Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,167 Commits 54 Branches 379 Tags
39301574fa2aabb3a9fa7b25bb744bb0595eadeb
Commit Graph

2015 Commits

Author SHA1 Message Date
Josh Cummings eeb383ac46 Fix Checkstyle 
Issue gh-17623
 2025-08-07 14:32:18 -06:00
Josh Cummings 6d1a886f92 Deprecate SERIAL_VERSION_UID 
Closes gh-17623
 2025-08-07 11:09:35 -06:00
Andrey Litvitski 2fbe8dd8f6 Make Stricter IP Format Check 
Closes gh-17499

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-31 10:30:57 -06:00
Josh Cummings 6873685fd0 Merge remote-tracking branch 'origin/6.5.x' 2025-07-31 10:12:39 -06:00
Tim Boeckstaens f180a04b74 Use final values in equals and hashCode 
Closes gh-17584

Signed-off-by: Tim Boeckstaens <boeckstaenstim@gmail.com>
 2025-07-31 10:12:24 -06:00
Rob Winch f6cb0bd610 Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch 2fdca16c1a Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch 392129b616 Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Rob Winch 34742c9743 Reapply "Move webauthn runtimehints to spring-security-webauthn" 
This reverts commit 9489ab48ab.
 2025-07-23 13:32:34 -05:00
Rob Winch 9489ab48ab Revert "Move webauthn runtimehints to spring-security-webauthn" 
This reverts commit fe411896af.
 2025-07-23 09:22:47 -05:00
Rob Winch fe411896af Move webauthn runtimehints to spring-security-webauthn 
Issue gh-17586
 2025-07-23 09:20:39 -05:00
Rob Winch 79cd982341 Extract spring-security-webauthn 
Closes gh-17586
 2025-07-22 17:18:38 -05:00
Rob Winch 7c887d2da1 Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
DingHao dadf4c0b8a Remove shouldFilterAllDispatcherTypes 
Closes gh-12139

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-14 12:34:16 -06:00
Josh Cummings b7ae9910b5 Remove Deprecated CookieServerCsrfTokenRepository Methods 
Closes gh-14132
 2025-07-10 11:13:37 -06:00
Josh Cummings ee2b826362 Use setCookieCustomizer 
Issue gh-14132
 2025-07-10 11:13:21 -06:00
Josh Cummings dadf10899c Add WebExpressionAuthorizationManager.Builder 
Closes gh-17504
 2025-07-09 17:33:10 -06:00
Josh Cummings c06b1f4916 Remove LazyCsrfTokenRepository 
Closes gh-13196
 2025-07-09 13:47:06 -06:00
Rob Winch e48fdd5ed4 Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Josh Cummings 74771a3d42 Merge branch '6.5.x' 2025-07-07 11:43:25 -06:00
Josh Cummings ea3ba62022 Correct Servlet Path JavaDoc 
Initially PathPatternRequestMatcher was designed to match relative
to the servlet path. However, this was changed to be relative to
the context path. This commit updates the documentation and removes
references to the servlet path other than in the context of setting
a basePath to remove boilerplate.

Issue gh-16430
 2025-07-07 11:34:29 -06:00
Andrey Litvitski 596d44757a Remove RequestVariablesExtractor 
Closes gh-17308

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-03 14:41:12 -06:00
Tran Ngoc Nhan 9312fb7004 Remove Deprecated AuthorizationDecision Elements 
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 14:32:49 -06:00
Josh Cummings d3e9e3138d Remove AntPath and MvcRequestMatcher 
Closes gh-16886
Closes gh-16887
 2025-07-03 13:37:50 -06:00
Josh Cummings e8ed0f1b03 Use PathPatternRequestMatcher in web 
Issue gh-16887
 2025-07-03 13:37:48 -06:00
Josh Cummings 3e53cc2c4a Use PathPatternRequestMatcher in config 
This commit changes the config module to use
PathPatternRequestMatcher in favor of
MvcRequestMatcher and AntPathRequestMatcher.

