Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,637 Commits 54 Branches 379 Tags
d76fb7f2e621fe127e052b0e0e591ed38a49dd66
Commit Graph

2125 Commits

Author SHA1 Message Date
Joe Grandja d622183e62 Merge branch '6.4.x' into 6.5.x 
Closes gh-17216
 2025-06-06 07:06:12 -04:00
Joe Grandja a377175455 Merge branch '6.3.x' into 6.4.x 
Closes gh-17215
 2025-06-06 06:50:45 -04:00
Andrey Litvitski b0f8aa5ea0 Fix to allow multiple AuthenticationFilter instances to process each request 
Closes gh-17173

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-06-06 06:37:03 -04:00
Josh Cummings 215547f8c8 Use UsernameNotFoundException Factory 
Issue gh-17179
 2025-05-28 14:13:02 -06:00
Max Batischev f4b8e2421a Add Support Credentialless COEP Header 
Closes gh-16991

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-05-23 14:45:59 -06:00
John Niang 9ba5c7b2ce Add SwitchUserGrantedAuthority to Web Jackson Module 
Closes gh-17041

Signed-off-by: John Niang <johnniang@foxmail.com>
 2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan 8e2067bb3e Remove deprecated MemberCategory#DECLARED_FIELDS 
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Josh Cummings c9bbf3787b Merge branch '6.5.x' 2025-05-23 11:36:22 -06:00
Josh Cummings 8aaa9c28fa Merge branch '6.4.x' into 6.5.x 2025-05-23 11:36:01 -06:00
Josh Cummings 2989d12743 Merge branch '6.3.x' into 6.4.x 2025-05-23 11:35:25 -06:00
Joaquin Santana c0568ea9b0 Log Request Mismatch Only When Mismatches 
Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>
 2025-05-23 11:34:48 -06:00
universe 50f8ad55a8 Remove Redundant Punctation in JavaDoc 
Signed-off-by: universe <daofei8754@126.com>
 2025-05-23 10:05:27 -05:00
Josh Cummings e19c9995ae Merge branch '6.5.x' 2025-05-19 09:46:36 -06:00
Josh Cummings 78dd02a4c1 Merge branch '6.4.x' into 6.5.x 
Closes gh-17147
 2025-05-19 09:46:24 -06:00
Josh Cummings edc8735eb8 Merge branch '6.3.x' into 6.4.x 
Closes gh-17146
 2025-05-19 09:46:10 -06:00
Mark Putsiata cae3467a8d Improve AbstractPreAuthenticatedProcessingFilter docs 
Clarify misleading SecurityContextRepository setter documentation.
Note that AbstractPreAuthenticatedProcessingFilter saves the
SecurityContext upon successful authentication, and this behavior
can be customized via the setSecurityContextRepository setter.

Closes gh-14137

Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>
 2025-05-19 09:45:53 -06:00
Tran Ngoc Nhan 86550fb84b Cleanup code 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-13 12:40:18 -06:00
yybmion d48c463c03 Add logging to CsrfTokenRequestHandler implementations 
Add trace-level logging to show the logical path of CSRF token processing
- Log token source (header or parameter) in resolveCsrfTokenValue
- Log request attribute names in handle methods
- Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding)
- Add similar logging to XorServerCsrfTokenRequestAttributeHandler

Improves debugging capabilities without changing functionality.

Closes gh-13626

Signed-off-by: yybmion <yunyubin54@gmail.com>
 2025-05-12 18:49:40 -06:00
yybmion a90ce5142c Add logging to CsrfTokenRequestHandler implementations 
Add trace-level logging to show the logical path of CSRF token processing
- Log token source (header or parameter) in resolveCsrfTokenValue
- Log request attribute names in handle methods
- Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding)
- Add similar logging to XorServerCsrfTokenRequestAttributeHandler

Improves debugging capabilities without changing functionality.

Closes gh-13626

Signed-off-by: yybmion <yunyubin54@gmail.com>
 2025-05-12 18:48:45 -06:00
Tran Ngoc Nhan 1e4dd713c5 Remove APPLICATION_JSON_UTF8 usage 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-07 14:59:14 -05:00
Rob Winch 6118587ff8 SavedCookieMixinTests uses readValue(String,Object.class) 
The test should not provide SavedCookie.class to the ObjectMapper
since this is not done in production. In particular, it provides the
type that it should be deserialized, but this must be provided in the
JSON since the type is unknown at the time of deserialization.

