Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,868 Commits 54 Branches 379 Tags
2c87270dbceb11f7b082584d024c17b40baf2cff
Commit Graph

18868 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings 2c87270dbc Use authorizeHttpRequests 
Issue gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings dadf10899c Add WebExpressionAuthorizationManager.Builder 
Closes gh-17504
 2025-07-09 17:33:10 -06:00
Josh Cummings c312d18191 Add Publishing Predicate 
Closes gh-17503
 2025-07-09 17:33:10 -06:00
Josh Cummings 901b386ca6 Merge branch '6.5.x' 2025-07-09 14:11:14 -06:00
Josh Cummings 9209a33678 Remove References to Deprecated OpenSaml Components 
Issue gh-11658
 2025-07-09 14:10:33 -06:00
Josh Cummings da182a2d7c Remove Deprecated OpenSaml Components 
Closes gh-17306
 2025-07-09 14:06:51 -06:00
Josh Cummings 571b6fe4a8 Fix Formatting 
Issue gh-16858
 2025-07-09 14:05:41 -06:00
Josh Cummings 9dea1c2eb5 Update to Latest HttpRequestValues Contract 
Issue gh-16858
 2025-07-09 13:47:06 -06:00
Josh Cummings c06b1f4916 Remove LazyCsrfTokenRepository 
Closes gh-13196
 2025-07-09 13:47:06 -06:00
Rob Winch e48fdd5ed4 Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Rob Winch dbb3b7e1f5 Remove Unused import 2025-07-07 15:15:51 -05:00
Rob Winch bfa2a3613c Fix frameworkVersion 
Should not strip -SNAPSHOT
 2025-07-07 15:15:51 -05:00
Josh Cummings 02d69ec864 Keep EnableWebMvcSecurity Link 
So that links across the Internet that are pointed at
#mvc-enablewebmvcsecurity still arrive at a relevant place,
this commit re-adds the mvc-enablewebmvcsecurity link, even
though @EnableWebMvcSecurity itself is now removed.

Issue gh-17294
 2025-07-07 13:46:03 -06:00
Tran Ngoc Nhan a439bc65d6 Remove EnableWebMvcSecurity 
Closes gh-17294

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:46:03 -06:00
Josh Cummings 19e88f5e35 Polish Tests 
Issue gh-17298
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan 242956a63c Remove deprecated elements from DaoAuthenticationProvider 
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:38:34 -06:00
Rob Winch ca5e307bf4 Merge branch '6.5.x' 2025-07-07 14:31:40 -05:00
dependabot[bot] 8e94157971 Bump com.webauthn4j:webauthn4j-core 
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:35 -05:00
dependabot[bot] e4155e8540 Bump io-spring-javaformat from 0.0.46 to 0.0.47 
Bumps `io-spring-javaformat` from 0.0.46 to 0.0.47.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.46 to 0.0.47
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.46...v0.0.47)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-version: 0.0.47
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:35 -05:00
dependabot[bot] 7aecd78920 Bump org.hibernate.orm:hibernate-core from 7.0.4.Final to 7.0.5.Final 
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.0.5.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:35 -05:00
Rob Winch 7a7d2cacd2 Merge branch '6.4.x' into 6.5.x 2025-07-07 14:31:17 -05:00
dependabot[bot] fa2e4c67a0 Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.7 to 6.2.8.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.7...v6.2.8)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:11 -05:00
dependabot[bot] 45ce51fe8d Bump com.webauthn4j:webauthn4j-core 
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.3.RELEASE to 0.29.4.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.3.RELEASE...0.29.4.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.4.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:11 -05:00
dependabot[bot] 2d3a1dc210 Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.20.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.17.Final to 6.6.20.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.20/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.17...6.6.20)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.20.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:31:10 -05:00
dependabot[bot] 64bc37b5d6 Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:30:49 -05:00
dependabot[bot] afc25b1ea3 Bump org.hibernate.orm:hibernate-core from 6.6.19.Final to 6.6.20.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.19.Final to 6.6.20.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.20/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.19...6.6.20)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.20.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-07 14:30:49 -05:00
Tran Ngoc Nhan e52987d03c Remove RoleHierarchyImpl Deprecations 
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:22:22 -06:00
Matt Magoffin 62252c1232 Default to XorCsrfChannelInterceptor in XML 
Change WebSocketMessageBrokerSecurityBeanDefinitionParser to use
XorCsrfChannelInterceptor by default, so WebSocket XML configuration
matches the default Xor-based configuration already in
WebSocketMessageBrokerSecurityConfiguration.

