101e0a21a8
Bearer WebClient Filter Authentication Propagation
...
Fixes: gh-7418
6 years ago
96d44cd4b7
Add Default RSocketSecurity
...
Fixes gh-7361
6 years ago
5d0815bc76
Allow RSocketMessageHandlerITests to timeout
...
Fixes gh-7415
6 years ago
6296e6e896
RSocketSecurity delegates to correct matcher
...
Fixes gh-7414
6 years ago
1b699a49fb
Polish RSocket packaging
...
Fixes gh-7413
6 years ago
aa533c2565
Add missing javadoc to session fixation
6 years ago
316380e622
Allow Custom PayloadInterceptor to be Added
...
Fixes gh-7362
6 years ago
a60446836b
OAuth2AuthorizeRequest supports attributes
...
Fixes gh-7341
6 years ago
e9a44bc0ce
HttpSecurity.saml2login() - MVP Core Code
...
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
6 years ago
9639962e27
Fix RSocket Package Tangle
...
Issue gh-7360
6 years ago
7ad641d106
RSocket Tests use Available Port
...
Issue gh-7360
6 years ago
26a65249f9
Remove invalid characters
6 years ago
5a4eded696
Add RSocket Support
...
Fixes gh-7360
6 years ago
dcd997ea43
Add support for Resource Owner Password Credentials grant
...
Fixes gh-6003
6 years ago
de672e3ae9
Polish oauth2ResourceServer() Error Messaging
...
Fixes: gh-6876
6 years ago
1fc5b27fa2
Update LogoutConfigurerClearSiteData Tests
...
Issue gh-7347
6 years ago
068f4f0147
Polish Opaque Token
...
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.
Fixes gh-7344
Fixes gh-7345
6 years ago
8773c7994f
Allow to set default securityContextRepository for each authentication mechanisms
...
Fixes gh-7249
7 years ago
f6c650db47
Replace Streams with Loops
...
First version of replacing streams
fix wwwAuthenticate and codestyle
fix errors in implementation to pass tests
Fix review notes
Remove uneccessary final to align with cb
Short circuit way to authorize
Simplify error message, make code readably
Return error while duplicate key found
Delete check for duplicate, checkstyle issues
Return duplicate error
Fixes gh-7154
7 years ago
d6d0d89ff8
NamespaceRememberMeTests groovy->java
...
Issue gh-4939
7 years ago
bf5b693549
NamespaceHttpOpenIDLoginTests groovy->java
...
Issue gh-4939
7 years ago
2c2e8e5f24
Remove internal Optional usage in favor of null checks
...
Issue gh-7155
7 years ago
46756d2e6b
Introduce Reactive OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-7116
7 years ago
9876b66f99
Polish GlobalMethodSecurityConfiguration
...
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
7 years ago
08ea2348d6
Polish RequestCache ignores multipart requests
7 years ago
1ab05dae02
added test
7 years ago
cb4f3d2f44
Use UTF-8 for Java sources and XML
7 years ago
2e63def05b
Add tests
7 years ago
93142f3e30
Remove unboundid dependency
7 years ago
c03fb701ce
Improve logic to pick embedded server
7 years ago
3511c0ea4f
Update xsd
7 years ago
4ed197e515
Rename OAuth2TokenIntrospectionClient
...
Renamed to OpaqueTokenIntrospector
Fixes gh-7245
7 years ago
9b2af944fa
Add unbounid support in xml
...
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.
Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.
Fixes gh-6011
7 years ago
0410bac559
Add support for oauth2Login().securityContextRepository(...)
...
Fixes gh-7222
7 years ago
ff1070df36
remove redundant modifiers found by checkstyle
7 years ago
bbefc491b2
unused imports
7 years ago
38de737663
Java 8: Statement lambda can be replaced with expression lambda
7 years ago
3a5d8ba696
Java 8: Collections.sort() can be replaced with List.sort()
7 years ago
91c846756e
Java 5: Unnecessary Boxing
7 years ago
578d628774
'Collection.toArray()' call style
7 years ago
40bee457f9
Unnecessary enum modifier
7 years ago
eddcd1622f
Type parameter extends Object
...
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
7 years ago
fb39d9c255
Anonymous type can be replaced with lambda
7 years ago
05f42a4995
Remove unused imports
7 years ago
65f6025cef
Polish OAuth2LoginConfigurer
...
Improve way of accessing ApplicationContext to ensure backward
compatibility.
Issue gh-7232
7 years ago
a00ad37168
OAuth2LoginConfigurer UserService Beans
...
Fixes gh-7232
7 years ago
f5cd0ec302
Use try-with-resources instead of try-finally
7 years ago
2056834432
Cleanup unnecessary unboxing
...
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
7 years ago
2306d987e9
Cleanup unnecessary boxing
7 years ago
2c836a171a
Add authenticationFailureHandler method in OAuth2LoginSpec
...
Allow to customize the failure handler.
Fixes gh-7051
7 years ago
Josh Cummings
Rob Winch
Eleftheria Stein
Joe Grandja
Filip Hanik
Eddú Meléndez
kostya05983
watsta
John Lin
Ahmed Sayed
Lars Grefer
Francesco Chicchiriccò