Tree: 05585a5f13

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.10

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependabot/gradle/main/tools.jackson-jackson-bom-3.0.4

dependabot/npm_and_yarn/javascript/lodash-4.17.23

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '05585a5f13'

${ noResults }

Commit Graph

1121 Commits (05585a5f1358c94271f0a8e265fcda890300f93f)

Author	SHA1	Message	Date
Steve Riesenberg	47b8860681	Update copyright year ... Issue gh-10557	4 years ago
Steve Riesenberg	828cac8889	Fix case sensitive headers comparison ... Closes gh-10557	4 years ago
Marcus Da Coregio	2bf7a5ae80	Improve log message when no CSRF token found ... Closes gh-10436	4 years ago
Marcus Da Coregio	00f4033b9b	Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext ... Closes gh-10208	4 years ago
Rob Winch	e4a76b0ec9	Checkstyle Fixes ... - Javadoc tag ordering - Private constructors before inner classes Issue gh-10394	4 years ago
Josh Cummings	6e86fab19d	Restructure SwitchUserFilter Logs ... Issue gh-6311	4 years ago
Marcus Hert da Coregio	29f4193529	Adjust createNewSessionIfAllowed to prevent NPE ... Ensure that isTransientAuthentication reuses the same authentication object from saveContext Closes gh-8947	5 years ago
Josh Cummings	df6ebc7051	Rename DelegatingAuthorizationManager ... Closes gh-9692	5 years ago
Thomas Vitale	e2993d93e1	Make Csrf cookie secure flag configurable (WebFlux) ... Make the XSRF-TOKEN cookie secure flag configurable in CookieServerCsrfTokenRepository. Closes gh-9678	5 years ago
Josh Cummings	cb6e4f4a11	Add NPE Guards ... - Like values, names are only validated if they are not null Closes gh-9598	5 years ago
Craig Andrews	7dc4de05b1	Add guard around logger.debug statement ... The log message involves string concatenation, the cost of which should only be incurred if debug logging is enabled	5 years ago
Josh Cummings	4f7d529c5d	Polish Csrf Tests ... Issue gh-9561	5 years ago
佚名	87ed527023	Add null check in CsrfFilter and CsrfWebFilter ... Solve the problem that CsrfFilter and CsrfWebFilter throws NPE exception when comparing two byte array is equal in low JDK version. When JDK version is lower than 1.8.0_45, method java.security.MessageDigest#isEqual does not verify whether the two arrays are null. And the above two class call this method without null judgment. ZiQiang Zhao<1694392889@qq.com>	5 years ago
Rob Winch	f3f1106624	Update io.spring.javaformat to 0.0.27 ... Closes gh-9553	5 years ago
Rob Winch	60d3db5798	add management platform(project(":spring-security-dependencies")) ... Closes gh-9540	5 years ago
Rob Winch	1a76ee7442	Update Gradle configuration names ... Closes gh-9540	5 years ago
Eleftheria Stein	4a492846f1	Revert "Lock dependencies for 2.5.0-M3" ... This reverts commit f05cc6269c.	5 years ago
Eleftheria Stein	f05cc6269c	Lock dependencies for 2.5.0-M3	5 years ago
Rob Winch	95da12110b	Additional Test for HttpSessionSecurityContextRepository ... Issue gh-9387	5 years ago
Rob Winch	3116369f02	Optimize HttpSessionSecurityContextRepository ... Closes gh-9387	5 years ago
Josh Cummings	c4be1c6a56	Revert "Lock Dependencies" ... This reverts commit a85caa4098.	5 years ago
Josh Cummings	a85caa4098	Lock Dependencies	5 years ago
Josh Cummings	107f38fff9	Polish Tests ... Issue gh-9331	5 years ago
happier233	873b9bdbca	Configure CurrentSecurityContextArgumentResolver BeanResolver ... Closes gh-9331	5 years ago
Evgeniy Cheban	77484018bb	Reconsider AntPathRequestMatcher matching logic ... Closes gh-9285	5 years ago
