spring-security

Commit Graph

Author	SHA1	Message	Date
Josh Cummings	aa84c79e87	Use Nimbus Multiple Algorithm Support Closes gh-8623	6 years ago
Dayan	d8aa208a9f	Fix broken link in spring security reference document Fixes:#8593	6 years ago
Rob Winch	748538d19f	Delay AuthenticationPrincipalArgumentResolver Creation Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its lookup. Closes gh-8613	6 years ago
Eleftheria Stein	a63a0e3765	Add reactive CSRF samples to docs Issue gh-8172	6 years ago
Josh Cummings	da05543ef6	Update OAuth 2.0 Client Testing Docs Issue gh-8603	6 years ago
Josh Cummings	42a8635cde	Remove @MockBean ClientRegistrationRepository Fixes gh-8606	6 years ago
Josh Cummings	d5b8981678	Polish OAuth 2.0 Samples - Favor @TestConfiguration so as to not disable Spring Boot's auto-configuration of ClientRegistrationRepository and OAuth2AuthorizedClientRepository	6 years ago
Josh Cummings	8d84bc58f6	Remove Unneeded OAuth2AuthorizedClientRepository Issue gh-8603	6 years ago
Josh Cummings	900f551890	Inject TestOAuth2AuthorizedClientRepository Fixes gh-8603	6 years ago
Josh Cummings	d014d29199	Update to Spring Boot 2.3.0 Fixes gh-8605	6 years ago
Josh Cummings	b6f5464fb4	Update to Latest rsocket-core Now that the RSocket Authentication Extension is GA, it's no longer necessary to override the version locally in the sample. Issue gh-7935	6 years ago
Josh Cummings	23db372962	Update to Gradle 6.4.1 Fixes gh-8604	6 years ago
Eleftheria Stein	61060b3a4f	Add multipart configuration to CSRF Kotlin DSL Fixes gh-8602	6 years ago
Eleftheria Stein	6f5947cab7	Fix test warnings	6 years ago
Eleftheria Stein	fa11ae3c33	Remove unused import	6 years ago
Markus Engelbrecht	7463583c1b	Fix typos in BCryptPasswordEncoder documentation Resolves gh-8585	6 years ago
Spencer Gilson	551f9114a9	Fixing typo in README @pivotal-issuemaster This is an Obvious Fix	6 years ago
Eleftheria Stein	67d2efde1c	Resolve package tangles with security marker annotation	6 years ago
Eleftheria Stein	bc272ddf73	Resolve package tangles in Kotlin server package	6 years ago
Eleftheria Stein	0a42aa26c8	Mock request with non-standard HTTP method in test Fixes gh-8594	6 years ago
Craig Andrews	f1db7167cb	Polish Use `getBeanOrNull` in `registerDelegateApplicationListener` to simplify implementation. This change does not alter behavior.	6 years ago
Craig Andrews	dbdeec4216	Check for an existing SessionRegistry bean If a SessionRegistry is necessary, check for one in the ApplicationContext before creating one.	6 years ago
Evgeniy Cheban	0fa339f75b	Allow port=0 for ApacheDSContainer Fixes gh-8144	6 years ago
justmehyp	06254a4fd4	Remove unused field 'digester' in Md4PasswordEncoder `private Digester digester;` defined in Md4PasswordEncoder is never used. So remove it.	6 years ago
Mazharul Islam	bf9e8295d6	mentioning the default strength of BCryptPasswordEncoder	6 years ago
Thomas Turrell-Croft	014df98ebb	Polish * Correct documented default schema to match default schema exposed as classpath resource * Fix Java example of adding users to JdbcUserDetailsManager	6 years ago
Maksim Vinogradov	4f58576952	Prevent StackOverflowError for AccessControlEntryImpl.hashCode Getting StackOverflowError when invoke AclImpl.hashCode because of cross-references between AclImpl and AccessControlEntryImpl Remove from AccessControlEntryImpl.hashCode method invocation of acl.hashCode fixes gh-5401	6 years ago
