Deprecate openID 2.0 support
This commit puts deprecation notice on docs, sample applications and configurations (java and xml) Fixes gh-7153
This commit is contained in:
Dávid Kovács
+6
-1
@@ -233,7 +233,9 @@ public final class HttpSecurity extends
|
||||
* </pre>
|
||||
*
|
||||
* @return the {@link OpenIDLoginConfigurer} for further customizations.
|
||||
*
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
* @throws Exception
|
||||
* @see OpenIDLoginConfigurer
|
||||
*/
|
||||
@@ -355,6 +357,9 @@ public final class HttpSecurity extends
|
||||
*
|
||||
* @param openidLoginCustomizer the {@link Customizer} to provide more options for
|
||||
* the {@link OpenIDLoginConfigurer}
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
* @return the {@link HttpSecurity} for further customizations
|
||||
* @throws Exception
|
||||
*/
|
||||
|
||||
+3
@@ -118,6 +118,9 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
* </ul>
|
||||
*
|
||||
* @author Rob Winch
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
* @since 3.2
|
||||
*/
|
||||
public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> extends
|
||||
|
||||
+8
-2
@@ -960,7 +960,10 @@
|
||||
<xs:element ref="security:oauth2-resource-server"/>
|
||||
<xs:element name="openid-login">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Sets up form login for authentication with an Open ID identity
|
||||
<xs:documentation>Sets up form login for authentication with an Open ID identity.
|
||||
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
</xs:documentation>
|
||||
</xs:annotation>
|
||||
<xs:complexType>
|
||||
@@ -1905,7 +1908,10 @@
|
||||
</xs:attributeGroup>
|
||||
<xs:element name="openid-attribute">
|
||||
<xs:annotation>
|
||||
<xs:documentation>Attributes used when making an OpenID AX Fetch Request
|
||||
<xs:documentation>Attributes used when making an OpenID AX Fetch Request.
|
||||
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
</xs:documentation>
|
||||
</xs:annotation>
|
||||
<xs:complexType>
|
||||
|
||||
@@ -146,7 +146,7 @@
|
||||
<entry valign="middle">spring-security-openid</entry>
|
||||
<entry>OpenID web authentication support.</entry>
|
||||
<entry>If you need to authenticate users against an external OpenID
|
||||
server.</entry>
|
||||
server. (Deprecated)</entry>
|
||||
<entry><literal>org.springframework.security.openid</literal></entry>
|
||||
</row>
|
||||
</tbody>
|
||||
|
||||
@@ -102,6 +102,9 @@ The top-level package is `org.springframework.security.cas`.
|
||||
|
||||
[[spring-security-openid]]
|
||||
== OpenID -- `spring-security-openid.jar`
|
||||
[NOTE]
|
||||
The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is supported by spring-security-oauth2.
|
||||
|
||||
This module contains OpenID web authentication support.
|
||||
It is used to authenticate users against an external OpenID server.
|
||||
The top-level package is `org.springframework.security.openid`.
|
||||
|
||||
@@ -33,6 +33,7 @@ This also gives a good idea of the high level flow of authentication and how pie
|
||||
* <<servlet-rememberme, Remember Me>> - How to remember a user past session expiration
|
||||
* <<servlet-jaas, JAAS Authentication>> - Authenticate with JAAS
|
||||
* <<servlet-openid,OpenID>> - OpenID Authentication (not to be confused with OpenID Connect)
|
||||
// FIXME: The one above is deprecated. Should it be removed from here as well?
|
||||
* <<servlet-preauth>> - Authenticate with an external mechanism such as https://www.siteminder.com/[SiteMinder] or Java EE security but still use Spring Security for authorization and protection against common exploits.
|
||||
* <<servlet-x509,X509 Authentication>> - X509 Authentication
|
||||
|
||||
|
||||
@@ -1,5 +1,9 @@
|
||||
[[servlet-openid]]
|
||||
== OpenID Support
|
||||
|
||||
[NOTE]
|
||||
The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is supported by spring-security-oauth2.
