Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,157 Commits 54 Branches 379 Tags
ac63cf4fa5935fb9622bb87b73250ed5204dc20e
Commit Graph

3188 Commits

Author SHA1 Message Date
Robert Winch 1116241ee3 Fix Checks for NullPointerException in AuthoritiesAuthorizationManager 
- Fix checkstyle
- Fix the test to use Collection that throws NullPointerException on .contains(null) to replicate the reported issue

Closes gh-18544

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 10:47:11 -06:00
Khyojae d87dc9ae57 Fix: Handle null authority string in AuthoritiesAuthorizationManager 
This prevents NPE when GrantedAuthority.getAuthority() returns null. Closes gh-18543

Signed-off-by: Khyojae <khjae201@gmail.com>
 2026-02-23 09:30:28 -06:00
Josh Cummings d0f93fa6d8 Merge branch '6.4.x' into 6.5.x 2025-09-15 09:34:03 -06:00
Josh Cummings e5694ac7b5 Fallback to Object When Determining Overridden Methods 
Closes gh-17898
 2025-09-15 09:31:50 -06:00
Rob Winch 2fdca16c1a Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch 392129b616 Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Josh Cummings c972de5369 Use .equals to Compare Methods 
Closes gh-17143
 2025-05-19 09:26:30 -06:00
Josh Cummings bf2aaa1b18 Use .equals to Compare Methods 
Closes gh-17143
 2025-05-19 09:17:44 -06:00
Josh Cummings d04f7071c2 Add Missing Serialization Samples 
Closes gh-17038
 2025-05-05 15:34:24 -06:00
Josh Cummings 34a9f57aa6 Merge branch '6.4.x' 2025-05-05 15:29:44 -06:00
Josh Cummings c3c2bcd6b7 Ignore Serialization in Test Components 
Since we don't need to ensure the serializability of test components
across versions, we can ignore missing version UIDs when those
test components aren't about testing Java serialization.

Issue gh-17038
 2025-05-05 15:09:50 -06:00
Josh Cummings bc9ae1eed6 Improve NPE Handling 2025-04-23 12:11:09 -06:00
Josh Cummings 216680bb50 Update Deprecated Spring Jdbc Usage 2025-04-23 11:29:18 -06:00
Josh Cummings 2ad859a63c Add Missing Deprecation Markers 2025-04-23 11:29:18 -06:00
Josh Cummings 5841e35cae Invert AuthorizeReturnObjectMethodInterceptor Dependency 
Closes gh-16922
 2025-04-10 15:48:09 -06:00
minseok.park 88a38013bb Add validation for auth checks in AbstractUserDetailsAuthenticationProvider 
Add assertions to validate that preAuthenticationChecks and
postAuthenticationChecks are not null during initialization.
This allows errors to be detected earlier in the application lifecycle.

Closes PR-16710

Signed-off-by: minseok.park <minseok.park@hyosung.com>
 2025-03-27 16:46:23 -06:00
Josh Cummings 349964620e Merge branch '6.4.x' 2025-03-27 16:44:12 -06:00
Josh Cummings 1ad4323cec Merge branch '6.3.x' into 6.4.x 2025-03-27 16:43:43 -06:00
DingHao 1e7db094d1 Use correct message prompt 
Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-03-27 16:42:52 -06:00
Josh Cummings 40b84d3e44 Merge branch '6.4.x' 2025-03-27 16:34:39 -06:00
Josh Cummings 6c5b6d1c51 Merge branch '6.3.x' into 6.4.x 
Closes gh-16837
 2025-03-27 16:32:12 -06:00
Josh Cummings 456604ab45 Sort Default Advisors and Added Advisors 
This commit ensures that the default advisors and added advisors
are sorted in the event that this component is not being published
as a Spring bean.

