spring-security

Commit Graph

Author	SHA1	Message	Date
Daniel Garnier-Moiroux	fed6df5167	Default WebAuthnConfigurer#rpName to rpId In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated: > This member is deprecated because many clients do not display it, > but it remains a required dictionary member for backwards compatibility. > Relying Parties MAY, as a safe default, set this equal to the RP ID. Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>	2 months ago
Daniel Garnier-Moiroux	4feeb0f843	Docs: document effects of disabling CORS configurer Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>	2 months ago
Josh Cummings	8b2a453301	Advise Favoring PostAuthorize on Reads Closes gh-17797	4 months ago
Michał Sobkiewicz	c963f4250e	Update Angular documentation links in csrf.adoc Replaced `angular.io` links with their corresponding `angular.dev` URLs. This change ensures that users referencing CSRF documentation are directed to the most current Angular resources. Signed-off-by: Michał Sobkiewicz <perceptron8@users.noreply.github.com>	5 months ago
Bernie Schelberg	edcb3b024e	Update Shibboleth repository URL Signed-off-by: Bernie Schelberg <bernard.schelberg@invicara.com>	5 months ago
Gurunathan	a4cd6f4278	Advise Overriding equals() and hashCode() in UserDetails Implementations This commit adds a documentation note explaining the importance of overriding equals() and hashCode() in custom UserDetails implementations. The default SessionRegistryImpl in Spring Security uses an in-memory ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to associate principals with sessions. If a custom UserDetails class does not properly override equals() and hashCode(), user sessions may not be tracked or matched correctly. I believe this helps developers avoid subtle session management issues when implementing custom authentication logic. Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>	8 months ago
Josh Cummings	eb30fd7f59	Add Missing Header Issue gh-11161	8 months ago
snowykte0426	260d298cc5	Add Migration Guide from Spring Security SAML Extension This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support. Includes: - Content migrated from the project wiki - xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata` - Metadata example moved to Examples Matrix - Cleanup and naming per review feedback Closes gh-11161 Signed-off-by: snowykte0426 <snowykte0426@naver.com>	8 months ago
Danilo Piazzalunga	27319e3f9b	Add missing registration property in YAML listing Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>	8 months ago
Danilo Piazzalunga	ec462e8bc5	Update assertingparty property usage in YAML snippets Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration..identityprovider. to spring.security.saml2.relyingparty.registration..assertingparty.. Closes gh-12810. Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>	8 months ago
Tran Ngoc Nhan	505fe3abed	Correct method name Closes gh-17031 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	8 months ago
Josh Cummings	51239359ed	Fix ClearSiteData Code Snippet Closes gh-16948	8 months ago
Soumik Sarker	bcef6ed74f	Reformatted lines in x509 overview documentation Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>	8 months ago
Yanming Zhou	9c76ab69f0	Use proper configuration key the getter method is `getOpaquetoken()` not `getOpaqueToken()` See `c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)` Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>	8 months ago
Rob Winch	58e7ba4a4b	https docs download	10 months ago
Bragolgirith	72554f7f36	Update authorize-http-requests.adoc Fix patterns in the Security Matchers documentation Signed-off-by: Bragolgirith <6455473+Bragolgirith@users.noreply.github.com>	10 months ago
Rob Winch	65e83f8e7a	Add link to docs zip Closes gh-16798	10 months ago
Tran Ngoc Nhan	af40d7e35a	Fix typo Closes gh-16776 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	10 months ago
Tran Ngoc Nhan	daf8cfe8d2	Fix Spring Framework reference link Closes gh-16699 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	10 months ago
Tran Ngoc Nhan	75b537f99a	Fix WebFlux authentication reference link Closes gh-16702 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	10 months ago
Olivier	71e12bb42e	Fix @PostResult example in method-security Replace @PreFilter with @Postfilter in example Signed-off-by: Olivier <Kuba15@users.noreply.github.com>	10 months ago
Tran Ngoc Nhan	a0cfb2777c	Fix typo Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	10 months ago
Yoshikazu Nojima	ee1ede8b2d	Update document regarding PublicKeyCredentialCreationOptions.attestation value Follow up for #16252	1 year ago
Josh Cummings	55ea78d441	Update GA Release Guidance	1 year ago
Josh Cummings	a731af103e	Polish Issue gh-16228	1 year ago
Harpreet Singh	d1a4fac520	Use Tabs for Maven and Gradle Snippets Closes gh-16228	1 year ago
Tran Ngoc Nhan	40f8ac642a	Fix Documentation Typos	1 year ago
Josh Cummings	eb313ec901	Link to Messaging SpEL Migration Details Issue gh-12650	1 year ago
Josh Cummings	8b9fe13c88	Document Messaging SpEL Migration Issue gh-12650	1 year ago
Mohammed Fadhil	a4469686c7	Fix phrasing for clarity in the docs.	1 year ago
Mohammed Fadhil	05ffdcafff	Fix phrasing for clarity in the docs.	1 year ago
Harpreet Singh	cc2506b0c1	Fix: Correct OpenSAML 5.x Documentation - Fixed invalid XML tags in dependency examples. - Corrected typo in `<artifactId>` ("opensaml-saml-imple" -> "opensaml-saml-impl"). - Excluded all OpenSAML 4.x dependencies. - Removed redundant dependencies (`opensaml-core-api` and `opensaml-core-impl`) as they are transitively included in `opensaml-saml-api` and `opensaml-saml-impl`. Closes gh-16191	1 year ago
Harpreet Singh	c97edf2bd0	Fix typo in documentation: change 'select the write' to 'select the right. Closes gh-16178	1 year ago
Harpreet Singh Bhullar	f5eccf7cd3	Fix OAuth2 documentation: Corrected OAuth2ClientHttpRequestInterceptor usage Closes gh-16165	1 year ago
Harpreet Singh	68d91916e2	Polish Dark Mode for CSRF and Method Security diagrams Closes gh-16151	1 year ago
James Howe	aa635b02a8	Another spelling issue	1 year ago
James Howe	d1e6806464	Spelling error in opensaml.adoc	1 year ago
Martin Tarjányi	24ccac3555	Fix typo in documentation	1 year ago
Josh Cummings	30c9860fc3	Add What's New Link to Landing Pages - to the README - to the Reference index page	1 year ago
Josh Cummings	4787efb40b	Update What's New	1 year ago
Josh Cummings	85248083c0	Add Dark Mode CSS Style Closes gh-14834	1 year ago
Rob Winch	cd609acafc	Document passkeys dependencies Closes gh-16107	1 year ago
Steve Riesenberg	f1159842f4	Polish gh-15554 Closes gh-15398	1 year ago
chu3la	e5529fffea	Improve documentation about CredentialsContainer Issue gh-15398	1 year ago
Rob Winch	81e74e65d4	Support ServerExchangeRejectedHandler @Bean Closes gh-16061	1 year ago
Rob Winch	c24b5ebe98	Support ServerExchangeRejectedHandler @Bean Closes gh-15975	1 year ago
Rob Winch	e86d88d0cf	Support ServerExchangeRejectedHandler @Bean Closes gh-15975	1 year ago
Junkyu Lim	4ec5beb509	Update authentication.adoc	1 year ago
Steve Riesenberg	ea5bc28773	Polish OAuth2 docs	1 year ago
Steve Riesenberg	d5cb41156c	Update reactive OAuth2 docs Issue gh-15938	1 year ago

1 2 3 4 5 ...

1104 Commits (d0fcdebe88e1bb6ed032111d7fc50fb3ef356579)