Tree: 37fa49b32d

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.4.x/ch.qos.logback-logback-classic-1.5.26

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '37fa49b32d'

${ noResults }

Commit Graph

10726 Commits (37fa49b32da9eb007bb76ee043db44d583c25862)

 

All Branches   

Search

Author	SHA1	Message	Date
Steve Riesenberg	37fa49b32d	Polish gh-11952	3 years ago
Steve Riesenberg	f462134e87	Add reactive support for BREACH ... Closes gh-11959	3 years ago
Steve Riesenberg	f4ca90e719	Add reactive interfaces for CSRF request handling ... Issue gh-11959	3 years ago
Marcus Da Coregio	f3321c256c	Add XML support for shouldFilterAllDispatcherTypes ... Closes gh-11492	3 years ago
Marcus Da Coregio	8a5aed2983	Add deprecation warning to CsrfDsl#ignoringAntMatchers ... Issue gh-11347	3 years ago
Marcus Da Coregio	bc4ad52feb	Add deprecation warning to mvcMatchers methods ... Issue gh-11347	3 years ago
Josh Cummings	380a6a2564	Polish SecurityContextHolderStrategy Usage ... - Add to HttpSessionSecurityContextRepository#saveContext Issue gh-11060	3 years ago
Josh Cummings	0c0e298aa7	Polish Saml2 XML Use of SecurityContextHolderStrategy ... Issue gh-11061	3 years ago
Josh Cummings	b4d13e7726	Polish use-authorization-manager ... - Use SecurityContextHolderStrategy - Allow empty role prefix - Disallow access-decision-manager-ref and authorization-manager-ref together Issue gh-11305	3 years ago
Josh Cummings	7043ef6ccb	Polish OpaqueTokenAuthenticationConverterTests ... Issue gh-11665	3 years ago
Josh Cummings	f16d47c7b5	Polish DefaultHttpSecurityExpressionHandler ... Issue gh-11105	3 years ago
Josh Cummings	4ddec07d0e	Add default AuthorizationManager ... Closes gh-11963	3 years ago
Steve Riesenberg	dce1c30522	Add support for BREACH ... Closes gh-4001	3 years ago
Rob Winch	a5cc1f0b60	Merge branch '5.7.x' into 5.8.x ... Closes gh-11956	3 years ago
Rob Winch	37dd896d4b	Merge branch '5.6.x' into 5.7.x ... Closes gh-11955	3 years ago
Dan Allen	e0843aabb1	automatically manage docs version (with collector)	3 years ago
Steve Riesenberg	c1fcf275d9	Update What's New for 5.8 ... Issue gh-11952	3 years ago
Steve Riesenberg	1d706ae13d	Add csrfTokenRequestResolver to CsrfDsl ... Closes gh-11952	3 years ago
Marcus Da Coregio	bf6e85ec15	Accept String varargs in securityMatcher ... Issue gh-9159	3 years ago
Marcus Da Coregio	ace8caa182	Remove mvcMatchers usage from docs ... Issue gh-11347	3 years ago
Steve Riesenberg	475b3bb6bb	Add deferred CsrfTokenRepository.loadDeferredToken ... * Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken> * Move RepositoryDeferredCsrfToken to top-level and make package-private * Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse) * Update CsrfFilter * Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler Issue gh-11892 Closes gh-11918	3 years ago
Daniel Garnier-Moiroux	0e215a21ad	Add X-Xss-Protection headerValue to XML config ... Issue gh-9631	3 years ago
Marcus Da Coregio	039e0328e1	Simplify Java Configuration RequestMatcher Usage ... If Spring MVC is present in the classpath, use MvcRequestMatcher by default. This commit also adds a new securityMatcher method in HttpSecurity Closes gh-11347 Closes gh-9159	3 years ago
Daniel Garnier-Moiroux	bf59d7c374	Update What's New for 5.8	3 years ago
Steve Riesenberg	7f9600ae08	Polish gh-11896	3 years ago
Marcus Da Coregio	64a19de4dc	Deprecate HPKP security header ... Closes gh-10144	3 years ago
