spring-security

Commit Graph

Author	SHA1	Message	Date
Marcus Da Coregio	a8d6c1d21f	Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService Closes gh-11449 Closes gh-11726	3 years ago
Marcus Da Coregio	c7912c551b	Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService Closes gh-11449 Closes gh-11726	3 years ago
Rob Winch	faf9fb7337	NamespaceLdapAuthenticationProviderTests use Dynamic Port Closes gh-11710	4 years ago
Rob Winch	9f00045638	NamespaceLdapAuthenticationProviderTests use Dynamic Port Closes gh-11710	4 years ago
Steve Riesenberg	99f768bab9	Polish HttpSecurity	4 years ago
Steve Riesenberg	984355e637	Remove references to WebSecurityConfigurerAdapter * AbstractAuthenticationFilterConfigurer * DefaultLoginPageConfigurer * EnableGlobalAuthentication * FormLoginConfigurer * HeadersConfigurer * HttpSecurity * OpenIDLoginConfigurer * RememberMeConfigurer * WebSecurity * WebSecurityConfiguration * WebSecurityConfigurer * X509Configurer Closes gh-11288	4 years ago
Steve Riesenberg	09173c95d6	Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity Closes gh-11277	4 years ago
Marcus Da Coregio	a996dfc55b	Add Deprecated annotation to WebSecurity#securityInterceptor Closes gh-11634	4 years ago
Marcus Da Coregio	d66ad22652	Add Deprecated annotation to WebSecurity#securityInterceptor Closes gh-11634	4 years ago
Juny Tse	649428b49a	Use Base64 encoder with no CRLF in output for SAML 2.0 messages Closes gh-11262	4 years ago
Juny Tse	d0da160007	Use Base64 encoder with no CRLF in output for SAML 2.0 messages Closes gh-11262	4 years ago
Marcus Da Coregio	e45dcb3ab2	Update copyright headers Issue gh-10956	4 years ago
Marcus Da Coregio	d3a451fffb	Fix mvcMatchers overriding previous paths Closes gh-10956	4 years ago
Marcus Da Coregio	d86ed6f523	Update copyright headers Issue gh-10956	4 years ago
Marcus Da Coregio	1959c25a03	Fix mvcMatchers overriding previous paths Closes gh-10956	4 years ago
Rob Winch	7b6fd598d0	Multiple <authentication-manager> Do Not Duplicate Alias Previously, two authentication managers with different ids would duplicate the alias to the global authentication manager. This would cause failures for when allowBeanDefinitionOverriding = false. This commit ensures that if the global authentication manager alias is already set, then it is not set again. This means the first <authentication-manager> will be used as the global AuthenticationManager. Closes gh-8767	4 years ago
Eleftheria Stein	5ac5edc2e6	Detect UserDetailsService bean in X509 configuration Closes gh-11174	4 years ago
Eleftheria Stein	d40c15e09e	Update remember me Javadocs Describe the new behaviour for retrieving the UserDetailsService Issue gh-11170	4 years ago
Marcus Da Coregio	e94adedb94	Add shouldFilterAllDispatcherTypes to Kotlin DSL Closes gh-11153	4 years ago
Eleftheria Stein	8e34cedcfe	Detect UserDetailsService bean in remember me Closes gh-11170	4 years ago
nor-ek	a3e7e54b70	Security Context Dsl Closes gh-11039	4 years ago
Marcus Da Coregio	9d378103b0	Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator Issue gh-10908	4 years ago
Marcus Da Coregio	23594b3d01	Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator Issue gh-10908	4 years ago
Rob Winch	aaf78330b1	ForceEagerSessionCreationFilter Closes gh-11109	4 years ago
Marcus Da Coregio	7fea639a43	Add Option to Filter All Dispatcher Types Closes gh-11092	4 years ago
Josh Cummings	147ab42440	Revert "Pick up AuthorizationManager Bean" This reverts commit `32b83aae63`. Issue gh-11067	4 years ago
Rob Winch	39b0620a84	Add DisableUrlRewritingFilter Closes gh-11084	4 years ago
Josh Cummings	32b83aae63	Pick up AuthorizationManager Bean Closes gh-11067 Closes gh-11068	4 years ago
Josh Cummings	b39f213e64	Revert "Add AuthorizationManager to Messaging" This reverts commit `77a6e014a9`.	4 years ago
Josh Cummings	77a6e014a9	Add AuthorizationManager to Messaging Closes gh-11076	4 years ago
Josh Cummings	66213e5b2e	Add Default Test to HttpBasicConfigurerTests Issue gh-10973	4 years ago
Josh Cummings	47c8676be7	Polish Saml2LoginConfigurerTests Issue gh-10973	4 years ago
Josh Cummings	c175118f62	Use RequestMatcherEntry Closes gh-11046	4 years ago
Josh Cummings	061f69eb70	Polish Authorization Event Support - Added spring-security-config support - Renamed classes - Changed contracts to include the authenticated user and secured object - Added method security support Issue gh-9288	4 years ago
Josh Cummings	a43677d36a	Simplify PrePostMethodSecurityConfiguration Issue gh-9288	4 years ago
Rob Winch	67fd46bfa6	Add SecurityContextRepository.loadContext(HttpServletRequest) This allows loading the SecurityContext lazily, without the need for the response, and does not attempt to automatically save the request when the response is comitted. Closes gh-11028	4 years ago
Yuriy Savchenko	446ab5047c	Add authorizeHttpRequests to Kotlin DSL Closes gh-10481	4 years ago
Yuriy Savchenko	3016ed0067	Fix typos in Kotlin DSL docs Issue gh-10481	4 years ago
Rob Winch	87ed31a99c	Add SecurityContextHolderFilter Closes gh-9635	4 years ago
Rob Winch	dbcb5004b4	Extract createSecurityContextRepository() Extract out method in preparation for adding SecurityContextHolderFilter configuration. Issue gh-9635	4 years ago
Norbert Nowak	ac9c29b2a0	Add UsernamePasswordAuthenticationToken factory methods - unauthenticated factory method - authenticated factory method - test for unauthenticated factory method - test for authenticated factory method - make existing constructor protected - use newly factory methods in rest of the project - update copyright dates Closes gh-10790	4 years ago
Marcus Da Coregio	93d4fd3559	Add SAML 2.0 Single Logout XML Support Closes gh-10842	4 years ago
Marcus Da Coregio	73f839312d	Add SAML 2.0 Login XML Support Closes gh-9012	4 years ago
Josh Cummings	963251314b	Replace Apache Commons Base64 Decoding Issue gh-10923	4 years ago
Josh Cummings	7a02bd14c1	Replace Apache Commons Base64 Decoding Issue gh-10923	4 years ago
m0k045e	3aa7a65cb4	OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager Closes gh-10846	4 years ago
Eleftheria Stein	e97c643870	Deprecate WebSecurityConfigurerAdapter Closes gh-10822	4 years ago
Eleftheria Stein	c2635ba6bf	Apply configurers from spring.factories to HttpSecurity bean Closes gh-10814	4 years ago
Josh Cummings	f53c65b3a0	Polish ignoring() log messaging - Public API remains unchanged Issue gh-9334	4 years ago
Manuel Jordan	0be772ff5b	Print ignore message DefaultSecurityFilterChain When either `web.ignoring().mvcMatchers(...)` or `web.ignoring().antMatchers(...)` methods are used, for all their variations, the DefaultSecurityFilterChain class now indicates correctly through its ouput what paths are ignored according the `ignoring()` settings. Closes gh-9334	4 years ago

1 2 3 4 5 ...

1880 Commits (5.7.4)