spring-security

Commit Graph

Author	SHA1	Message	Date
twosom	cef13a6a16	Fix Javadoc Type Parameter	3 years ago
twosom	c79dac49ca	Fix Typo	3 years ago
Tobias Meurer	7dd5cc6082	Pick Up Custom SecurityContextRespository Closes gh-12579	3 years ago
twosom	c66370c092	Update javadoc in EnableWebSecurity	3 years ago
Marcus Da Coregio	52ed165476	Move classpath checks to class member variable Closes gh-11437	3 years ago
Marcus Da Coregio	3572111cf5	Add JwtDecoder hint for oauth2Login Closes gh-12615	3 years ago
Evgeniy Cheban	59829321a8	Allow configuring SecurityContextRepository for BasicAuthenticationFilter Closes gh-12031	3 years ago
Steve Riesenberg	13487be268	Default to XorCsrfChannelInterceptor in 6.0.x Closes gh-12378	3 years ago
Josh Cummings	c3563df25a	Include HttpStatusRequestRequestedHandler Closes gh-12548	3 years ago
Josh Cummings	66711f2365	Add RequestRejectedHandler Test Issue gh-12548	3 years ago
Steve Riesenberg	c306df9b46	Add XorCsrfChannelInterceptor Issue gh-12378	3 years ago
Evgeniy Cheban	d84b8d2d12	AuthorizeHttpRequestsConfigurer.AuthorizedUrl.hasRole should look up for a RoleHierarchy bean in the context Closes gh-12473	3 years ago
Josh Cummings	5b6b3d585f	Change EnableReactiveMethodSecurity Defaults Closes gh-12506	3 years ago
Joe Grandja	e139f1c2ba	Polish gh-12438	3 years ago
Spas Poptchev	919280b3e4	Allow ServerOAuth2AuthorizationRequestResolver to be set on oauth2 client configuration Closes gh-12430	3 years ago
Marcus Da Coregio	7080ea652f	Add hints for ProxyFactoryBean AuthenticationManager Closes gh-12367	3 years ago
Marcus Da Coregio	f1698ec188	Fix removed code by merge	3 years ago
Mitja Kotnik	f39f215140	Replace javadoc with SecurityFilterChain bean definition	3 years ago
Guillaume Husta	a5464ed819	Fix typo in DefaultLoginPageConfigurer Javadoc 'isLogoutRequest' seems to have nothing to do here.	3 years ago
Marcus Da Coregio	e6173f9e5b	Prepare for Spring Security 6.1	3 years ago
Marcus Da Coregio	f561d3784e	Improve deprecation notice in WebSecurityConfigurerAdapter Closes gh-12260	3 years ago
Steve Riesenberg	dd9f954ace	Fix tests in CsrfConfigurerTests Closes gh-12241	3 years ago
Steve Riesenberg	ea6ce05662	Add configurer tests for CookieCsrfTokenRepository Issue gh-12236	3 years ago
Steve Riesenberg	2ed7cff643	Check for existing token before clearing Closes gh-12236	3 years ago
Josh Cummings	e08ed89403	Polish Span and Meter Names Closes gh-12156	3 years ago
Jan Marten	2301e8ca77	Fix Javadoc in EnableWebSocketSecurity Add missing method name in EnableWebSocketSecurity JavaDoc code example.	3 years ago
Josh Cummings	c45cd6ec9f	Defer ObservationRegistry Resolution - If Method Security asks for too early, it is no longer eligible for post-processing. As such, this commit defers loading it until the first authorization request. Issue gh-11990	3 years ago
Marcus Da Coregio	3b5d19c8a4	Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1 Closes gh-12146 Closes gh-12148	3 years ago
Marcus Da Coregio	72c25332a5	Fix authenticationFailureHandler customization tests Issue gh-12132	3 years ago
Josh Cummings	3192618220	Add authenticationFailureHandler - To ServerHttpSecurity#httpBasic - To ServerHttpSecurity#oauthResourceServer Closes gh-12132	3 years ago
Koos Gadellaa	5c4362bbc4	Refresh parsers when not found Closes gh-3065	3 years ago
Rob Winch	d860775b45	Document Defer load CsrfToken Closes gh-12105	3 years ago
mmoussa_mapfreusa	bd4e0fb5db	Set LogoutRequestRepository on Saml2 LogoutSuccessHandler Closes gh-11363	3 years ago
Rob Winch	9cb668aec2	SessionManagementConfigurer properly defaults SecurityContextRepository Previously the default was an HttpSessionSecurityContextRepository which meant that if a stateless authentication occurred the SecurityContext would be lost on ERROR dispatch. This commit ensures that the RequestAttributeSecurityContextRepository is also consulted by default. Closes gh-12070	3 years ago
Rob Winch	a4858d9eaa	Add SpringTestContext.addFilter Add SpringTestContext.addFilter which allows Spring Security's tests to specify a Filter to be added to the SpringTestContext. Closes gh-12071	3 years ago
Steve Riesenberg	33b492df54	Default to DelegatingSecurityContextRepository Closes gh-12023 Closes gh-12049	3 years ago
Steve Riesenberg	c75ca10900	Add DeferredSecurityContext Issue gh-12023	3 years ago
Steve Riesenberg	819529f5ea	Remove CsrfSpec.tokenFromMultipartDataEnabled Also removed ServerCsrfDsl.tokenFromMultipartDataEnabled Closes gh-12020	3 years ago
Joe Grandja	753e113a13	RequestMatcherDelegatingAuthorizationManager defaults to deny Closes gh-11958	3 years ago
Steve Riesenberg	2407d07890	Default to Xor CSRF tokens in CsrfWebFilter Closes gh-11960	3 years ago
Steve Riesenberg	2a2051cd7b	Default to Xor CSRF tokens in CsrfFilter Issue gh-11960	3 years ago
Josh Cummings	2713075d08	Mark Observations with Firewall Failures Closes gh-11994	3 years ago
Josh Cummings	46ab84684b	Mark Observations with CSRF Failures Closes gh-11993	3 years ago
Josh Cummings	99a87179dd	Instrument Filter Chain Closes gh-11911	3 years ago
Josh Cummings	8c610684f3	Instrument Authentication and Authorization Closes gh-11989 Closes gh-11990	3 years ago
Steve Riesenberg	440748ec65	Add test support for Xor CSRF tokens Issue gh-4001	3 years ago
Daniel Garnier-Moiroux	27059ced87	Default X-Xss-Protection header value to "0" Closes gh-9631	3 years ago
Steve Riesenberg	37fa49b32d	Polish gh-11952	3 years ago
Steve Riesenberg	f462134e87	Add reactive support for BREACH Closes gh-11959	3 years ago
Steve Riesenberg	f4ca90e719	Add reactive interfaces for CSRF request handling Issue gh-11959	3 years ago

... 3 4 5 6 7 ...

2645 Commits (820e3f57504a7fb8fcc8a74e06a481ab47a10ea2)