Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,843 Commits 54 Branches 379 Tags
2301e8ca775a5e98cfe45a81b98e673b9f521587
Commit Graph

2009 Commits

Author SHA1 Message Date
Marcus Da Coregio 3dd54bcda7 Run SAML 2.0 tests in an exclusive task 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 23903b5f18 Use Reflection to instantiate OpenSAML4 classes 
Because the OpenSAML4 classes are compiled using Java 11, we have to rely on reflection to instante those classes since the config module should be compatible with Java 8

Issue gh-10816
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio ccb1f68bfe Fix member variable using Java 9+ feature 
This causes compile errors when trying to build using JDK 8

Issue gh-10695
 2022-06-02 19:24:42 +02:00
Marcus Da Coregio 4c2401a576 Revert "Make source code compatible with JDK 8" 
This reverts commit 60ed3602f6.
 2022-06-02 19:24:42 +02:00
Josh Cummings 38d481eba6 Make Internal Class Package-Private 
Issue gh-11305
 2022-05-31 16:04:26 -06:00
Josh Cummings d994ddc9b8 Polish InterceptUrlConfigTests 
Issue gh-11305
 2022-05-31 16:04:02 -06:00
Josh Cummings 9dbd1f3e25 Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 15:10:00 -06:00
Josh Cummings 7c0ba58019 Fix rnc typo 
Issue gh-11076
 2022-05-27 16:59:23 -06:00
Josh Cummings 8a03d1fcec Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 12:20:48 -06:00
Juny Tse 649428b49a Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:06:27 -06:00
Juny Tse d0da160007 Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:02:13 -06:00
Juny Tse 16664dcdbd Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:43:50 -06:00
Josh Cummings b51c71c3b3 Use original query string to verify signature 
Closes gh-11235
 2022-05-23 13:56:28 -06:00
Josh Cummings 5adb6e25a3 Correctly encode query parameters 
Issue gh-11235
 2022-05-20 17:46:40 -06:00
Josh Cummings ffaf5b4e61 Polish WebExpressionAuthorizationManager 
- Add support for request variables
- Added additional tests

Issue gh-11105
 2022-05-13 13:53:38 -06:00
Evgeniy Cheban 07b0be3f42 Add AuthorizationManager that uses ExpressionHandler 
Closes gh-11105
 2022-05-13 13:52:49 -06:00
Marcus Da Coregio 18c220c870 Update copyright headers 
Issue gh-10956
 2022-05-06 14:26:29 -03:00
Marcus Da Coregio 18345feeed Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:26:29 -03:00
Marcus Da Coregio e45dcb3ab2 Update copyright headers 
Issue gh-10956
 2022-05-06 14:18:42 -03:00
Marcus Da Coregio d3a451fffb Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:18:36 -03:00
Marcus Da Coregio d86ed6f523 Update copyright headers 
Issue gh-10956
 2022-05-06 14:14:16 -03:00
Marcus Da Coregio 1959c25a03 Fix mvcMatchers overriding previous paths 
Closes gh-10956
 2022-05-06 14:11:37 -03:00
Rob Winch 7b6fd598d0 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:57:22 -05:00
Rob Winch 6420cf28a9 Multiple <authentication-manager> Do Not Duplicate Alias 
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
 2022-05-03 14:52:22 -05:00
Josh Cummings 0e9228d10a Prepare for Spring Security 5.8 2022-05-02 16:34:23 -06:00
Eleftheria Stein 5ac5edc2e6 Detect UserDetailsService bean in X509 configuration 
Closes gh-11174
 2022-04-28 14:47:18 +02:00
Eleftheria Stein d40c15e09e Update remember me Javadocs 
Describe the new behaviour for retrieving the UserDetailsService

Issue gh-11170
 2022-04-28 14:13:52 +02:00
Marcus Da Coregio e94adedb94 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:19:20 -03:00
Eleftheria Stein 8e34cedcfe Detect UserDetailsService bean in remember me 
Closes gh-11170
 2022-04-28 12:43:13 +02:00
nor-ek a3e7e54b70 Security Context Dsl 
Closes gh-11039
 2022-04-26 17:34:44 +02:00
Marcus Da Coregio 9d378103b0 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:43:50 -03:00
Marcus Da Coregio 23594b3d01 Fix setServletContext not being called for AuthorizationManagerWebInvocationPrivilegeEvaluator 
Issue gh-10908
 2022-04-25 09:42:00 -03:00
Rob Winch aaf78330b1 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:16:35 -05:00
Marcus Da Coregio 7fea639a43 Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 15:58:00 -03:00
Josh Cummings 147ab42440 Revert "Pick up AuthorizationManager Bean" 
This reverts commit 32b83aae63.

Issue gh-11067
 2022-04-12 09:32:09 -06:00
Rob Winch 39b0620a84 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:44 -05:00
Josh Cummings 32b83aae63 Pick up AuthorizationManager Bean 
Closes gh-11067
Closes gh-11068
 2022-04-08 10:08:33 -06:00
Josh Cummings b39f213e64 Revert "Add AuthorizationManager to Messaging" 
This reverts commit 77a6e014a9.
 2022-04-07 17:39:34 -06:00
Josh Cummings 77a6e014a9 Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-04-07 17:39:10 -06:00
Josh Cummings 66213e5b2e Add Default Test to HttpBasicConfigurerTests 
Issue gh-10973
 2022-04-05 17:11:39 -06:00
Josh Cummings 47c8676be7 Polish Saml2LoginConfigurerTests 
Issue gh-10973
 2022-04-05 17:11:38 -06:00
Josh Cummings c175118f62 Use RequestMatcherEntry 
Closes gh-11046
 2022-03-30 14:31:11 -06:00
Josh Cummings 061f69eb70 Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:03:19 -06:00
Josh Cummings a43677d36a Simplify PrePostMethodSecurityConfiguration 
Issue gh-9288
 2022-03-29 15:44:16 -06:00
Rob Winch 67fd46bfa6 Add SecurityContextRepository.loadContext(HttpServletRequest) 
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
 2022-03-25 14:21:52 -05:00
Yuriy Savchenko 446ab5047c Add authorizeHttpRequests to Kotlin DSL 
Closes gh-10481
 2022-03-22 09:39:06 -06:00
Yuriy Savchenko 3016ed0067 Fix typos in Kotlin DSL docs 
Issue gh-10481
 2022-03-22 08:27:29 -06:00
Rob Winch 87ed31a99c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-11 17:22:23 -06:00
Rob Winch dbcb5004b4 Extract createSecurityContextRepository() 
Extract out method in preparation for adding SecurityContextHolderFilter
configuration.

Issue gh-9635
 2022-03-11 17:21:49 -06:00
Norbert Nowak ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:23:35 -07:00