Astushi Yoshikawa	f08ca4e688	Throw exception if URL does not include context path when context relative Issue: gh-8399	6 years ago
Rob Winch	dc514b369e	FilterInvocation Support Default Methods on HttpServletRequest Closes gh-8566	6 years ago
Andreas Volkmann	16b0a268d9	Update index.adoc	6 years ago
Josh Cummings	9a72654b8d	Update to jQuery 3.5.1 Fixes gh-8557	6 years ago
Josh Cummings	c519d726ed	Polish hellojs Sample - Apply timestamp to composed messages - Remove unnecessary $.map call - Add password encoder prefix to password Fixes gh-8555 Fixes gh-8556	6 years ago
Josh Cummings	b04b34ba85	Fix Logout in OpenID Sample Fixes gh-8554	6 years ago
Dávid Kovács	4ab9da1c53	Object ID Identicy conversion to long fails on old schema This change fixed a bug which tried to convert non-string object as string Fixes gh-7621	6 years ago
Josh Cummings	51a0cffd36	Post-process AuthenticationRequestFilter Fixes gh-8552	6 years ago
Josh Cummings	8e7c4c143c	Add TestSaml2AuthenticationRequestContexts Issue gh-8552	6 years ago
Josh Cummings	9241cd2892	Move TestRelyingPartyRegistrations Fixes gh-8551	6 years ago
Josh Cummings	7c7934c052	Remove Extra TestSaml2X509Credentials This class is a duplicate of the one already in org.springframework.security.saml2.credentials Issue gh-8404	6 years ago
cbornet	bfb401eeed	Create the CSRF token on the bounded elactic scheduler The CSRF token is created with a call to UUID.randomUUID which is blocking. This change ensures this blocking call is done on the bounded elastic scheduler which supports blocking calls. Fixes gh-8128	6 years ago
Parikshit Dutta	1e211b6558	Add RequestCache setter in OAuth2AuthorizationCodeGrantFilter Fixes gh-8120	6 years ago
Joe Grandja	c1abc9b134	Polish gh-8501	6 years ago
Thomas Vitale	78fa859798	Add issuerUri to ClientRegistration.providerDetails - Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata. - Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value. - Update documentation for client registration: it includes issuer-uri property now. Fixes gh-8326	6 years ago
Dávid Kovács	db4ca1f756	Document NoOpPasswordEncoder will not be removed This commit adds extension to deprecation notice. Fixes gh-8506	6 years ago
Rob Winch	bb05603b3c	AbstractUserDetailsReactiveAuthenticationManager uses boundidElastic() Some JVMs have blocking operations when accessing SecureRandom and thus this needs to be performed in a pool that is larger than the number of CPUs Closes gh-7522	6 years ago
Rob Winch	e5d2aaf6fe	Deprecate OpenID 2.0 support Deprecate OpenID 2.0 support	6 years ago
Mathieu Ouellet	cd08102b93	Add debug logging Goal is to provide insight to devs on: - Authentication & Authorization success/failures - WebSession & SecurityContext - Request matchers, cache & authn/authz flow Fixes gh-5758	6 years ago
Rob Winch	8d447633f4	Fix non-standard HTTP method for CsrfWebFilter Closes gh-8452	6 years ago
Rob Winch	4473dca022	Polish matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed Issue gh-8149	6 years ago
Parikshit Dutta	0f92415395	Fix non-standard HTTP method for CsrfWebFilter Closes gh-8149	6 years ago
Artyom Tarynin	6db514a4e2	Update AntPathRequestMatcher.java Fixed typo in JavaDoc. Actually, In these two cases, we are calling the constructor with a `boolean caseSensitive` which is equal to true. This means case sensitive	6 years ago

1 2 3 4 5 ...

8734 Commits (aa84c79e873cf86b8684fbfa8f2bcb533db225e1) All Branches Search

8734 Commits (aa84c79e873cf86b8684fbfa8f2bcb533db225e1)

All Branches