Tree: 820e3f5750

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/ch.qos.logback-logback-classic-1.5.27

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '820e3f5750'

${ noResults }

Commit Graph

1725 Commits (820e3f57504a7fb8fcc8a74e06a481ab47a10ea2)

Author	SHA1	Message	Date
Rob Winch	9988fa141c	Update Spring Security version in pom.xml	12 years ago
Rob Winch	6be4e3a9fc	SEC-2506: Remove Bundlor Support	12 years ago
Rob Winch	7f99a2dfbb	SEC-2487: Update to Spring 3.2.8.RELEASE	12 years ago
Rob Winch	ec8b48150d	SEC-2474: Update poms	12 years ago
Rob Winch	8d8475deb1	SEC-2455: form-login@login-processing-url & logout@logout-url use matchers ... Remove the deprecation warnings of using setFilterProcessingUrl by invoking the matcher methods instead.	12 years ago
Rob Winch	2df5541905	SEC-2448: Update to HSQL 2.3.1	12 years ago
Rob Winch	ca1080fb96	SEC-2439: HttpSessionCsrfTokenRepository setHeaderName sets header instead of parameter	12 years ago
Rob Winch	a34178bc40	SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA	12 years ago
Rob Winch	aaa7cec32e	SEC-2326: CsrfRequestDataValueProcessor implements RequestDataValueProcessor ... Previously there was unecessary complexity in CsrfRequestDataValueProcessor due to the non-passive changes in RequestDataValueProcessor. Now it simply implements the interface with the methods for both versions of the interface. This works since linking happens at runtime.	12 years ago
Rob Winch	7f714ebb23	SEC-2422: Session timeout detection with CSRF protection	12 years ago
Rob Winch	4460e84b29	Updates to pom.xml author and repo	12 years ago
David Alberto	f9998d582a	Correct typo in AbstractRememberMeServices assertion	12 years ago
Rob Winch	59e13e7bbb	SEC-2404: CsrfAuthenticationStrategy creates new valid CsrfToken	12 years ago
Rob Winch	2c8946c406	Next development version	12 years ago
Spring Buildmaster	9c703a3051	Release version 3.2.0.RC2	12 years ago
Rob Winch	1a1f577a8b	SEC-2358: Add RequestHEaderRequestMatcher#toString()	12 years ago
Rob Winch	e638f0a547	SEC-2357: old RequestMatcher interface extends new RequestMatcher	12 years ago
Rob Winch	04b091c385	SEC-2369: PreAuthenticatedGrantedAuthoritiesUserDetailsService fix case to createUserDetails method	12 years ago
Rob Winch	15a63c58a7	SEC-2368: DebugFilter outputs headers and HTTP method	12 years ago
Rob Winch	1351c8bada	SEC-2362: Clarify AbstractRememberMeServices loginSuccess javadoc	12 years ago
Adrien be	e50b587d60	SEC-2360: AbstractRememberMeServices provide message for Assert on key fieldd	12 years ago
Rob Winch	0b0e7dbea9	SEC-2359: Merge DefaultLoginPageViewFilter w/ DefaultLoginPageGeneratingFilter	12 years ago
Rob Winch	51171efa7a	SEC-2357: Move *RequestMatcher to .matcher package	12 years ago
Rob Winch	45ad74a0bd	SEC-2357: Fix package cycles	12 years ago
Rob Winch	14b9050616	SEC-2357: Move *RequestMatchers to .matchers package	12 years ago
Rob Winch	7d99436740	SEC-2358: Add RequestHeaderRequestMatcher	12 years ago
Rob Winch	0ac1176152	Polish RequestMatcher logging and toString	13 years ago
Rob Winch	cffbefadd1	SEC-2306: Fix Session Fixation logging race condition ... Previously session fixation protection could output an incorrect warning that session fixation protection did not work. The code now synchronizes on WebUtils.getSessionMutex(..).	13 years ago
kazuki43zoo	611a97023d	SEC-2352: HttpSessionCsrfTokenRepository lazy session creation	13 years ago
Rob Winch	17efd25717	SEC-2331: Include Expires: 0 in security headers documentation	13 years ago
Rob Winch	cea0cf9260	SEC-2243: Remove additional Debug Filter	13 years ago
Rob Winch	b591881e95	SEC-2302: Provide beforeSpringSecurityFilterChain hook ... This allows inserting filters before the springSecurityFilterChain.	13 years ago
Rob Winch	88f41cdf62	SEC-2341: Update to Gradle 1.8 ... Some dependencies were necessary to update due to issues with JUnit integration.	13 years ago
Rob Winch	ddc0ef7ab3	SEC-2339: Added Logical (Or, And, Negated) RequestMatchers	13 years ago
Rob Winch	788ba9a1fa	SEC-2329: Allow injecting of AuthenticationTrustResolver	13 years ago
Rob Winch	9133c33f1d	SEC-2246: HttpSessionRequestCache.getRequest casts to RequestCache ... The method getRequest use to cast to DefaultRequestCache, but this is not necessary. Now the cast is to SavedRequest.	13 years ago
Rob Winch	8f8c6169e8	SEC-2331: Cache Control now includes Expires: 0	13 years ago
Rob Winch	0114b457c0	SEC-2330: CacheControlHeadersWriter use a single header	13 years ago
Rob Winch	32e9239fd2	SEC-2320: AuthenticationPrincipal can be null on invalid type ... Previously a ClassCastException was thrown if the type was invalid. Now a flag exists on AuthenticationPrincipal which indicates if a ClassCastException should be thrown or not with the default being no error.	13 years ago
Rob Winch	b22acd0768	SEC-2314: AbstractSecurityWebApplicationInitializer.getSessionTrackingModes() uses EnumSet	13 years ago
Rob Winch	8e74407381	SEC-2296: HttpServletRequest.login should throw ServletException if already authenticated ... See throws documentation at http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html#login%28java.lang.String,%20java.lang.String%29	13 years ago
Rob Winch	e8ac11641b	SEC-2297: Add DispatchType.ASYNC as default for AbstractSecurityWebApplicationInitializer	13 years ago
Rob Winch	3d2f23602f	SEC-2294: Update Spring Version to 3.2.4.RELEASE	13 years ago
Rob Winch	43f4d01cf3	SEC-2292: Add test to assert CSRF bypass of methods is case sensitive ... HTTP methods should be case sensitive, so add test to ensure that this is the case http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.1.1	13 years ago
Rob Winch	6e9fb7930b	SEC-2298: Add AuthenticationPrincipalArgumentResolver	13 years ago
Rob Winch	086056f191	SEC-2289: Make compatible with Spring 4 as well ... There are a few subtle changes in Spring 4 that this commit addresses	13 years ago
Rob Winch	26166ef6e8	SEC-2272: CsrfRequestDataValueProcessor support Spring 4 and Spring 3	13 years ago
Rob Winch	3f69847a4e	SEC-2286: Log invalid CSRF tokens at debug level	13 years ago
Rob Winch	d60108eaf6	SEC-2229: Add optional dependencies to spring-security-config ... spring-tx and spring-jdbc aren't pulled in transitively from spring-security-web now, so we must include them as optional dependencies.	13 years ago
Rob Winch	33db440961	SEC-2129: AntPathRequestMatcher also supports case sensitive comparisions	13 years ago