3209930cca
Add TestBytes
...
Closes gh-16461
11 months ago
80e8e14500
Add GenerateOneTimeTokenFilterTests
11 months ago
f4491f388e
Set PublicKeyCredentialCreationOptionsRepository by DSL or Bean
...
Closes gh-16369
Signed-off-by: DingHao <dh.hiekn@gmail.com>
11 months ago
8181cec06c
Set HttpMessageConverter by DSL
...
Closes gh-16369
Signed-off-by: DingHao <dh.hiekn@gmail.com>
11 months ago
bbe4f87641
Mark Serialization Support for Events
...
Issue gh-16276
11 months ago
45f22a46e3
Use spring.security prefix instead of security.security
...
Closes gh-16422
Signed-off-by: DingHao <dh.hiekn@gmail.com>
11 months ago
443af32314
Move Servlet Mocks to Web
...
Issue gh-13551
11 months ago
244fd2eb51
Support Serialization in Exceptions
...
Issue gh-16276
11 months ago
8e59fa1719
Don't Support Serialization for Jackson (De)serializers
...
Issue gh-16276
11 months ago
8735368d9e
Don't Support Serialization of Jackson Modules
...
Issu gh-16276
11 months ago
6f379aa907
Add Serializable to Csrf Components
...
Issue gh-16276
11 months ago
fd267dfb71
Add Support JdbcPublicKeyCredentialUserEntityRepository
...
Closes gh-16224
1 year ago
7b07ef5ff3
Add Support JdbcUserCredentialRepository
...
Closes gh-16224
1 year ago
38523faaa0
Remove Unused loggers
...
Closes gh-16319
1 year ago
e9bdb5b96e
Polish SecurityFilterChain Validation
...
Issue gh-15982
1 year ago
1104b45832
Polish SessionLimit
...
- Move to the web.authentication.session package since it is only needed
by web.authentication.session elements and does not access any other web
element itself.
- Add Kotlin support
- Add documentation
Issue gh-16206
1 year ago
1864577e98
Address SessionLimitStrategy
...
Closes gh-16206
1 year ago
3eeb4317f6
Add setFavorRelativeUris
...
This places the new functionality behind a setting so that
we can remain passive until we can change the setting in
the next major release.
Issue gh-7273
1 year ago
7848b959da
Use relative URLs in /login redirects
...
Closes gh-7273
1 year ago
27c2a8ad11
Add Serializable Compatibility to Web Authentication Exceptions
...
Issue gh-16276
1 year ago
d7d5253607
Change attestation in PublicKeyCredentialCreationOptions to none
...
The attestation option in PublicKeyCredentialCreationOptions is a
parameter that controls whether to request attestation from the security key.
However, Spring Security Passkeys currently doesn't implement attestation verification.
Therefore, requesting attestation is unnecessary.
Specifying `direct` to request attestation may trigger browsers to
display additional privacy related dialog to users, so it is best to
avoid specifying `direct` unnecessarily.
1 year ago
6a0b683e60
StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest
...
Closes gh-16069
1 year ago
4cbaabb239
Added Testing
...
Issue gh-16177
1 year ago
f565b23b51
Restore Method Parameter Inheritance Support
...
Closes gh-16177
1 year ago
d39e329234
Add @inheritDoc to sessionIdChanged method
...
Closes gh-16211
1 year ago
96a9cf0d2d
Restore Previous Behavior for Servlet 5
...
Closes gh-16173
1 year ago
9c3b11914d
webauthn registerCredential returns transports
...
The webauthn support previously did not pass the transports to webauthn4j.
This meant that the result of
Webauthn4jRelyingPartyOperations.registerCredential did not have any
transports either.
This commit ensures that the transports are passed to the webauth4j lib
and then returned in the result of registerCredential.
Closes gh-16084
1 year ago
dc82a6e97e
Remove the cache since UniqueSecurityAnnotationScanner has cached annotations internally
1 year ago
46fe0124ba
Add RuntimeHints for webauthn Javascript resource
1 year ago
fa5fc6dd62
Fix checkstyle errors for toLower/toUpperCase usage
1 year ago
a8c4d6cead
Require Locale argument for toLower/toUpperCase usage
1 year ago
a7bf8f7cc6
Require Locale argument for toLower/toUpperCase usage
1 year ago
285d16b046
Polish IpAddressMatcher
...
(cherry picked from commit 83a79159b8
1 year ago
ddf4542a9e
Add hasText assertion to IpAddressMatcher constructor
...
Issue gh-15527
(cherry picked from commit 3a29819651
1 year ago
554df6fab6
Fix NPE in IpAddressMatcher
...
Closes gh-15527
(cherry picked from commit 52de894c3c
1 year ago
0eaffb37e7
Require Locale argument for toLower/toUpperCase usage
1 year ago
83a79159b8
Polish IpAddressMatcher
1 year ago
3a29819651
Add hasText assertion to IpAddressMatcher constructor
...
Issue gh-15527
1 year ago
52de894c3c
Fix NPE in IpAddressMatcher
...
Closes gh-15527
1 year ago
a1526361b6
webauthn: introduce DefaultResourcesFilter#webauthn
1 year ago
8f1c892fb7
Remove unnecessary parentheses and add static final field
1 year ago
055ec57737
Fix not exist class in WebFilterChainProxy java doc
1 year ago
f46e56de78
Improve Error Message for Conflicting Filter Chains
...
Closes gh-15874
1 year ago
571c7c81a4
Fix typo
1 year ago
ab93541926
Simplify condition in some methods
1 year ago
e76de931ce
Polish Optional usage
1 year ago
ffed4ea1dc
Polish diamond usage
1 year ago
981fbd5c2c
Polish Tests
...
Closes gh-14768
1 year ago
308e408b13
Polish DelegatingAuthenticationConverter
1 year ago
1399a82ea9
Return Null Request When Cookie Is Malformed
...
Closes gh-15905
1 year ago
Rob Winch
Max Batischev
DingHao
Josh Cummings
Claudenir Machado
Michal Okosy
Yoshikazu Nojima
12OneTwo12
Daniel Garnier-Moiroux
Joe Grandja
Steve Riesenberg
nomoreFt
Josh Cummings
Tran Ngoc Nhan