6ddb964c61
Remove ApacheDS Support
...
Closes gh-13852
2025-06-19 11:55:34 -06:00
b2325e4176
Add OAuth Support for HTTP Interface Client
...
Closes gh-16858
2025-06-17 09:53:51 -05:00
e3add59550
Update x509 Reference
...
- Use include-code
- Demo how to customize SubjectX500PrincipalExtractor
2025-06-12 12:09:20 -05:00
7bf2730a53
Add x509@principal-extractor-ref
...
Enables customizing the X500PrincipalExtractor
2025-06-12 12:09:20 -05:00
88ed4a5ccf
Use principalExtractor reference instead of properties
2025-06-12 12:09:20 -05:00
aba437d469
Add Support SubjectX500PrincipalExtractor
...
Closes gh-16980
Signed-off-by: Max Batischev <mblancer@mail.ru >
2025-06-12 12:09:20 -05:00
9b724377ce
Rework Saml2 Authentication Statement
...
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.
Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.
As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.
Closes gh-10820
2025-06-10 17:21:03 -06:00
d0db5e3ea3
Update database-schema.adoc
...
docs: match the database schema with https://github.com/spring-projects/spring-security/blob/6.5.0/docs/modules/ROOT/pages/servlet/authentication/passwords/jdbc.adoc
Signed-off-by: Lidoca <32785562+Lidoca@users.noreply.github.com >
2025-06-09 22:17:57 -05:00
eaab42a73c
Polish BearerTokenAuthenticationConverter Support
...
- Moved to BearerTokenAuthenticationFilter constructor to align with
AuthenticationFilter
- Undeprecated BearerTokenResolver to reduce number of migration scenarios
- Updated to 7.0 schema
- Added migration docs
Issue gh-14750
2025-06-04 18:17:17 -06:00
4967f3feee
Add Support BearerTokenAuthenticationConverter
...
Closes gh-14750
Signed-off-by: Max Batischev <mblancer@mail.ru >
2025-06-04 18:17:17 -06:00
1a4de49977
Create CsrfCustomizer for SPA configuration
...
Closes gh-14149
Signed-off-by: Felix Hagemans <felixhagemans@gmail.com >
2025-05-27 11:44:33 -06:00
cd27290260
Merge branch '6.5.x'
...
Closes gh-17163
2025-05-22 15:01:27 -05:00
6eee256e12
Demonstrate include-code usage
...
Closes gh-17161
2025-05-22 14:59:35 -05:00
45e81c2d0a
Merge branch '6.5.x'
2025-05-21 14:44:23 -06:00
7d49c41e03
Merge branch '6.4.x' into 6.5.x
2025-05-21 14:44:03 -06:00
fbfb28456a
Merge branch '6.3.x' into 6.4.x
2025-05-21 14:43:44 -06:00
a4cd6f4278
Advise Overriding equals() and hashCode() in UserDetails Implementations
...
This commit adds a documentation note explaining the importance of
overriding equals() and hashCode() in custom UserDetails implementations.
The default SessionRegistryImpl in Spring Security uses an in-memory
ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to
associate principals with sessions. If a custom UserDetails class does
not properly override equals() and hashCode(), user sessions may not
be tracked or matched correctly.
I believe this helps developers avoid subtle session management issues
when implementing custom authentication logic.
Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com >
2025-05-21 12:41:44 -06:00
07a50b460a
Merge branch '6.5.x'
2025-05-15 18:17:05 -06:00
02a516d7f2
Merge branch '6.4.x' into 6.5.x
2025-05-15 18:16:53 -06:00
70c940fd4f
Merge branch '6.3.x' into 6.4.x
2025-05-15 18:16:44 -06:00
eb30fd7f59
Add Missing Header
...
