d5d7fd414d
Update What's New
2025-10-20 10:25:17 -06:00
95abf61c88
Refine Jackson 3 format description
2025-10-20 09:11:22 -05:00
8f8a25533a
Refine documentation for Jackson 3
...
This commit refines the documentation by:
- Updating Jackson documentation for Jackson 3
- Removing the outdated documentation in servlet
- Adding migration guidelines
Closes gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com >
2025-10-19 17:03:19 -05:00
65a14d6c6d
Add Jackson 3 support
...
This commit adds support for Jackson 3 which has the following
major differences with the Jackson 2 one:
- jackson subpackage instead of jackson2
- Jackson type prefix instead of Jackson2
- JsonMapper instead of ObjectMapper
- For configuration, JsonMapper.Builder instead of ObjectMapper
since the latter is now immutable
- Remove custom support for unmodifiable collections
- Use safe default typing via a PolymorphicTypeValidator
Jackson 3 changes compared to Jackson 2 are documented in
https://cowtowncoder.medium.com/jackson-3-0-0-ga-released-1f669cda529a
and
https://github.com/FasterXML/jackson/blob/main/jackson3/MIGRATING_TO_JACKSON_3.md .
This commit does not cover webauthn which is a special case (uses
jackson sub-package for Jackson 2 support) which will be handled in
a distinct commit.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com >
2025-10-19 17:03:19 -05:00
78701f94ee
Document RequiredFactor Valid Duration
...
Issue gh-17997
2025-10-10 16:24:47 -05:00
702878acae
Create AuthorizationManagerFactories.multiFactor
...
Closes gh-18032
2025-10-10 16:24:47 -05:00
d18431a78d
Move FACTOR_ constants to FactorGrantedAuthority
...
Previously GrantedAuthorities had an implicit package tangle because it
was located in ~.core and FactorGrantedAuthority is in ~.core.authority
and FactorGrantedAuthority's authority property was implicitly expected
to be constants found in `GrantedAuthorities`.
This commit moves the constants to the FactorGrantedAuthority which
resolves this tangle. It wasn't initially done because
FactorGrantedAuthority did not exist at that time.
Closes gh-18030
2025-10-10 16:24:46 -05:00
e290c98e97
Document Multi-Factor Simple to Complex
...
This reworks the Multi-Factor documentation to start with the
simplest scenario and work to progressively more complex requirements.
Closes gh-18029
2025-10-10 16:23:38 -05:00
8c65dc93f2
Enable PKCE by default
...
Closes gh-17507
Signed-off-by: Rohan Naik <rohan.nn1203@gmail.com >
2025-10-03 13:08:04 -04:00
681e166be8
Remove default HttpSecurity.securityMatcher() for authorization server
...
Closes gh-17965
2025-10-01 11:45:21 -04:00
7f10897de3
SecurityMockMvcResultMatchers.withAuthorities(String...)
...
Closes gh-17974
2025-09-30 10:39:14 -05:00
f652920bb3
Add @EnableGlobalMultiFactorAuthentication
...
Closes gh-17954
2025-09-24 14:47:26 -05:00
bbba2930e9
Add Initial Documentation
...
Issue gh-17934
2025-09-23 18:16:36 -06:00
4ef16b14d2
Update terminology to HTTP Service Clients
...
Closes gh-17947
2025-09-22 10:09:04 -05:00
765bdf1ed0
SpEL Expressions Support Returning AuthorizationManager
...
Closes gh-17936
2025-09-19 12:07:59 -06:00
1e1cb0097a
Document Authentication Factors
...
Issue gh-17933
2025-09-19 11:32:28 -06:00
9eaadcc70d
Add hasAll(Roles|Authorities) to SecurityExpressionRoot
...
This adds support for hasAllRoles and hasAllAuthorities to method security
expressions.
Issue gh-17932
2025-09-19 09:33:50 -05:00
675835e525
Add AuthorizationManagerFactory.hasAll(Authorities|Roles)
...
Closes gh-17932
2025-09-18 14:19:22 -05:00
bb6b8ae3f3
Add AllAuthoritiesReactiveAuthorizationManager
...
Issue gh-17916
2025-09-16 16:31:55 -05:00
d0372efadd
Use include-code for password4j docs
...
This follows the new convention of using include-code going forward to
ensure that the documentation compiles and is tested. This also corrected
a few errors in custom params for Ballooning and PBKDF2 examples.
Issue gh-17706
2025-09-15 11:03:44 -05:00
9f839384e9
Use non-redundant ids in password4j docs
...
