2774948b92
Fix X509 WebFlux Configuration Checks
...
The changes for gh-17382 broke the checkstyle and tests. This fixes
them both.
Issue gh-17382
2025-09-12 16:45:51 -05:00
b502697731
feat: Add option to specify a custom ServerAuthenticationConverter for x509()
...
Signed-off-by: blake_bauman <blake_bauman@apple.com >
2025-09-12 16:45:51 -05:00
35f41f87d1
Temporarily fix integration tests
...
Issue gh-17880
2025-09-12 16:20:44 -04:00
7ef25cc101
Add HttpSecurity.oauth2AuthorizationServer()
...
Issue gh-17880
2025-09-12 16:20:44 -04:00
098574c50e
Remove redundant classes
...
Issue gh-17880
2025-09-12 16:20:43 -04:00
8399bc161d
Fix Serializable tests
...
Issue gh-17880
2025-09-12 16:20:42 -04:00
cc71be71e5
Move OAuth2AuthorizationServerConfigurer and OAuth2AuthorizationServerConfiguration
...
Issue gh-17880
2025-09-12 16:20:42 -04:00
3a1692f3c3
Remove Direct Runtime Dependency on Access API
...
Issue gh-17847
2025-09-12 10:32:37 -06:00
10935632ee
Remove PortResolver
...
Closes gh-15971
Signed-off-by: DingHao <dh.hiekn@gmail.com >
2025-09-11 22:58:32 -05:00
2b87e3c5e2
Use withRoles
...
Issue gh-17843
2025-09-09 17:03:05 -06:00
3f774548d2
Move Authority Propagation Into Filters
...
Given that the filters are the level at which the
SecurityContextHolder is consulted, this commit moves
the operation that ProviderManager was doing into each
authentication filter.
Issue gh-17862
2025-09-09 14:49:13 -06:00
a0fe6a5fee
Polish Builders
...
- Added remaining properties
- Removed apply method since Spring Security isn't using
it right now
- Made builders extensible since the authentications are
extensible
Issue gh-17861
2025-09-09 14:49:13 -06:00
44fef786aa
Pick Up SecurityContextHolderStrategy Bean
...
This commit provides the SecurityContextHolderStrategy bean to
ProviderManager instances that the HttpSecurity DSL constructs.
Issue gh-17862
2025-09-09 14:49:13 -06:00
eeb4574bb3
Add AuthorizationManagerFactory
...
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com >
2025-09-09 15:36:49 -05:00
a4f813ab29
Support Multiple ServerLogoutHandlers
...
This commit adds support to ServerHttpSecurity for registering
multiple ServerLogoutHandlers. This is handy so that an application
does not need to re-supply any handlers already configured by
the DSL.
Signed-off-by: blake_bauman <blake_bauman@apple.com >
2025-09-05 11:47:54 -06:00
f30cc9c5a9
Update to PropertySourcesPlaceholderConfigurer
...
This commit replaces deprecated usage of PropertyPlaceholderConfigurer
in favor of PropertySourcesPlaceholderConfigurer
2025-09-04 11:32:04 -06:00
c64b086878
Add SecurityAssertions
...
This commit introduces a simple, internal test API for
verifying aspects of an Authentication, like its name
and authorities.
Closes gh-17844
2025-09-03 17:53:42 -06:00
de10e08348
Make withRoles Check Only Roles
...
This commit clarifies the semantics of withRoles,
which is to check the role-based authorities in an
authentication.
Closes gh-17843
2025-09-03 17:53:41 -06:00
24ffda28d8
Fixes for webauthn tests after JSpecify
...
Issue gh-17839
2025-09-03 14:44:58 -05:00
3dbcf266e9
Merge branch '6.5.x'
2025-09-02 16:45:30 -06:00
eeb67650ee
Deprecate RequiresChannelDsl
...
Issue gh-16680
2025-09-02 16:41:39 -06:00
3534b74945
Replace InteractiveAuthenticationSuccessEvent 7.0.x Sample
...
Given that 7e3bf9662c
2025-09-02 14:18:25 -06:00
dc0ab4c805
Merge branch '6.5.x'
2025-09-02 14:15:20 -06:00
c982753d46
Replace InteractiveAuthenticationSuccessEvent 6.5.x Sample
...
Given that 7e3bf9662c
2025-09-02 14:14:13 -06:00
0ff9f10696
Merge branch '6.4.x' into 6.5.x
2025-08-30 10:00:45 -06:00
7e3bf9662c
Polish InteractiveAuthenticationSuccessEvent Sample
...
The sample better matches a value that would be used in the constructor
Issue gh-16276
2025-08-30 10:00:24 -06:00
a58f3282d9
Fix config/src/test/kotlin nullability for web
...
