Tree: 43ec2beec0

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/7.0.x/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/ch.qos.logback-logback-classic-1.5.28

dependabot/gradle/main/com.fasterxml.jackson-jackson-bom-2.21.0

dependabot/gradle/main/com.nimbusds-oauth2-oidc-sdk-11.32

dependabot/gradle/main/com.webauthn4j-webauthn4j-core-0.31.0.RELEASE

dependabot/gradle/main/org.hibernate.orm-hibernate-core-7.2.3.Final

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '43ec2beec0'

${ noResults }

Commit Graph

247 Commits (43ec2beec025ed384fafa21b378c877dc482ec89)

Author	SHA1	Message	Date
Luke Taylor	21ed5feb8d	SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.	16 years ago
Luke Taylor	f70942c6f5	SEC-1589: Add support for property placeholder in intercept-methods access attribute.	16 years ago
Luke Taylor	173537f4f2	SEC-1584: Added namespace support for injecting custom HttpFirewall instance into FilterChainProxy.	16 years ago
Luke Taylor	0961671772	Reinstated missing 3.0.3 schema file	16 years ago
Luke Taylor	f455e9a5a4	SEC-1584: Documentation of request-checking and matching process. Logging of servletPath and and pathInfo in DebugFilter for comparison.	16 years ago
Luke Taylor	7d97adc687	SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/".	16 years ago
Rob Winch	ee12d54bec	SEC-1536: moved web.authentication.jaas to web.jaasapi ... Renamed org.springframework.security.web.authentication.jaas to org.springframework.security.web.jaasapi to be better aligned with org.springframework.security.web.servletapi, added package-info.java, and removed trailing whitespaces	16 years ago
Luke Taylor	e69b981c72	Make method in MatcherType public for use in OAuth.	16 years ago
Luke Taylor	11a87d1fa0	Switch to using xsd:boolean in schema file.	16 years ago
Luke Taylor	1b2b371970	SEC-1544: Added CookieClearingLogoutHandler and 'delete-cookies' attribute to the 'logout' namespace element. ... When the user logs out, the handler will attempt to delete the named cookies (which it is constructor-injected with) by expiring them in the response. Also added documentation on the feature and a suggestion for deleting JSESSIONID through an Apache proxy server, if the servlet container doesn't allow clearing the session cookie.	16 years ago
Luke Taylor	383211561c	Moved LDAP placeholder config test into LDAP tests to prevent issues with parallel tests. Converted LdapProviderBDP tests to groovy/spock. Other misc tidying of config tests.	16 years ago
Luke Taylor	7dd8cd2fb9	Make sure ApacheDS work directory is set correctly for separate LDAP test task in config module.	16 years ago
rwinch	a128e3b4fe	http://forum.springsource.org/showthread.php?p=318755 Added PlaceHolderAndELConfigTests.ldapAuthenticationProviderWorksWithPlaceholders	16 years ago
rwinch	de819378fc	SEC-1536: added JAAS API Integration, updated doc, updated jaas sample	16 years ago
Luke Taylor	0217e98bdb	Added an AppListener to collect events for use in tests	16 years ago
Luke Taylor	f4d57ab5e8	SEC-1456: Remove maven poms as we are now using gradle for the build.	16 years ago
Luke Taylor	20988c8cf6	Minor refactoring of debug filter and tidying up tests.	16 years ago
Luke Taylor	bdb906e588	Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.	16 years ago
Luke Taylor	1db83fc81e	Minor BD parser tidying.	16 years ago
Luke Taylor	c37ca1c2a9	Sample app build adjustments to remove unwanted deps such as jsp-api, tidy up use of JSTL, make sure all are using servlet 2.5 etc.	16 years ago
Luke Taylor	5f6bcc0e1e	SEC-1540: Fix to add HTTP-method specific support for namespace requires-channel attribute.	16 years ago
Luke Taylor	3c02989d67	Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).	16 years ago
Luke Taylor	aafc5f9038	File rename to correct case.	16 years ago
Luke Taylor	1f520b691f	SEC-1469: Initial support for debugging filter.	16 years ago
Luke Taylor	591bd532bd	Polishing FilterChainProxy and its tests.	16 years ago
Luke Taylor	6abfa2e887	Update minimum required schema to 3.1.	16 years ago
Luke Taylor	4bd41cbf72	SEC-1133: Support for setting of authenticationDetailsSource property for form-login, openid-login, http-basic and x509 namespace elements. These elements now support an additional 'authentication-details-source-ref' attribute.	16 years ago
Luke Taylor	4935aa07c7	SEC-1535: Added suggested doc fixes.	16 years ago
Luke Taylor	2222a7be07	Use Integer.valueOf() in preference to new Integer()	16 years ago
Luke Taylor	dca0fd871c	SEC-1532: Add cache of previously matched beans to ProtectPointcutPostProcessor to ensure that it doesn't perform pointcut matching every time a new prototype bean is created.	16 years ago
Luke Taylor	85c4c91e0e	IDEA inspection refactorings.	16 years ago
Luke Taylor	413b2a06e3	Improvements in up-to-date checking and use of parallel tests where possible.	16 years ago
Luke Taylor	64375484a1	More build and logging tuning.	16 years ago
Luke Taylor	2d9a848265	Added missing gradle build files for remaining samples. Some related reordering, dependency fixing etc. CAS sample no longer requires two separate subprojects as both client and server app can be run from a single gradle build.	16 years ago
Luke Taylor	c1c8fd1874	SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request).	16 years ago
Luke Taylor	a4fd191499	Added check for use of "ref" with other attributes in <authentication-provider>.	16 years ago
Luke Taylor	4683273c2c	Correct message in namespace handler when web classes are missing.	16 years ago
Luke Taylor	69a10c48ae	Switch to using slf4j/logback for logging. ... We still compile modules against commons-logging but all runtime logging and samples will use logback	16 years ago
Luke Taylor	443ac0487a	SEC-1093: Namespace support for jee element. ... Adds a J2eePreAuthenticatedProcessingFilter to the stack, using a SimpleAttributes2GrantedAuthoritiesMapper to process the role attributes defined in the "mappable-roles" attribute. Provider uses a PreAuthenticatedGrantedAuthoritiesUserDetailsService by default.	16 years ago
Luke Taylor	026517f674	Removal of deprecated methods and classes.	16 years ago
Luke Taylor	6a79cf7be2	SEC-1383: Make MethodSecurityMetadataSourceBeanDefinitionParser extend AbstractBeanDefinitionParser for automatic support of ID attribute.	16 years ago
Luke Taylor	cd946c4e23	SEC-1493: Added namespace support.	16 years ago
Luke Taylor	8bddc8f820	SEC-1484: Documentation for some namespace attributes.	16 years ago
Luke Taylor	2e865752ff	Upgraded groovy to 1.7.2 to avoid jansi dependency issue	16 years ago
Luke Taylor	efb600166a	SEC-1488: Remove commons-logging dependencies from maven poms.	16 years ago
Luke Taylor	f7405cef82	Removed original Java version of refactored http namespace tests.	16 years ago
Luke Taylor	34401416b0	SEC-1171: Implement parsing of empty filter chain patters via http 'secured' attribute and remove filters='none' support.	16 years ago
Luke Taylor	05c7abe191	SEC-1445: Tests for setting of username and password parameter names through the form-login element.	16 years ago
Luke Taylor	7d74b7c87e	SEC-1171: Allow multiple http elements and add pattern attribute to specify filter chain mapping.	16 years ago
Luke Taylor	b0758dd8de	Refactoring HTTP config tests to use spock and groovy MarkupBuilder	16 years ago