Allow this to be gathered by Gradle enterprise since if build is up to
date there will be no tests ran which causes failure. Additionally,
Gradle Enterprise displays the tests better than Jenkins.
Updated all references to SecurityMockServerConfigurers to refer to
correct methods.
Added documentation for mockJwt to include the
SecurityMockServerConfigurers class.
Issue gh-10254
Prior to this commit ClaimTypeConverter returned the claims with the
original value for all the claims with a null converted value.
The changes allows ClaimTypeConverter to overwrite and return claims
with converted value of null.
Closes gh-10135
fix the name of the parameter, from failure to badCredentials
Replaces AuthenticationFailureEvent
Remove AuthenticationFailureEvent Reference
Closes gh-10062
SecurityMockServerConfigurers.java previously used the StringUtils from
the optional oauth2-oidc-sdk dependency. Replacing this with the
StringUtils from the spring framework this should not force adding the
dependency in cases where it is not actually used.
Closes gh-9923
Flux#skip discards its corresponding elements, meaning that they
aren't intended for reuse. When using RSocket's ByteBufPayloads,
this means that the bytes are releaseed back into RSocket's pool.
Since the downstream request may still need the skipped payload,
we should construct the publisher in a different way so as to
avoid the preemptive release.
Deferring Spring JavaFormat to clarify what changed.
Closes gh-9345
Fixes an issue where provider URLs passed to the constructor of the
DefaultSpringSecurityContextSource can be URL encoded, resulting in
an invalid base dn. Additionally adds support for list constructor
to support spaces in base dn.
Closes gh-9742
# Conflicts:
# ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java
# ldap/src/main/java/org/springframework/security/ldap/DefaultSpringSecurityContextSource.java
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
This prevents the generated login page from showing links for
authorization grant types like "client_credentials" which are
not redirect-based, and thus not meant for interactive use in
the browser.
Closes gh-9457
Eleftheria Stein
Josh Cummings
heowc
Rob Winch
Anthony Lofton
Derek Van Blerkom
Fabio Guenci
Marcus Da Coregio
Steve Riesenberg
dmitrilc
/usr/local/ΕΨΗΕΛΩΝ
Christian Frommeyer
Steve Riesenberg
Hans Hosea Schaefer
Craig Andrews
kevin
Joe Grandja
Denis Washington