Tree: 194eaf8491

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.4.x/ch.qos.logback-logback-classic-1.5.26

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '194eaf8491'

${ noResults }

Commit Graph

1049 Commits (194eaf8491cc419c6e7d4da890554c2c0b4e84ee)

Author	SHA1	Message	Date
heowc	1ab0705b47	Fix typo	4 years ago
Marcus Da Coregio	f04cd641b0	Fix @since tag ... Issue gh-10590, gh-10554	4 years ago
Marcus Da Coregio	18427b6411	Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains ... Closes gh-10554	4 years ago
Marcus Da Coregio	7e17a00197	Add RequestMatcherEntry	4 years ago
Marcus Da Coregio	53b8cff26f	Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator ... Closes gh-10590	4 years ago
Marcus Da Coregio	65426a40ec	Add Cross Origin Policies headers ... Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers Closes gh-9385, gh-10118	4 years ago
Steve Riesenberg	62e8799a8d	Use BDD in tests	4 years ago
Steve Riesenberg	df0f6f83af	Polish gh-9597	4 years ago
Karl Tinawi	925d531cbe	Set details on authentication token created by HttpServlet3RequestFactory ... Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated. This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource. Closes gh-9579	4 years ago
Steve Riesenberg	bb2d80fea3	Update copyright year ... Issue gh-10557	4 years ago
Steve Riesenberg	f49c286050	Fix case sensitive headers comparison ... Closes gh-10557	4 years ago
Josh Cummings	1251cde04c	Add Missing Since ... Issue gh-10482	4 years ago
Igor Pelesic	a3a9de1b9b	PermitAllSupport supports AuthorizeHttpRequestsConfigurer ... PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown. Closes gh-10482	4 years ago
Steve Riesenberg	204f0b4599	Polish gh-10007	4 years ago
Guirong Hu	43317c5a61	Support IP whitelist for Spring Security Webflux ... Closes gh-7765	4 years ago
Rob Winch	96a6fef820	Prevent Save @Transient Authentication with existing HttpSession ... Previously, @Transient Authentication would get saved if an existing HttpSession existed but it shouldn't. This commit always prevents @Transient Authentication from being saved. Closes gh-9992	4 years ago
Marcus Da Coregio	caad3d57e2	Improve log message when no CSRF token found ... Closes gh-10436	4 years ago
Emil Sierżęga	04b47c5928	Fixed various broken links in Javadocs	4 years ago
Emil Sierżęga	a188138715	Javadocs author tag doesn't work in methods	4 years ago
Rob Winch	f836897190	Checkstyle Fixes ... - Javadoc tag ordering - Private constructors before inner classes Issue gh-10394	4 years ago
Rob Winch	e1f4ec1137	Fix Jackson	4 years ago
Marcus Da Coregio	faec20bc69	Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext ... Closes gh-10208	4 years ago
Josh Cummings	7b98c2ea95	Restructure SwitchUserFilter Logs ... Issue gh-6311	4 years ago
Eleftheria Stein	7d81a52780	Allow AuthenticationPrincipal argument type to be primitive ... Closes gh-10172	4 years ago
heowc	84d173c310	Fix typo	4 years ago
Bogdan Ilchyshyn	a4c088a3b3	Introducing WebSessionServerLogoutHandler ... Closes gh-4838	5 years ago
Hiroshi Shirosaki	6f3e346b76	Add SecurityContextHolder#addListener ... Closes gh-10032	5 years ago
Josh Cummings	b8d51725c7	Immutable SecurityContext ... Issue gh-10032	5 years ago
Rob Winch	b6ff4d3674	Fix mockito UnnecessaryStubbingException	5 years ago
Rob Winch	3e93b024d6	openrewrite Junit Migration	5 years ago
Rob Winch	14240b2559	Remove Powermock ... Powermock does not support JUnit5 yet, so we need to remove it to support JUnit 5. Additionally, maintaining additional libraries adds extra work for the team. Mockito now supports final classes and static method mocking. This commit replaces Powermock with mockito-inline. Closes gh-6025	5 years ago
Evgeniy Cheban	d121ab9565	Support A Well-Known URL for Changing Passwords ... Closes gh-8657	5 years ago
Alexey Markevich	3219fd554d	DigestAuthenticationFilter decodes nonce only once ... Closes gh-8455	5 years ago
Steve Riesenberg	3bb8e1d200	Remove redundant translations in spring-security-web	5 years ago
Ruben Suarez Alvarez	7cd344acab	Add spanish translation of insufficient authentication and cookie stolen	5 years ago
Josh Cummings	ca76c54471	Polish CsrfWebFilterTests ... Issue gh-9113	5 years ago
Tomoki Tsubaki	0c8b6df82a	Cache Mono that generate the CSRF token ... Closes gh-9113	5 years ago
AlexeyAnufriev	baac9e0cf2	Properly clean cookies with context path after logout ... Closes gh-8846	5 years ago
Marcus Hert da Coregio	2a7998d0fc	Adjust createNewSessionIfAllowed to prevent NPE ... Ensure that isTransientAuthentication reuses the same authentication object from saveContext Closes gh-8947	5 years ago
César Revert	cf74ad3a52	Anonymous in ExceptionTranslationWebFilter ... The ExceptionTranslationWebFilter does not support correctly when anonymous authentication is enabled. With this enabled provoked always the execution of the access denied handler, and with this fix it behaves like the ExceptionTranslationFilter (servlet), executing the access denied handler only if the principal is not empty and neither anonymous. Closes gh-9130	5 years ago
Craig Andrews	a7fbae8355	Add test for RequestedUrlRedirectInvalidSessionStrategy	5 years ago
Craig Andrews	0e6d47b082	Add guard around debug logging involving string concatenation	5 years ago
Craig Andrews	0af74ce134	Use ServletUriComponentsBuilder instead of UrlPathHelper	5 years ago
Craig Andrews	2bcd4627fa	Eliminate use of Optional	5 years ago
Craig Andrews	10a264c144	Add RequestedUrlRedirectInvalidSessionStrategy implemention of InvalidSessionStrategy ... Performs a redirect to the original request URL when an invalid requested session is detected. In effect, when a user's session times out, the user is redirected to URL they originally requested instead of some fixed URL.	5 years ago
Josh Cummings	df6ebc7051	Rename DelegatingAuthorizationManager ... Closes gh-9692	5 years ago
Thomas Vitale	e2993d93e1	Make Csrf cookie secure flag configurable (WebFlux) ... Make the XSRF-TOKEN cookie secure flag configurable in CookieServerCsrfTokenRepository. Closes gh-9678	5 years ago
Josh Cummings	cb6e4f4a11	Add NPE Guards ... - Like values, names are only validated if they are not null Closes gh-9598	5 years ago
Craig Andrews	7dc4de05b1	Add guard around logger.debug statement ... The log message involves string concatenation, the cost of which should only be incurred if debug logging is enabled	5 years ago
Josh Cummings	4f7d529c5d	Polish Csrf Tests ... Issue gh-9561	5 years ago