Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,289 Commits 54 Branches 379 Tags
1be9be97a1a45b81f40709441bdc4001ad312a80
Commit Graph

10289 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Steve Riesenberg 1be9be97a1 Exclude JavadocPackageCheck from Spring Checks 
Issue gh-11422
 2022-07-15 13:03:45 -05:00
Steve Riesenberg 33e4b07cc8 Update spring-ldap-core to 2.4.1 
Closes gh-11563
 2022-07-15 12:42:57 -05:00
Steve Riesenberg 5ddc1011a7 Update org.springframework.data to 2021.2.2 
Closes gh-11562
 2022-07-15 12:42:51 -05:00
Steve Riesenberg 58a9733b4c Update org.springframework to 5.3.22 
Closes gh-11561
 2022-07-15 12:40:47 -05:00
Steve Riesenberg 2625388a87 Update jsonassert to 1.5.1 
Closes gh-11560
 2022-07-15 12:40:43 -05:00
Steve Riesenberg 3d0d8bdbe0 Update htmlunit-driver to 2.63.0 
Closes gh-11559
 2022-07-15 12:40:41 -05:00
Steve Riesenberg 0d2b71ed86 Update junit-bom to 5.9.0-RC1 
Closes gh-11557
 2022-07-15 12:40:36 -05:00
Steve Riesenberg d20d6f5247 Update org.jetbrains.kotlinx to 1.6.4 
Closes gh-11556
 2022-07-15 12:40:33 -05:00
Steve Riesenberg f69102f1a6 Update org.jetbrains.kotlin to 1.7.10 
Closes gh-11555
 2022-07-15 12:40:31 -05:00
Steve Riesenberg e112e24efb Update hibernate-entitymanager to 5.6.10.Final 
Closes gh-11554
 2022-07-15 12:40:28 -05:00
Steve Riesenberg 1f0a317923 Update org.eclipse.jetty to 9.4.48.v20220622 
Closes gh-11553
 2022-07-15 12:40:26 -05:00
Steve Riesenberg 0b18ebbd61 Update assertj-core to 3.23.1 
Closes gh-11552
 2022-07-15 12:40:23 -05:00
Steve Riesenberg d152b38194 Update htmlunit to 2.63.0 
Closes gh-11551
 2022-07-15 12:40:21 -05:00
Steve Riesenberg d6904fa84d Update io.spring.javaformat to 0.0.34 
Closes gh-11550
 2022-07-15 12:40:18 -05:00
Steve Riesenberg 8d99e4b0c7 Update io.projectreactor to 2020.0.21 
Closes gh-11548
 2022-07-15 12:40:13 -05:00
Steve Riesenberg eba9779205 Update mockk to 1.12.4 
Closes gh-11547
 2022-07-15 12:40:09 -05:00
Steve Riesenberg 4350f5fb9d Update aspectj-plugin to 6.5.0.3 
Closes gh-11546
 2022-07-15 12:40:07 -05:00
Steve Riesenberg 32271ec811 Update com.nimbusds to 9.38.1 
Closes gh-11545
 2022-07-15 12:40:04 -05:00
Steve Riesenberg bb06265552 Update jackson-bom to 2.13.3 
Closes gh-11542
 2022-07-15 12:39:56 -05:00
Marcus Da Coregio f45c4d4b8e Add SHA256 as an algorithm option for Remember Me token hashing 
Closes gh-8549
 2022-07-15 10:41:03 -03:00
Josh Cummings 5dff157755 Polish HttpSecurity Formatting 
Issue gh-11360
 2022-07-14 12:50:40 -06:00
Evgeniy Cheban 400cd60368 Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer 
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
 2022-07-14 12:48:39 -06:00
Marcus Da Coregio 57d6ab7134 Improve docs on dispatcherTypeMatcher 
Closes gh-11467
 2022-07-14 09:13:46 -03:00
Josh Cummings 624fdfa731 Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-13 17:58:16 -06:00
Josh Cummings db25a37320 Consolidate ExpressionAuthorizationDecision 
Issue gh-11493
 2022-07-13 17:58:16 -06:00
Josh Cummings 281814a955 Add MethodExpressionAuthorizationManager 
Closes gh-11493
 2022-07-13 17:58:16 -06:00
Josh Cummings 51475e2583 Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-13 17:57:38 -06:00
Steve Riesenberg 68bdb63faf Use JDK 11 with spring-gradle-build-action 2022-07-13 14:27:34 -05:00
Steve Riesenberg de45964f55 Backport release automation and github actions 
Closes gh-11480
 2022-07-13 13:43:13 -05:00
Steve Riesenberg d3b8bacc3c Polish InterceptMethodsBeanDefinitionDecorator 2022-07-13 11:38:50 -05:00
Tim te Beek ce67fb08fd Clearly end sentence in note before next sentence 2022-07-11 17:38:44 -06:00
Tim te Beek 6e63278ab9 Use Collection<ConfigAttribute> in examples 
To match `org.springframework.security.access.ConfigAttribute`.
 2022-07-11 17:38:44 -06:00
Josh Cummings 7560a32460 Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:39:41 -06:00
Josh Cummings ba0f8ec3ef Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:06:15 -06:00
Josh Cummings 3f13fa0285 Improve Upgrading 
Closes gh-11259
 2022-07-11 14:06:04 -06:00
Rob Winch 1c61748bb9 Fix logging for AnonymousAuthenticationFilter 
Currently if trace logging is enabled a StackOverflowException is thrown
when trying to resolve toString of the authentication.

