Tree: 820ce4ea7a

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/ch.qos.logback-logback-classic-1.5.27

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '820ce4ea7a'

${ noResults }

Commit Graph

2500 Commits (820ce4ea7a8cf1ac2d91ff71891d04f2f7b05e2e)

Author	SHA1	Message	Date
Yanming Zhou	f0f47b54ec	Improve warning message	1 year ago
Hero Wanders	f372f5cf52	Replace OidcSessionStrategy References with OidcSessionRegistry	1 year ago
Josh Cummings	5c604b95fb	Correct PostFilterAuthorizationMethodInterceptor Target Type ... Previously, `postFilterAuthorizationMethodInterceptor` mistakenly was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar` re-publishes each pre/post annotation interceptor also as an `Advisor`, this resulted in a duplicate advisor for `@PostFilter`. Closes gh-15651	1 year ago
Josh Cummings	f398be793d	Simplify AuthorizationAdvisorProxyFactory Configuration ... Closes gh-15497	1 year ago
Josh Cummings	ae8e4d148e	Produce Exactly One AuthorizationAdvisor Per Annotation ... Closes gh-15592	1 year ago
Josh Cummings	27af1df87d	Simplify Method Interceptor Configuration ... Simplifies to use only one ObjectProvider for easier future maintenance Issue gh-15592	1 year ago
Daniel Garnier-Moiroux	b731623b3a	Fix checkstyle errors with @Deprecated	1 year ago
Daniel Garnier-Moiroux	b92ed92548	Fix checkstyle errors with @Deprecated	1 year ago
Daniel Garnier-Moiroux	79fb0113c8	Bump io-spring-javaformat from 0.0.42 to 0.0.43 ... Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43. Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43 - [Release notes](https://github.com/spring-io/spring-javaformat/releases) - [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43) Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43 - [Release notes](https://github.com/spring-io/spring-javaformat/releases) - [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43) --- updated-dependencies: - dependency-name: io.spring.javaformat:spring-javaformat-checkstyle dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... --- Manual updates: - Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST be used together Signed-off-by: dependabot[bot] <support@github.com>	1 year ago
Daniel Garnier-Moiroux	2caf1fb6b4	Bump io-spring-javaformat from 0.0.42 to 0.0.43 ... Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43. Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43 - [Release notes](https://github.com/spring-io/spring-javaformat/releases) - [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43) Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43 - [Release notes](https://github.com/spring-io/spring-javaformat/releases) - [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43) --- updated-dependencies: - dependency-name: io.spring.javaformat:spring-javaformat-checkstyle dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... --- Manual updates: - Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST be used together Signed-off-by: dependabot[bot] <support@github.com>	1 year ago
DingHao	ed16c86115	Improve @CurrentSecurityContext meta-annotations ... Closes gh-15551	2 years ago
Josh Cummings	59ec1f6480	Revert "Polish AuthorizationAdvisorProxyFactory advisor configuration" ... This commit had some unintended consequences when the advisor interceptor was published in a Spring Boot application. As such, 15497 will be reopened to investigate. In the meantime, this commit reverts the previous change so as to allow the build to pass. Issue gh-15497	2 years ago
Josh Cummings	08b8b09066	Update Copyright ... Issue gh-15286	2 years ago
Josh Cummings	2b33f6f04a	Add Config Tests for AuthenticationPrincipal Templates ... Issue gh-15286	2 years ago
Josh Cummings	e40c98e6d7	Deprecate PrePostTemplateDefaults ... Since there is nothing specific to configuring pre/post annotations, there is no need for the extra class. If a need like this does arise in the future, either AnnotationTemplateExpressionDefaults can be sub- classed, or it can have introduced a Map field holding custom properties. Issue gh-15286	2 years ago
DingHao	2c02d8aec7	Update Copyright	2 years ago
DingHao	895978c818	Auto config AuthenticationPrincipalArgumentResolver When AnnotationTemplateExpressionDefaults bean is Present	2 years ago
Daniel Garnier-Moiroux	3b8cdc323f	Remove unused method	2 years ago
