Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,913 Commits 54 Branches 379 Tags
main
Commit Graph

66 Commits

Author SHA1 Message Date
Robert Winch ff820a868e Polish AllRequiredFactorsAuthorizationManager.anyOf 
- Add validation
- Extract to static inner class
- Uniqueness determined by Set rather than requiredFactor
  This is important for the failure with the same RequiredFactor, but a
  different reason
- Add documentation

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-03-31 14:03:29 -05:00
Andrey Litvitski b92c072501 add tests 
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-27 15:26:57 -06:00
Andrey Litvitski 6335caabae polish 
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-27 15:26:57 -06:00
Andrey Litvitski c3e0b98b7e Use idiomatic Kotlin in custom filter documentation 
This will make Kotlin and all users more native and readable.

Closes: gh-18967

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-27 15:26:57 -06:00
Josh Cummings de14d9684f Add Reference Docs for DelegatingJwtGrantedAuthoritiesConverter 
Issue gh-18300

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-27 12:13:49 -06:00
Robert Winch 4199240662 Add Support for PreFlightRequestFilter 
Closes gh-18926
 2026-03-25 16:04:42 -04:00
Joe Grandja baad23caab Enable null-safety in spring-security-oauth2-client 
Closes gh-17819
 2026-03-18 05:04:30 -04:00
Robert Winch ea2f2302da Add MultiFactorCondition.WEBAUTHN_REGISTERED 
Closes gh-18923
 2026-03-17 17:20:58 -05:00
Robert Winch bd7171140e Support Customizer<AdditionalRequiredFactorsBuilder<Object>>> 
Closes gh-18922
 2026-03-17 17:20:58 -05:00
Robert Winch 28acf62936 AuthorizationManagerFactories.when 
Closes gh-18920
 2026-03-17 17:20:58 -05:00
Robert Winch 8224b16caf Add ConditionalAuthorizationManager 
Closes gh-18919
 2026-03-17 17:20:57 -05:00
Joe Grandja 22a98583f1 Enable null-safety in spring-security-oauth2-jose 
Closes gh-17821
 2026-03-13 11:58:29 -04:00
Tran Ngoc Nhan 0f7a6d45fd Polish websocket 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-03-09 15:59:27 -04:00
Josh Cummings 587ac2cbad Move Snippets to Compiled Code 
Issue gh-18745

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-02 16:20:22 -07:00
Josh Cummings 50caf0cb28 Merge branch '7.0.x' 2026-02-26 15:57:27 -07:00
Tran Ngoc Nhan 7c3c8bbdcb Update Remember-Me example 
Closes gh-18639

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-26 15:28:32 -07:00
Josh Cummings e30d9240c9 Add Docs for Custom Jwt Principal Converters 
Issue gh-6237

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-26 12:28:50 -07:00
Robert Winch 0c394696ce Fix servlet/architecture.adoc disable Sample 
- Switch `include-java` (does not exist) to `include-code`
- Update kotlin to have the `disable` tag
- Update to suppress deprecation use for User builder (allowed for samples)

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 17:03:17 -06:00
Joe Kuhel 62d1bc86e3 Update servlet architecture docs to use include-code 
Also update antora.xml to include-xml in docs/src/test/resources

Signed-off-by: Joe Kuhel <4983938+jkuhel@users.noreply.github.com>
 2026-02-23 16:37:16 -06:00
Chen He d65625e399 Update BCryptPasswordEncoder example in password-storage.adoc 
Replaces the usage of BCryptPasswordEncoder with
BcryptPassword4jPasswordEncoder in documentation samples.

Signed-off-by: Chen He <nidhogg55555@gmail.com>
 2026-02-19 14:29:53 -06:00
Josh Cummings 705fa60a01 Document Method Security hasScope Support 
Issue gh-18013

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-10 15:23:32 -07:00
Josh Cummings 688b6ca733 Add Documentation for ExpressionJwtGrantedAuthoritiesConverter 
Closes gh-18300
 2026-02-10 09:11:26 -07:00
Tran Ngoc Nhan 8bafd94b1f Add compile-warnings-error 
Closes gh-18424

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 11:37:39 -06:00
Tran Ngoc Nhan 3d9bc6a5cf Update mfa.adoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Rob Winch 884cf0d62e EnableGlobalMultiFactorAuthentication->EnableMultiFactorAuthentication 
Closes gh-18127
 2025-11-03 22:42:28 -06:00
Josh Cummings da46ba2619 Update Password Samples for Nullability 
Issue gh-16226
 2025-10-20 17:04:22 -06:00
Josh Cummings a406f5fe2d Merge remote-tracking branch 'origin/6.5.x' 2025-10-20 16:46:49 -06:00
Himanshu Pareek dcb4e47cd5 Add Include-Code to the Password Storage page 
References gh-16226