Closes gh-17260

Signed-off-by: Matt Magoffin <matt@solarnetwork.net>
 2025-07-07 13:02:15 -06:00
Josh Cummings a9636c72d1 Merge branch '6.5.x' 2025-07-07 12:54:26 -06:00
Josh Cummings bc20bd6340 Merge branch '6.4.x' into 6.5.x 
Closes gh-17495
 2025-07-07 12:53:59 -06:00
Josh Cummings 8461feb028 Merge branch '6.3.x' into 6.4.x 
Closes gh-17494
 2025-07-07 12:53:47 -06:00
Josh Cummings 4f5b17334e Pick Up csrfChannelInterceptor in XML 
Closes gh-17493
 2025-07-07 12:53:27 -06:00
Josh Cummings 74771a3d42 Merge branch '6.5.x' 2025-07-07 11:43:25 -06:00
Andrey Litvitski fdf52f021d Use LdapName instead of DistinguishedName 
Closes gh-17301

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-07 11:40:45 -06:00
Tran Ngoc Nhan 6dc77bd98b Update JwtIssuerAuthenticationManagerResolver constructor javadoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 11:37:52 -06:00
Josh Cummings ea3ba62022 Correct Servlet Path JavaDoc 
Initially PathPatternRequestMatcher was designed to match relative
to the servlet path. However, this was changed to be relative to
the context path. This commit updates the documentation and removes
references to the servlet path other than in the context of setting
a basePath to remove boilerplate.

Issue gh-16430
 2025-07-07 11:34:29 -06:00
Josh Cummings 42283a5c1d Add Missing File 
Issue gh-17484
 2025-07-07 11:18:57 -06:00
Josh Cummings 5ae1b73bae Fix Cyclic Bean Dependency 
Closes gh-17484
 2025-07-07 10:32:56 -06:00
Tran Ngoc Nhan d8043dc8a7 Remove PrePostTemplateDefaults 
Closes gh-17296

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan 21036c94b4 Remove Nimbus(Reactive)OpaqueTokenIntrospector 
Closes gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:41:57 -06:00
Tran Ngoc Nhan 519ae241f4 Fix Mock for Spring(Reactive)OpaqueTokenIntrospector 
Issue gh-17302

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:41:57 -06:00
Andrey Litvitski 596d44757a Remove RequestVariablesExtractor 
Closes gh-17308

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-03 14:41:12 -06:00
Josh Cummings 639a9afaea Merge branch '6.5.x' 2025-07-03 14:40:30 -06:00
Josh Cummings 8fb8e26c01 Merge branch '6.4.x' into 6.5.x 2025-07-03 14:40:04 -06:00
Josh Cummings 3f4ef169f6 Merge branch '6.3.x' into 6.4.x 2025-07-03 14:38:39 -06:00
dependabot[bot] 192bafe9a5 Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.12 to 3.2.13.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.12...3.2.13)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-03 14:38:21 -06:00
Tran Ngoc Nhan 9312fb7004 Remove Deprecated AuthorizationDecision Elements 
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 14:32:49 -06:00
Josh Cummings 448283b30c Merge branch '6.5.x' 2025-07-03 14:19:44 -06:00
Josh Cummings b5ddf9ccd1 Merge branch '6.4.x' into 6.5.x 2025-07-03 14:19:31 -06:00
Josh Cummings 43042b6724 Merge branch '6.3.x' into 6.4.x 2025-07-03 14:19:20 -06:00