spring-security

Author	SHA1	Message	Date
Josh Cummings	1c112005fa	Don't Attempt to Generate Token Without Valid Token Request Closes gh-18088 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	3 months ago
Marcus Hert da Coregio	e0a71eb00e	Fix GenerateOneTimeTokenRequestResolver ignored if username param not present Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>	3 months ago
Andrey Litvitski	eca821471f	A Root basePath No Longer Creates a Double-Slash Closes gh-17812 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	4 months ago
Nikita Konev	894105aab5	Fix traceId discrepancy in case error in servlet web Signed-off-by: Nikita Konev <nikit.cpp@yandex.ru>	5 months ago
Tim Boeckstaens	f180a04b74	Use final values in equals and hashCode Closes gh-17584 Signed-off-by: Tim Boeckstaens <boeckstaenstim@gmail.com>	6 months ago
Rob Winch	392129b616	Use 2004-present Copyright Header The Spring portfolio is changing to use <inception-year>-present in the copyright headers to simplify keeping headers up to date. This commit updates the headers and the checkstyle accordingly. The commit updated etc/checkstyle/header.txt It also updated the copyright headers using the following find/replace: Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors. Replace: Copyright 2004-present the original author or authors. Closes gh-17633	6 months ago
Josh Cummings	ea3ba62022	Correct Servlet Path JavaDoc Initially PathPatternRequestMatcher was designed to match relative to the servlet path. However, this was changed to be relative to the context path. This commit updates the documentation and removes references to the servlet path other than in the context of setting a basePath to remove boilerplate. Issue gh-16430	6 months ago
Andrey Litvitski	25d51a0d99	Include HTTP Method in equals and hashCode Closes gh-17180 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	7 months ago
Andrey Litvitski	b0f8aa5ea0	Fix to allow multiple AuthenticationFilter instances to process each request Closes gh-17173 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	8 months ago
Joaquin Santana	c0568ea9b0	Log Request Mismatch Only When Mismatches Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>	8 months ago
Mark Putsiata	cae3467a8d	Improve AbstractPreAuthenticatedProcessingFilter docs Clarify misleading SecurityContextRepository setter documentation. Note that AbstractPreAuthenticatedProcessingFilter saves the SecurityContext upon successful authentication, and this behavior can be customized via the setSecurityContextRepository setter. Closes gh-14137 Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>	8 months ago
yybmion	d48c463c03	Add logging to CsrfTokenRequestHandler implementations Add trace-level logging to show the logical path of CSRF token processing - Log token source (header or parameter) in resolveCsrfTokenValue - Log request attribute names in handle methods - Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding) - Add similar logging to XorServerCsrfTokenRequestAttributeHandler Improves debugging capabilities without changing functionality. Closes gh-13626 Signed-off-by: yybmion <yunyubin54@gmail.com>	8 months ago
Zhoudong	6624e302ac	Favor Spring Framework NonNull over Reactor NonNull Signed-off-by: Zhoudong <jearton@users.noreply.github.com>	9 months ago
Josh Cummings	e48f26e51e	Propagate StrictFirewallRequest Wrapper Closes gh-16978	9 months ago
Max Batischev	c855453e40	Fix Typo In SubjectDnX509PrincipalExtractorTests Signed-off-by: Max Batischev <mblancer@mail.ru>	9 months ago
Tran Ngoc Nhan	29380a87a0	Polish javadoc Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	9 months ago
Max Batischev	8525f0e3fd	Add FunctionalInterface To X509PrincipalExtractor Closes gh-16949 Signed-off-by: Max Batischev <mblancer@mail.ru>	9 months ago
Josh Cummings	7d6bdfedc8	Add Null Guard for Authorization Result	9 months ago
Josh Cummings	0ab01eac14	Update Deprecated Security Usage	9 months ago
Josh Cummings	216680bb50	Update Deprecated Spring Jdbc Usage	9 months ago
