Since we don't need to ensure the serializability of test components
across versions, we can ignore missing version UIDs when those
test components aren't about testing Java serialization.
Issue gh-17038
This commit ensures that the default advisors and added advisors
are sorted in the event that this component is not being published
as a Spring bean.
Issue gh-16819
Spring Security uses setter methods for optional member variables. Allows
for a null cleanupCron to disable the cleanup.
In a clustered environment it is likely that users do not want all nodes
to be performing a cleanup because it will cause contention on the ott
table.
Another example is if a user wants to invoke cleanUpExpiredTokens with a
different strategy all together, they might want to disable the cron job.
Issue gh-15735
Rename to a class that isn't focused on the synthesis implementation detail.
Also add Security to the front of the name to clarify that it is only intended
for security annotations, reminiscent of SecurityMetadataSource.
Refine method signatures to better articulate supported use cases.
Issue gh-15286
This commit had some unintended consequences when the advisor
interceptor was published in a Spring Boot application. As such,
15497 will be reopened to investigate. In the meantime, this commit
reverts the previous change so as to allow the build to pass.
Issue gh-15497
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.
This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.
Issue gh-15352
- Renamed @AuthorizationDeniedHandler to @HandleAuthorizationDenied
- Merged the post processor interface into MethodAuthorizationDeniedHandler , it now has two methods handleDeniedInvocation and handleDeniedInvocationResult
- @HandleAuthorizationDenied now handles AuthorizationDeniedException thrown from the method
Issue gh-14601
Prior to this commit, the implementation was placed in spring-security-core, however we do not want to introduce a dependency on spring-web and spring-webflux for that module.
Issue gh-7395
Josh Cummings
Josh Cummings
Steve Riesenberg
Max Batischev
Rob Winch
Jonny Coddington
Marcus Hert Da Coregio
Niels Basjes
DingHao
MrJovanovic13
Blagoja Stamatovski