Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,208 Commits 54 Branches 379 Tags
a04b0260009ad1b927354bbafa893503de6c4205
Commit Graph

3131 Commits

Author SHA1 Message Date
Josh Cummings a04b026000 Disable Test 
Issue gh-17747
PR gh-17724
 2025-08-18 09:05:03 -05:00
Josh Cummings aeb2dbc2b6 Move PathPatternRequestMatcher.Builder to Shared Object 
This commit changes the DSL to look for a shared object
instead of publishing a bean for PathPatternRequestMatcher.Builder.

Closes gh-17746
 2025-08-18 06:31:31 -06:00
Josh Cummings 890c11d428 Polish SecurityNamespaceHandler Version Checking 
PR gh-17689
 2025-08-15 17:26:57 -06:00
seongm1n 01401f1c67 Replace "shameless coverage code" in SecurityNamespaceHandlerTests 
Signed-off-by: seongm1n <0411tjdals34@gmail.com>
 2025-08-15 16:26:31 -06:00
Josh Cummings 5506c487de Remove OpenSaml4 Components 
Issue gh-17707
 2025-08-14 18:01:02 -06:00
Josh Cummings 057b7c68fb Add Serializable Sample 
Closes gh-17728
 2025-08-14 16:39:49 -06:00
Josh Cummings 7b1c917593 Merge branch '6.5.x' 2025-08-14 16:34:48 -06:00
Josh Cummings 9b7e0e10fc Add Serializable Sample 
Closes gh-17727
 2025-08-14 16:20:06 -06:00
Josh Cummings 4fab90b2b8 Merge branch '6.4.x' into 6.5.x 2025-08-14 15:54:16 -06:00
Josh Cummings 10948b5b7a Make OpenSamlAssertingPartyDetails Serializable 
Closes gh-17622
 2025-08-14 15:52:58 -06:00
Joe Grandja df3080b0e2 Merge branch '6.5.x' 2025-08-12 14:45:23 -04:00
Joe Grandja 518ae27105 Fix JwtDecoderFactory ClassNotFoundException with DPoP authentication 
Closes gh-17249
 2025-08-12 14:28:30 -04:00
Josh Cummings 6d1a886f92 Deprecate SERIAL_VERSION_UID 
Closes gh-17623
 2025-08-07 11:09:35 -06:00
Tran Ngoc Nhan d6e378e9bb Apply Diamond Operator 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-31 10:59:55 -06:00
Deep Dhamala ca557a9880 Simplify Error Message for Unsupported Security XSD Versions 
Closes gh-17153

Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
 2025-07-31 10:40:54 -06:00
Tran Ngoc Nhan 1a56023f7f Use Spring Framework Nullability Annotations 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-31 10:18:51 -06:00
Rob Winch f6cb0bd610 Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch 2fdca16c1a Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch 392129b616 Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Rob Winch 79cd982341 Extract spring-security-webauthn 
Closes gh-17586
 2025-07-22 17:18:38 -05:00
Rob Winch 7c887d2da1 Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
Rob Winch 85dc06bbdf Merge branch '6.5.x' 
Closes gh-17581
 2025-07-21 09:30:11 -05:00
Rob Winch 80ccb9b3cf Merge branch '6.4.x' into 6.5.x 
Closes gh-17580
 2025-07-21 09:29:20 -05:00
Rob Winch 829af961f0 Use Meaningful Configurer Names in Test 
This just renames the Configurer names used in
AbstractConfiguredSecurityBuilderTests to be more meaningful.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch fca704e61f Fix getConfigurersInInitializing Semantics 
A getter should not mutate state. This removes getConfigurersInInitializing
in favor of inline code since this is just used once.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch ea9dd2728e Support add nested security configurers during builder initialization 
Closes gh-17011

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-21 09:27:27 -05:00
Josh Cummings 63e0a56bee Add setBasePath 
Originally, it was thought that this feature would be rather uncommon;
however, given some feedback from the Boot team, it makes sense to make
this easier to configure.

