spring-security

Commit Graph

Author	SHA1	Message	Date
Mark Putsiata	cae3467a8d	Improve AbstractPreAuthenticatedProcessingFilter docs Clarify misleading SecurityContextRepository setter documentation. Note that AbstractPreAuthenticatedProcessingFilter saves the SecurityContext upon successful authentication, and this behavior can be customized via the setSecurityContextRepository setter. Closes gh-14137 Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>	7 months ago
Tran Ngoc Nhan	86550fb84b	Cleanup code Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	7 months ago
yybmion	d48c463c03	Add logging to CsrfTokenRequestHandler implementations Add trace-level logging to show the logical path of CSRF token processing - Log token source (header or parameter) in resolveCsrfTokenValue - Log request attribute names in handle methods - Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding) - Add similar logging to XorServerCsrfTokenRequestAttributeHandler Improves debugging capabilities without changing functionality. Closes gh-13626 Signed-off-by: yybmion <yunyubin54@gmail.com>	7 months ago
yybmion	a90ce5142c	Add logging to CsrfTokenRequestHandler implementations Add trace-level logging to show the logical path of CSRF token processing - Log token source (header or parameter) in resolveCsrfTokenValue - Log request attribute names in handle methods - Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding) - Add similar logging to XorServerCsrfTokenRequestAttributeHandler Improves debugging capabilities without changing functionality. Closes gh-13626 Signed-off-by: yybmion <yunyubin54@gmail.com>	7 months ago
Tran Ngoc Nhan	1e4dd713c5	Remove APPLICATION_JSON_UTF8 usage Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	7 months ago
Rob Winch	6118587ff8	SavedCookieMixinTests uses readValue(String,Object.class) The test should not provide SavedCookie.class to the ObjectMapper since this is not done in production. In particular, it provides the type that it should be deserialized, but this must be provided in the JSON since the type is unknown at the time of deserialization. Issue gh-17006	7 months ago
M-Faheem-Khan	241c3cd35a	Remove deprecated Cookie usage Remove usage of comment and verison usage Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>	7 months ago
Rob Winch	5f833fa236	Fix Checkstyle Errors	7 months ago
milaneuh	7fda87aecd	Remove deprecated methods from CookieServerCsrfTokenRepository	7 months ago
Rob Winch	b453840c0a	HttpHeaders no longer a MultiValueMap Closes gh-17060	8 months ago
Rob Winch	e5e962ef90	Jakarta Cookie HttpOnly Serialization The new specification represents Cookie attribute using HttpOnly: "" vs HttpOnly: "true". This updates the test to correspond to the new Servlet specification and is a breaking change related to jakarta updates.	8 months ago
Rob Winch	607705347c	MediaType.sortBySpecificityAndQuality->sortBySpecificity Closes gh-17059	8 months ago
Rob Winch	66319fc3bc	MockServerHttpRequest.method(String,String)->method(HttpMethod,String) Closes gh-17058	8 months ago
Rob Winch	cb0fdef236	Remove MediaType.APPLICATION_JSON_UTF Closes gh-17050	8 months ago
Zhoudong	6624e302ac	Favor Spring Framework NonNull over Reactor NonNull Signed-off-by: Zhoudong <jearton@users.noreply.github.com>	8 months ago
Josh Cummings	e48f26e51e	Propagate StrictFirewallRequest Wrapper Closes gh-16978	8 months ago
Max Batischev	c855453e40	Fix Typo In SubjectDnX509PrincipalExtractorTests Signed-off-by: Max Batischev <mblancer@mail.ru>	8 months ago
Tran Ngoc Nhan	29380a87a0	Polish javadoc Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	8 months ago
Max Batischev	8525f0e3fd	Add FunctionalInterface To X509PrincipalExtractor Closes gh-16949 Signed-off-by: Max Batischev <mblancer@mail.ru>	8 months ago
Josh Cummings	7d6bdfedc8	Add Null Guard for Authorization Result	8 months ago
