Tag: 6.0.2

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/6.4.x/ch.qos.logback-logback-classic-1.5.26

dependabot/gradle/6.5.x/io.mockk-mockk-1.14.9

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.11

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '6.0.2'

${ noResults }

Commit Graph

2280 Commits (6.0.2)

Author	SHA1	Message	Date
Leonid Rozenblyum	000b4bc495	Fix NPE in HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter ... Before the fix, these methods would throw a NPE in case when the filter class passed as the second parameter, is not registered yet. In particular, this exception can occur when mixing standard and custom DSL to register filters. The fix doesn't change the situation that standard DSL for registration of filters cannot refer to filters that are registered via custom DSL even though those calls were done earlier. It just provides more user-friendly error handling for this and most likely other scenarios of calls of HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter. The error handling is implemented similarly to HttpSecurity#addFilter. Closes gh-12637	3 years ago
Tobias Meurer	7dd5cc6082	Pick Up Custom SecurityContextRespository ... Closes gh-12579	3 years ago
Marcus Da Coregio	52ed165476	Move classpath checks to class member variable ... Closes gh-11437	3 years ago
Marcus Da Coregio	3572111cf5	Add JwtDecoder hint for oauth2Login ... Closes gh-12615	3 years ago
Steve Riesenberg	13487be268	Default to XorCsrfChannelInterceptor in 6.0.x ... Closes gh-12378	3 years ago
Josh Cummings	c3563df25a	Include HttpStatusRequestRequestedHandler ... Closes gh-12548	3 years ago
Josh Cummings	66711f2365	Add RequestRejectedHandler Test ... Issue gh-12548	3 years ago
Steve Riesenberg	c306df9b46	Add XorCsrfChannelInterceptor ... Issue gh-12378	3 years ago
Josh Cummings	5b6b3d585f	Change EnableReactiveMethodSecurity Defaults ... Closes gh-12506	3 years ago
Marcus Da Coregio	7080ea652f	Add hints for ProxyFactoryBean AuthenticationManager ... Closes gh-12367	3 years ago
Marcus Da Coregio	f1698ec188	Fix removed code by merge	3 years ago
Mitja Kotnik	f39f215140	Replace javadoc with SecurityFilterChain bean definition	3 years ago
Guillaume Husta	a5464ed819	Fix typo in DefaultLoginPageConfigurer Javadoc ... 'isLogoutRequest' seems to have nothing to do here.	3 years ago
Marcus Da Coregio	f561d3784e	Improve deprecation notice in WebSecurityConfigurerAdapter ... Closes gh-12260	3 years ago
Steve Riesenberg	dd9f954ace	Fix tests in CsrfConfigurerTests ... Closes gh-12241	3 years ago
Steve Riesenberg	ea6ce05662	Add configurer tests for CookieCsrfTokenRepository ... Issue gh-12236	3 years ago
Steve Riesenberg	2ed7cff643	Check for existing token before clearing ... Closes gh-12236	3 years ago
Josh Cummings	e08ed89403	Polish Span and Meter Names ... Closes gh-12156	3 years ago
Jan Marten	2301e8ca77	Fix Javadoc in EnableWebSocketSecurity ... Add missing method name in EnableWebSocketSecurity JavaDoc code example.	3 years ago
Josh Cummings	c45cd6ec9f	Defer ObservationRegistry Resolution ... - If Method Security asks for too early, it is no longer eligible for post-processing. As such, this commit defers loading it until the first authorization request. Issue gh-11990	3 years ago
Marcus Da Coregio	3b5d19c8a4	Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1 ... Closes gh-12146 Closes gh-12148	3 years ago