java.lang.StackOverflowError: null
        at java.base/java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:538) ~[na:na]
        at java.base/java.lang.StringBuilder.append(StringBuilder.java:174) ~[na:na]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12]
        at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12]
        at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na]
        at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$0(AnonymousAuthenticationFilter.java:105) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.lambda$setDeferredContext$2(ThreadLocalSecurityContextHolderStrategy.java:67) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.getContext(ThreadLocalSecurityContextHolderStrategy.java:43) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:126) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12]
        at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12]
        at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na]
        at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125)

Issue gh-11457
 2022-07-08 15:39:53 -05:00
Josh Cummings c9a3d21b9b Add Configuration Test 
Issue gh-11327
 2022-07-07 14:46:37 -06:00
Josh Cummings d27d431bbc Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 13:52:36 -06:00
Josh Cummings cdafa4ee21 Clarify variable names 
Issue gh-11327
 2022-07-07 13:38:42 -06:00
Steve Riesenberg 0c48b6bc7f Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:03:20 -05:00
Josh Cummings 74a007dc91 Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 12:54:05 -06:00
Rob Winch 415a674edc AnonymousAuthenticationFilter Avoids Eager SecurityContext Access 
Previously AnonymousAuthenticationFilter accessed the SecurityContext to
determine if anonymous authentication needed setup eagerly. Now this is done
lazily to avoid unnecessary access to the SecurityContext which in turn avoids
unnecessary HTTP Session access.

Closes gh-11457
 2022-07-05 15:34:21 -05:00
Rob Winch 28c0d1459c Request Cache supports matchingRequestParameterName 2022-07-01 16:35:06 -05:00
Josh Cummings 38cb6c3172 Use SecurityContextHolderStrategy for Context Propagation 
Issue gh-11060
 2022-06-30 11:18:07 -06:00
Josh Cummings 5357cb8c95 Use SecurityContextHolderStrategy for NullSecurityContextRepository 
Issue gh-11060
 2022-06-28 15:32:20 -06:00
Josh Cummings 03a5c3b08a Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:32:05 -06:00
Josh Cummings e8723f1f43 Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 14:58:53 -06:00
Josh Cummings 27de315e5e Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:46:52 -06:00
Josh Cummings 135e602472 Use SecurityContextHolderStrategy for Digest 
Issue gh-11060
 2022-06-28 13:54:29 -06:00
Josh Cummings e1c211c11f Use SecurityContextHolderStrategy for Switch User 
Issue gh-11060
 2022-06-28 13:34:04 -06:00