Rob Winch	0201c31deb	Fix Checkstyle for CsrfWebFilter ... Issue gh-9337	5 years ago
Rob Winch	a1083d9a5c	Fix CsrfWebFilter error message when expected CSRF not found ... Closes gh-9337	5 years ago
Josh Cummings	160a4a3676	Reformat MvcRequestMatcher ... - Moved related private methods together Issue gh-9284	5 years ago
Evgeniy Cheban	8449df9fd2	Consider Aligning MvcRequestMatcher's matching methods ... Closes gh-9284	5 years ago
Zeeshan Adnan	848bd44837	Remove unused code ... Issue gh-9203	5 years ago
Rob Winch	40e027c56d	Constant Time Comparison for CSRF tokens ... Closes gh-9291	5 years ago
Josh Cummings	c066e23a86	Add @since attributes ... Issue gh-8900	5 years ago
Evgeniy Cheban	34b4b1054f	Add AuthorizationManager ... Closes gh-8900	5 years ago
Nick McKinney	5306d4c4d5	Minor cleanup on Ant / Regex Request Matchers ... - Removed duplicative code for transforming String into HttpMethod - Removed an unnecessary array initialization	5 years ago
Nick McKinney	6be25df1db	Introduced DispatcherType request matcher ... Created a DispatcherTypeRequestMatcher and corresponding methods for configuring an HttpSecurity object. This enables filtering of security rules based on the dispatcher type of the incoming servlet request. Closes gh-9205	5 years ago
Christophe Gilles	54d3839f63	Add permissionsPolicy http header	5 years ago
Serdar Kuzucu	48ef27b80a	Make assertion messages in CookieCsrfTokenRepository clearer ... Changes assertion message format from 'X is not null' to 'X cannot be null' since this is more meaningful when the error occurs and the message is printed in the logs. Closes gh-9195	5 years ago
Serdar Kuzucu	76e117a67a	Allow maximum age of csrf cookie to be configured ... Allows maxAge of the generated cookie by CookieCsrfTokenRepository to be configurable. Prior to this commit, maximum age was set with a value of -1. After this commit, it will be configured by the user with an either positive or negative value. If the user does not provide a value, it will be set -1. An IllegalArgumentException will be thrown when this value is set to zero. Closes gh-9195	5 years ago
Josh Cummings	f614a8230c	Polish getRemoteUser ... - Corrected instanceof check Issue gh-3357	5 years ago
Stephen Joyner	9c373ef4f8	getRemoteUser() returns principal name ... Closes gh-3357	5 years ago
Eleftheria Stein	7f482eda7d	Fix CookieRequestCache for URL encoded query parameters ... Avoid populating the saved request parameters with encoded values. Since the query strings of the request and saved URL are compared and must be equal, we can just use the parameters from the incoming request. Closes gh-9203	5 years ago
Aditya Sekhar	4cc3c25a0e	removed whitespace formatting	5 years ago
Aditya Sekhar	a26975f780	cleanup compatibility method based on spring-projects#8868	5 years ago
zhuang	ff58ac836e	Decode cookie once in AbstractRememberMeServices ... Issue gh-9192	5 years ago
Eleftheria Stein	34a21cd80c	Fix formatting	5 years ago
Eleftheria Stein	5661e06e9c	Fix typo UserDetailService -> UserDetailsService	5 years ago
Arnaud Mergey	2b9efccc50	Implement MessageSourceAware where missing ... Closes gh-8951	5 years ago
Joe Grandja	b95e1aa209	Revert "Lock dependencies for 5.5.0-M1" ... This reverts commit 25a7482c8c.	5 years ago
Rob Winch	25a7482c8c	Lock dependencies for 5.5.0-M1	5 years ago
Alexander Polozov	a362ab53bc	Change guard expressions order ... Check of allowed user sessions count moved to head for avoid unnecessary fetching all user sessions.	5 years ago