spring-security

Commit Graph

Author	SHA1	Message	Date
Nikita Konev	894105aab5	Fix traceId discrepancy in case error in servlet web Signed-off-by: Nikita Konev <nikit.cpp@yandex.ru>	4 months ago
Rob Winch	392129b616	Use 2004-present Copyright Header The Spring portfolio is changing to use <inception-year>-present in the copyright headers to simplify keeping headers up to date. This commit updates the headers and the checkstyle accordingly. The commit updated etc/checkstyle/header.txt It also updated the copyright headers using the following find/replace: Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors. Replace: Copyright 2004-present the original author or authors. Closes gh-17633	5 months ago
Andrey Litvitski	b0f8aa5ea0	Fix to allow multiple AuthenticationFilter instances to process each request Closes gh-17173 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	7 months ago
Joaquin Santana	c0568ea9b0	Log Request Mismatch Only When Mismatches Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>	7 months ago
Mark Putsiata	cae3467a8d	Improve AbstractPreAuthenticatedProcessingFilter docs Clarify misleading SecurityContextRepository setter documentation. Note that AbstractPreAuthenticatedProcessingFilter saves the SecurityContext upon successful authentication, and this behavior can be customized via the setSecurityContextRepository setter. Closes gh-14137 Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>	7 months ago
Josh Cummings	e48f26e51e	Propagate StrictFirewallRequest Wrapper Closes gh-16978	8 months ago
DingHao	857ef6fe08	WithHttpOnlyCookie defaults to false Closes gh-16820 Signed-off-by: DingHao <dh.hiekn@gmail.com>	9 months ago
Rob Winch	a6b5c05da9	Additional WebAuthn4jRelyingPartyOperationTests - verify that anonymous users not saved - verify that when user found the CredentialRecord is allowed Issue gh-16385	9 months ago
Rob Winch	9c054474a8	Use Test Name Conventions Issue gh-16385	9 months ago
Rob Winch	593f7c4490	Use !isAuthenticated It's more verbose to see if the user is not null and not anonymous Issue gh-16385	9 months ago
Rob Winch	4e20d56d2d	Fix format for WebAuthn4jRelyingPartyOperations Issue gh-16385	9 months ago
Tomas Borghi	0a084135ec	Delete import unused Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>	9 months ago
Tomas Borghi	5571ad1b27	Fix issues identified in PR review Signed-off-by: Tomas Borghi <137845283+Borghii@users.noreply.github.com>	9 months ago
Borghi	e3a715b8f5	Fix issues identified in PR review Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>	9 months ago
Tran Ngoc Nhan	ab6e9d2d1f	Clarify WebInvocationPrivilegeEvaluator JavaDoc Closes gh-16529 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	9 months ago
AB	d9a937f0c1	Correct Closing Tag Closes gh-16600 Signed-off-by: AB <a.bierler@xdev-software.de>	9 months ago
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher Closes gh-16755	9 months ago
Borghi	0bc9313fdd	Fix bug PublicKeyCredentialUserEntityRepository saves anonymousUser Issue gh-16385 Signed-off-by: Borghi <137845283+Borghii@users.noreply.github.com>	10 months ago
Josh Cummings	946812691e	Make AuthenticatorAttestation Serializable Issue gh-16481	10 months ago
Max Batischev	b5a4218a0b	Make WebAuthnAuthenticationRequestToken Serializable Closes gh-16481 Signed-off-by: Max Batischev <mblancer@mail.ru>	10 months ago
Max Batischev	879b44f9a1	Make PublicKeyCredentialRequestOptions Serializable Closes gh-16432 Signed-off-by: Max Batischev <mblancer@mail.ru>	10 months ago
NeoTraveler	e31f04bebc	`withValue` used incorrectly Closes gh-16525 Closes gh-16527 Signed-off-by: NeoTraveler <55753029+NeoTraveler@users.noreply.github.com>	11 months ago
