Tree: 820e3f5750

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/ch.qos.logback-logback-classic-1.5.27

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '820e3f5750'

${ noResults }

Commit Graph

3025 Commits (820e3f57504a7fb8fcc8a74e06a481ab47a10ea2)

Author	SHA1	Message	Date
Luke Taylor	781d88bd30	OPEN - issue SEC-825: Query string isn't beig stripped from URLs when ant matcher is in use (regression issue) ... http://jira.springframework.org/browse/SEC-825. Make sure the property is set on DefaultFilterInvocationDefinitionSource when ant paths are in use.	18 years ago
Luke Taylor	883b92e7bd	SEC-822: Converted to long arithmetic to prevent integer overflowing with long token validity periods	18 years ago
Luke Taylor	301d021bf5	SEC-817: NPE in org.springframework.security.config.FilterChainProxyPostProcessor ... Reversed order of beanName.equals() call as suggested.	18 years ago
Luke Taylor	8ad2d681ab	SEC-818: Changed redirect URL validation to ignore potential property placeholders at parsing time and report a warning through the parser context rather than an error. Also validated the URLs in the beans themselves using Asserts, so an exception will occur later when the beans have been created rather than while assembling the bean definitions.	18 years ago
Luke Taylor	afc757e618	Removed reference to LdapDataAccessException since it isn't actually mentioned except in javadoc	18 years ago
Luke Taylor	c333070fe3	Javadoc tidying	18 years ago
Luke Taylor	fca3a2a709	SEC-812: Added missing TextUtils file	18 years ago
Luke Taylor	fa44c74993	SEC-812: Added entity-escaping of username stored under last username key, to prevent problems if it is rendered in a page without escaping the text.	18 years ago
Luke Taylor	06719053f1	Removed commons lang dependency.	18 years ago
Ben Alex	9961c7f867	Moved to correct build location.	18 years ago
Ben Alex	7a2e1e13d3	SEC-811: Provide a mechanism to allocate and rebuild cryptographically strong, randomised tokens.	18 years ago
Luke Taylor	a599ef5398	[maven-release-plugin] prepare for next development iteration	18 years ago
Luke Taylor	3e808335a4	[maven-release-plugin] prepare release spring-security-parent-2.0.1	18 years ago
Luke Taylor	6ecfa0541f	SEC-806: Osgi-ified more modules	18 years ago
Luke Taylor	4984d4be65	OPEN - issue SEC-757: Add validation of redirect URLs on namespace ... http://jira.springframework.org/browse/SEC-757. Added validation method to ConfigUtils and calls to it for url attributes.	18 years ago
Luke Taylor	0df9dee9dd	SEC-806: Improved OSGi bundle version information support	18 years ago
Luke Taylor	81ebd094ff	OPEN - issue SEC-808: Switch namespace schema version to 2.0.1 and update spring.schemas ... http://jira.springframework.org/browse/SEC-808. Replaced 2.0 text with that from the 2.0 release, rather than the website schema.	18 years ago
Luke Taylor	473f6a32c6	OPEN - issue SEC-808: Switch namespace schema version to 2.0.1 and update spring.schemas ... http://jira.springframework.org/browse/SEC-808. Created new 2.0.1 schema files and updated tests to use them.	18 years ago
Luke Taylor	8281aeb0da	SEC-807: Allow mapping to a standard Ldap UserDetails through the namespace ... http://jira.springframework.org/browse/SEC-807. Added extra test for Ldap provider parser.	18 years ago
Luke Taylor	e4b32b8d29	OPEN - issue SEC-807: Allow mapping to a standard Ldap UserDetails through the namespace ... http://jira.springframework.org/browse/SEC-807. Added support for user-details-class attribute to ldap-authentication-provider and ldap-user-service.	18 years ago
Luke Taylor	104716fedb	SEC-805: Add extra fields to InetOrgPerson ... http://jira.springframework.org/browse/SEC-805. Added a substantial number of new fields to the class.	18 years ago
Luke Taylor	ef112f7967	Fixed autoboxing problem.	18 years ago
Luke Taylor	341455cde4	SEC-799: Import cleaning following other changes.	18 years ago
Luke Taylor	2d692718e0	SEC-799: Add better detection of missing server-ref element for <ldap-user-service> and <ldap-authentication-provider /> ... http://jira.springframework.org/browse/SEC-799. Updated ContextSourceSettingPostProcessor to set the standard ContextSource as an alias if it is needed by a bean but has not been set (because the user specified their own server id on <ldap-server />).	18 years ago
Luke Taylor	270fa92780	Improved Javadoc comment	18 years ago
Luke Taylor	d3a0f05de9	SEC-783: GlobalMethodSecurityBeanDefinitionParser should support AfterInvocationProviders ... http://jira.springframework.org/browse/SEC-783. Added support for custom-after-invocation-provider	18 years ago
Luke Taylor	348d211b8c	SEC-797: Minor javadoc correction.	18 years ago
Luke Taylor	d1e23b3d2c	SEC-783: Added custom-after-invocation-provider element to namespace.	18 years ago
