spring-security

Commit Graph

Author	SHA1	Message	Date
Marcus Da Coregio	7080ea652f	Add hints for ProxyFactoryBean AuthenticationManager Closes gh-12367	3 years ago
Marcus Da Coregio	f1698ec188	Fix removed code by merge	3 years ago
Mitja Kotnik	f39f215140	Replace javadoc with SecurityFilterChain bean definition	3 years ago
Guillaume Husta	a5464ed819	Fix typo in DefaultLoginPageConfigurer Javadoc 'isLogoutRequest' seems to have nothing to do here.	3 years ago
Marcus Da Coregio	e6173f9e5b	Prepare for Spring Security 6.1	3 years ago
Marcus Da Coregio	f561d3784e	Improve deprecation notice in WebSecurityConfigurerAdapter Closes gh-12260	3 years ago
Steve Riesenberg	dd9f954ace	Fix tests in CsrfConfigurerTests Closes gh-12241	3 years ago
Steve Riesenberg	ea6ce05662	Add configurer tests for CookieCsrfTokenRepository Issue gh-12236	3 years ago
Steve Riesenberg	2ed7cff643	Check for existing token before clearing Closes gh-12236	3 years ago
Josh Cummings	e08ed89403	Polish Span and Meter Names Closes gh-12156	3 years ago
Jan Marten	2301e8ca77	Fix Javadoc in EnableWebSocketSecurity Add missing method name in EnableWebSocketSecurity JavaDoc code example.	3 years ago
Josh Cummings	c45cd6ec9f	Defer ObservationRegistry Resolution - If Method Security asks for too early, it is no longer eligible for post-processing. As such, this commit defers loading it until the first authorization request. Issue gh-11990	3 years ago
Marcus Da Coregio	3b5d19c8a4	Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1 Closes gh-12146 Closes gh-12148	3 years ago
Marcus Da Coregio	72c25332a5	Fix authenticationFailureHandler customization tests Issue gh-12132	3 years ago
Josh Cummings	3192618220	Add authenticationFailureHandler - To ServerHttpSecurity#httpBasic - To ServerHttpSecurity#oauthResourceServer Closes gh-12132	3 years ago
Koos Gadellaa	5c4362bbc4	Refresh parsers when not found Closes gh-3065	3 years ago
Rob Winch	d860775b45	Document Defer load CsrfToken Closes gh-12105	3 years ago
mmoussa_mapfreusa	bd4e0fb5db	Set LogoutRequestRepository on Saml2 LogoutSuccessHandler Closes gh-11363	3 years ago
Rob Winch	9cb668aec2	SessionManagementConfigurer properly defaults SecurityContextRepository Previously the default was an HttpSessionSecurityContextRepository which meant that if a stateless authentication occurred the SecurityContext would be lost on ERROR dispatch. This commit ensures that the RequestAttributeSecurityContextRepository is also consulted by default. Closes gh-12070	3 years ago
Rob Winch	a4858d9eaa	Add SpringTestContext.addFilter Add SpringTestContext.addFilter which allows Spring Security's tests to specify a Filter to be added to the SpringTestContext. Closes gh-12071	3 years ago
Steve Riesenberg	33b492df54	Default to DelegatingSecurityContextRepository Closes gh-12023 Closes gh-12049	3 years ago
Steve Riesenberg	c75ca10900	Add DeferredSecurityContext Issue gh-12023	3 years ago
Steve Riesenberg	819529f5ea	Remove CsrfSpec.tokenFromMultipartDataEnabled Also removed ServerCsrfDsl.tokenFromMultipartDataEnabled Closes gh-12020	3 years ago
Joe Grandja	753e113a13	RequestMatcherDelegatingAuthorizationManager defaults to deny Closes gh-11958	3 years ago
Steve Riesenberg	2407d07890	Default to Xor CSRF tokens in CsrfWebFilter Closes gh-11960	3 years ago
Steve Riesenberg	2a2051cd7b	Default to Xor CSRF tokens in CsrfFilter Issue gh-11960	3 years ago
Josh Cummings	2713075d08	Mark Observations with Firewall Failures Closes gh-11994	3 years ago
Josh Cummings	46ab84684b	Mark Observations with CSRF Failures Closes gh-11993	3 years ago
Josh Cummings	99a87179dd	Instrument Filter Chain Closes gh-11911	3 years ago
Josh Cummings	8c610684f3	Instrument Authentication and Authorization Closes gh-11989 Closes gh-11990	3 years ago
Steve Riesenberg	440748ec65	Add test support for Xor CSRF tokens Issue gh-4001	3 years ago
Daniel Garnier-Moiroux	27059ced87	Default X-Xss-Protection header value to "0" Closes gh-9631	3 years ago
Steve Riesenberg	37fa49b32d	Polish gh-11952	3 years ago
Steve Riesenberg	f462134e87	Add reactive support for BREACH Closes gh-11959	3 years ago
Steve Riesenberg	f4ca90e719	Add reactive interfaces for CSRF request handling Issue gh-11959	3 years ago
Marcus Da Coregio	398f5dee7f	Remove deprecated RequestMatcher methods from Java Configuration Closes gh-11939	3 years ago
Marcus Da Coregio	9fd195d419	Default to shouldFilterAllDispatcherTypes=true in XML Closes gh-11970	3 years ago
Marcus Da Coregio	f3321c256c	Add XML support for shouldFilterAllDispatcherTypes Closes gh-11492	3 years ago
Marcus Da Coregio	8a5aed2983	Add deprecation warning to CsrfDsl#ignoringAntMatchers Issue gh-11347	3 years ago
Marcus Da Coregio	bc4ad52feb	Add deprecation warning to mvcMatchers methods Issue gh-11347	3 years ago
Josh Cummings	12b9f2e196	use-authorization-manager defaults to true Closes gh-11929	3 years ago
Marcus Da Coregio	52ab2303da	Fix failing test Issue gh-11061	3 years ago
Marcus Da Coregio	c4d23f2b49	Use MvcRequestMatcher by default if Spring MVC is present Closes gh-11899	3 years ago
Josh Cummings	2079309c5a	Add SecurityContextHolderStrategy XML Configuration for OAuth2 Issue gh-11061	3 years ago
Josh Cummings	7543effe89	Add SecurityContextHolderStrategy Java Configuration for OAuth2 Issue gh-11061	3 years ago
Josh Cummings	7e3841105b	Add SecurityContextHolderStrategy XML Configuration for Saml2 Issue gh-11061	3 years ago
Josh Cummings	19181a5afd	Add SecurityContextHolderStrategy Java Configuration for Saml2 Issue gh-11061	3 years ago
Josh Cummings	0c0e298aa7	Polish Saml2 XML Use of SecurityContextHolderStrategy Issue gh-11061	3 years ago
Josh Cummings	b4d13e7726	Polish use-authorization-manager - Use SecurityContextHolderStrategy - Allow empty role prefix - Disallow access-decision-manager-ref and authorization-manager-ref together Issue gh-11305	3 years ago
Josh Cummings	7043ef6ccb	Polish OpaqueTokenAuthenticationConverterTests Issue gh-11665	3 years ago

1 2 3 4 5 ...

2272 Commits (73c12f9aa87f3e54014a83ef0b8d85b697cbdff4)