Of specific note is migrating from an earlier version were the
servlet path did not need to be specified in authorizeHttpRequests.
Since it does in 7, this will be a significant migration for those
who have a servlet path configured. This setter simplifies that a great
deal, including simplifying Boot's support of it.

Closes gh-17579
 2025-07-20 22:57:06 -06:00
Josh Cummings 15fc898804 Make DataTargetVisitor package-private 
Closes gh-17561
 2025-07-18 11:03:21 -06:00
Joe Grandja a1f5b343ab Merge branch '6.5.x' 2025-07-18 09:01:01 -04:00
Joe Grandja ecec7cb98f Merge branch '6.4.x' into 6.5.x 
Closes gh-17557
 2025-07-18 08:40:31 -04:00
Marcus Hert da Coregio 2a38de48b8 Fix securityContextRepository() initialization in oauth2Login() DSL 
Closes gh-17502

Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>
 2025-07-18 07:48:05 -04:00
Josh Cummings 25f69e92c7 Merge branch '6.5.x' 2025-07-17 18:04:52 -06:00
Josh Cummings 72eb3065de Remove AuthorizationWebProxyConfiguration From Reactive 
Closes gh-17545
 2025-07-17 17:42:45 -06:00
DingHao dadf4c0b8a Remove shouldFilterAllDispatcherTypes 
Closes gh-12139

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-14 12:34:16 -06:00
DingHao 5fefdd5bb3 Remove AbstractConfiguredSecurityBuilder apply 
Closes gh-13441

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-11 16:13:25 -06:00
Josh Cummings 4d3024cb49 Remove MessageSecurityMetadataSourceRegistry 
Issue gh-17295
 2025-07-10 14:38:03 -06:00
Josh Cummings 684775b46a Use PathPatternMessageMatcher By Default 
Issue gh-17501
 2025-07-10 14:38:03 -06:00
Josh Cummings ec16322000 Merge branch '6.5.x' 2025-07-10 13:19:14 -06:00
Josh Cummings bc0d706275 Use PathPatternMessageMatcher.Builder in XML Config 
Closes gh-17508
 2025-07-10 13:16:14 -06:00
Josh Cummings 7f8b9c895f Use with Instead of Apply 
Issue gh-13204
 2025-07-09 18:58:23 -06:00
Josh Cummings 728b5224cb Add withDefaults Shortcut for Custom Configurers 
Issue gh-13204
 2025-07-09 18:58:23 -06:00
Josh Cummings f1725b25a0 Remove authorizeRequests 
Closes gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings 2c87270dbc Use authorizeHttpRequests 
Issue gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings da182a2d7c Remove Deprecated OpenSaml Components 
Closes gh-17306
 2025-07-09 14:06:51 -06:00
Rob Winch e48fdd5ed4 Use UserWebTestClientConfigurer 
Closes gh-17496
 2025-07-07 15:15:51 -05:00
Tran Ngoc Nhan a439bc65d6 Remove EnableWebMvcSecurity 
Closes gh-17294

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:46:03 -06:00
Josh Cummings 19e88f5e35 Polish Tests 
Issue gh-17298
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan 242956a63c Remove deprecated elements from DaoAuthenticationProvider 
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan e52987d03c Remove RoleHierarchyImpl Deprecations 
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:22:22 -06:00
Matt Magoffin 62252c1232 Default to XorCsrfChannelInterceptor in XML 
Change WebSocketMessageBrokerSecurityBeanDefinitionParser to use
XorCsrfChannelInterceptor by default, so WebSocket XML configuration
matches the default Xor-based configuration already in
WebSocketMessageBrokerSecurityConfiguration.

Closes gh-17260

Signed-off-by: Matt Magoffin <matt@solarnetwork.net>
 2025-07-07 13:02:15 -06:00