spring-security

Commit Graph

Author	SHA1	Message	Date
Johnny Lim	c94f13a971	Polish tests	7 years ago
Josh Cummings	1a02cafe81	NamespaceHttpAnonymousTests groovy->java Issue: gh-4939	7 years ago
Josh Cummings	9b65107922	NamespaceDebugTests groovy->java Issue: gh-4939	7 years ago
Farooq Khan	5f33bbe512	Removed isServlet30 check	7 years ago
Ankur Pathak	6e1db1105b	Fixes typo in x,rnc files 1. Fixes type ammount to amount in .rnc files 2. Regenerates .xsd files from *.rnc files Fixes: gh-6325	7 years ago
Ankur Pathak	f289ef8689	Fixes Documentation Problem Fixes documentation problem of Anonymous Authentication in ServerHttpSecurity Fixes: gh-6327	7 years ago
Josh Cummings	d77b12d229	authorization_uri Uses UriComponentsBuilder Because of this, authorization_uri can now be a fully-qualified url. Fixes: gh-5760	7 years ago
Joe Grandja	9c0d78da71	Extract OidcTokenValidator to an OAuth2TokenValidator Fixes gh-5930	7 years ago
Josh Cummings	7a55af246e	Polish tests and javadoc When using AssertJ, it's easy to commit the following error assertThat(some boolean condition) The above actually does nothing. It at least needs to be assertThat(some boolean condition).isTrue() This commit refines some assertions that were missing a verify condition. Also, one Javadoc was just a little bit confusing, so this clarifies it. Issue: gh-6259	7 years ago
Rafael Dominguez	086b105273	Remove Servlet 2.5 Support for Session Fixation This commit removes existence validation of a method only available in Servlet 3.1. Spring Framework baseline is Servlet 3.1 so is not longer required. Fixes: gh-6259	7 years ago
Joe Grandja	12f320851d	Set openid scope in OAuth2LoginTests	7 years ago
Joe Grandja	8f4f52edb9	Support configurable JwtDecoder for IdToken verification Fixes gh-5717	7 years ago
Robbie Martinus	e60ae4984a	Add hasAnyAuthority() and hasAnyRole() in AuthorizeExchangeSpec Fixes gh-6306	7 years ago
Ankur Pathak	3bcb1d9458	Allow setting authenticationEntryPoint for Http Basic 1. Added method authenticationEntryPoint in ServerHttpSecurity to allow setting authenticationEntryPoint. 2. Added test in ServerHttpSecurityTests to check if if specified realm name set by authenticationEntryPoint is returned Fixes: gh-6270	7 years ago
Ankur Pathak	2b369cfe98	Added support for Anonymous Authentication 1. Created new WebFilter AnonymousAuthenticationWebFilter to for anonymous authentication 2. Created class AnonymousSpec, method anonymous to configure anonymous authentication in ServerHttpSecurity 3. Added ANONYMOUS_AUTHENTICATION order after AUTHENTICATION for anonymous authentication in SecurityWebFiltersOrder 4. Added tests for anonymous authentication in AnonymousAuthenticationWebFilterTests and ServerHttpSecurityTests 5. Added support for Controller in WebTestClientBuilder Fixes: gh-5934	7 years ago
ir73	9a357f8cb6	Moved CachingUserDetailsService to spring-core Made CachingUserDetailsService constructor public and moved to spring-core to make it easier to configure caching in UserDetailsService Fixes gh-4139	7 years ago
Dongmin Shin	56eb658eae	RoleVoter Configuration Defaults Prefix Using GrantedAuthorityDefauts Fixes: gh-4876	7 years ago
Ankur Pathak	8b3fb55aea	Added methods to add filter relatively in ServerHttpSecurity Addition of two new methods addFilterBefore and addFilterAfter in ServerHttpSecurity to allow addition of WebFilter before and after of specified order Fixes: gh-6138	7 years ago
Daniel Bustamante Ospina	6bddb38cac	Update to Gradle 5.0 Change project's gradle version to 5.0, this requires to make some minor adjustments. Fixes: gh-6148	7 years ago
Joe Grandja	b8f038e86a	Polish OAuth2ResourceServerConfigurer	7 years ago
Eric Deandrea	be423debfd	ServerAuthenticationConverter should be configurable Fixes gh-6186	7 years ago