This allows removing several HandlerMappingIntrospector
support classes as well which were in place to
support MvcRequestMatcher.

Issue gh-16886
Issue gh-16887
 2025-07-03 13:37:47 -06:00
Josh Cummings f709a9efef Add pathPattern Factory Methods 
Closes gh-17476
 2025-07-03 13:37:47 -06:00
Josh Cummings 98686a5139 Standardize Mock Request Paths 
Closes gh-17449
 2025-07-03 13:37:47 -06:00
Josh Cummings d869686d09 Add TestMockHttpServleRequests 
Closes gh-17450
 2025-07-03 13:37:46 -06:00
Deep Dhamala 081c92a9e5 Improve logging clarity in CsrfFilter 
Update toString() method in DefaultRequiresCsrfMatcher to better reflect its logic during trace-level logging.

Closes gh-17250

Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
 2025-07-03 13:00:55 -06:00
Josh Cummings 890049c6f7 Merge remote-tracking branch 'origin/6.5.x' 2025-07-02 13:19:00 -06:00
Andrey Litvitski 25d51a0d99 Include HTTP Method in equals and hashCode 
Closes gh-17180

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-07-02 13:18:36 -06:00
Tran Ngoc Nhan 709f5db0e5 Polish Webauthn4JRelyingPartyOperations 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-06-17 13:35:52 -05:00
Evgeniy Cheban 092bbfc8e7 ReactiveAuthorizationManager replace deprecated #check calls with #authorize 
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-06-12 11:11:49 -06:00
Evgeniy Cheban b0cecb37d2 Replace deprecated #check calls with #authorize 
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-06-12 11:11:49 -06:00
Rob Winch 2b740b7f1f Update SubjectX500PrincipalExtractor Javadoc 
- Provide more details on how the principalName is extracted
- Update to specify an OID is used for emailAddress
 2025-06-12 12:09:20 -05:00
Rob Winch f690a7f3df Encapsulate extractPrincipalNameFromEmail property 
This simplifies the logic when extracting the principal and allows
more flexibility in the future by allowing the format and regex to be
added as setters.
 2025-06-12 12:09:20 -05:00
Rob Winch 5f2efbea6a Remove unused statement 2025-06-12 12:09:20 -05:00
Max Batischev aba437d469 Add Support SubjectX500PrincipalExtractor 
Closes gh-16980

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-06-12 12:09:20 -05:00
Joe Grandja 98c3453aa4 Merge branch '6.5.x' 2025-06-06 07:19:08 -04:00
Joe Grandja d622183e62 Merge branch '6.4.x' into 6.5.x 
Closes gh-17216
 2025-06-06 07:06:12 -04:00
Joe Grandja a377175455 Merge branch '6.3.x' into 6.4.x 
Closes gh-17215
 2025-06-06 06:50:45 -04:00
Andrey Litvitski b0f8aa5ea0 Fix to allow multiple AuthenticationFilter instances to process each request 
Closes gh-17173

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-06-06 06:37:03 -04:00
Josh Cummings 215547f8c8 Use UsernameNotFoundException Factory 
Issue gh-17179
 2025-05-28 14:13:02 -06:00
Max Batischev f4b8e2421a Add Support Credentialless COEP Header 
Closes gh-16991

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-05-23 14:45:59 -06:00
John Niang 9ba5c7b2ce Add SwitchUserGrantedAuthority to Web Jackson Module 
Closes gh-17041

Signed-off-by: John Niang <johnniang@foxmail.com>
 2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan 8e2067bb3e Remove deprecated MemberCategory#DECLARED_FIELDS 
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Josh Cummings c9bbf3787b Merge branch '6.5.x' 2025-05-23 11:36:22 -06:00
Josh Cummings 8aaa9c28fa Merge branch '6.4.x' into 6.5.x 2025-05-23 11:36:01 -06:00
Josh Cummings 2989d12743 Merge branch '6.3.x' into 6.4.x 2025-05-23 11:35:25 -06:00