-6192
In the `ServerWebExchangeDelegatingReactiveAuthenticationManagerResolver.Builder` class the JavaDoc comments mention the wrong class name. This commit fixes this.
Daniel Garnier-Moiroux
Marcus Hert Da Coregio
Florian Bernard
Josh Cummings
Ilpyo-Yang
DingHao
baezzys
Max Batischev
Steve Riesenberg
Joaquin Santana
erie0210
Thomas Hagelberg
Markus Heiden
Christian Becker
Rob Winch
Federico Herrera
Nermin Karapandzic
ahmd-nabil
sonallux