Daniel Garnier-Moiroux	109da2719f	Use explicit types everywhere instead of var	2 years ago
Josh Cummings	02cca6f737	Polish AuthorizationAdvisorProxyFactory advisor configuration ... Closes gh-15497	2 years ago
Josh Cummings	816ebe38b5	Add OpenSAML to Config Build ... Issue gh-11658	2 years ago
Josh Cummings	1da383b360	Add OpenSAML 5 Support ... Issue gh-11658	2 years ago
Josh Cummings	78a0173cc1	Use OpenSAML API for web ... Issue gh-11658	2 years ago
Josh Cummings	51fc05630d	Use OpenSAML API for web.authentication.logout ... Issue gh-11658	2 years ago
Josh Cummings	ff9a925e88	Use OpenSAML API for metadata ... Issue gh-11658	2 years ago
Josh Cummings	416859e70e	Use OpenSAML API in authentication.logout ... Issue gh-11658	2 years ago
Daniel Garnier-Moiroux	bc8ba7f3b7	Inline CSS for default login and logout page ... - Remove the dependency on Bootstrap CSS. Results in faster load times, no failures in air-gapped or offline scenarios, and no dependency on an external CDN that may go away some day.	2 years ago
Josh Cummings	37a2812d1a	Mimic Annotation Fallback Logic ... For backward compatibility, this commit changes the annotation traversal logic to match what is found in PrePostAnnotationSecurityMetadataSource. This reverts gh-13783 which is a feature that unfortunately regressess pre-existing behavior like that found in gh-15352. As such, that functionality has been removed. Issue gh-15352	2 years ago
Josh Cummings	f20ae1a71c	Revert gh-13783 ... This feature unfortunately regresses pre-existing behavior like that found in gh-15352. As such, this functionality has been removed. Closes gh-15352	2 years ago
Marcus Hert Da Coregio	304685521c	Fix tags order	2 years ago
baezzys	3d4bcf1b44	fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource ... - Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present. - Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.	2 years ago
Marcus Hert Da Coregio	98af8d1123	Add permissionsPolicyHeader ... This method is a replacement of `permissionsPolicy(Customizer)` that returns its own configurer instead of `HeadersConfigurer`. Closes gh-14803	2 years ago
Josh Cummings	9d8888c5f0	Use AssertingPartyMetadata ... Issue gh-15394	2 years ago
Josh Cummings	dab48d25b0	Improve Error Message When Registration Missing ... Closes gh-15363	2 years ago
Josh Cummings	796e4d6b6c	Add query parameter support for authn requests ... Closes gh-15017	2 years ago
Josh Cummings	7422a1134a	Allow logout+jwt JWT type ... Closes gh-15003	2 years ago
Josh Cummings	773e86701e	Add ParameterRequestMatcher ... Closes gh-15342	2 years ago
Marcus Hert Da Coregio	aa9c1bab67	Upgrade to Spring Framework 6.2.0-M4 ... Closes gh-15266	2 years ago
Josh Cummings	0e7566ede3	Adjust any-request check ... Storing the request matcher outside of the for loop means that if one of the SecurityFilterChain instances is not of type DefaultSecurityFilterChain, then the error may print out an earlier request matcher instead of the current one. Instead, this commit changes to print out the entire filter chain so that it can be inside of the for loop, regardless of type. Issue gh-15220	2 years ago
Max Batischev	4c780bf8d4	Add support checking AnyRequestMatcher securityFilterChains ... Closes gh-15220	2 years ago
Steve Riesenberg	7eaab95639	Polish gh-15237	2 years ago
Max Batischev	4e52eda0f5	Add support configuring OAuth2AuthorizationRequestResolver as bean ... Closes gh-15236	2 years ago
Marcus Hert Da Coregio	b4c8fdf91d	Add missing @Test annotation	2 years ago
Marcus Hert Da Coregio	7c43fc111f	Support RoleHierarchy Bean in authorizeHttpRequests Kotlin DSL ... Closes gh-15136	2 years ago
Josh Cummings	4ca0de9c2d	Sync XSD with RncToXsd Task	2 years ago
Josh Cummings	a7f9ccb6d6	Use GrantedAuthorityDefaults Bean in Kotlin DSL ... Closes gh-15171	2 years ago
Josh Cummings	6aabd768a8	Pick MvcRequestMatcher for MockMvc requests ... Closes gh-13849	2 years ago
Josh Cummings	cdd626644e	Use Request-Level Servlet Context ... Spring Security cannot use the ServletContext attached to the ApplicationContext since there may be child ApplicationContext's with their own ServletContext. Because of that, it is necessary to always use the ServletContext attached to the request. Closes gh-14418	2 years ago
Josh Cummings	5a798e93f1	Polish MVC Tests ... Issue gh-14418	2 years ago
Josh Cummings	9101bf1f7d	Allow logout+jwt JWT type ... Closes gh-15003	2 years ago