Josh Cummings	d043884e32	Support Serialization Issue gh-16276	11 months ago
Tran Ngoc Nhan	e557c7227b	Implement Serializable for WebAuthnAuthentication Closes gh-16273 Closes gh-16285 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	11 months ago
Daniel Garnier-Moiroux	bb8e757c4b	Fix GenerateOneTimeTokenWebFilter double publish of chain.filter(...) closes gh-16458 Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>	11 months ago
Rob Winch	3209930cca	Add TestBytes Closes gh-16461	11 months ago
Josh Cummings	bbe4f87641	Mark Serialization Support for Events Issue gh-16276	11 months ago
Josh Cummings	244fd2eb51	Support Serialization in Exceptions Issue gh-16276	11 months ago
Josh Cummings	8e59fa1719	Don't Support Serialization for Jackson (De)serializers Issue gh-16276	11 months ago
Josh Cummings	8735368d9e	Don't Support Serialization of Jackson Modules Issu gh-16276	11 months ago
Josh Cummings	6f379aa907	Add Serializable to Csrf Components Issue gh-16276	11 months ago
Josh Cummings	27c2a8ad11	Add Serializable Compatibility to Web Authentication Exceptions Issue gh-16276	1 year ago
Yoshikazu Nojima	d7d5253607	Change attestation in PublicKeyCredentialCreationOptions to none The attestation option in PublicKeyCredentialCreationOptions is a parameter that controls whether to request attestation from the security key. However, Spring Security Passkeys currently doesn't implement attestation verification. Therefore, requesting attestation is unnecessary. Specifying `direct` to request attestation may trigger browsers to display additional privacy related dialog to users, so it is best to avoid specifying `direct` unnecessarily.	1 year ago
Rob Winch	6a0b683e60	StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest Closes gh-16069	1 year ago
Josh Cummings	4cbaabb239	Added Testing Issue gh-16177	1 year ago
DingHao	f565b23b51	Restore Method Parameter Inheritance Support Closes gh-16177	1 year ago
12OneTwo12	d39e329234	Add @inheritDoc to sessionIdChanged method Closes gh-16211	1 year ago
Josh Cummings	96a9cf0d2d	Restore Previous Behavior for Servlet 5 Closes gh-16173	1 year ago
Rob Winch	9c3b11914d	webauthn registerCredential returns transports The webauthn support previously did not pass the transports to webauthn4j. This meant that the result of Webauthn4jRelyingPartyOperations.registerCredential did not have any transports either. This commit ensures that the transports are passed to the webauth4j lib and then returned in the result of registerCredential. Closes gh-16084	1 year ago
DingHao	dc82a6e97e	Remove the cache since UniqueSecurityAnnotationScanner has cached annotations internally	1 year ago
Daniel Garnier-Moiroux	46fe0124ba	Add RuntimeHints for webauthn Javascript resource	1 year ago
Joe Grandja	fa5fc6dd62	Fix checkstyle errors for toLower/toUpperCase usage	1 year ago
Joe Grandja	a8c4d6cead	Require Locale argument for toLower/toUpperCase usage	1 year ago
Joe Grandja	a7bf8f7cc6	Require Locale argument for toLower/toUpperCase usage	1 year ago
Steve Riesenberg	285d16b046	Polish IpAddressMatcher (cherry picked from commit `83a79159b8`)	1 year ago
Steve Riesenberg	ddf4542a9e	Add hasText assertion to IpAddressMatcher constructor Issue gh-15527 (cherry picked from commit `3a29819651`)	1 year ago
Steve Riesenberg	554df6fab6	Fix NPE in IpAddressMatcher Closes gh-15527 (cherry picked from commit `52de894c3c`)	1 year ago
Joe Grandja	0eaffb37e7	Require Locale argument for toLower/toUpperCase usage	1 year ago
Steve Riesenberg	83a79159b8	Polish IpAddressMatcher	1 year ago
Steve Riesenberg	3a29819651	Add hasText assertion to IpAddressMatcher constructor Issue gh-15527	1 year ago

1 2 3 4 5 ...

1860 Commits (ecd17a9ee04a8577a8f0b24f19a389620871103a)