spring-security

Commit Graph

Author	SHA1	Message	Date
Eleftheria Stein	a5210aaf9b	Support custom filter in Kotlin DSL Fixes: gh-7951	6 years ago
Stephane Maldini	851be025e9	Don't force downcasting of RequestAttributes to ServletRequestAttributes Fixes gh-7952	6 years ago
Eleftheria Stein	8c0b754a49	Fix credentials precedence over introspector in Kotlin Fixes: gh-7878	6 years ago
Eleftheria Stein	1fed688f05	Fix JWK Set URI precedence over decoder in Kotlin Fixes: gh-7877	6 years ago
Eleftheria Stein	84b8a5abd7	Unlock dependencies for next development version This reverts commit 064616f1ef077cf23028d64b61b1452be0ec9eb1.	6 years ago
Eleftheria Stein	064616f1ef	Lock dependencies for 5.3.0.RC1	6 years ago
Rob Winch	1d7208f8ef	Add RSocket Authentication Extension Support Fixes gh-7935	6 years ago
Josh Cummings	209c81d65d	Add BadOpaqueTokenException Updated NimbusOpaqueTokenIntrospector and NimbusReactiveOpaqueTokenIntrospector to throw. Updated OpaqueTokenAuthenticationProvider and OpaqueTokenReactiveAuthenticationManager to catch. Fixes gh-7902	6 years ago
Josh Cummings	0c3754c811	Add BadJwtException Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw. Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager to catch. Fixes gh-7885	6 years ago
Josh Cummings	3e07b35611	Polish Bearer Token Error Handling Issue gh-7822 Issue gh-7823	6 years ago
James	ee6df1701b	Polish SessionManagementConfigurer	6 years ago
Josh Cummings	cb9fd09150	Change AuthenticationWebFilter's constructor Fixes gh-7872	6 years ago
Eleftheria Stein	a512789a93	Fix requiresAuthenticationMatcher not being used The custom server requiresAuthenticationMatcher was not always picked up Fixes: gh-7863	6 years ago
Eleftheria Stein	29377545d9	Fix authenticationFailureHandler not being used The custom server authenticationFailureHandler was not always picked up Fixes: gh-7782	6 years ago
Johannes Edmeier	bdc60a9128	Don't cache requests with `Accept: text/event-stream` by default. The eventstream requests is typically not directly invoked by the browser. And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..	6 years ago
Josh Cummings	f1f158b37e	AuthenticationEventPublisher DSL Lookup Fixes gh-4400	6 years ago
Josh Cummings	5579846263	AuthenticationEventPublisher Bean Lookup Issue gh-7793 Fixes gh-7515	6 years ago
James Howe	fc9b97c94a	Typo in doc	6 years ago
Vincent Ricard	f0856c83a9	Migrate LDAP integration tests groovy->java This commit also removes BaseSpringSpec Issue: gh-4939	6 years ago
Josh Cummings	a35ce77451	Add missing PowerMockIgnore annotation WebSecurityConfigurerAdapterPowermockTests needs to exclude javax.xml.transform.* from Powermock configuration.	6 years ago
Josh Cummings	ba21c156dd	Polish WebSecurityConfigurerAdapter tests Moved Powermock-dependent test over to WebSecurityConfigurerAdapterPowermockTests.	6 years ago
Eleftheria Stein	fcc6457bef	Unlock dependencies for next development version This reverts commit 93acf8f0f11e2811b7d4241b26f712674978f3f7.	6 years ago
Eleftheria Stein	93acf8f0f1	Lock dependencies for 5.3.0.M1	6 years ago
Josh Cummings	de87675f6d	Add JwtIssuerAuthenticationManagerResolver Fixes gh-7724	6 years ago
Eleftheria Stein-Kousathana	2df1099da5	Idiomatic Kotlin DSL for configuring HTTP security Issue: gh-5558	6 years ago
Rob Winch	65981444f1	Use Version Ranges Fixes gh-7788	6 years ago
Rob Winch	06d7443946	Use Gradle platform and constraints This was largely generated from the following script wget `bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy` ./dsp.gradle cat gradle/dependency-management.gradle \| grep 'management "' \| cut -d ':' -f 2 \| xargs -I{} sh -c "rg {} -l -g '.gradle' -g '\!dependency-management.gradle' > /dev/null \|\| echo {}" \| xargs -I{} sed -iE '/.{}.*/d' gradle/dependency-management.gradle rm ./dps.gradle Fixes gh-7787	6 years ago
