spring-security

Commit Graph

Author	SHA1	Message	Date
Tran Ngoc Nhan	8e2067bb3e	Remove deprecated `MemberCategory#DECLARED_FIELDS` Issue gh-16889 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	7 months ago
Josh Cummings	ae82be70c3	Add Needed Runtime Hints Issue gh-16536	8 months ago
Daeho Kwon	9908d96644	DeferredCsrfToken Implements Supplier Closes gh-16870 Signed-off-by: Daeho Kwon <trewq231@naver.com>	8 months ago
Daeho Kwon	90dd31cae5	Replace dynamic error message with static "Access Denied" Closes gh-16514 Signed-off-by: Daeho Kwon <trewq231@naver.com>	9 months ago
Tran Ngoc Nhan	6c9071211f	Fix typo code tag Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	9 months ago
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher Closes gh-16755	9 months ago
Josh Cummings	36a408fb5e	Update Mocking of TestContext Recent Spring Framework changes to default to Mockito's STRICT stubbing mode requires that TestContext be mocked after the exection context has been fully instantiated Closes gh-15579	1 year ago
Steve Riesenberg	7c45ebd81c	Polish gh-15012	2 years ago
Filip Hrisafov	99aee99b34	Expose user name attribute name in `OAuth2UserAuthority`	2 years ago
Marcus Hert Da Coregio	08f11f06ab	Revert unnecessary commits from main Issue gh-15016	2 years ago
Marcus Hert Da Coregio	fccd9379d5	WebTestUtilsTestRuntimeHints implements RuntimeHintsRegistrar Closes gh-14399	2 years ago
Marcus Hert Da Coregio	92af758f1f	Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state. Issue gh-14362	2 years ago
Marcus Hert Da Coregio	364bc10e78	Add hints for CompositeFilterChainProxy Closes gh-14359	2 years ago
ahmd-nabil	dfef781e33	Add default implementation in UserDetails Closes gh-14275 Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>	2 years ago
Steve Riesenberg	9db33f33c7	Revert unnecessary merges on 6.0.x This commit removes unnecessary main-branch merges starting from `8750608b5b` and adds the following needed commit(s) that were made afterward: - `5dce82c48b`	2 years ago
Marcus Da Coregio	64e2a2ff8b	Apply updated Code Style Closes gh-13881	2 years ago
Steve Riesenberg	d6ff58bb7f	Update Mockito to 5.5.0 Closes gh-13810	2 years ago
Tim te Beek	9df9cb5aed	refactor: AssertJ best practices Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D Co-authored-by: Moderne <team@moderne.io>	2 years ago
Kevin Park	02aa052fc7	Fix typo in method name	2 years ago
Laurent MARTELLI	5a7eb108c8	Fix Javadoc	3 years ago
Josh Cummings	bcc1cfc28a	Restore OAuth2AuthorizedClientRepository Test Instrumentation Closes gh-13113	3 years ago
Amal Krishna	8bec14009e	Fix typo in SecurityMockMvcResultMatchers.java Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication	3 years ago
Marcus Da Coregio	54117d7d27	Fix test suffix to align with checkstyle	3 years ago
Josh Cummings	a7562ad950	Update io.spring.javaformat to 0.0.38 Closes gh-12891	3 years ago
Marcus Da Coregio	52ed165476	Move classpath checks to class member variable Closes gh-11437	3 years ago
Marcus Da Coregio	c15f45d9ee	Only register hints for servlet applications Closes gh-12622	3 years ago
Marcus Da Coregio	1648151dd2	Register hints for @WithSecurityContext on class level Issue gh-12215	3 years ago
Marcus Da Coregio	177e11fbd7	Add WebTestUtils test runtime hints Closes gh-12216	3 years ago
Marcus Da Coregio	7094ee3710	Add runtime hints for annotations using @WithSecurityContext Closes gh-12215	3 years ago
Rob Winch	9cb668aec2	SessionManagementConfigurer properly defaults SecurityContextRepository Previously the default was an HttpSessionSecurityContextRepository which meant that if a stateless authentication occurred the SecurityContext would be lost on ERROR dispatch. This commit ensures that the RequestAttributeSecurityContextRepository is also consulted by default. Closes gh-12070	3 years ago
Steve Riesenberg	2a2051cd7b	Default to Xor CSRF tokens in CsrfFilter Issue gh-11960	3 years ago
Steve Riesenberg	440748ec65	Add test support for Xor CSRF tokens Issue gh-4001	3 years ago
Marcus Da Coregio	398f5dee7f	Remove deprecated RequestMatcher methods from Java Configuration Closes gh-11939	3 years ago
Marcus Da Coregio	35f7e46d05	Remove WebSecurityConfigurerAdapter Closes gh-10902	3 years ago
Steve Riesenberg	475b3bb6bb	Add deferred CsrfTokenRepository.loadDeferredToken * Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken> * Move RepositoryDeferredCsrfToken to top-level and make package-private * Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse) * Update CsrfFilter * Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler Issue gh-11892 Closes gh-11918	3 years ago
Rob Winch	4479cefade	Default Require Explicit Session Management = true Closes gh-11763	3 years ago
Steve Riesenberg	46696a9226	CsrfTokenRequestHandler extends CsrfTokenRequestResolver Closes gh-11896	3 years ago
Rob Winch	d94677f87e	CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and moves usage from CsrfFilter into CsrfTokenRequestHandler. Closes gh-11892	3 years ago
aSemy	6e2e8c41b5	typo fitler -> filter	3 years ago
aSemy	e7880b1815	Javadoc typo 'sue' -> 'use'	3 years ago
mariusz	b478e5bc93	gh-6899: @WithMockUser as metaannotation	3 years ago
Joshua Sattler	040111ae9e	Remove Configuration meta-annotation from Enable* annotations Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration. While convenient, this is not consistent with the rest of the Spring projects and most notably Spring Framework's @Enable annotations. Additionally, the introduction of support for @Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow users to opt into their preferred configuration mode. Closes gh-6613 Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>	3 years ago
Steve Riesenberg	206c6ffb54	Remove deprecation warnings with Context.putAll Closes gh-11476	3 years ago
Igor Bolic	d96b4a0463	Set the useTrailingSlashMatch to true for tests The Spring MVC changed the default behavior for trailing slash match with https://github.com/spring-projects/spring-framework/issues/28552. This causes failures in Spring Security's tests. Setting the `useTrailingSlashMatch` to `true` ensures that Spring Security will work for users who have modified the default configuration. Specifing the request mapper with trailing slash path ensures that the tests are successful when default behavior is used. Closes gh-11451	4 years ago
Josh Cummings	6ac9366657	Add SecurityContextHolderStrategy Test Support Issue gh-11061 Issue gh-11444	4 years ago
Josh Cummings	f86992a0af	Add SecurityContextHolderStrategy Test Support Issue gh-11061 Issue gh-11444	4 years ago
Marcus Da Coregio	b8b0661d73	Lock Dependencies for Release	4 years ago
Marcus Da Coregio	806e05855c	Replace removed context-related operators Closes gh-11194	4 years ago
Rob Winch	b1233d053f	Add test support for SecurityContextHolderFilter Issue gh-9635	4 years ago
Rob Winch	6e6d472da4	Add test support for SecurityContextHolderFilter Issue gh-9635	4 years ago

1 2 3 4 5 ...

331 Commits (18010f9914e3ab938b51f459c83451e3721fedf2)