spring-security

Author	SHA1	Message	Date
Rob Winch	b2d76dfe66	Add GrantedAuthorities.FACTOR_*_AUTHORITY Closes gh-17952	6 months ago
Josh Cummings	d757e6e44e	Response to Additional Feedback - Moved request attribute to WebAttributes - Renamed ExceptionHandlingConfigurer methods - Removed varargs from DelegatingMissingAuthorityAccessDeniedHandler Issue gh-17901 Issue gh-17934	6 months ago
Josh Cummings	50ebd467c3	Polish Default Login Page Issue gh-17901	6 months ago
Josh Cummings	42376e2eee	Prepopulate Username When Known Closes gh-17935	6 months ago
Josh Cummings	e813aad82b	Support Showing One Part of Login Page Closes gh-17901	6 months ago
Josh Cummings	9f317757c3	Make Public Missing Authority AccessDeniedHandler Issue gh-17934	6 months ago
Josh Cummings	df7a7cdc99	Update Test for Method Security Issue gh-17936	6 months ago
Josh Cummings	e66c498d80	Redirect to Appropriate Entry Point Based on Missing Authorities Issue gh-17934	6 months ago
Josh Cummings	fe17f2904d	Initial Exception Handling This commit hardcodes factors as a proof of concept for multi-factor authentication Issue gh-17934	6 months ago
Rob Winch	459b872a20	Cleanup Kotlin AuthorizationManagerFactory Generics This cleans up the generic types within the Kotlin DSL that reference AuthorizationManagerFactory Issue gh-17860	6 months ago
Josh Cummings	a63e87d8fb	Remove Static Mock These can cause infinite loops when running tests in an IDE.	6 months ago
Rob Winch	229c7bca5b	Add AuthorizationManagerFactory in Kotlin DSL Closes gh-17860	6 months ago
Josh Cummings	765bdf1ed0	SpEL Expressions Support Returning AuthorizationManager Closes gh-17936	6 months ago
Josh Cummings	6e7a181eac	Polish Authentication Factors Issue gh-17933	6 months ago
Josh Cummings	0f4e1f2a2a	Move FACTOR_X509 into PreAuthenticatedAuthenticationProvider Issue gh-17933	6 months ago
Josh Cummings	e8accd0499	Add Factory Authority When Authentication Succeeds Issue gh-17933	6 months ago
Rob Winch	9eaadcc70d	Add hasAll(Roles\|Authorities) to SecurityExpressionRoot This adds support for hasAllRoles and hasAllAuthorities to method security expressions. Issue gh-17932	6 months ago
Rob Winch	bce8049815	Web uses AuthorizationManager<? super RequestAuthorizationContext> This allows AuthorizationManager<Object> to be used instead of just AuthorizationManager<RequestAuthorizationContext>. In addition, the code was updated to use `AuthorizationManagerFactory<? super RequestAuthorizationContext>` Closes gh-17931	6 months ago
Rob Winch	675835e525	Add AuthorizationManagerFactory.hasAll(Authorities\|Roles) Closes gh-17932	6 months ago
Rob Winch	9a3ae4b867	DelegatingAuthenticationEntryPoint uses RequestMatcherEntry Closes gh-17915	6 months ago
Rob Winch	2774948b92	Fix X509 WebFlux Configuration Checks The changes for gh-17382 broke the checkstyle and tests. This fixes them both. Issue gh-17382	6 months ago
blake_bauman	b502697731	feat: Add option to specify a custom ServerAuthenticationConverter for x509() Signed-off-by: blake_bauman <blake_bauman@apple.com>	6 months ago
Joe Grandja	35f41f87d1	Temporarily fix integration tests Issue gh-17880	6 months ago
Joe Grandja	7ef25cc101	Add HttpSecurity.oauth2AuthorizationServer() Issue gh-17880	6 months ago
Joe Grandja	098574c50e	Remove redundant classes Issue gh-17880	6 months ago
Joe Grandja	8399bc161d	Fix Serializable tests Issue gh-17880	6 months ago
Joe Grandja	cc71be71e5	Move OAuth2AuthorizationServerConfigurer and OAuth2AuthorizationServerConfiguration Issue gh-17880	6 months ago
Josh Cummings	3a1692f3c3	Remove Direct Runtime Dependency on Access API Issue gh-17847	6 months ago
DingHao	10935632ee	Remove PortResolver Closes gh-15971 Signed-off-by: DingHao <dh.hiekn@gmail.com>	6 months ago
Josh Cummings	2b87e3c5e2	Use withRoles Issue gh-17843	6 months ago
Josh Cummings	3f774548d2	Move Authority Propagation Into Filters Given that the filters are the level at which the SecurityContextHolder is consulted, this commit moves the operation that ProviderManager was doing into each authentication filter. Issue gh-17862	6 months ago
