spring-security

Commit Graph

Author	SHA1	Message	Date
Peter Potrowl	5baff27ffb	Fix typo in ldap.adoc Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>	1 month ago
Peter Potrowl	39aaf25b60	Fix typo in passkeys.adoc Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>	1 month ago
Daniel Garnier-Moiroux	fed6df5167	Default WebAuthnConfigurer#rpName to rpId In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated: > This member is deprecated because many clients do not display it, > but it remains a required dictionary member for backwards compatibility. > Relying Parties MAY, as a safe default, set this equal to the RP ID. Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>	2 months ago
Daniel Garnier-Moiroux	4feeb0f843	Docs: document effects of disabling CORS configurer Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>	2 months ago
Josh Cummings	8b2a453301	Advise Favoring PostAuthorize on Reads Closes gh-17797	4 months ago
Michał Sobkiewicz	c963f4250e	Update Angular documentation links in csrf.adoc Replaced `angular.io` links with their corresponding `angular.dev` URLs. This change ensures that users referencing CSRF documentation are directed to the most current Angular resources. Signed-off-by: Michał Sobkiewicz <perceptron8@users.noreply.github.com>	5 months ago
Bernie Schelberg	edcb3b024e	Update Shibboleth repository URL Signed-off-by: Bernie Schelberg <bernard.schelberg@invicara.com>	5 months ago
Gurunathan	a4cd6f4278	Advise Overriding equals() and hashCode() in UserDetails Implementations This commit adds a documentation note explaining the importance of overriding equals() and hashCode() in custom UserDetails implementations. The default SessionRegistryImpl in Spring Security uses an in-memory ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to associate principals with sessions. If a custom UserDetails class does not properly override equals() and hashCode(), user sessions may not be tracked or matched correctly. I believe this helps developers avoid subtle session management issues when implementing custom authentication logic. Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>	7 months ago
Josh Cummings	eb30fd7f59	Add Missing Header Issue gh-11161	7 months ago
snowykte0426	260d298cc5	Add Migration Guide from Spring Security SAML Extension This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support. Includes: - Content migrated from the project wiki - xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata` - Metadata example moved to Examples Matrix - Cleanup and naming per review feedback Closes gh-11161 Signed-off-by: snowykte0426 <snowykte0426@naver.com>	7 months ago
Danilo Piazzalunga	27319e3f9b	Add missing registration property in YAML listing Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>	7 months ago
Danilo Piazzalunga	ec462e8bc5	Update assertingparty property usage in YAML snippets Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration..identityprovider. to spring.security.saml2.relyingparty.registration..assertingparty.. Closes gh-12810. Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>	7 months ago
Tran Ngoc Nhan	505fe3abed	Correct method name Closes gh-17031 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	8 months ago
Josh Cummings	51239359ed	Fix ClearSiteData Code Snippet Closes gh-16948	8 months ago
Soumik Sarker	bcef6ed74f	Reformatted lines in x509 overview documentation Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>	8 months ago
Yanming Zhou	9c76ab69f0	Use proper configuration key the getter method is `getOpaquetoken()` not `getOpaqueToken()` See `c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)` Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>	8 months ago
Bragolgirith	72554f7f36	Update authorize-http-requests.adoc Fix patterns in the Security Matchers documentation Signed-off-by: Bragolgirith <6455473+Bragolgirith@users.noreply.github.com>	9 months ago
Tran Ngoc Nhan	af40d7e35a	Fix typo Closes gh-16776 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	9 months ago
Tran Ngoc Nhan	daf8cfe8d2	Fix Spring Framework reference link Closes gh-16699 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	9 months ago
Olivier	71e12bb42e	Fix @PostResult example in method-security Replace @PreFilter with @Postfilter in example Signed-off-by: Olivier <Kuba15@users.noreply.github.com>	10 months ago
Tran Ngoc Nhan	a0cfb2777c	Fix typo Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	10 months ago
Yoshikazu Nojima	ee1ede8b2d	Update document regarding PublicKeyCredentialCreationOptions.attestation value Follow up for #16252	1 year ago
Tran Ngoc Nhan	40f8ac642a	Fix Documentation Typos	1 year ago
Josh Cummings	8b9fe13c88	Document Messaging SpEL Migration Issue gh-12650	1 year ago
Harpreet Singh	cc2506b0c1	Fix: Correct OpenSAML 5.x Documentation - Fixed invalid XML tags in dependency examples. - Corrected typo in `<artifactId>` ("opensaml-saml-imple" -> "opensaml-saml-impl"). - Excluded all OpenSAML 4.x dependencies. - Removed redundant dependencies (`opensaml-core-api` and `opensaml-core-impl`) as they are transitively included in `opensaml-saml-api` and `opensaml-saml-impl`. Closes gh-16191	1 year ago
Harpreet Singh Bhullar	f5eccf7cd3	Fix OAuth2 documentation: Corrected OAuth2ClientHttpRequestInterceptor usage Closes gh-16165	1 year ago
Harpreet Singh	68d91916e2	Polish Dark Mode for CSRF and Method Security diagrams Closes gh-16151	1 year ago
James Howe	aa635b02a8	Another spelling issue	1 year ago
James Howe	d1e6806464	Spelling error in opensaml.adoc	1 year ago
Josh Cummings	4787efb40b	Update What's New	1 year ago
Josh Cummings	85248083c0	Add Dark Mode CSS Style Closes gh-14834	1 year ago
Rob Winch	cd609acafc	Document passkeys dependencies Closes gh-16107	1 year ago
Steve Riesenberg	f1159842f4	Polish gh-15554 Closes gh-15398	1 year ago
chu3la	e5529fffea	Improve documentation about CredentialsContainer Issue gh-15398	1 year ago
Junkyu Lim	4ec5beb509	Update authentication.adoc	1 year ago
Steve Riesenberg	ea5bc28773	Polish OAuth2 docs	1 year ago
Josh Cummings	a36756929b	Polish Filter Chain Documentation Closes gh-15893	1 year ago
ImHyuk	4ac092c803	Update logout.adoc: Fix Customizing Logout Success Example	1 year ago
Rob Winch	b0e8730d70	Add Passkeys Support Closes gh-13305	1 year ago
Steve Riesenberg	8982851355	Document RestClient-based implementations Closes gh-15938	1 year ago
Steve Riesenberg	d0fc4fe4dc	Document RestClient integration Closes gh-15894	1 year ago
Steve Riesenberg	9b89fc2f1f	Add example for setting up client credentials Closes gh-15304	1 year ago
Max Batischev	d37d41c130	Polish One-Time Token API Names and Doc The names of variables and methods have been adjusted in accordance with the names of the one-time token login API components. Issue gh-15114	1 year ago
Josh Cummings	c40334317d	Polish One-Time Token Component Names Aligning parts of speech so that names are using nouns/verbs where comparable components are using nouns/verbs. Issue gh-15114	1 year ago
Tran Ngoc Nhan	35cc794e80	Add whitespace to improve readability	1 year ago
Rob Winch	f002fedb73	Document JdbcOneTimeTokenService Issue gh-15735	1 year ago
nima	8a5a603c1d	Fix SecurityContextPersistenceRepository Typo	1 year ago
nima	cb4a85a74c	Clarify UsernamePasswordAuthenticationFilter Workflow	1 year ago
Tran Ngoc Nhan	f7b85ed314	Fix Broken Resource Server Doc Links	1 year ago
Tran Ngoc Nhan	4e2cb8bc25	Fix Broken Resource Server Doc Links	1 year ago

1 2 3 4 5 ...

757 Commits (ecd17a9ee04a8577a8f0b24f19a389620871103a)