spring-security

Commit Graph

Author	SHA1	Message	Date
James Howe	fc9b97c94a	Typo in doc	6 years ago
Vincent Ricard	f0856c83a9	Migrate LDAP integration tests groovy->java This commit also removes BaseSpringSpec Issue: gh-4939	6 years ago
Josh Cummings	a35ce77451	Add missing PowerMockIgnore annotation WebSecurityConfigurerAdapterPowermockTests needs to exclude javax.xml.transform.* from Powermock configuration.	6 years ago
Josh Cummings	ba21c156dd	Polish WebSecurityConfigurerAdapter tests Moved Powermock-dependent test over to WebSecurityConfigurerAdapterPowermockTests.	6 years ago
Eleftheria Stein	fcc6457bef	Unlock dependencies for next development version This reverts commit `93acf8f0f1`.	6 years ago
Eleftheria Stein	93acf8f0f1	Lock dependencies for 5.3.0.M1	6 years ago
Josh Cummings	de87675f6d	Add JwtIssuerAuthenticationManagerResolver Fixes gh-7724	6 years ago
Eleftheria Stein-Kousathana	2df1099da5	Idiomatic Kotlin DSL for configuring HTTP security Issue: gh-5558	6 years ago
Rob Winch	65981444f1	Use Version Ranges Fixes gh-7788	6 years ago
Rob Winch	06d7443946	Use Gradle platform and constraints This was largely generated from the following script wget `bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy` ./dsp.gradle cat gradle/dependency-management.gradle \| grep 'management "' \| cut -d ':' -f 2 \| xargs -I{} sh -c "rg {} -l -g '.gradle' -g '\!dependency-management.gradle' > /dev/null \|\| echo {}" \| xargs -I{} sed -iE '/.{}.*/d' gradle/dependency-management.gradle rm ./dps.gradle Fixes gh-7787	6 years ago
Eleftheria Stein	924b9e95a1	Polish MethodSecurityEvaluationContext Issue: gh-6224	6 years ago
Eleftheria Stein	8b8267e1fe	Fix typo in LDAP Javadoc	6 years ago
BELHAKEL Ammar	b4619f31ee	Fix return type AbstractConfiguredSecurityBuilder.objectPostProcessor() should cast to B, the type of SecurityBuilder, instead of O, the type of object being built. Without this change, calls like http.objectPostProcessor(...).getFilters() will fail with a ClassCastException.	6 years ago
Eleftheria Stein	2c7f2c2117	Fix Javadoc error in oauth2ResourceServer Fixes: gh-7670	6 years ago
Filip Hanik	b754a3d635	Use the custom ServerRequestCache that the user configures on for the default authentication entry point and authentication success handler Fixes gh-7721 https://github.com/spring-projects/spring-security/issues/7721 Set RequestCache on the Oauth2LoginSpec default authentication success handler import static ReflectionTestUtils.getField Feedback incorporated per https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359	6 years ago
Filip Hanik	af415948b1	Allow configuration of AuthenticationManagerResolver in saml2Login() Fixes gh-7654 https://github.com/spring-projects/spring-security/issues/7654	6 years ago
Filip Hanik	9aa333ca4d	Use the custom ServerRequestCache that the user configures on for the default authentication entry point and authentication success handler Fixes gh-7721 https://github.com/spring-projects/spring-security/issues/7721 Set RequestCache on the Oauth2LoginSpec default authentication success handler import static ReflectionTestUtils.getField Feedback incorporated per https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359	6 years ago
Eleftheria Stein	0d24e2b8cf	Fix WebFlux logout disabling Fixes: gh-7682	6 years ago
Josh Cummings	02f161aba7	Use OidcIdToken.Builder Issue gh-7592	6 years ago
Joe Grandja	e4aa3be4c5	WebFlux oauth2Login() redirects on failed authentication Fixes gh-5562 gh-6484	6 years ago
Joe Grandja	c40a17b4d1	WebFlux oauth2Login() redirects on failed authentication Fixes gh-5562 gh-6484	6 years ago