Josh Cummings	0ab01eac14	Update Deprecated Security Usage	8 months ago
Josh Cummings	216680bb50	Update Deprecated Spring Jdbc Usage	8 months ago
Josh Cummings	2ad859a63c	Add Missing Deprecation Markers	8 months ago
Josh Cummings	3f7f3dabe7	Correct JavaDoc Class Reference	8 months ago
Daeho Kwon	9908d96644	DeferredCsrfToken Implements Supplier Closes gh-16870 Signed-off-by: Daeho Kwon <trewq231@naver.com>	8 months ago
Josh Cummings	f93a7a2f85	Deprecate HandlerMappingIntrospectorRequestTransformer Closes gh-16536	8 months ago
chu3la	8cbe02e3aa	Update WebAuthn Test Objects Class Names Closes gh-16604 Signed-off-by: chu3la <elmansouri.houssam@gmail.com>	9 months ago
Josh Cummings	4cdc6dab21	Fix Formatting Issue gh-16604	9 months ago
Vasanth	04d7130975	Update WebAuthn Test Objects Class Names Renamed the WebAuthn test object class names Closes gh-16604 Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>	9 months ago
DingHao	857ef6fe08	WithHttpOnlyCookie defaults to false Closes gh-16820 Signed-off-by: DingHao <dh.hiekn@gmail.com>	9 months ago
Max Batischev	9a897d0b62	Add Support Postgres To JdbcUserCredentialRepository Closes gh-16832 Signed-off-by: Max Batischev <mblancer@mail.ru>	9 months ago
wtigerhyunsu	bdbf6a2be3	Add toString() to IpAddressMatcher.java Closes gh-16795 Signed-off-by: wtigerhyunsu <jack951@naver.com>	9 months ago
Josh Cummings	99345537d6	Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter Issue gh-16417	9 months ago
Josh Cummings	15d9c13984	Add RequestMatcher MigrationPath for SwitchUserFilter To simplify migration, the filter's setter methods still use AntPathRequestMatcher. Users can call the equivalent RequestMatcher setter methods to opt-in to the change early. Issue gh-16417	9 months ago
Josh Cummings	1eec51ab6c	Polish SwitchUserFilterTests Ensure that the appropriate HTTP Method is specified in tests Issue gh-16417	9 months ago
Josh Cummings	1618963255	Deprecate AntPathRequestMatcher Closes gh-16632	9 months ago
Josh Cummings	de07b1108f	Use PathPatternRequestMatcher in Web Components This commit changes filters and resolvers that were using AntPathRequestMatcher as their default to using PathPatternRequestMatcher. Issue gh-16632	9 months ago
Josh Cummings	50ad378a29	Polish MockHttpServletRequest Usage This commit makes so that the requestURI is set to a value that makes sense with the other properties being mocked. Issue gh-16632	9 months ago
Rob Winch	a6b5c05da9	Additional WebAuthn4jRelyingPartyOperationTests - verify that anonymous users not saved - verify that when user found the CredentialRecord is allowed Issue gh-16385	9 months ago
Rob Winch	9c054474a8	Use Test Name Conventions Issue gh-16385	9 months ago
Rob Winch	593f7c4490	Use !isAuthenticated It's more verbose to see if the user is not null and not anonymous Issue gh-16385	9 months ago
Rob Winch	4e20d56d2d	Fix format for WebAuthn4jRelyingPartyOperations Issue gh-16385	9 months ago
Josh Cummings	05fdcd6a08	Deprecate MvcRequestMatcher Closes gh-16631	9 months ago
Tomas Borghi	0a084135ec	Delete import unused Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>	9 months ago
Tomas Borghi	5571ad1b27	Fix issues identified in PR review Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>	9 months ago
Borghi	e3a715b8f5	Fix issues identified in PR review Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>	9 months ago
Josh Cummings	56e757a2a1	Provide Authentication to AuthenticationExceptions Issue gh-16444	9 months ago
Josh Cummings	464e506429	Polish ExceptionTranslateWebFilter - Isolated exception construction - Isolated entry point subscription Issue gh-16444	9 months ago
Josh Cummings	bfc12d55eb	Polish Tests Issue gh-16771	9 months ago
Josh Cummings	3d96878d43	Cache RequestPath In this way PathPatternRequestMatcher won't need to reparse for each request matcher. Issue gh-16771	9 months ago

1 2 3 4 5 ...

2077 Commits (63f28a7e1fda4750c216c97c9b0ab08cc96c6a93)