Josh Cummings	2ad859a63c	Add Missing Deprecation Markers	9 months ago
Josh Cummings	3f7f3dabe7	Correct JavaDoc Class Reference	9 months ago
Daeho Kwon	9908d96644	DeferredCsrfToken Implements Supplier Closes gh-16870 Signed-off-by: Daeho Kwon <trewq231@naver.com>	9 months ago
Josh Cummings	f93a7a2f85	Deprecate HandlerMappingIntrospectorRequestTransformer Closes gh-16536	10 months ago
chu3la	8cbe02e3aa	Update WebAuthn Test Objects Class Names Closes gh-16604 Signed-off-by: chu3la <elmansouri.houssam@gmail.com>	10 months ago
Josh Cummings	4cdc6dab21	Fix Formatting Issue gh-16604	10 months ago
Vasanth	04d7130975	Update WebAuthn Test Objects Class Names Renamed the WebAuthn test object class names Closes gh-16604 Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>	10 months ago
DingHao	857ef6fe08	WithHttpOnlyCookie defaults to false Closes gh-16820 Signed-off-by: DingHao <dh.hiekn@gmail.com>	10 months ago
Max Batischev	9a897d0b62	Add Support Postgres To JdbcUserCredentialRepository Closes gh-16832 Signed-off-by: Max Batischev <mblancer@mail.ru>	10 months ago
wtigerhyunsu	bdbf6a2be3	Add toString() to IpAddressMatcher.java Closes gh-16795 Signed-off-by: wtigerhyunsu <jack951@naver.com>	10 months ago
Josh Cummings	99345537d6	Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter Issue gh-16417	10 months ago
Josh Cummings	15d9c13984	Add RequestMatcher MigrationPath for SwitchUserFilter To simplify migration, the filter's setter methods still use AntPathRequestMatcher. Users can call the equivalent RequestMatcher setter methods to opt-in to the change early. Issue gh-16417	10 months ago
Josh Cummings	1eec51ab6c	Polish SwitchUserFilterTests Ensure that the appropriate HTTP Method is specified in tests Issue gh-16417	10 months ago
Josh Cummings	1618963255	Deprecate AntPathRequestMatcher Closes gh-16632	10 months ago
Josh Cummings	de07b1108f	Use PathPatternRequestMatcher in Web Components This commit changes filters and resolvers that were using AntPathRequestMatcher as their default to using PathPatternRequestMatcher. Issue gh-16632	10 months ago
Josh Cummings	50ad378a29	Polish MockHttpServletRequest Usage This commit makes so that the requestURI is set to a value that makes sense with the other properties being mocked. Issue gh-16632	10 months ago
Rob Winch	a6b5c05da9	Additional WebAuthn4jRelyingPartyOperationTests - verify that anonymous users not saved - verify that when user found the CredentialRecord is allowed Issue gh-16385	10 months ago
Rob Winch	9c054474a8	Use Test Name Conventions Issue gh-16385	10 months ago
Rob Winch	593f7c4490	Use !isAuthenticated It's more verbose to see if the user is not null and not anonymous Issue gh-16385	10 months ago
Rob Winch	4e20d56d2d	Fix format for WebAuthn4jRelyingPartyOperations Issue gh-16385	10 months ago
Josh Cummings	05fdcd6a08	Deprecate MvcRequestMatcher Closes gh-16631	10 months ago
Tomas Borghi	0a084135ec	Delete import unused Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>	10 months ago
Tomas Borghi	5571ad1b27	Fix issues identified in PR review Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>	10 months ago
Borghi	e3a715b8f5	Fix issues identified in PR review Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>	10 months ago
Josh Cummings	56e757a2a1	Provide Authentication to AuthenticationExceptions Issue gh-16444	10 months ago
Josh Cummings	464e506429	Polish ExceptionTranslateWebFilter - Isolated exception construction - Isolated entry point subscription Issue gh-16444	10 months ago
Josh Cummings	bfc12d55eb	Polish Tests Issue gh-16771	10 months ago
Josh Cummings	3d96878d43	Cache RequestPath In this way PathPatternRequestMatcher won't need to reparse for each request matcher. Issue gh-16771	10 months ago
Josh Cummings	86599afd43	Rename servletPath to basePath Closes gh-16765	10 months ago
Josh Cummings	c53bf2befe	PathPatternRequestParser Retains Servlet Path Issue gh-16765	10 months ago

1 2 3 4 5 ...

1966 Commits (af960abe2db69dfca57bb13ec73493c031ee222d)