Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,617 Commits 54 Branches 379 Tags
32dbaceec58151cb657ede388def4955ef85b14a
Commit Graph

10617 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tim te Beek ce67fb08fd Clearly end sentence in note before next sentence 2022-07-11 17:38:44 -06:00
Tim te Beek 6e63278ab9 Use Collection<ConfigAttribute> in examples 
To match `org.springframework.security.access.ConfigAttribute`.
 2022-07-11 17:38:44 -06:00
Josh Cummings 7560a32460 Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:39:41 -06:00
Josh Cummings 28424f8ae5 Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:51:51 -06:00
Josh Cummings 37d856dca4 Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:38:04 -06:00
Josh Cummings ba0f8ec3ef Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:06:15 -06:00
Josh Cummings 3f13fa0285 Improve Upgrading 
Closes gh-11259
 2022-07-11 14:06:04 -06:00
Rob Winch 1c61748bb9 Fix logging for AnonymousAuthenticationFilter 
Currently if trace logging is enabled a StackOverflowException is thrown
when trying to resolve toString of the authentication.

java.lang.StackOverflowError: null
        at java.base/java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:538) ~[na:na]
        at java.base/java.lang.StringBuilder.append(StringBuilder.java:174) ~[na:na]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12]
        at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12]
        at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na]
        at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$0(AnonymousAuthenticationFilter.java:105) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.lambda$setDeferredContext$2(ThreadLocalSecurityContextHolderStrategy.java:67) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.getContext(ThreadLocalSecurityContextHolderStrategy.java:43) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:126) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12]
        at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12]
        at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na]
        at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125)

Issue gh-11457
 2022-07-08 15:39:53 -05:00
Josh Cummings c9a3d21b9b Add Configuration Test 
Issue gh-11327
 2022-07-07 14:46:37 -06:00
Josh Cummings d27d431bbc Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 13:52:36 -06:00
Josh Cummings cdafa4ee21 Clarify variable names 
Issue gh-11327
 2022-07-07 13:38:42 -06:00
Steve Riesenberg 0c48b6bc7f Use relative schema location for tests 
Issue gh-11328
Issue gh-11353
Issue gh-11365
 2022-07-07 13:03:20 -05:00
Josh Cummings 74a007dc91 Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 12:54:05 -06:00
Rob Winch 415a674edc AnonymousAuthenticationFilter Avoids Eager SecurityContext Access 
Previously AnonymousAuthenticationFilter accessed the SecurityContext to
determine if anonymous authentication needed setup eagerly. Now this is done
lazily to avoid unnecessary access to the SecurityContext which in turn avoids
unnecessary HTTP Session access.