Luke Taylor	1090072fff	SEC-795: Add check for protected login page when using namespace ... http://jira.springframework.org/browse/SEC-795. I've added checks for the various scenarios which will result in a protected login page and suitable warning messages.	18 years ago
Luke Taylor	5d51b35cfa	SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter. ... http://jira.springframework.org/browse/SEC-792. Updated FilterChainProxyPostProcessor to raise an exception if two filters have the same order, and also to unwrap wrapped filters once the sorting by order has been performed.	18 years ago
Luke Taylor	38774ec94f	SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter. ... http://jira.springframework.org/browse/SEC-792. The filters are now maintained as a list in the context and have to be stored there explicitly on registration.	18 years ago
Luke Taylor	01185475a1	OPEN - issue SEC-793: ldap-authentication-provider element parser ignores hash attribute. ... http://jira.springframework.org/browse/SEC-793. Added support for hash attribute. password-encoder still takes precendence with a warning if both are present.	18 years ago
Luke Taylor	7e63fe7357	SEC-790: DefaultLoginPageGeneratingFilter should be a better HTTP citizen ... http://jira.springframework.org/browse/SEC-790. Applied submitted patch.	18 years ago
Luke Taylor	8ea7487ec3	Removed unused method.	18 years ago
Luke Taylor	ec81e780b2	Import cleaning.	18 years ago
Luke Taylor	599d9fea04	Minor improvements to toString() methods for logging.	18 years ago
Luke Taylor	b2e9e82727	Fixed typo in message.	18 years ago
Luke Taylor	63decfeb93	SEC-761: HttpSessionContextIntegrationFilter.contextObject should be created in afterPropertiesSet(), not the constructor ... http://jira.springframework.org/browse/SEC-761. Added call to generateNewContext() in the afterPropertiesSet() method to take account of custom security context classes.	18 years ago
Luke Taylor	1ae167434a	SEC-756: Add checks for duplicate use of namespace elements such as global-method-security ... http://jira.springframework.org/browse/SEC-756. Refactored HttpSecurityBDP and added check for duplicate usage of the element.	18 years ago
Luke Taylor	083644f2fe	SEC-756: Refactored GlobalMethodSecurityDefinitionParser and added check for duplicate registration.	18 years ago
Luke Taylor	1258fa854e	SEC-788: x509 authentication does not work properly ... http://jira.springframework.org/browse/SEC-788. Added check for X509 element when choosing entry point, if nothing else is available.	18 years ago
Luke Taylor	e12b6afefa	SEC-776: Http Session created for Anonymous request ... http://jira.springframework.org/browse/SEC-776. Added AuthenticationtrustResolver to HttpSCIF to check for anonymous authentication.	18 years ago
Luke Taylor	88ea87642a	SEC-791: RequestKey.equals throws NPE if method is null ... http://jira.springframework.org/browse/SEC-791. Fixed handling of equals when one http method is null.	18 years ago
Luke Taylor	9eaa1cbbdd	OPEN - issue SEC-789: Add support for optional role-prefix attribute to namespace ... http://jira.springframework.org/browse/SEC-789. Added role-prefix attribute to ldap provider and jdbc/ldap user-service elements.	18 years ago
Luke Taylor	aba5a22b6c	SEC-789: Add support for optional role-prefix attribute to namespace ... http://jira.springframework.org/browse/SEC-789. Added support for role-prefix to jdbc-user-service element.	18 years ago
Luke Taylor	1a4130528a	SEC-782: Incorrect UrlMatcher initialization in FilterChainProxy results in wrong lowercase/uppercase matching ... http://jira.springframework.org/browse/SEC-782. I've updated FilterChainProxy to make sure the same UrlMatcher is used throughout when converting a legacy configuration.	18 years ago
Luke Taylor	5bb558bd6a	SEC-777: The disabled status cannot be set in <user-service> ... http://jira.springframework.org/browse/SEC-777. Added the disabled flag to the relax grammar file.	18 years ago
Luke Taylor	993fdd7a32	Added better toString() method to OrderedFilterDecorator to make it report the delegate filter information.	18 years ago
Luke Taylor	469f55ce05	SEC-773: global-method-security fails with JPA ... http://jira.springframework.org/browse/SEC-773. Added extra constructor to MethodDefinitionSourceAdvisor to allow for lazy initialization of the advice (MethodSecurityInterceptor), and in turn the AuthenticationManager and ay referenced UserDetailsService implementations.	18 years ago
Luke Taylor	7238097310	OPEN - issue SEC-775: CLONE -impossible to specify "observeOncePerRequest" property in the namespace based configuration. ... http://jira.springframework.org/browse/SEC-775. Corrected check for value of observe-once-per-request attribute. Should be a check for "false" as it is true by default.	18 years ago