spring-security

Commit Graph

Author	SHA1	Message	Date
Joe Grandja	f87df42500	Remove deprecated OAuth2IntrospectionClaimAccessor Closes gh-11499	3 years ago
Joe Grandja	7b18336c6a	Change interface with constants to final class Closes gh-10960	3 years ago
Steve Riesenberg	92d4f1237d	Use JDK 17 for Antora Issue gh-11430 Issue gh-11324	3 years ago
Joe Grandja	d85abc7bbb	Update javadoc in CommonOAuth2Provider Closes gh-11490	3 years ago
Marcus Da Coregio	ecbfa84b39	Revert "Disable failing tests until r2dbc-h2 is upgraded" This reverts commit `614065bb3b`.	3 years ago
Marcus Da Coregio	8776f66fb9	Update io.r2dbc:r2dbc-h2 to 1.0.0.RC1 Closes gh-11479	3 years ago
Marcus Da Coregio	7abea4a964	Add RuntimeHints suffix for RuntimeHintsRegistrar Closes gh-11497	3 years ago
Joe Grandja	177baba8c9	RuntimeHintsPredicates moved to predicate package	3 years ago
Marcus Da Coregio	6455e98745	FilterSecurityInterceptor applies to every request by default Closes gh-11466	3 years ago
Tim te Beek	2c0a4337a8	Clearly end sentence in note before next sentence	3 years ago
Tim te Beek	9f4b0ca8b5	Use Collection<ConfigAttribute> in examples To match `org.springframework.security.access.ConfigAttribute`.	3 years ago
Josh Cummings	60652afb32	Polish InterceptMethodsBeanDefinitionDecorator Issue gh-11328	3 years ago
Josh Cummings	bc6f494af8	Correct input validation for 31 rounds Closes gh-11470	3 years ago
Steve Riesenberg	614065bb3b	Disable failing tests until r2dbc-h2 is upgraded Issue gh-11479	3 years ago
Steve Riesenberg	206c6ffb54	Remove deprecation warnings with Context.putAll Closes gh-11476	3 years ago
Rob Winch	7da34cfa2c	Fix logging for AnonymousAuthenticationFilter Currently if trace logging is enabled a StackOverflowException is thrown when trying to resolve toString of the authentication. java.lang.StackOverflowError: null at java.base/java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:538) ~[na:na] at java.base/java.lang.StringBuilder.append(StringBuilder.java:174) ~[na:na] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT] at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12] at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12] at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na] at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$0(AnonymousAuthenticationFilter.java:105) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT] at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.lambda$setDeferredContext$2(ThreadLocalSecurityContextHolderStrategy.java:67) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT] at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.getContext(ThreadLocalSecurityContextHolderStrategy.java:43) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:126) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT] at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12] at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12] at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na] at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12] at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125) Issue gh-11457	3 years ago
Rob Winch	4a5c0ac904	Fix Formatting Issue gh-11474	3 years ago
Rob Winch	03cd9920aa	DelegatingSecurityContextTaskScheduler implements new Methods Closes gh-11474	3 years ago
Rob Winch	d2d5313bba	Fix Formatting Issue gh-11327	3 years ago
Josh Cummings	e8a7b654b4	Add Configuration Test Issue gh-11327	3 years ago
Josh Cummings	01ffc93062	Add AuthorizationFilter to filter chain validator Closes gh-11327	3 years ago
Josh Cummings	ec8c13392c	Clarify variable names Issue gh-11327	3 years ago
Steve Riesenberg	696da87478	Use relative schema location for tests Issue gh-11328 Issue gh-11353 Issue gh-11365	3 years ago
Josh Cummings	148c926de0	Support AuthorizationManager for intercept-methods Element Closes gh-11328	4 years ago