Issue gh-17535
2025-08-29 15:46:08 -05:00
c2ba662b91
Enable Null checking in spring-security-web via JSpecify
...
Closes gh-17535
2025-08-29 15:06:48 -05:00
49f308adb0
Use Supplier<? extends @Nullable Authentication>
...
Previously Supplier<@Nullable Authentication> was used. This prevented
Supplier<Authentication> from being used. The code now uses
Supplier<? extends @Nullable Authentication> which allows for both
Supplier<@Nullable Authentication> and Supplier<Authentication>.
Closes gh-17814
2025-08-29 09:46:58 -05:00
4cbe8de7ea
Polish RSocket Anonymous Support
...
Changed the DSL method name to anonymous to align with jwt.
Since basicAuthenication is deprecated, we don't need to
align with its naming convention.
Also added a since attribute to the method.
Issue gh-17132
2025-08-26 17:33:40 -06:00
559b73b39f
Add Disabling Anonymous Authentication in RSocketSecurity
...
Closes: gh-17132
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com >
1
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com >
1
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com >
2025-08-26 17:33:40 -06:00
36f1de945f
Add OneTimeTokenAuthentication
...
Closes gh-17799
2025-08-22 15:46:54 -06:00
89b2f9cf54
Improve Test Runnability in IDE
...
In some configurations, Configuration classes with static elements
may cause a test to hang. This commit changes JeeConfigurerTests
test configuration classes to use mock beans instead of referencing
them as static fields.
2025-08-22 15:46:53 -06:00
f496ded4e5
AuthorizationManager allows null Authentication
...
It is possible to have a null Authentication and so the
AuthorizationManager APIs should allow for passing it in.
Closes gh-17795
2025-08-22 12:03:16 -05:00
41162aa7e3
Polish WebFluxSecurityConfiguration
...
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com >
2025-08-21 11:16:12 -06:00
d86f2c957d
Change @Bean method signature to return RsaKeyConversionServicePostProcessor instead of BeanFactoryPostProcessor
...
It's friendly for Spring Boot's `@ConditionalOnMissingBean`, and:
>> When defining a Spring `@Bean` method, it is generally recommended to declare the most specific type possible as the method's return type. This means returning the concrete class of the bean, or the most specific interface that the bean implements and through which it will be referenced in the application.
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com >
2025-08-21 11:16:12 -06:00
a8f045eb50
Add Modular Spring Security Configuration
...
Closes gh-16258
2025-08-20 12:16:08 -05:00
5c5efc9092
SpringTestContext registers WebTestClient Bean
...
Closes gh-17780
2025-08-20 12:15:58 -05:00
3396890d8b
Propagate AccessDeniedException Only to ExceptionTranslationFilter
...
Closes gh-17761
2025-08-18 17:04:19 -06:00
714781df78
Isolate AOT Test to Security Components
...
PR gh-17724
2025-08-18 09:05:03 -05:00
a04b026000
Disable Test
...
Issue gh-17747
PR gh-17724
2025-08-18 09:05:03 -05:00
aeb2dbc2b6
Move PathPatternRequestMatcher.Builder to Shared Object
...
This commit changes the DSL to look for a shared object
instead of publishing a bean for PathPatternRequestMatcher.Builder.
Closes gh-17746
2025-08-18 06:31:31 -06:00
890c11d428
Polish SecurityNamespaceHandler Version Checking
...
PR gh-17689
2025-08-15 17:26:57 -06:00
01401f1c67
Replace "shameless coverage code" in SecurityNamespaceHandlerTests
...
Signed-off-by: seongm1n <0411tjdals34@gmail.com >
2025-08-15 16:26:31 -06:00
5506c487de
Remove OpenSaml4 Components
...
Issue gh-17707
2025-08-14 18:01:02 -06:00
057b7c68fb
Add Serializable Sample
...
Closes gh-17728
2025-08-14 16:39:49 -06:00
7b1c917593
Merge branch '6.5.x'
2025-08-14 16:34:48 -06:00
9b7e0e10fc
Add Serializable Sample
...
Closes gh-17727
2025-08-14 16:20:06 -06:00
4fab90b2b8
Merge branch '6.4.x' into 6.5.x
2025-08-14 15:54:16 -06:00
10948b5b7a
Make OpenSamlAssertingPartyDetails Serializable
...
Closes gh-17622
2025-08-14 15:52:58 -06:00
Rob Winch
blake_bauman
Joe Grandja
Josh Cummings
DingHao
Steve Riesenberg
Andrey Litvitski
Yanming Zhou
seongm1n