Tree: a32d19ec7d

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.8

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'a32d19ec7d'

${ noResults }

Commit Graph

1220 Commits (a32d19ec7dfcd9dd2b51e37f1adc3d8f1bf23490)

Author	SHA1	Message	Date
Josh Cummings	8eedb3919e	Policy OAuth2ResourceServerSpecTests ... Issue: gh-6052	7 years ago
Erik van Paassen	3a6582d2a6	Fix csrf:token-repository-ref XSD documentation ... The documentation of the token-repository-ref attribute of the csrf element in the schema has been updated to make clear the default repository is lazy. Targets versions 4.2, 5.0 and 5.1. Fixes gh-6037	7 years ago
Josh Cummings	9a13f9acde	Custom Bearer Token Error Handling Support ... Users can specify a custom access denied handler and authentication entry point for reactive resource servers. Fixes: gh-6052	7 years ago
Josh Cummings	75e7e099ab	MiscHttpConfigTests groovy->java ... Issue: gh-4939	7 years ago
Bob Maertz	52be2839ca	Migraged unit test from groovy to java ... Moved AbstractConfigAttributeRequestMatcherRegistryTests.groovy to AbstractConfigAttributeRequestMatcherRegistryTests.java gh-4939	7 years ago
Joe Grandja	8ef65ce5c5	Set AuthenticationEventPublisher on each AuthenticationManagerBuilder ... Fixes gh-6009	7 years ago
Brian Demers	8f49ca850a	Fixing IllegalStateException message in OAuth2ResourceServerConfigurer ... Updated message to include `http.oauth2ResourceServer()`	7 years ago
Josh Cummings	bd9e3877f9	JDK 10 Compatibility ... Upgrading dependencies and reconfiguring PowerMock Issue: gh-5860	7 years ago
Joe Grandja	921abefaa2	Remove address and phone scope from CommonOAuth2Provider.OKTA ... Fixes gh-5987	7 years ago
Josh Cummings	22bd8f1c1f	Reactive Jwt Authentication Converter Support ... Fixes: gh-5092	7 years ago
Rob Winch	93ca455405	OAuth2LoginAuthenticationFilter ignores authenticated Users ... This ensures that OAuth2 Client support works with the same log in URL as oauth2 login. Fixes: gh-5915	7 years ago
Rob Winch	5d18bb68ed	Add @formatter to @EnableWebFluxSecurity Javadoc ... Fixes: gh-5898	7 years ago
Rob Winch	45a9c0fd54	Polish Automatically Add CsrfServerLogoutHandler ... Issue: gh-5337	7 years ago
Eric Deandrea	b060ec050a	Automatically add CsrfServerLogoutHandler if csrf enabled ... The configuration DSL should automatically add CsrfServerLogoutHandler if csrf is enabled Fixes gh-5337	7 years ago
Vedran Pavic	79828d4f7b	Polish WebFlux Referrer-Policy header config	7 years ago
Rob Winch	8a49c431c3	Add OAuth2ClientSpec.and ... Fixes: gh-5888	7 years ago
Josh Cummings	73c1abbba0	EnableGlobalMethodSecurity Misconfiguration Check ... This polishes the EnableGlobalMethodSecurity misconfiguration check to not error if the user has specified a custom method security metadata source. Issue: gh-5341	7 years ago
artsiom	1e864ad764	Validate @EnableGlobalMethodSecurity usage ... Fixes: gh-5341	7 years ago
Rob Winch	9e0c7f17b7	Default RequestCache should ignore favicon ... Fixes: gh-5875	7 years ago
Joe Grandja	8b0a3a760c	Use providedSessionAuthenticationStrategy ... Fixes gh-5763	7 years ago
Rob Winch	501c008526	Add WebFlux Redirect to HTTPS Reference ... Fixes: gh-5869	7 years ago
Rob Winch	54d07b6b8b	Add WebFlux HTTP Headers Reference ... Fixes: gh-5868	7 years ago
Rob Winch	72301e548a	Reactive OAuth2 DSL Customizations ... Fixes: gh-5855	7 years ago
Rob Winch	385bdfc055	OAuth2AuthorizationCodeGrantWebFilter works with /{action}/ ... This ensures that the same URL can work for both log in and authorization code which prevents having to create additional registrations on the client and potentially on the server (GitHub only allows a single valid redirect URL). Fixes: gh-5856	7 years ago