|
||||
|
||||
The namespace supports https://openid.net/[OpenID] login either instead of, or in addition to normal form-based login, with a simple change:
|
||||
|
||||
[source,xml]
|
||||
|
||||
+3
@@ -20,6 +20,9 @@ import org.springframework.security.web.context.AbstractSecurityWebApplicationIn
|
||||
/**
|
||||
* No customizations of {@link AbstractSecurityWebApplicationInitializer} are necessary.
|
||||
*
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
* @author Rob Winch
|
||||
*/
|
||||
public class MessageSecurityWebApplicationInitializer extends
|
||||
|
||||
+5
@@ -20,6 +20,11 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.samples.security.CustomUserDetailsService;
|
||||
|
||||
/**
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
// @formatter:off
|
||||
|
||||
+5
@@ -21,6 +21,11 @@ import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
/**
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/user/")
|
||||
public class UserController {
|
||||
|
||||
+5
@@ -22,6 +22,11 @@ import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.openid.OpenIDAuthenticationToken;
|
||||
|
||||
/**
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
*/
|
||||
public class CustomUserDetailsService implements
|
||||
AuthenticationUserDetailsService<OpenIDAuthenticationToken> {
|
||||
public UserDetails loadUserDetails(OpenIDAuthenticationToken token)
|
||||
|
||||
@@ -7,6 +7,11 @@
|
||||
<body th:include="layout :: body" th:with="content=~{::content}">
|
||||
<div th:fragment="content">
|
||||
<form name="f" th:action="@{/login/openid}" method="post" id="openid_form">
|
||||
<p><strong>
|
||||
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
</strong></p>
|
||||
<input type="hidden" name="action" value="verify" />
|
||||
<fieldset>
|
||||
<legend>Sign-in or Create New Account</legend>
|
||||
|
||||
+3
@@ -23,6 +23,9 @@ import org.springframework.security.core.userdetails.User;
|
||||
/**
|
||||
* Customized {@code UserDetails} implementation.
|
||||
*
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
* @author Luke Taylor
|
||||
* @since 3.1
|
||||
*/
|
||||
|
||||
+3
@@ -32,6 +32,9 @@ import org.springframework.security.openid.OpenIDAuthenticationToken;
|
||||
* Custom UserDetailsService which accepts any OpenID user, "registering" new users in a
|
||||
* map so they can be welcomed back to the site on subsequent logins.
|
||||
*
|
||||
* @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
* <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
* to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
* @author Luke Taylor
|
||||
* @since 3.1
|
||||
*/
|
||||
|
||||
@@ -1,3 +1,7 @@
|
||||
<!-- NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>. -->
|
||||
|
||||
<configuration>
|
||||
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
|
||||
<encoder>
|
||||
|
||||
@@ -6,6 +6,12 @@
|
||||
|
||||
<h1>OpenID Sample Home Page</h1>
|
||||
|
||||
<p><strong>
|
||||
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
</strong></p>
|
||||
|
||||
<sec:authentication property='principal.newUser' var='isNew' />
|
||||
<p>
|
||||
Welcome<c:if test="${!isNew}"> back,</c:if> <sec:authentication property='principal.name' />!
|
||||
|
||||
@@ -29,6 +29,12 @@
|
||||
|
||||
<body>
|
||||
|
||||
<p><strong>
|
||||
NOTE: The OpenID 1.0 and 2.0 protocols have been deprecated and users are
|
||||
<a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to migrate</a>
|
||||
to <a href="https://openid.net/connect/">OpenID Connect</a>, which is supported by <code>spring-security-oauth2</code>.
|
||||
</strong></p>
|
||||
|
||||
<c:if test="${not empty param.login_error}">
|
||||
<font color="red">
|
||||
Your login attempt was not successful, try again.<br/><br/>
|
||||
|
||||
Reference in New Issue
Block a user