Marcus Da Coregio	a87f7aa2e1	Polish CoreSecurityHintsTests Use ParameterizedTest to simplify repetitive test setup Issue gh-11431	4 years ago
Steve Riesenberg	095f23d81f	Fix slack notifications in #spring-security-ci Issue gh-11346	4 years ago
Rob Winch	0bf985ed7c	AnonymousAuthenticationFilter Avoids Eager SecurityContext Access Previously AnonymousAuthenticationFilter accessed the SecurityContext to determine if anonymous authentication needed setup eagerly. Now this is done lazily to avoid unnecessary access to the SecurityContext which in turn avoids unnecessary HTTP Session access. Closes gh-11457	4 years ago
Igor Bolic	d96b4a0463	Set the useTrailingSlashMatch to true for tests The Spring MVC changed the default behavior for trailing slash match with https://github.com/spring-projects/spring-framework/issues/28552. This causes failures in Spring Security's tests. Setting the `useTrailingSlashMatch` to `true` ensures that Spring Security will work for users who have modified the default configuration. Specifing the request mapper with trailing slash path ensures that the tests are successful when default behavior is used. Closes gh-11451	4 years ago
Rob Winch	6510274854	Request Cache supports matchingRequestParameterName Closes gh-7157 gh-11453	4 years ago
Josh Cummings	459003e1b3	Use SecurityContextHolderStrategy for Context Propagation Issue gh-11060	4 years ago
Josh Cummings	d18ff25b95	Use SecurityContextHolderStrategy for NullSecurityContextRepository Issue gh-11060	4 years ago
Josh Cummings	05b788d1ac	Use SecurityContextHolderStrategy for Concurrency Filter Issue gh-11060 Issue gh-11061	4 years ago
Josh Cummings	d24a89ad53	Pick up SecurityContextHolderStrategy for WebClient integration Issue gh-11061	4 years ago
Josh Cummings	a218d3e140	Use SecurityContextHolderStrategy for Async Requests Issue gh-11060 Issue gh-11061	4 years ago
Josh Cummings	5086409dcf	Use SecurityContextHolderStrategy for Digest Issue gh-11060	4 years ago
Josh Cummings	44d99f41a3	Use SecurityContextHolderStrategy for Switch User Issue gh-11060	4 years ago
Josh Cummings	83b3bb3209	Add SecurityContextHolderStrategy to Pre-authenticated scenarios Issue gh-11060 Issue gh-11061	4 years ago
Josh Cummings	97cb2a7d91	Polish SecurityContextHolderStrategy XML Configuration for Defaults Issue gh-11061	4 years ago
Josh Cummings	944f565c16	Use SecurityContextHolderStrategy for Remember-me Issue gh-11060 Isuse gh-11061	4 years ago
Josh Cummings	b316a3217b	Add SecurityContextHolderStrategy for Jaas Issue gh-11060 Issue gh-11061	4 years ago
Josh Cummings	ec1bfa12f0	Use SecurityContextHolderStrategy for Database Support Issue gh-11060	4 years ago
Josh Cummings	52dc120269	Use SecurityContextHolderStrategy for ACL Issue gh-11060	4 years ago
Josh Cummings	94f51d0718	Use SecurityContextHolderStrategy for Taglibs Issue gh-11060	4 years ago
Josh Cummings	518bc75806	Use SecurityContextHolderStrategy for Data Issue gh-11060	4 years ago
Josh Cummings	f3d99f557b	Use SecurityContextHolderStrategy for AuthenticationFilter Issue gh-11060	4 years ago
Josh Cummings	bffe08465a	Add SecurityContextHolderStrategy XML Configuration for Messaging Issue gh-11061	4 years ago
Josh Cummings	484f35ca39	Add SecurityContextHolderStrategy Java Configuration for Messaging Issue gh-11061	4 years ago
Josh Cummings	1e498df39b	Use SecurityContextHolderStrategy for Messaging Issue gh-11060	4 years ago
Josh Cummings	275586be5f	Use SecurityContextHolderStrategy for Ldap Issue gh-11060	4 years ago
Rivaldi	757fb38147	Fix typo (cherry picked from commit 80c5ec459befd9292e08a43e30f4aae22f39eeed)	4 years ago

1 2 3 4 5 ...

10396 Commits (f87df425005a75b47d3ac0fbf47829412602fbcc) All Branches Search

10396 Commits (f87df425005a75b47d3ac0fbf47829412602fbcc)

All Branches