Alexey Nesterov	0babe7d930	Correctly configure authorization requests repository for OAuth2 login To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is correctly configured, but the latter always uses default, WebSession based repository. So authorization code created before redirect to authorization endpoint will never be found to complete OAuth2 login when custom ServerAuthorizationRequestRepository is used. This change also makes OAuth2Client and OAuth2Login authentication converters consistent. Fixes gh-7675	6 years ago
Alexey Nesterov	d8d59e97ac	Correctly configure authorization requests repository for OAuth2 login To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is correctly configured, but the latter always uses default, WebSession based repository. So authorization code created before redirect to authorization endpoint will never be found to complete OAuth2 login when custom ServerAuthorizationRequestRepository is used. This change also makes OAuth2Client and OAuth2Login authentication converters consistent. Fixes gh-7675	6 years ago
Eleftheria Stein	b7cb93f671	Fix WebFlux logout disabling Fixes: gh-7682	6 years ago
Ruslan Stelmachenko	c38e57fa42	Fix class and variable names	6 years ago
Ruslan Stelmachenko	8ebc7ca0ea	Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc	6 years ago
Eleftheria Stein	8a95e5798d	Update @MessageMapping to match input/output cardinality	6 years ago
Pim Moerenhout	cd0bec48de	Fix typo in log message.	6 years ago
Paul Pazderski	0d35194b47	Add sessionFixation Javadoc	6 years ago
Adrian Pena	ca8877c8c5	Updates javadoc for InitializeUserDetailsBeanManagerConfigurer	6 years ago
Eleftheria Stein	1188a3bb5f	Polish RememberMeConfigurer Issue: gh-4140	6 years ago
邓超	b13f750646	Retrieve remember-me key from service as fallback Fixes: gh-4140	6 years ago
Yanming Zhou	9f6a36444a	Add missing schemas	6 years ago
Josh Cummings	925bf48ec0	Polish OAuth2ResourceServerConfigurerTests To confirm that resource server only produces SCOPE_<scope> authorities by default. Issue gh-7596	6 years ago
Filip Hanik	0cafcf37e2	Make the loginProcessingUrl configurable for saml2Login() Fixes gh-7565 https://github.com/spring-projects/spring-security/issues/7565	6 years ago
Josh Cummings	5f17032ffd	Restore Removed Throws Clauses In a recent clean-up, certain exceptions were removed from various throws clauses. This PR re-introduces throws clauses that are important for one of the following reasons: 1. It's a method on a public interface 2. It's a method clearly designed for inheritance, for example, a method stub, an abstract method, or indicated as such in the docs. Fixes gh-7541	6 years ago
Rob Winch	635f7e1edd	CsrfWebFilter supports multipart/form-data Fixes gh-7576	6 years ago
Vitalii Mahas	0ac5f5456f	Fix typo 'is' -> 'if' in javadoc	6 years ago
Eleftheria Stein	de7cbc82b5	Clarify in Javadoc that expressionHandler should not be null Fixes: gh-2665	6 years ago
Josh Cummings	758af54796	ObjectPostProcessor Tests groovy->java Issue gh-4939	6 years ago
Josh Cummings	a08be5bf6f	UrlAuthorizationsTests groovy->java Issue gh-4939	6 years ago
Josh Cummings	870d83eb3e	PermitAllSupportTests groovy->java Issue gh-4939	6 years ago
Luis Felipe Vega Calle	350bce761f	Add hasAuthority method to RSocketSecurity Fixes gh-7435	6 years ago
Josh Cummings	5f905232cb	Polish CurrentSecurityContextArgumentResolvers Fixes gh-7487	6 years ago
Joe Grandja	5ef6e7ed6f	Add author for SecurityReactorContextConfiguration Issue gh-7422	6 years ago
Joe Grandja	0fea57d6a1	Optimize SecurityReactorContextConfiguration Issue gh-7422	6 years ago
Josh Cummings	33ba292fed	Resource Server w/ SecurityReactorContextSubscriber Fixes gh-7423	6 years ago
Joe Grandja	5a67971375	WebFluxSecurityConfiguration configures oauth2Client() by default Fixes gh-7470	6 years ago
Joe Grandja	08d2c93713	Polish gh-7466	6 years ago
Roman Chigvintsev	9bae0a4dbd	Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec Fixes gh-7466	6 years ago

... 21 22 23 24 25 ...

2645 Commits (820e3f57504a7fb8fcc8a74e06a481ab47a10ea2)