Eleftheria Stein	924b9e95a1	Polish MethodSecurityEvaluationContext Issue: gh-6224	6 years ago
Eleftheria Stein	8b8267e1fe	Fix typo in LDAP Javadoc	6 years ago
BELHAKEL Ammar	b4619f31ee	Fix return type AbstractConfiguredSecurityBuilder.objectPostProcessor() should cast to B, the type of SecurityBuilder, instead of O, the type of object being built. Without this change, calls like http.objectPostProcessor(...).getFilters() will fail with a ClassCastException.	6 years ago
Eleftheria Stein	2c7f2c2117	Fix Javadoc error in oauth2ResourceServer Fixes: gh-7670	6 years ago
Filip Hanik	af415948b1	Allow configuration of AuthenticationManagerResolver in saml2Login() Fixes gh-7654 https://github.com/spring-projects/spring-security/issues/7654	6 years ago
Filip Hanik	9aa333ca4d	Use the custom ServerRequestCache that the user configures on for the default authentication entry point and authentication success handler Fixes gh-7721 https://github.com/spring-projects/spring-security/issues/7721 Set RequestCache on the Oauth2LoginSpec default authentication success handler import static ReflectionTestUtils.getField Feedback incorporated per https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359	6 years ago
Josh Cummings	02f161aba7	Use OidcIdToken.Builder Issue gh-7592	6 years ago
Joe Grandja	c40a17b4d1	WebFlux oauth2Login() redirects on failed authentication Fixes gh-5562 gh-6484	6 years ago
Alexey Nesterov	d8d59e97ac	Correctly configure authorization requests repository for OAuth2 login To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is correctly configured, but the latter always uses default, WebSession based repository. So authorization code created before redirect to authorization endpoint will never be found to complete OAuth2 login when custom ServerAuthorizationRequestRepository is used. This change also makes OAuth2Client and OAuth2Login authentication converters consistent. Fixes gh-7675	6 years ago
Eleftheria Stein	b7cb93f671	Fix WebFlux logout disabling Fixes: gh-7682	6 years ago
Ruslan Stelmachenko	c38e57fa42	Fix class and variable names	6 years ago
Ruslan Stelmachenko	8ebc7ca0ea	Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc	6 years ago
Eleftheria Stein	8a95e5798d	Update @MessageMapping to match input/output cardinality	6 years ago
Pim Moerenhout	cd0bec48de	Fix typo in log message.	6 years ago
Paul Pazderski	0d35194b47	Add sessionFixation Javadoc	7 years ago
Adrian Pena	ca8877c8c5	Updates javadoc for InitializeUserDetailsBeanManagerConfigurer	7 years ago
Eleftheria Stein	1188a3bb5f	Polish RememberMeConfigurer Issue: gh-4140	7 years ago
邓超	b13f750646	Retrieve remember-me key from service as fallback Fixes: gh-4140	7 years ago
Yanming Zhou	9f6a36444a	Add missing schemas	7 years ago
Josh Cummings	925bf48ec0	Polish OAuth2ResourceServerConfigurerTests To confirm that resource server only produces SCOPE_<scope> authorities by default. Issue gh-7596	7 years ago
Filip Hanik	0cafcf37e2	Make the loginProcessingUrl configurable for saml2Login() Fixes gh-7565 https://github.com/spring-projects/spring-security/issues/7565	7 years ago
Josh Cummings	5f17032ffd	Restore Removed Throws Clauses In a recent clean-up, certain exceptions were removed from various throws clauses. This PR re-introduces throws clauses that are important for one of the following reasons: 1. It's a method on a public interface 2. It's a method clearly designed for inheritance, for example, a method stub, an abstract method, or indicated as such in the docs. Fixes gh-7541	7 years ago
Rob Winch	635f7e1edd	CsrfWebFilter supports multipart/form-data Fixes gh-7576	7 years ago

1 2 3 4 5 ...

1497 Commits (bae50ecc05daa436fb22f2afc6bb24a36eb0cbc7)