Issue gh-16819
 2025-03-27 16:18:00 -06:00
Tran Ngoc Nhan fcc1bd598d Sort Advisors AfterSingletonsInstantiated 
In order to make so that authorization advisors are sorted
only one time and also as part of the configuration lifecycle,
AuthorizationAdvisorProxyFactory now implements
SmartInitializingBean.

Closes gh-16819

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-27 16:18:00 -06:00
Josh Cummings 56e757a2a1 Provide Authentication to AuthenticationExceptions 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
Josh Cummings 60bed7f68a Polish AuthenticationRequest Property 
- Add getter for reading the request
- Update BadCredentialsMixing to ignore authentication
- Allow exception to be mutable

Issue gh-16444
 2025-03-21 21:54:32 -06:00
amm0124 3b6aca0d9c Add authRequest field to AuthenticationException 
Store the authentication request details in the `authRequest` field of
`AuthenticationException` when an authentication exception occurs.

Closes gh-16444

Signed-off-by: amm0124 <amm0124@naver.com>
 2025-03-21 21:54:32 -06:00
Josh Cummings 7f22a3459f Polish Tests 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
DingHao 10ed5009e6 Method Security templates support use deep non-aliased attributes 
Closes gh-16498

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-03-21 15:05:33 -06:00
Max Batischev ed79efc5fa Add support ResolvableTypeProvider to authorization events 
Closes gh-16700

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-20 13:12:36 -06:00
Josh Cummings 85b48f8392 Deprecate AccessDecisionManager 
Closes gh-11302
 2025-03-19 17:41:20 -06:00
Josh Cummings 8e9634d25c Deprecate ConfigAttribute 
Closes gh-16774
 2025-03-19 17:39:38 -06:00
Josh Cummings 89bd670fb1 Deprecate SecurityConfig 
Closes gh-16773
 2025-03-19 17:39:26 -06:00
Josh Cummings 989aee244b Deprecate SecurityMetadataSource 
Closes gh-16772
 2025-03-19 15:26:05 -06:00
DingHao 96b9820e19 Annotation parameter scan finds first-level conflicts 
Closes PR-16312
 2025-03-18 14:23:53 -06:00
Rob Winch e6223dede3 Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch 05116eabbd Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch adb303e152 Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Josh Cummings 3468b7f85f Merge branch '6.4.x' 2025-03-17 11:02:47 -06:00
Josh Cummings dc2e1af2da Align Method Traversal with MergedAnnotations 
Closes gh-16751
 2025-03-17 10:11:46 -06:00
Josh Cummings 6ce8307885 Merge branch '6.4.x' 2025-03-17 09:50:07 -06:00
Josh Cummings 4993fa863a Merge branch '6.3.x' into 6.4.x 2025-03-17 09:49:01 -06:00
Josh Cummings 36ea1b11a7 Fix Compilation Error 
Issue gh-16697
 2025-03-17 09:43:21 -06:00
Steve Riesenberg 0938ca01a4 Add support for automatic context-propagation with Micrometer 
Closes gh-16665
 2025-03-13 15:29:08 -05:00
Max Batischev 58a665e5aa Add Support SingleResultAuthorizationManager 
Closes gh-16590

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-07 13:46:23 -07:00
Josh Cummings 39a80497c2 Merge branch '6.4.x' 2025-03-04 09:53:06 -07:00
Josh Cummings 4ae0965b1c Merge branch '6.3.x' into 6.4.x 2025-03-04 09:52:31 -07:00
Josh Cummings 46cd94b5f4 SpEL Propagates Authorization Exceptions 
Closes gh-16697
 2025-03-04 09:51:55 -07:00
Max Batischev fa35c5b4d8 Make DefaultOneTimeToken Serializable 
Closes gh-16617

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-27 12:49:48 -07:00
Josh Cummings ada6460f12 Merge branch '6.4.x' 2025-02-26 11:30:47 -07:00
Josh Cummings 954101ab0c Use Thread-Safe Map 
Issue gh-15906
 2025-02-26 11:28:10 -07:00