Josh Cummings	3a43ed8f1c	Register NullRequestCache When Disabled Fixes: gh-6102	7 years ago
Josh Cummings	f30fcdda6b	RequestCacheConfigurerTests groovy->java Issue: gh-4939	7 years ago
Josh Cummings	686393ed5c	ExceptionHandlingConfigurerTests groovy->java Issue: gh-4939	7 years ago
Josh Cummings	1ea73e7d8e	Jwt Decoder Local Key Configuration Adds support for configuring Resource Server DSL with a local public key. Fixes: gh-5131	7 years ago
Josh Cummings	d28e32b000	NimbusJwtDecoder Builder A Builder to simply common construction patterns for NimbusJwtDecoder Issue: gh-6010	7 years ago
Karl Goffin	db5e54266c	#3912 lazyBean method respects @Primary annotation	7 years ago
Josh Cummings	8eedb3919e	Policy OAuth2ResourceServerSpecTests Issue: gh-6052	7 years ago
Erik van Paassen	3a6582d2a6	Fix csrf:token-repository-ref XSD documentation The documentation of the token-repository-ref attribute of the csrf element in the schema has been updated to make clear the default repository is lazy. Targets versions 4.2, 5.0 and 5.1. Fixes gh-6037	7 years ago
Josh Cummings	9a13f9acde	Custom Bearer Token Error Handling Support Users can specify a custom access denied handler and authentication entry point for reactive resource servers. Fixes: gh-6052	7 years ago
Josh Cummings	75e7e099ab	MiscHttpConfigTests groovy->java Issue: gh-4939	7 years ago
Bob Maertz	52be2839ca	Migraged unit test from groovy to java Moved AbstractConfigAttributeRequestMatcherRegistryTests.groovy to AbstractConfigAttributeRequestMatcherRegistryTests.java gh-4939	7 years ago
Joe Grandja	8ef65ce5c5	Set AuthenticationEventPublisher on each AuthenticationManagerBuilder Fixes gh-6009	7 years ago
Brian Demers	8f49ca850a	Fixing IllegalStateException message in OAuth2ResourceServerConfigurer Updated message to include `http.oauth2ResourceServer()`	7 years ago
Josh Cummings	bd9e3877f9	JDK 10 Compatibility Upgrading dependencies and reconfiguring PowerMock Issue: gh-5860	7 years ago
Joe Grandja	921abefaa2	Remove address and phone scope from CommonOAuth2Provider.OKTA Fixes gh-5987	7 years ago
Josh Cummings	22bd8f1c1f	Reactive Jwt Authentication Converter Support Fixes: gh-5092	7 years ago
Rob Winch	93ca455405	OAuth2LoginAuthenticationFilter ignores authenticated Users This ensures that OAuth2 Client support works with the same log in URL as oauth2 login. Fixes: gh-5915	7 years ago
Rob Winch	5d18bb68ed	Add @formatter to @EnableWebFluxSecurity Javadoc Fixes: gh-5898	7 years ago
Rob Winch	45a9c0fd54	Polish Automatically Add CsrfServerLogoutHandler Issue: gh-5337	7 years ago
Eric Deandrea	b060ec050a	Automatically add CsrfServerLogoutHandler if csrf enabled The configuration DSL should automatically add CsrfServerLogoutHandler if csrf is enabled Fixes gh-5337	7 years ago
Vedran Pavic	79828d4f7b	Polish WebFlux Referrer-Policy header config	7 years ago
Rob Winch	8a49c431c3	Add OAuth2ClientSpec.and Fixes: gh-5888	7 years ago
Josh Cummings	73c1abbba0	EnableGlobalMethodSecurity Misconfiguration Check This polishes the EnableGlobalMethodSecurity misconfiguration check to not error if the user has specified a custom method security metadata source. Issue: gh-5341	7 years ago
artsiom	1e864ad764	Validate @EnableGlobalMethodSecurity usage Fixes: gh-5341	7 years ago
Rob Winch	9e0c7f17b7	Default RequestCache should ignore favicon Fixes: gh-5875	7 years ago
Joe Grandja	8b0a3a760c	Use providedSessionAuthenticationStrategy Fixes gh-5763	7 years ago
Rob Winch	501c008526	Add WebFlux Redirect to HTTPS Reference Fixes: gh-5869	7 years ago
Rob Winch	54d07b6b8b	Add WebFlux HTTP Headers Reference Fixes: gh-5868	7 years ago
Rob Winch	72301e548a	Reactive OAuth2 DSL Customizations Fixes: gh-5855	7 years ago

1 2 3 4 5 ...

1247 Commits (84a287d6ffb8272012e83785da08efb40d7b0bfa)