spring-security

Commit Graph

Author	SHA1	Message	Date
Josh Cummings	0421e25cba	Document Common SAML URI Endpoints Issue gh-12764	3 years ago
Josh Cummings	1c885cf3a3	Document Federation Usecase Closes gh-12764	3 years ago
Josh Cummings	109f6e7028	Add Note about RoleHierarchy Closes gh-12766	3 years ago
Josh Cummings	eac1f846b3	Update RoleHierarchy Docs Closes gh-12766	3 years ago
Byeonggon Lee	f2c4656abd	Fix typo in form.adoc Closes gh-12678	3 years ago
Josh Cummings	2db4430dcd	Preserve OpenSamlAssertingPartyDetails Instance Closes gh-12667	3 years ago
Steve Riesenberg	c4f68d83bf	Document default CsrfTokenRequestHandler in 6.0 Closes gh-12651	3 years ago
Marcus Da Coregio	82c86b822f	Polish session-management.adoc Remove unresolved anchor Issue gh-12519	3 years ago
Marcus Da Coregio	e59f71f036	Polish session-management.adoc Remove default values from configuration Issue gh-12519	3 years ago
Marcus Da Coregio	4f3faa78f7	Revisit Session Management docs Closes gh-12519	3 years ago
Dmitriy Grushin	2b36499700	Update expression-based.adoc Removed a duplicate paragraph that was phrased a bit differently.	3 years ago
Dan Allen	c47fbf7cfd	move code comment to callout	3 years ago
Dan Allen	f5bc6ce665	fix unclosed block in docs	3 years ago
Josh Cummings	2028507bf8	Fix Typo in Sample Closes gh-11095	3 years ago
Olivier Délèze	9535566f84	Update multitenancy.adoc The Java example at line 421 should use the injected `jwtValidator` and not from the current class referenced by `this. jwtValidator`.	3 years ago
Eleftheria Stein-Kousathana	fbfa13bd47	Fix OAuth 2.0 testing docs	3 years ago
Steve Riesenberg	ed657a8fac	Polish gh-12280 Apply editing changes from gh-9668	3 years ago
Wilson-Emmanuel	edd1915d1b	Corrected errors on the ACLS document Closes gh-12270	3 years ago
Sellami	626e53d121	Fix: Replace tenantRepository with tenants	3 years ago
Marcus Da Coregio	d2b33a2583	Fix docs Closes gh-11396	3 years ago
Josh Cummings	c60c10792c	Fix Observability Opt-out Documentation Typo Issue gh-12268	3 years ago
Marcus Da Coregio	e6173f9e5b	Prepare for Spring Security 6.1	3 years ago
Marcus Da Coregio	70bfc39418	Fix AuthorizationFilter diagram in docs Closes gh-12274	3 years ago
Steve Riesenberg	34102a6531	Document default SecurityContextRepository Issue gh-12049	3 years ago
Steve Riesenberg	9071f10759	Document DelegatingSecurityContextRepository Closes gh-12069	3 years ago
Johannes Graf	8af3b5afe4	Fix documentation part of Multiple HttpSecurity Instances `http.antMatcher()` is not longer available and was replaced with `http.securityMatcher()`, so use this in the Java Config Multiple HttpSecurity Instances example, too	3 years ago
Rivaldi	01a37dd678	Fix typo (cherry picked from commit 20e89e3eca0823bfa329b5de80448bac1f5e0f30)	3 years ago
Márk Kővári	aad01447c3	docs: fix realm typo	3 years ago
Ger Roza	8315545144	Update RP-Initiated Logout target URLs. The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs. Fixes: gh-12081	3 years ago
Josh Cummings	c5badbc631	Add AccessDecisionManager Preparation Steps Issue gh-11337	3 years ago
Rob Winch	aac1261f0c	Document Migration to SecurityContextHolderFilter Closes gh-12098	3 years ago
Rob Winch	c17e258a6f	Document Saved Requests Closes gh-12088	3 years ago
Josh Cummings	04fa5af794	Add Missing Doc Header The EnableMethodSecurity section	3 years ago
Josh Cummings	fe96a62dfc	Document Observability Support Issue gh-10964	3 years ago
Marcus Da Coregio	4b6fed0667	Add static factory method to AntPathRequestMather and RegexRequestMatcher Closes gh-11938	3 years ago
Daniel Garnier-Moiroux	27059ced87	Default X-Xss-Protection header value to "0" Closes gh-9631	3 years ago
Marcus Da Coregio	398f5dee7f	Remove deprecated RequestMatcher methods from Java Configuration Closes gh-11939	3 years ago
Marcus Da Coregio	9fd195d419	Default to shouldFilterAllDispatcherTypes=true in XML Closes gh-11970	3 years ago
Marcus Da Coregio	f3321c256c	Add XML support for shouldFilterAllDispatcherTypes Closes gh-11492	3 years ago
Josh Cummings	12b9f2e196	use-authorization-manager defaults to true Closes gh-11929	3 years ago
Marcus Da Coregio	c4d23f2b49	Use MvcRequestMatcher by default if Spring MVC is present Closes gh-11899	3 years ago
Steve Riesenberg	dce1c30522	Add support for BREACH Closes gh-4001	3 years ago
Marcus Da Coregio	ace8caa182	Remove mvcMatchers usage from docs Issue gh-11347	3 years ago
Steve Riesenberg	475b3bb6bb	Add deferred CsrfTokenRepository.loadDeferredToken * Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken> * Move RepositoryDeferredCsrfToken to top-level and make package-private * Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse) * Update CsrfFilter * Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler Issue gh-11892 Closes gh-11918	3 years ago
Daniel Garnier-Moiroux	0e215a21ad	Add X-Xss-Protection headerValue to XML config Issue gh-9631	3 years ago
Marcus Da Coregio	039e0328e1	Simplify Java Configuration RequestMatcher Usage If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity Closes gh-11347 Closes gh-9159	3 years ago
Steve Riesenberg	181ee7410b	Change default authority for oauth2Login() Previously, the default authority was ROLE_USER when using oauth2Login() for both OAuth2 and OIDC providers. * Default authority for OAuth2UserAuthority is now OAUTH2_USER * Default authority for OidcUserAuthority is now OIDC_USER Documentation has been updated to include this implementation detail. Closes gh-7856	3 years ago
Steve Riesenberg	46696a9226	CsrfTokenRequestHandler extends CsrfTokenRequestResolver Closes gh-11896	3 years ago
Rob Winch	d94677f87e	CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and moves usage from CsrfFilter into CsrfTokenRequestHandler. Closes gh-11892	3 years ago
Rob Winch	48e31f87e4	Remove Deprecated OpenSAML 3 Support Closes gh-10556	3 years ago

... 6 7 8 9 10 ...

834 Commits (18010f9914e3ab938b51f459c83451e3721fedf2)