spring-security

Author	SHA1	Message	Date
Marcus Da Coregio	64e2a2ff8b	Apply updated Code Style Closes gh-13881	2 years ago
Steve Riesenberg	d6ff58bb7f	Update Mockito to 5.5.0 Closes gh-13810	2 years ago
Tim te Beek	9df9cb5aed	refactor: AssertJ best practices Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D Co-authored-by: Moderne <team@moderne.io>	2 years ago
Kevin Park	02aa052fc7	Fix typo in method name	2 years ago
Laurent MARTELLI	5a7eb108c8	Fix Javadoc	3 years ago
Josh Cummings	bcc1cfc28a	Restore OAuth2AuthorizedClientRepository Test Instrumentation Closes gh-13113	3 years ago
Amal Krishna	8bec14009e	Fix typo in SecurityMockMvcResultMatchers.java Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication	3 years ago
Marcus Da Coregio	54117d7d27	Fix test suffix to align with checkstyle	3 years ago
Josh Cummings	a7562ad950	Update io.spring.javaformat to 0.0.38 Closes gh-12891	3 years ago
Marcus Da Coregio	52ed165476	Move classpath checks to class member variable Closes gh-11437	3 years ago
Marcus Da Coregio	c15f45d9ee	Only register hints for servlet applications Closes gh-12622	3 years ago
Marcus Da Coregio	1648151dd2	Register hints for @WithSecurityContext on class level Issue gh-12215	3 years ago
Marcus Da Coregio	177e11fbd7	Add WebTestUtils test runtime hints Closes gh-12216	3 years ago
Marcus Da Coregio	7094ee3710	Add runtime hints for annotations using @WithSecurityContext Closes gh-12215	3 years ago
Rob Winch	9cb668aec2	SessionManagementConfigurer properly defaults SecurityContextRepository Previously the default was an HttpSessionSecurityContextRepository which meant that if a stateless authentication occurred the SecurityContext would be lost on ERROR dispatch. This commit ensures that the RequestAttributeSecurityContextRepository is also consulted by default. Closes gh-12070	3 years ago
Steve Riesenberg	2a2051cd7b	Default to Xor CSRF tokens in CsrfFilter Issue gh-11960	3 years ago
Steve Riesenberg	440748ec65	Add test support for Xor CSRF tokens Issue gh-4001	3 years ago
Marcus Da Coregio	398f5dee7f	Remove deprecated RequestMatcher methods from Java Configuration Closes gh-11939	3 years ago
Marcus Da Coregio	35f7e46d05	Remove WebSecurityConfigurerAdapter Closes gh-10902	3 years ago
Steve Riesenberg	475b3bb6bb	Add deferred CsrfTokenRepository.loadDeferredToken * Move DeferredCsrfToken to top-level and implement Supplier<CsrfToken> * Move RepositoryDeferredCsrfToken to top-level and make package-private * Add CsrfTokenRepository.loadToken(HttpServletRequest, HttpServletResponse) * Update CsrfFilter * Rename CsrfTokenRepositoryRequestHandler to CsrfTokenRequestAttributeHandler Issue gh-11892 Closes gh-11918	3 years ago
Rob Winch	4479cefade	Default Require Explicit Session Management = true Closes gh-11763	3 years ago
Steve Riesenberg	46696a9226	CsrfTokenRequestHandler extends CsrfTokenRequestResolver Closes gh-11896	3 years ago
Rob Winch	d94677f87e	CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and moves usage from CsrfFilter into CsrfTokenRequestHandler. Closes gh-11892	3 years ago
aSemy	6e2e8c41b5	typo fitler -> filter	3 years ago
aSemy	e7880b1815	Javadoc typo 'sue' -> 'use'	3 years ago
mariusz	b478e5bc93	gh-6899: @WithMockUser as metaannotation	3 years ago
Joshua Sattler	040111ae9e	Remove Configuration meta-annotation from Enable* annotations Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration. While convenient, this is not consistent with the rest of the Spring projects and most notably Spring Framework's @Enable annotations. Additionally, the introduction of support for @Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow users to opt into their preferred configuration mode. Closes gh-6613 Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>	4 years ago
Steve Riesenberg	206c6ffb54	Remove deprecation warnings with Context.putAll Closes gh-11476	4 years ago
Igor Bolic	d96b4a0463	Set the useTrailingSlashMatch to true for tests The Spring MVC changed the default behavior for trailing slash match with https://github.com/spring-projects/spring-framework/issues/28552. This causes failures in Spring Security's tests. Setting the `useTrailingSlashMatch` to `true` ensures that Spring Security will work for users who have modified the default configuration. Specifing the request mapper with trailing slash path ensures that the tests are successful when default behavior is used. Closes gh-11451	4 years ago
Josh Cummings	6ac9366657	Add SecurityContextHolderStrategy Test Support Issue gh-11061 Issue gh-11444	4 years ago
Josh Cummings	f86992a0af	Add SecurityContextHolderStrategy Test Support Issue gh-11061 Issue gh-11444	4 years ago
Marcus Da Coregio	b8b0661d73	Lock Dependencies for Release	4 years ago
Marcus Da Coregio	806e05855c	Replace removed context-related operators Closes gh-11194	4 years ago
Rob Winch	b1233d053f	Add test support for SecurityContextHolderFilter Issue gh-9635	4 years ago
Rob Winch	6e6d472da4	Add test support for SecurityContextHolderFilter Issue gh-9635	4 years ago
Steve Riesenberg	8aa7029d07	Fix checkstyle errors Issue gh-10989	4 years ago
Rob Winch	972039e65c	Add SecurityContextHolderFilter Closes gh-9635	4 years ago
Rob Winch	87ed31a99c	Add SecurityContextHolderFilter Closes gh-9635	4 years ago
Norbert Nowak	abd33389be	Add UsernamePasswordAuthenticationToken factory methods - unauthenticated factory method - authenticated factory method - test for unauthenticated factory method - test for authenticated factory method - make existing constructor protected - use newly factory methods in rest of the project - update copyright dates Closes gh-10790	4 years ago
Norbert Nowak	ac9c29b2a0	Add UsernamePasswordAuthenticationToken factory methods - unauthenticated factory method - authenticated factory method - test for unauthenticated factory method - test for authenticated factory method - make existing constructor protected - use newly factory methods in rest of the project - update copyright dates Closes gh-10790	4 years ago
giger85	304ef2302c	Replace StringUtils class completely Issue gh-9925 Closes gh-10805	4 years ago
giger85	8f01efb9e3	Replace StringUtils class completely Issue gh-9925 Closes gh-10805	4 years ago
giger85	440e89095f	Replace StringUtils class completely Issue gh-9925 Closes gh-10805	4 years ago
giger85	4a3654a95b	Replace StringUtils class completely Issue gh-9925 Closes gh-10805	4 years ago
Rob Winch	04f3bbcefa	javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api Issue gh-10501	4 years ago
Rob Winch	c67ee6f2a8	javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api Issue gh-10501	4 years ago
Rob Winch	0e8c03401b	javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api Issue gh-10501	4 years ago
Rob Winch	8f64bb6c8c	javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api Issue gh-10501	4 years ago
Eleftheria Stein	3389cf3ffc	Revert "Lock dependencies" This reverts commit 83bb4603f89c27b97305f32a0237bb6c417e7843.	4 years ago
Marcus Da Coregio	cfbf28b8ba	Revert "Lock Dependencies for Release" This reverts commit 3d4e90ba2aa6bf026024da6c8a57672f4e08c920.	4 years ago

1 2 3 4 5 ...

310 Commits (b712a474ec838043debd1fd425539a4faeb0ebb3)