Marcus Da Coregio	7be2eb05d5	Merge branch '5.7.x' into 5.8.x	3 years ago
Marcus Da Coregio	cd4ddde779	Merge branch '5.6.x' into 5.7.x	3 years ago
Daniel Garnier-Moiroux	26bb60c567	Add rncToXsd task description to CONTRIBUTING.adoc	3 years ago
Rob Winch	6d56af7b65	SessionManagementDsl.requireExplicitAuthenticationStrategy	3 years ago
Josh Cummings	f054505d6d	Support Deferred Contexts ... Closes gh-11817 Issue gh-10913	3 years ago
Daniel Garnier-Moiroux	93250013e4	Make X-Xss-Protection configurable through ServerHttpSecurity ... OWASP recommends using "X-Xss-Protection: 0". The default is currently "X-Xss-Protection: 1; mode=block". In 6.0, the default will be "0". This commits adds the ability to configure the xssProtection header value in ServerHttpSecurity. This commit deprecates the use of "enabled" and "block" booleans to configure XSS protection, as the state "!enabled + block" is invalid. This impacts HttpSecurity. Issue gh-9631	3 years ago
Steve Riesenberg	7b1158ddb7	Merge branch '5.7.x' into 5.8.x	3 years ago
Steve Riesenberg	70c61dc1dd	Merge branch '5.6.x' into 5.7.x	3 years ago
Dan Allen	c44230ba24	switch to offical Antora plugin for Gradle ... - lock version to latest release of Antora 3.1 - rename properties on extension block - use Node.js version provided by plugin - remove package.json file - assign environment variables using environments property on extension block - use single quotes where possible in build script - use default setting for log format	3 years ago
Marcus Da Coregio	cf3349f31a	Configure ContentNegotiationStrategy in HttpSecurityConfiguration ... Closes gh-11916	3 years ago
Josh Cummings	506e50bfd0	Move Saml2 Authentication Filters ... Issue gh-8819	3 years ago
Steve Riesenberg	bbac85e20b	Reduce severity of invalid registrationId to warn ... This prevents filling the log file with error messages when routine scans are being performed. Closes gh-11344	3 years ago
Josh Cummings	ae6fb8c681	Add Deprecated Versions of Original Classes ... Issue gh-7349	3 years ago
Josh Cummings	37a160245f	Adjust OAuth2 Resource Server packaging ... Closes gh-7349	3 years ago
Steve Riesenberg	46696a9226	CsrfTokenRequestHandler extends CsrfTokenRequestResolver ... Closes gh-11896	3 years ago
Steve Riesenberg	d140d95305	Fix assertion in NullSecurityContextRepository ... Issue gh-11060	3 years ago
Steve Riesenberg	5d757919a2	Add SecurityContextHolderStrategy to new repository ... In 6.0, RequestAttributeSecurityContextRepository will be the default implementation of SecurityContextRepository. This commit adds the ability to configure a custom SecurityContextHolderStrategy, similar to other components. Issue gh-11060 Closes gh-11895	3 years ago
Rob Winch	d94677f87e	CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler ... This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and moves usage from CsrfFilter into CsrfTokenRequestHandler. Closes gh-11892	3 years ago
Evgeniy Cheban	c1d27612af	Simplify AuthorizationManager composition ... Closes gh-11625	3 years ago
Josh Cummings	3f8503f1b4	Deprecate AccessDecisionManager et al ... Closes gh-11302	3 years ago
Marcus Da Coregio	983ca6ea27	Update What's New for 5.8	3 years ago
Marcus Da Coregio	0c96989cbe	Move script tag into body element ... Closes gh-11879	3 years ago
github-actions[bot]	9564f1b5e4	Next development version	3 years ago
github-actions[bot]	dcbe900ff8	Release 5.8.0-M3	3 years ago