Provide more explict instructions regarding the necessary import
to make the Kotlin DSL work. For some reason it took me 10 minutes
to figure this out based on the existing doc.
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler
Issue gh-6192
This commit removes unnecessary main-branch merges starting from
8750608b5b and adds the following
needed commit(s) that were made afterward:
- 5dce82c48b
- Add OAuth2ReactiveAuthorizationManagers
- Code to interfaces
- Align error message with the same in
AuthorityAuthorizationManager
- Adjust expectations in tests to confirm an
appropriately constructed authorizaion manager
- Add JavaDoc and reference documentation
Issue gh-13654
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
Rob Winch
Ivanov Maxim Romanovich
Marcus Hert Da Coregio
Patrick Schmidt
madorb
Steve Riesenberg
MrJovanovic13
Sarvajith Adyanthaya
Krishna Chaitanya Surapaneni
Daniel Shuy
Josh Cummings
Steve Riesenberg
Rob Winch
Wyfrel
Joe Grandja
Ger Roza
Daniel Garnier-Moiroux
Joshua Sattler