In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.
Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
The documentation states that setting the header `X-Requested-By` will remove the `WWW-Authenticate` header from the response.
However, after testing this and reading the library code it looks like the header to set is `X-Requested-With` (X-Requested-By is mentioned nowhere except in this documentation file), so I propose this simple PR to fix this.
Signed-off-by: Martin Boulais <31805063+martinboulais@users.noreply.github.com>
In `init` and `configure`, throws Exception has been removed in the super interface `SecurityConfigurer`, since Spring Security 7.0.
This change is the consequence of https://github.com/spring-projects/spring-security/issues/17957
Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:
> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.
Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
This commit refines the documentation by:
- Updating Jackson documentation for Jackson 3
- Removing the outdated documentation in servlet
- Adding migration guidelines
Closes gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
This commit adds support for Jackson 3 which has the following
major differences with the Jackson 2 one:
- jackson subpackage instead of jackson2
- Jackson type prefix instead of Jackson2
- JsonMapper instead of ObjectMapper
- For configuration, JsonMapper.Builder instead of ObjectMapper
since the latter is now immutable
- Remove custom support for unmodifiable collections
- Use safe default typing via a PolymorphicTypeValidator
Jackson 3 changes compared to Jackson 2 are documented in
https://cowtowncoder.medium.com/jackson-3-0-0-ga-released-1f669cda529a
and
https://github.com/FasterXML/jackson/blob/main/jackson3/MIGRATING_TO_JACKSON_3.md.
This commit does not cover webauthn which is a special case (uses
jackson sub-package for Jackson 2 support) which will be handled in
a distinct commit.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
This reverts commit 95644fb73c, reversing
changes made to fbf7bb3be1.
Reverting this commit will allow us more time to
consider the ideal way to add this support to the public API.
songhee
Tran Ngoc Nhan
Guillaume Husta
박기현\qkrrl
Robert Winch
Fr05ty-hub
github-actions[bot]
Martin Boulais
Josh Cummings
kucoll
sach429
L33gn21
dependabot[bot]
Peter Potrowl
Joe Grandja
Andrey Litvitski
Daniel Garnier-Moiroux
Himanshu Pareek
Sébastien Deleuze