Closes gh-11457
 2022-07-05 15:34:21 -05:00
Rob Winch 28c0d1459c Request Cache supports matchingRequestParameterName 2022-07-01 16:35:06 -05:00
Josh Cummings 38cb6c3172 Use SecurityContextHolderStrategy for Context Propagation 
Issue gh-11060
 2022-06-30 11:18:07 -06:00
Josh Cummings 5357cb8c95 Use SecurityContextHolderStrategy for NullSecurityContextRepository 
Issue gh-11060
 2022-06-28 15:32:20 -06:00
Josh Cummings 03a5c3b08a Use SecurityContextHolderStrategy for Concurrency Filter 
Issue gh-11060
Issue gh-11061
 2022-06-28 15:32:05 -06:00
Josh Cummings e8723f1f43 Pick up SecurityContextHolderStrategy for WebClient integration 
Issue gh-11061
 2022-06-28 14:58:53 -06:00
Josh Cummings 27de315e5e Use SecurityContextHolderStrategy for Async Requests 
Issue gh-11060
Issue gh-11061
 2022-06-28 14:46:52 -06:00
Josh Cummings 135e602472 Use SecurityContextHolderStrategy for Digest 
Issue gh-11060
 2022-06-28 13:54:29 -06:00
Josh Cummings e1c211c11f Use SecurityContextHolderStrategy for Switch User 
Issue gh-11060
 2022-06-28 13:34:04 -06:00
Josh Cummings 98995f2225 Add SecurityContextHolderStrategy to Pre-authenticated scenarios 
Issue gh-11060
Issue gh-11061
 2022-06-28 12:04:37 -06:00
Josh Cummings b3be35da31 Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-28 12:04:37 -06:00
Josh Cummings 4a2d77d3f2 Use SecurityContextHolderStrategy for Remember-me 
Issue gh-11060
Isuse gh-11061
 2022-06-28 11:08:57 -06:00
Josh Cummings ee66850aed Add SecurityContextHolderStrategy for Jaas 
Issue gh-11060
Issue gh-11061
 2022-06-28 09:26:05 -06:00
Josh Cummings 52d8e10ace Use SecurityContextHolderStrategy for Database Support 
Issue gh-11060
 2022-06-28 09:08:42 -06:00
Josh Cummings 74bc271ec2 Use SecurityContextHolderStrategy for ACL 
Issue gh-11060
 2022-06-28 08:05:15 -06:00
Josh Cummings 237a31c69b Use SecurityContextHolderStrategy for Taglibs 
Issue gh-11060
 2022-06-27 17:45:01 -06:00
Josh Cummings 5de975f4a2 Use SecurityContextHolderStrategy for Data 
Issue gh-11060
 2022-06-27 16:35:02 -06:00
Josh Cummings 0fee05d023 Use SecurityContextHolderStrategy for AuthenticationFilter 
Issue gh-11060
 2022-06-27 16:26:42 -06:00
Josh Cummings 74167d62b1 Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 15:55:28 -06:00
Josh Cummings 9292a13146 Add SecurityContextHolderStrategy Java Configuration for Messaging 
Issue gh-11061
 2022-06-27 15:55:28 -06:00
Josh Cummings b05fed8b9d Use SecurityContextHolderStrategy for Messaging 
Issue gh-11060
 2022-06-27 15:55:28 -06:00
Josh Cummings 6e821382f1 Use SecurityContextHolderStrategy for Ldap 
Issue gh-11060
 2022-06-27 15:55:27 -06:00
Josh Cummings 652c35db2f Add SecurityContextHolderStrategy XML Configuration for OAuth2 
Issue gh-11061
 2022-06-27 13:05:13 -06:00
Josh Cummings 1d22316574 Add SecurityContextHolderStrategy Java Configuration for OAuth2 
Issue gh-11061
 2022-06-27 13:05:13 -06:00
Josh Cummings 1d72a05c32 Add SecurityContextHolderStrategy to OAuth2 
Issue gh-11060
 2022-06-27 13:05:12 -06:00
Josh Cummings 6c16ac101a Add SecurityContextHolderStrategy XML Configuration for Saml2 
Issue gh-11061
 2022-06-27 13:05:12 -06:00
Josh Cummings 97253c9293 Add SecurityContextHolderStrategy Java Configuration for Saml2 
Issue gh-11061
 2022-06-27 13:05:11 -06:00
Josh Cummings 3c8a80c364 Add SecurityContextHolderStrategy to Saml2 
Issue gh-11060
 2022-06-27 13:05:11 -06:00
Josh Cummings 9cd7c7b046 Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:05:07 -06:00
Josh Cummings da57bac061 Add SecurityContextHolderStrategy Java Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:03:11 -06:00
Josh Cummings 25c74896d1 Add SecurityContextHolderStrategy to Method Security 
Issue gh-11060
 2022-06-27 13:02:59 -06:00
Josh Cummings f86992a0af Add SecurityContextHolderStrategy Test Support 
Issue gh-11061
Issue gh-11444
 2022-06-27 13:02:11 -06:00
Josh Cummings fa0086d3b0 Polish SecurityContextHolderStrategy Java Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:01:22 -06:00
Josh Cummings 772f29e063 Polish SecurityContextHolderStrategy for Defaults 
gh-11060
 2022-06-27 13:00:24 -06:00
Josh Cummings 8d681b3b80 Polish SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-27 13:00:20 -06:00
Alonso Araya Calvo 1ac1271972 Adds the ability to set the CSRF Token cookie max age value 
Closes gh-11432
 2022-06-24 16:42:05 -06:00
Rob Winch a7d21f1b34 Document sagan Release tasks require read:org scope 
Closes gh-11423
 2022-06-21 14:49:38 -05:00