Rob Winch	68bc649a45	Fix XsdDocumentedTests ... Issue: gh-5836	7 years ago
Johnny Lim	42327a0aec	Polish OAuth2ResourceServerConfigurerTests	7 years ago
Josh Cummings	2c982a4168	Reactive Redirect to Https ... This introduces the capability to configure Reactive Spring Security to upgrade requests to HTTPS Fixes: gh-5749	7 years ago
Johnny Lim	f164f2f869	Polish FilterComparator ... Extracts STEP incrementing into a separate helper class	7 years ago
Rob Winch	438d2911fb	OAuth2AuthorizedClientResolver ... Extract out a private API for shared code between the argument resolver and WebClient support. This makes it easier to make changes in both locations. Later we will extract this out so it is not a copy/paste effort. Issue: gh-4921	7 years ago
Rob Winch	07b6699fd9	ServerWebExchangeReactorContextWebFilter ... Fixes: gh-5779	7 years ago
Sola	c60fcf263e	provide test for custom principal extractor config ... Signed-off-by: Sola <dev@sola.love>	7 years ago
Sola	2980f96b55	Allow PrincipalExtractor to be customized. ... Signed-off-by: Sola <dev@sola.love>	7 years ago
Josh Cummings	932ea245fb	AuthenticationManager for OAuth2ResourceServerSpec ... This makes the AuthenticationManager used by the OAuth2 Resource Server configurable, focusing at this point on the Jwt use case. Fixes: gh-5750	7 years ago
Josh Cummings	25d1f49d84	Remove Resource Server's Session Policy Config ... Resource Server doesn't need to set the session policy for the application to STATELESS since it can rely on the SessionManagementFilter ignoring token's annotated with @Transient, which a JwtAuthenticationToken is. Fixes: gh-5759	7 years ago
Josh Cummings	8510e9a285	Reactive Resource Server insufficient_scope ... This introduces an implementation of ServerAccessDeniedHandler that is compliant with the OAuth 2.0 spec for insufficent_scope errors. Fixes: gh-5705	7 years ago
Joe Grandja	229b69dd35	Add DefaultAuthorizationCodeTokenResponseClient ... Fixes gh-5547	7 years ago
Vedran Pavic	cb0ba58b58	Fix WhitespaceAfterCheck Checkstyle check	7 years ago
Rob Winch	1640a1f462	Polish ServerAuthenticationConverter ... Fix package tangles Issue: gh-5338	7 years ago
Josh Cummings	68d836d508	Reactive Resource Server Csrf Bypass ... This makes requests identified as bearer token requests skip the csrf filter. Fixes: gh-5710	7 years ago
Rob Winch	820fb7d828	Polish formatting ServerHttpSecurity JwtSpec ... Fixes: gh-5728	7 years ago
Josh Cummings	cba2444e1a	ServerHttpSecurity ReactiveJwtDecoder discovery ... This makes so that WebFlux OAuth 2.0 Resource Server configuration will pick up a ReactiveJwtDecoder exposed as a bean. Fixes: gh-5720	7 years ago
Josh Cummings	0fdc081ab5	Add unit tests ... Added some unit tests around some untested parts of the code that I will be touching for this issue. Issue: gh-5720	7 years ago
Joe Grandja	ff6e1232c8	Flatten HttpSecurity.oauth2() ... Fixes gh-5715	7 years ago
Joe Grandja	0f89e59707	Simplified oauth2().client() DSL ... Fixes gh-5662	7 years ago
Rob Winch	0dc80aed40	Flatten ServerHttpSecurity.oauth2() ... Fixes: gh-5712	7 years ago
Rob Winch	53652584b2	ResourceServerSpec->OAuth2ResourceServerSpec ... Fixes: gh-5713	7 years ago
Joe Grandja	c3e19e29b5	Remove authorizationEndpoint.baseUri in OAuth2ClientConfigurer ... Fixes gh-5661	7 years ago
Vedran Pavic	f382b69507	Add reactive support for Referrer-Policy security header	7 years ago
Vedran Pavic	10621a0f2c	Add reactive support for Content-Security-Policy security header	7 years ago
Vedran Pavic	29cfc3dd1d	Add reactive support for Feature-Policy security header ... Closes gh-5672	7 years ago