Signed-off-by: Himanshu Pareek <himanshupareekiit01@gmail.com>
 2025-10-20 16:35:23 -06:00
Josh Cummings 9c7b34a48b Favor Relative Redirects by Default 
Closes gh-16300
 2025-10-20 10:25:17 -06:00
Josh Cummings ba42b9c4cc Update Documentation for All-Factor Propagation 
Issue gh-18000
 2025-10-16 13:41:46 -06:00
Josh Cummings 2e7cdd7b14 Revert "Merge branch 'builder-enhancements'" 
This reverts commit 95644fb73c, reversing
changes made to fbf7bb3be1.

Reverting this commit will allow us more time to
consider the ideal way to add this support to the public API.
 2025-10-16 13:41:45 -06:00
Josh Cummings e535e61c8b Move toBuilder to BuildableAuthentication 
Closes gh-18052
 2025-10-15 12:01:11 -06:00
Rob Winch 78701f94ee Document RequiredFactor Valid Duration 
Issue gh-17997
 2025-10-10 16:24:47 -05:00
Rob Winch 702878acae Create AuthorizationManagerFactories.multiFactor 
Closes gh-18032
 2025-10-10 16:24:47 -05:00
Rob Winch d18431a78d Move FACTOR_ constants to FactorGrantedAuthority 
Previously GrantedAuthorities had an implicit package tangle because it
was located in ~.core and FactorGrantedAuthority is in ~.core.authority
and FactorGrantedAuthority's authority property was implicitly expected
to be constants found in `GrantedAuthorities`.

This commit moves the constants to the FactorGrantedAuthority which
resolves this tangle. It wasn't initially done because
FactorGrantedAuthority did not exist at that time.

Closes gh-18030
 2025-10-10 16:24:46 -05:00
Rob Winch e290c98e97 Document Multi-Factor Simple to Complex 
This reworks the Multi-Factor documentation to start with the
simplest scenario and work to progressively more complex requirements.

Closes gh-18029
 2025-10-10 16:23:38 -05:00
Rob Winch 2473378fcd Use RequiredFactorErrors 
Closes gh-18002
 2025-10-03 15:20:03 -05:00
Rob Winch 667cd4aa7c Remove unnecessary throws Exception from spring-security-config 
Closes gh-17957
 2025-09-25 11:50:13 -05:00
Josh Cummings ad6fe4fdc3 Polish MFA Samples 
This commit removes unneeded AuthorizationManagerFactory
implementations, simplifies the custom AuthorizationManagerFactory
example, and updates usage of hasAllAuthorities.

Issue gh-17934
 2025-09-24 17:54:59 -06:00
Rob Winch f652920bb3 Add @EnableGlobalMultiFactorAuthentication 
Closes gh-17954
 2025-09-24 14:47:26 -05:00
Rob Winch e33e4d80a9 Fix Antora Warnings in servlet/authentication/adaptive.adoc 
Issue gh-2603
 2025-09-24 13:05:50 -05:00
Rob Winch b2d76dfe66 Add GrantedAuthorities.FACTOR_*_AUTHORITY 
Closes gh-17952
 2025-09-24 09:53:56 -05:00
Josh Cummings bbba2930e9 Add Initial Documentation 
Issue gh-17934
 2025-09-23 18:16:36 -06:00
Rob Winch 4ef16b14d2 Update terminology to HTTP Service Clients 
Closes gh-17947
 2025-09-22 10:09:04 -05:00
Rob Winch d0372efadd Use include-code for password4j docs 
This follows the new convention of using include-code going forward to
ensure that the documentation compiles and is tested. This also corrected
a few errors in custom params for Ballooning and PBKDF2 examples.

Issue gh-17706
 2025-09-15 11:03:44 -05:00
Rob Winch a0fe04c4aa Document @ClientRegistrationId on types 
Issue gh-17806
 2025-09-12 16:19:27 -05:00
Josh Cummings b09afb34cc Document Authentication.Builder 
The commit documents the new Authentication Builder interface
and its usage in the security filter chain.

Closes gh-17861
Closes gh-17862
 2025-09-09 14:59:14 -06:00
Steve Riesenberg eeb4574bb3 Add AuthorizationManagerFactory 
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
 2025-09-09 15:36:49 -05:00
Rob Winch d9210c6596 Fix Nullability 2025-08-21 13:41:02 -05:00
Rob Winch 9bbf837c7c Merge branch '6.5.x' 2025-08-21 12:44:42 -05:00