spring-security

Commit Graph

Author	SHA1	Message	Date
Marcus Da Coregio	22ba358e57	Merge branch '5.8.x'	4 years ago
Marcus Da Coregio	bf6e85ec15	Accept String varargs in securityMatcher Issue gh-9159	4 years ago
Marcus Da Coregio	38a7bbd2eb	Merge branch '5.8.x'	4 years ago
Marcus Da Coregio	ace8caa182	Remove mvcMatchers usage from docs Issue gh-11347	4 years ago
Marcus Da Coregio	76d7a85bc0	Use modified classpath test support for tests that depend on the classpath Issue gh-11347	4 years ago
Marcus Da Coregio	77dcc691b3	Add modified classpath test support Closes gh-11951	4 years ago
Marcus Da Coregio	5002199be3	Revert "Disable tests that need Spring MVC mocked in classpath" This reverts commit `c6978fba7c`.	4 years ago
Marcus Da Coregio	35f7e46d05	Remove WebSecurityConfigurerAdapter Closes gh-10902	4 years ago
Steve Riesenberg	a10b0f526f	Merge branch 'main'	4 years ago
Marcus Da Coregio	60181e22d3	Upgrade com.unboundid:unboundid-ldapsdk to 6.0.6 Closes gh-10210	4 years ago
Steve Riesenberg	3bc76815c2	Update csrf.request-handler-ref in 6.0 Issue gh-11918	4 years ago
Steve Riesenberg	5de6da890b	Merge branch '5.8.x' Closes gh-dry-run	4 years ago
Marcus Da Coregio	c6978fba7c	Disable tests that need Spring MVC mocked in classpath Issue gh-11347	4 years ago
Steve Riesenberg	475b3bb6bb	Add deferred CsrfTokenRepository.loadDeferredToken * Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken> * Move RepositoryDeferredCsrfToken to top-level and make package-private * Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse) * Update CsrfFilter * Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler Issue gh-11892 Closes gh-11918	4 years ago
Steve Riesenberg	c847efd3fd	Fix servlet import Issue gh-11347 Issue gh-9159	4 years ago
Steve Riesenberg	c98de7af2f	Add xss-protection.header-value in 6.0 Issue gh-9631	4 years ago
Steve Riesenberg	7c3cc1e386	Merge branch '5.8.x'	4 years ago
Daniel Garnier-Moiroux	0e215a21ad	Add X-Xss-Protection headerValue to XML config Issue gh-9631	4 years ago
Marcus Da Coregio	ad2abd39dc	Merge branch '5.8.x' Closes gh-11347 in 6.0.x Closes gh-11945	4 years ago
Marcus Da Coregio	039e0328e1	Simplify Java Configuration RequestMatcher Usage If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity Closes gh-11347 Closes gh-9159	4 years ago
Steve Riesenberg	ea777a3d7b	Merge branch '5.8.x' Merged using the ours strategy.	4 years ago
Daniel Garnier-Moiroux	bf59d7c374	Update What's New for 5.8	4 years ago
Steve Riesenberg	d9a682a414	Polish gh-11896	4 years ago
Steve Riesenberg	bf9339d88e	Merge branch '5.8.x'	4 years ago
Steve Riesenberg	7f9600ae08	Polish gh-11896	4 years ago
Marcus Da Coregio	5f2744db33	Merge branch '5.8.x' Closes gh-11937	4 years ago
Marcus Da Coregio	64a19de4dc	Deprecate HPKP security header Closes gh-10144	4 years ago
Marcus Da Coregio	80f6bdf50b	Merge branch '5.8.x'	4 years ago
Marcus Da Coregio	7be2eb05d5	Merge branch '5.7.x' into 5.8.x	4 years ago
Marcus Da Coregio	cd4ddde779	Merge branch '5.6.x' into 5.7.x	4 years ago
Daniel Garnier-Moiroux	26bb60c567	Add rncToXsd task description to CONTRIBUTING.adoc	4 years ago
Rob Winch	4479cefade	Default Require Explicit Session Management = true Closes gh-11763	4 years ago
Rob Winch	0d58c5180e	Remove Explicit RequestCache Config from DeferHttpSession Tests Issue gh-11757	4 years ago
Rob Winch	12a0ccf6de	Remove Explicit CSRF Config from DeferHttpSessionTests Issue gh-11764	4 years ago
Rob Winch	617353eaa8	Merge branch '5.8.x' Closes gh-11928	4 years ago
Rob Winch	6d56af7b65	SessionManagementDsl.requireExplicitAuthenticationStrategy	4 years ago
Josh Cummings	8f10deb602	Merge remote-tracking branch 'origin/5.8.x'	4 years ago
Josh Cummings	f054505d6d	Support Deferred Contexts Closes gh-11817 Issue gh-10913	4 years ago
Emil Sierżęga	fc7f87feac	Removed unused test classes SomeDomainObject/Manager	4 years ago
Steve Riesenberg	76fbca9f46	Merge branch '5.8.x'	4 years ago
Daniel Garnier-Moiroux	93250013e4	Make X-Xss-Protection configurable through ServerHttpSecurity OWASP recommends using "X-Xss-Protection: 0". The default is currently "X-Xss-Protection: 1; mode=block". In 6.0, the default will be "0". This commits adds the ability to configure the xssProtection header value in ServerHttpSecurity. This commit deprecates the use of "enabled" and "block" booleans to configure XSS protection, as the state "!enabled + block" is invalid. This impacts HttpSecurity. Issue gh-9631	4 years ago
Steve Riesenberg	43a1f8249c	Update What's New for 6.0	4 years ago
Steve Riesenberg	e0e6467d9b	Remove UsernamePasswordAuthenticationToken check This commit reverts `21dd050d7b`. Closes gh-10347	4 years ago
shazin	1e0e9a2c98	Allow authenticationIsRequired to be overridden Issue gh-10347	4 years ago
Steve Riesenberg	4d62621094	Merge branch '5.8.x'	4 years ago
Steve Riesenberg	7b1158ddb7	Merge branch '5.7.x' into 5.8.x	4 years ago
Steve Riesenberg	70c61dc1dd	Merge branch '5.6.x' into 5.7.x	4 years ago
Dan Allen	c44230ba24	switch to offical Antora plugin for Gradle - lock version to latest release of Antora 3.1 - rename properties on extension block - use Node.js version provided by plugin - remove package.json file - assign environment variables using environments property on extension block - use single quotes where possible in build script - use default setting for log format	4 years ago
Marcus Da Coregio	3bfdf6dd0f	Merge branch '5.8.x' Closes gh-11922	4 years ago
Marcus Da Coregio	cf3349f31a	Configure ContentNegotiationStrategy in HttpSecurityConfiguration Closes gh-11916	4 years ago

1 2 3 4 5 ...

11497 Commits (22ba358e5730adecb274cd16b5dcfb84c69f021e) All Branches Search

11497 Commits (22ba358e5730adecb274cd16b5dcfb84c69f021e)

All Branches