Documentation ids no longer need to be globally unique, so they
do not need to include the path. This makes the ids less verbose and
integrates with include-code extension better.
Issue gh-17706
2025-09-15 11:00:51 -05:00
11bec09ffc
Escape attribute failures in Password4j docs
...
Issue gh-17706
2025-09-15 10:57:19 -05:00
c18aff7f5f
Password4j docs 1 sentence per line
...
The Antora documentation convention is to use a single sentence per line
as this helps with diffing and merging changes.
Issue gh-17706
2025-09-15 09:22:08 -05:00
b2d4c52c53
Add documentation for Password4j-based password encoders for Argon2, BCrypt, Scrypt, PBKDF2, and Balloon hashing
...
Closes gh-17706
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com >
2025-09-13 09:27:41 +03:30
a0fe04c4aa
Document @ClientRegistrationId on types
...
Issue gh-17806
2025-09-12 16:19:27 -05:00
02a948da81
Address reviewer requested changes
...
Closes gh-17806
Signed-off-by: Bernard Budano <bbudano@gmail.com >
2025-09-12 16:19:27 -05:00
7ef25cc101
Add HttpSecurity.oauth2AuthorizationServer()
...
Issue gh-17880
2025-09-12 16:20:44 -04:00
e99ea033c5
Integrate Spring Authorization Server ref docs
...
Issue gh-17880
2025-09-12 16:20:40 -04:00
93742a4db3
Manual move of spring-projects/spring-authorization-server docs
...
Issue gh-17880
2025-09-12 16:20:40 -04:00
cf0ade86fe
Update Kerberos Sample Copyright
...
Issue gh-17879
2025-09-12 15:12:47 -05:00
1b263cfafb
Fix Keberos Docs http://
...
Issue gh-17879
2025-09-12 14:39:46 -05:00
f5fb127c8c
Add Spring Security Kerberos
...
Move the Spring Security Kerberos Extension into Spring Security
Closes gh-17879
2025-09-12 14:25:20 -05:00
b87d63cb71
Document spring-security-access
...
Closes gh-17847
2025-09-12 10:32:39 -06:00
5ec7ae6b74
Remove redundant code in document
...
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com >
2025-09-10 18:14:37 -06:00
b09afb34cc
Document Authentication.Builder
...
The commit documents the new Authentication Builder interface
and its usage in the security filter chain.
Closes gh-17861
Closes gh-17862
2025-09-09 14:59:14 -06:00
eeb4574bb3
Add AuthorizationManagerFactory
...
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com >
2025-09-09 15:36:49 -05:00
0e39685b9c
Merge branch '6.5.x'
2025-08-22 12:40:41 -06:00
9d64880ea9
Merge branch '6.4.x' into 6.5.x
2025-08-22 12:40:12 -06:00
8b2a453301
Advise Favoring PostAuthorize on Reads
...
Closes gh-17797
2025-08-22 12:39:51 -06:00
9bbf837c7c
Merge branch '6.5.x'
2025-08-21 12:44:42 -05:00
d002e68231
Update servlet test method docs to use include-code
...
References gh-16226
Signed-off-by: Joe Kuhel <4983938+jkuhel@users.noreply.github.com >
2025-08-21 12:35:13 -05:00
f82fe9c8c6
Remove stray modular from the documentation
...
Issue gh-16258
2025-08-20 12:24:33 -05:00
a8f045eb50
Add Modular Spring Security Configuration
...
Closes gh-16258
2025-08-20 12:16:08 -05:00
4da98dde2b
Update What's New
...
Issue gh-17707
2025-08-18 15:31:03 -06:00
d3b143dab6
Move SAML 2.0 Migration Step
...
Issue gh-17099
2025-08-14 18:03:44 -06:00
60c42e3f24
Update SAML 2.0 Documentation to use OpenSAML 5
...
Closes gh-17707
2025-08-14 18:01:34 -06:00
5506c487de
Remove OpenSaml4 Components
...
Issue gh-17707
2025-08-14 18:01:02 -06:00
dfc8be0d48
Fix typo
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2025-08-04 09:40:20 -06:00
371bee685f
Polish User#withDefaultPasswordEncoder
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2025-08-04 09:40:20 -06:00
f61a8deccc
Update index.adoc
...
Signed-off-by: Marcin Lewandowski <marcin@ravendb.net >
2025-07-31 11:09:06 -06:00
Josh Cummings
Rob Winch
Sébastien Deleuze
Rohan Naik
Joe Grandja
M.Bozorgmehr
Bernard Budano
Yanming Zhou
Steve Riesenberg
Joe Kuhel
Tran Ngoc Nhan
Marcin Lewandowski