Josh Cummings	a0fe6a5fee	Polish Builders - Added remaining properties - Removed apply method since Spring Security isn't using it right now - Made builders extensible since the authentications are extensible Issue gh-17861	6 months ago
Josh Cummings	44fef786aa	Pick Up SecurityContextHolderStrategy Bean This commit provides the SecurityContextHolderStrategy bean to ProviderManager instances that the HttpSecurity DSL constructs. Issue gh-17862	6 months ago
Steve Riesenberg	eeb4574bb3	Add AuthorizationManagerFactory Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>	6 months ago
blake_bauman	a4f813ab29	Support Multiple ServerLogoutHandlers This commit adds support to ServerHttpSecurity for registering multiple ServerLogoutHandlers. This is handy so that an application does not need to re-supply any handlers already configured by the DSL. Signed-off-by: blake_bauman <blake_bauman@apple.com>	6 months ago
Josh Cummings	f30cc9c5a9	Update to PropertySourcesPlaceholderConfigurer This commit replaces deprecated usage of PropertyPlaceholderConfigurer in favor of PropertySourcesPlaceholderConfigurer	6 months ago
Josh Cummings	c64b086878	Add SecurityAssertions This commit introduces a simple, internal test API for verifying aspects of an Authentication, like its name and authorities. Closes gh-17844	6 months ago
Josh Cummings	de10e08348	Make withRoles Check Only Roles This commit clarifies the semantics of withRoles, which is to check the role-based authorities in an authentication. Closes gh-17843	6 months ago
Rob Winch	24ffda28d8	Fixes for webauthn tests after JSpecify Issue gh-17839	6 months ago
Josh Cummings	eeb67650ee	Deprecate RequiresChannelDsl Issue gh-16680	7 months ago
Josh Cummings	3534b74945	Replace InteractiveAuthenticationSuccessEvent 7.0.x Sample Given that 7e3bf9662cd6829982f3198d3049f4012df17395 changes the InteractiveAuthenticationSuccessEvent serialization sample, this commit syncs up the 7.0.x version to match. Closes gh-16276	7 months ago
Josh Cummings	c982753d46	Replace InteractiveAuthenticationSuccessEvent 6.5.x Sample Given that 7e3bf9662cd6829982f3198d3049f4012df17395 changes the InteractiveAuthenticationSuccessEvent serialization sample, this commit syncs up the 6.5.x version to match. Issue gh-16276	7 months ago
Josh Cummings	7e3bf9662c	Polish InteractiveAuthenticationSuccessEvent Sample The sample better matches a value that would be used in the constructor Issue gh-16276	7 months ago
Rob Winch	a58f3282d9	Fix config/src/test/kotlin nullability for web Issue gh-17535	7 months ago
Rob Winch	c2ba662b91	Enable Null checking in spring-security-web via JSpecify Closes gh-17535	7 months ago
Rob Winch	49f308adb0	Use Supplier<? extends @Nullable Authentication> Previously Supplier<@Nullable Authentication> was used. This prevented Supplier<Authentication> from being used. The code now uses Supplier<? extends @Nullable Authentication> which allows for both Supplier<@Nullable Authentication> and Supplier<Authentication>. Closes gh-17814	7 months ago
Josh Cummings	4cbe8de7ea	Polish RSocket Anonymous Support Changed the DSL method name to anonymous to align with jwt. Since basicAuthenication is deprecated, we don't need to align with its naming convention. Also added a since attribute to the method. Issue gh-17132	7 months ago
Andrey Litvitski	559b73b39f	Add Disabling Anonymous Authentication in RSocketSecurity Closes: gh-17132 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com> 1 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com> 1 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	7 months ago
Josh Cummings	36f1de945f	Add OneTimeTokenAuthentication Closes gh-17799	7 months ago
Josh Cummings	89b2f9cf54	Improve Test Runnability in IDE In some configurations, Configuration classes with static elements may cause a test to hang. This commit changes JeeConfigurerTests test configuration classes to use mock beans instead of referencing them as static fields.	7 months ago

1 2 3 4 5 ...

2998 Commits (e33e4d80a9d275e7d17b7feecd043aa93d32ecb9)