Marcus Da Coregio	72c25332a5	Fix authenticationFailureHandler customization tests ... Issue gh-12132	3 years ago
Josh Cummings	3192618220	Add authenticationFailureHandler ... - To ServerHttpSecurity#httpBasic - To ServerHttpSecurity#oauthResourceServer Closes gh-12132	3 years ago
Koos Gadellaa	5c4362bbc4	Refresh parsers when not found ... Closes gh-3065	3 years ago
Rob Winch	d860775b45	Document Defer load CsrfToken ... Closes gh-12105	3 years ago
mmoussa_mapfreusa	bd4e0fb5db	Set LogoutRequestRepository on Saml2 LogoutSuccessHandler ... Closes gh-11363	3 years ago
Rob Winch	9cb668aec2	SessionManagementConfigurer properly defaults SecurityContextRepository ... Previously the default was an HttpSessionSecurityContextRepository which meant that if a stateless authentication occurred the SecurityContext would be lost on ERROR dispatch. This commit ensures that the RequestAttributeSecurityContextRepository is also consulted by default. Closes gh-12070	3 years ago
Rob Winch	a4858d9eaa	Add SpringTestContext.addFilter ... Add SpringTestContext.addFilter which allows Spring Security's tests to specify a Filter to be added to the SpringTestContext. Closes gh-12071	3 years ago
Steve Riesenberg	33b492df54	Default to DelegatingSecurityContextRepository ... Closes gh-12023 Closes gh-12049	3 years ago
Steve Riesenberg	c75ca10900	Add DeferredSecurityContext ... Issue gh-12023	3 years ago
Steve Riesenberg	819529f5ea	Remove CsrfSpec.tokenFromMultipartDataEnabled ... Also removed ServerCsrfDsl.tokenFromMultipartDataEnabled Closes gh-12020	3 years ago
Joe Grandja	753e113a13	RequestMatcherDelegatingAuthorizationManager defaults to deny ... Closes gh-11958	3 years ago
Steve Riesenberg	2407d07890	Default to Xor CSRF tokens in CsrfWebFilter ... Closes gh-11960	3 years ago
Steve Riesenberg	2a2051cd7b	Default to Xor CSRF tokens in CsrfFilter ... Issue gh-11960	3 years ago
Josh Cummings	2713075d08	Mark Observations with Firewall Failures ... Closes gh-11994	3 years ago
Josh Cummings	46ab84684b	Mark Observations with CSRF Failures ... Closes gh-11993	3 years ago
Josh Cummings	99a87179dd	Instrument Filter Chain ... Closes gh-11911	3 years ago
Josh Cummings	8c610684f3	Instrument Authentication and Authorization ... Closes gh-11989 Closes gh-11990	3 years ago
Steve Riesenberg	440748ec65	Add test support for Xor CSRF tokens ... Issue gh-4001	3 years ago
Daniel Garnier-Moiroux	27059ced87	Default X-Xss-Protection header value to "0" ... Closes gh-9631	3 years ago
Steve Riesenberg	37fa49b32d	Polish gh-11952	3 years ago
Steve Riesenberg	f462134e87	Add reactive support for BREACH ... Closes gh-11959	3 years ago
Steve Riesenberg	f4ca90e719	Add reactive interfaces for CSRF request handling ... Issue gh-11959	3 years ago
Marcus Da Coregio	398f5dee7f	Remove deprecated RequestMatcher methods from Java Configuration ... Closes gh-11939	3 years ago
Marcus Da Coregio	9fd195d419	Default to shouldFilterAllDispatcherTypes=true in XML ... Closes gh-11970	3 years ago
Marcus Da Coregio	f3321c256c	Add XML support for shouldFilterAllDispatcherTypes ... Closes gh-11492	3 years ago
Marcus Da Coregio	8a5aed2983	Add deprecation warning to CsrfDsl#ignoringAntMatchers ... Issue gh-11347	3 years ago
Marcus Da Coregio	bc4ad52feb	Add deprecation warning to mvcMatchers methods ... Issue gh-11347	3 years ago
Josh Cummings	12b9f2e196	use-authorization-manager defaults to true ... Closes gh-11929	3 years ago
Marcus Da Coregio	52ab2303da	Fix failing test ... Issue gh-11061	3 years ago