Issue gh-11161
2025-05-15 18:16:36 -06:00
b5db32994f
Merge branch '6.5.x'
2025-05-15 17:20:23 -06:00
8548d8e18a
Merge branch '6.4.x' into 6.5.x
2025-05-15 17:20:08 -06:00
fbdf4a88a0
Merge branch '6.3.x' into 6.4.x
2025-05-15 17:19:55 -06:00
260d298cc5
Add Migration Guide from Spring Security SAML Extension
...
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.
Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback
Closes gh-11161
Signed-off-by: snowykte0426 <snowykte0426@naver.com >
2025-05-15 17:17:43 -06:00
0698d3527d
Merge branch '6.5.x'
2025-05-13 11:18:43 -06:00
26f359a4db
Merge branch '6.4.x' into 6.5.x
2025-05-13 11:18:31 -06:00
5ba4ab5e11
Merge branch '6.3.x' into 6.4.x
2025-05-13 11:18:02 -06:00
27319e3f9b
Add missing registration property in YAML listing
...
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com >
2025-05-13 11:17:35 -06:00
ec462e8bc5
Update assertingparty property usage in YAML snippets
...
Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration.*.identityprovider.*
to spring.security.saml2.relyingparty.registration.*.assertingparty.*.
Closes gh-12810.
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com >
2025-05-13 11:17:35 -06:00
ba7be9c8b9
Merge branch '6.5.x'
2025-05-09 16:14:34 -04:00
e3c39f02bc
Add documentation for DPoP support
...
Closes gh-17072
2025-05-09 16:02:14 -04:00
f13836c9c8
Add X to CommonOAuth2Provider Reference
...
Issue gh-16510
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com >
2025-05-07 11:31:28 -05:00
5abbcecccc
Update to 7.0.0-SNAPSHOT
...
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com >
2025-05-06 13:26:14 -05:00
9b79b99150
Merge branch '6.4.x'
...
- Correct method name in logout.adoc
Closes gh-17049
2025-05-06 10:24:14 -05:00
63d79a97db
Merge branch '6.3.x' into 6.4.x
...
- Correct method name in logout.adoc
Closes gh-17048
2025-05-06 10:23:58 -05:00
505fe3abed
Correct method name
...
Closes gh-17031
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2025-05-06 10:17:29 -05:00
df640f22dc
Merge branch '6.4.x'
2025-05-02 15:59:13 -06:00
92160fa26f
Merge branch '6.3.x' into 6.4.x
...
Closes gh-17034
2025-05-02 15:58:58 -06:00
51239359ed
Fix ClearSiteData Code Snippet
...
Closes gh-16948
2025-05-02 15:57:31 -06:00
28091c8563
Merge branch '6.4.x'
2025-05-01 12:03:19 -06:00
c4a0dfe838
Merge remote-tracking branch 'origin/6.3.x' into 6.4.x
2025-05-01 12:03:05 -06:00
bcef6ed74f
Reformatted lines in x509 overview documentation
...
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com >
2025-05-01 12:02:45 -06:00
d0a97917ad
Merge branch '6.4.x'
2025-04-29 13:39:00 -06:00
d76ccc6856
Merge branch '6.3.x' into 6.4.x
2025-04-29 13:38:41 -06:00
9c76ab69f0
Use proper configuration key
...
the getter method is `getOpaquetoken()` not `getOpaqueToken()`
See https://github.com/spring-projects/spring-boot/blob/c6045c3111c43bd7b0f99e6c2858bfb2999e358f/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java#L51
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com >
2025-04-29 13:37:51 -06:00
ce5a12b2f7
Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector
...
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com >
2025-04-23 14:10:02 -06:00
61d6fbc2a9
Update Documentation for PathPatternRequestMatcher
...
Issue gh-16765
2025-04-23 12:11:09 -06:00
15c2b156f1
Update Client Authentication examples
...
Closes gh-16925
987d9c9788ba0343f543083c87613fb5
2025-04-11 15:10:05 -05:00
6438603cb6
Pick Up TargetVisitor Beans
...
Closes gh-16923
2025-04-10 15:48:09 -06:00
Josh Cummings