Tree: 2471e3296d

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.4.x/ch.qos.logback-logback-classic-1.5.26

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '2471e3296d'

${ noResults }

Commit Graph

1052 Commits (2471e3296d8fc2e7b20db02ee5efa3b6855b9ad5)

Author	SHA1	Message	Date
Marcus Da Coregio	d884d9a461	Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains ... Closes gh-10554	4 years ago
Marcus Da Coregio	51b4bd67c9	Add RequestMatcherEntry	4 years ago
Marcus Da Coregio	eda346863d	Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator ... Closes gh-10590	4 years ago
Eleftheria Stein	c68a75bcde	Correct imports to jakarta ... Issue gh-9385, gh-10118	4 years ago
Marcus Da Coregio	0beb725259	Add Cross Origin Policies headers ... Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers Closes gh-9385, gh-10118	4 years ago
Steve Riesenberg	aa3c883f87	Use BDD in tests	4 years ago
Steve Riesenberg	d37ff18b69	Polish gh-9597	4 years ago
Karl Tinawi	c57fc309c2	Set details on authentication token created by HttpServlet3RequestFactory ... Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated. This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource. Closes gh-9579	4 years ago
Steve Riesenberg	5dd2565348	Update copyright year ... Issue gh-10557	4 years ago
Steve Riesenberg	41c6776455	Fix case sensitive headers comparison ... Closes gh-10557	4 years ago
Josh Cummings	7e55c84cfc	Add Missing Since ... Issue gh-10482	4 years ago
Igor Pelesic	72109e2921	PermitAllSupport supports AuthorizeHttpRequestsConfigurer ... PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown. Closes gh-10482	4 years ago
Steve Riesenberg	898ba67098	Polish gh-10007	4 years ago
Guirong Hu	9f51240bf1	Support IP whitelist for Spring Security Webflux ... Closes gh-7765	4 years ago
Steve Riesenberg	9a9136d96d	Fix import spacing	4 years ago
Steve Riesenberg	c6a27d44e5	Remove failing test due to HttpMethod changes ... Closes gh-10569	4 years ago
Marcus Da Coregio	25feedb870	Fix removal of framework deprecated code ... Issue https://github.com/spring-projects/spring-framework/issues/27686	4 years ago
Rob Winch	bd34d70f97	Prevent Save @Transient Authentication with existing HttpSession ... Previously, @Transient Authentication would get saved if an existing HttpSession existed but it shouldn't. This commit always prevents @Transient Authentication from being saved. Closes gh-9992	4 years ago
Marcus Da Coregio	db60df2f9c	Update to Spring Framework 6.0 ... Issue gh-10360	4 years ago
Marcus Da Coregio	caad3d57e2	Improve log message when no CSRF token found ... Closes gh-10436	4 years ago
Emil Sierżęga	04b47c5928	Fixed various broken links in Javadocs	4 years ago
Emil Sierżęga	a188138715	Javadocs author tag doesn't work in methods	4 years ago
Rob Winch	f836897190	Checkstyle Fixes ... - Javadoc tag ordering - Private constructors before inner classes Issue gh-10394	4 years ago
Rob Winch	e1f4ec1137	Fix Jackson	4 years ago
Marcus Da Coregio	faec20bc69	Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext ... Closes gh-10208	4 years ago
Josh Cummings	7b98c2ea95	Restructure SwitchUserFilter Logs ... Issue gh-6311	4 years ago
Eleftheria Stein	7d81a52780	Allow AuthenticationPrincipal argument type to be primitive ... Closes gh-10172	4 years ago
heowc	84d173c310	Fix typo	4 years ago
Bogdan Ilchyshyn	a4c088a3b3	Introducing WebSessionServerLogoutHandler ... Closes gh-4838	5 years ago
Hiroshi Shirosaki	6f3e346b76	Add SecurityContextHolder#addListener ... Closes gh-10032	5 years ago
Josh Cummings	b8d51725c7	Immutable SecurityContext ... Issue gh-10032	5 years ago
Rob Winch	b6ff4d3674	Fix mockito UnnecessaryStubbingException	5 years ago
Rob Winch	3e93b024d6	openrewrite Junit Migration	5 years ago
Rob Winch	14240b2559	Remove Powermock ... Powermock does not support JUnit5 yet, so we need to remove it to support JUnit 5. Additionally, maintaining additional libraries adds extra work for the team. Mockito now supports final classes and static method mocking. This commit replaces Powermock with mockito-inline. Closes gh-6025	5 years ago
Evgeniy Cheban	d121ab9565	Support A Well-Known URL for Changing Passwords ... Closes gh-8657	5 years ago
Alexey Markevich	3219fd554d	DigestAuthenticationFilter decodes nonce only once ... Closes gh-8455	5 years ago
Steve Riesenberg	3bb8e1d200	Remove redundant translations in spring-security-web	5 years ago
Ruben Suarez Alvarez	7cd344acab	Add spanish translation of insufficient authentication and cookie stolen	5 years ago
Josh Cummings	ca76c54471	Polish CsrfWebFilterTests ... Issue gh-9113	5 years ago
Tomoki Tsubaki	0c8b6df82a	Cache Mono that generate the CSRF token ... Closes gh-9113	5 years ago
AlexeyAnufriev	baac9e0cf2	Properly clean cookies with context path after logout ... Closes gh-8846	5 years ago
Marcus Hert da Coregio	2a7998d0fc	Adjust createNewSessionIfAllowed to prevent NPE ... Ensure that isTransientAuthentication reuses the same authentication object from saveContext Closes gh-8947	5 years ago
César Revert	cf74ad3a52	Anonymous in ExceptionTranslationWebFilter ... The ExceptionTranslationWebFilter does not support correctly when anonymous authentication is enabled. With this enabled provoked always the execution of the access denied handler, and with this fix it behaves like the ExceptionTranslationFilter (servlet), executing the access denied handler only if the principal is not empty and neither anonymous. Closes gh-9130	5 years ago
Craig Andrews	a7fbae8355	Add test for RequestedUrlRedirectInvalidSessionStrategy	5 years ago
Craig Andrews	0e6d47b082	Add guard around debug logging involving string concatenation	5 years ago
Craig Andrews	0af74ce134	Use ServletUriComponentsBuilder instead of UrlPathHelper	5 years ago
Craig Andrews	2bcd4627fa	Eliminate use of Optional	5 years ago
Craig Andrews	10a264c144	Add RequestedUrlRedirectInvalidSessionStrategy implemention of InvalidSessionStrategy ... Performs a redirect to the original request URL when an invalid requested session is detected. In effect, when a user's session times out, the user is redirected to URL they originally requested instead of some fixed URL.	5 years ago
Josh Cummings	df6ebc7051	Rename DelegatingAuthorizationManager ... Closes gh-9692	5 years ago
Thomas Vitale	e2993d93e1	Make Csrf cookie secure flag configurable (WebFlux) ... Make the XSRF-TOKEN cookie secure flag configurable in CookieServerCsrfTokenRepository. Closes gh-9678	5 years ago