Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,894 Commits 54 Branches 379 Tags
88d50a531bcf489d3d4385740b3bfa0bfb1c686a
Commit Graph

2017 Commits

Author SHA1 Message Date
Josh Cummings 061f69eb70 Polish Authorization Event Support 
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
 2022-03-29 16:03:19 -06:00
Josh Cummings a43677d36a Simplify PrePostMethodSecurityConfiguration 
Issue gh-9288
 2022-03-29 15:44:16 -06:00
Rob Winch 67fd46bfa6 Add SecurityContextRepository.loadContext(HttpServletRequest) 
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
 2022-03-25 14:21:52 -05:00
Yuriy Savchenko 446ab5047c Add authorizeHttpRequests to Kotlin DSL 
Closes gh-10481
 2022-03-22 09:39:06 -06:00
Yuriy Savchenko 3016ed0067 Fix typos in Kotlin DSL docs 
Issue gh-10481
 2022-03-22 08:27:29 -06:00
Rob Winch 87ed31a99c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-11 17:22:23 -06:00
Rob Winch dbcb5004b4 Extract createSecurityContextRepository() 
Extract out method in preparation for adding SecurityContextHolderFilter
configuration.

Issue gh-9635
 2022-03-11 17:21:49 -06:00
Norbert Nowak ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:23:35 -07:00
Marcus Da Coregio 93d4fd3559 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 09:18:01 -03:00
Marcus Da Coregio 73f839312d Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 09:18:01 -03:00
Josh Cummings 963251314b Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:40:11 -07:00
Josh Cummings 7a02bd14c1 Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:19:03 -07:00
m0k045e 3aa7a65cb4 OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager 
Closes gh-10846
 2022-02-28 15:30:19 -07:00
Eleftheria Stein e97c643870 Deprecate WebSecurityConfigurerAdapter 
Closes gh-10822
 2022-02-17 12:13:50 +01:00
Eleftheria Stein c2635ba6bf Apply configurers from spring.factories to HttpSecurity bean 
Closes gh-10814
 2022-02-09 14:40:57 +01:00
Josh Cummings f53c65b3a0 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 15:07:29 -07:00
Manuel Jordan 0be772ff5b Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 15:07:29 -07:00
Josh Cummings cbd87fac89 Polish ignoring() log messaging 
- Public API remains unchanged

Issue gh-9334
 2022-02-07 14:50:28 -07:00
Manuel Jordan 01ed617d5f Print ignore message DefaultSecurityFilterChain 
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
 2022-02-07 14:50:19 -07:00
Josh Cummings d538423f98 Add Saml2AuthenticationRequestResolver 
Closes gh-10355
 2022-01-24 15:09:45 -07:00
Rob Winch 4f3072b3d9 Exclude javax from hibernate dependency 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch 13c467734a Remove javax.transaction 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch c01b2b946b Additional removal of javax.inject 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch 58090c37ea jsr250-api -> jakarta.annotation-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch 04f3bbcefa javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch c67ee6f2a8 javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch 5902b46e9b Remove jcl-over-slf4j 
Issue gh-10499

# Conflicts:
#	dependencies/spring-security-dependencies.gradle
 2022-01-19 15:32:01 -06:00
Rob Winch 62449d6fa2 Remove commons-logging 
Closes gh-10499
 2022-01-19 15:31:22 -06:00
Rob Winch ba922dcdf0 Exclude javax from hibernate dependency 
Issue gh-10501
 2022-01-19 14:35:25 -06:00
Rob Winch 27e1a2ca69 Remove javax.transaction 
Issue gh-10501
 2022-01-19 14:35:05 -06:00
Rob Winch 9d4ecc9c37 Additional removal of javax.inject 
Issue gh-10501
 2022-01-19 14:34:45 -06:00
Rob Winch 678c386834 jsr250-api -> jakarta.annotation-api 
Issue gh-10501
 2022-01-19 14:34:32 -06:00
Rob Winch 0e8c03401b javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api 
Issue gh-10501
 2022-01-19 14:34:16 -06:00
Rob Winch 8f64bb6c8c javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 14:33:53 -06:00
Rob Winch f8e14683f6 Remove jcl-over-slf4j 
Issue gh-10499
 2022-01-19 14:33:46 -06:00
Rob Winch 3c641dee75 Remove commons-logging 
Closes gh-10499
 2022-01-19 14:33:44 -06:00
Eleftheria Stein a537b636c1 Add LDAP factory beans 
Issue gh-10138
 2022-01-18 15:11:30 +01:00
Josh Cummings 75f25bff82 Polish multiple RequestRejectedHandlers support 
Issue gh-10603
 2022-01-14 16:49:38 -07:00
Adam Ostrožlík 4ea57f3e3f Support multiple RequestRejectedHandler beans 
Closes gh-10603
 2022-01-14 16:46:15 -07:00
Marcus Da Coregio e1cb375fbf Make source code compatible with JDK 8 
Closes gh-10695
 2022-01-12 16:39:50 -03:00
Marcus Da Coregio 60ed3602f6 Make source code compatible with JDK 8 
Closes gh-10695
 2022-01-11 09:19:41 -03:00
heowc 1ab0705b47 Fix typo 2022-01-10 16:17:42 +01:00
Marcus Da Coregio 994e93741b Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2022-01-05 14:06:47 -03:00
Marcus Da Coregio 18427b6411 Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains 
Closes gh-10554
 2021-12-13 08:57:30 -03:00
Josh Cummings cd8983d4e5 Polish enableSessionUrlRewriting Clarification 
Closes gh-7644
 2021-12-09 12:14:40 -07:00
James Howe 5598688fa6 Clarify behaviour of enableSessionUrlRewriting 
See #3087
 2021-12-09 12:06:30 -07:00
Marcus Da Coregio 65426a40ec Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-07 17:23:06 +01:00
Marcus Da Coregio ed3b0fbaad Prevent using both authorizeRequests and authorizeHttpRequests 
Closes gh-10573
 2021-12-06 15:47:49 -03:00
Steve Riesenberg df0f6f83af Polish gh-9597 2021-12-02 17:44:47 -06:00
Karl Tinawi 925d531cbe Set details on authentication token created by HttpServlet3RequestFactory 
Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated.

This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource.

Closes gh-9579
 2021-12-02 17:44:46 -06:00