Issue gh-17006
 2025-05-07 14:55:54 -05:00
M-Faheem-Khan 241c3cd35a Remove deprecated Cookie usage 
Remove usage of comment and verison usage

Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>
 2025-05-07 14:55:54 -05:00
Rob Winch 5f833fa236 Fix Checkstyle Errors 2025-05-07 10:50:41 -05:00
milaneuh 7fda87aecd Remove deprecated methods from CookieServerCsrfTokenRepository 2025-05-07 10:50:41 -05:00
Rob Winch b453840c0a HttpHeaders no longer a MultiValueMap 
Closes gh-17060
 2025-05-06 13:27:13 -05:00
Rob Winch e5e962ef90 Jakarta Cookie HttpOnly Serialization 
The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".

This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
 2025-05-06 13:27:13 -05:00
Rob Winch 607705347c MediaType.sortBySpecificityAndQuality->sortBySpecificity 
Closes gh-17059
 2025-05-06 13:26:17 -05:00
Rob Winch 66319fc3bc MockServerHttpRequest.method(String,String)->method(HttpMethod,String) 
Closes gh-17058
 2025-05-06 13:26:16 -05:00
Rob Winch cb0fdef236 Remove MediaType.APPLICATION_JSON_UTF 
Closes gh-17050
 2025-05-06 13:26:14 -05:00
Zhoudong 6624e302ac Favor Spring Framework NonNull over Reactor NonNull 
Signed-off-by: Zhoudong <jearton@users.noreply.github.com>
 2025-05-06 10:52:05 -06:00
Josh Cummings aa338e9b0d Merge branch '6.4.x' 2025-05-02 10:58:22 -06:00
Josh Cummings 57fc29e614 Merge branch '6.3.x' into 6.4.x 
Closes gh-17032
 2025-05-02 10:57:55 -06:00
Josh Cummings e48f26e51e Propagate StrictFirewallRequest Wrapper 
Closes gh-16978
 2025-05-02 10:57:07 -06:00
Max Batischev c855453e40 Fix Typo In SubjectDnX509PrincipalExtractorTests 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-04-29 12:25:41 -06:00
Tran Ngoc Nhan 29380a87a0 Polish javadoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-04-23 14:36:45 -06:00
Max Batischev 8525f0e3fd Add FunctionalInterface To X509PrincipalExtractor 
Closes gh-16949

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-04-23 14:27:42 -06:00
Josh Cummings 7d6bdfedc8 Add Null Guard for Authorization Result 2025-04-23 12:11:10 -06:00
Josh Cummings 0ab01eac14 Update Deprecated Security Usage 2025-04-23 12:11:08 -06:00
Josh Cummings 216680bb50 Update Deprecated Spring Jdbc Usage 2025-04-23 11:29:18 -06:00
Josh Cummings 2ad859a63c Add Missing Deprecation Markers 2025-04-23 11:29:18 -06:00
Josh Cummings 3f7f3dabe7 Correct JavaDoc Class Reference 2025-04-23 11:29:18 -06:00
Daeho Kwon 9908d96644 DeferredCsrfToken Implements Supplier 
Closes gh-16870

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-04-09 14:24:11 -06:00
Josh Cummings f93a7a2f85 Deprecate HandlerMappingIntrospectorRequestTransformer 
Closes gh-16536
 2025-04-07 13:56:18 -06:00
chu3la 8cbe02e3aa Update WebAuthn Test Objects Class Names 
Closes gh-16604

Signed-off-by: chu3la <elmansouri.houssam@gmail.com>
 2025-04-03 16:33:34 -06:00
Josh Cummings 4cdc6dab21 Fix Formatting 
Issue gh-16604
 2025-04-03 12:55:51 -06:00
Vasanth 04d7130975 Update WebAuthn Test Objects Class Names 
Renamed the WebAuthn test object class names

Closes gh-16604

Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>
 2025-04-03 12:55:50 -06:00
Josh Cummings b7d399ab89 Merge branch '6.4.x' 2025-04-01 12:02:53 -06:00
Josh Cummings 0954638d57 Merge branch '6.3.x' into 6.4.x 
Closes gh-16862
 2025-04-01 12:02:25 -06:00
DingHao 857ef6fe08 WithHttpOnlyCookie defaults to false 
Closes gh-16820

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-04-01 11:59:51 -06:00
Max Batischev 9a897d0b62 Add Support Postgres To JdbcUserCredentialRepository 
Closes gh-16832

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-31 16:43:36 -06:00