spring-security

mirror of synced 2026-05-22 21:33:16 +00:00

Author	SHA1	Message	Date
Joe Grandja	d85abc7bbb	Update javadoc in CommonOAuth2Provider Closes gh-11490	2022-07-13 11:20:04 -04:00
Marcus Da Coregio	7abea4a964	Add RuntimeHints suffix for RuntimeHintsRegistrar Closes gh-11497	2022-07-13 10:14:43 -03:00
Joe Grandja	177baba8c9	RuntimeHintsPredicates moved to predicate package	2022-07-12 16:00:50 -04:00
Marcus Da Coregio	6455e98745	FilterSecurityInterceptor applies to every request by default Closes gh-11466	2022-07-12 10:53:03 -03:00
Josh Cummings	60652afb32	Polish InterceptMethodsBeanDefinitionDecorator Issue gh-11328	2022-07-11 16:54:59 -06:00
Rob Winch	d2d5313bba	Fix Formatting Issue gh-11327	2022-07-08 09:21:53 -05:00
Josh Cummings	e8a7b654b4	Add Configuration Test Issue gh-11327	2022-07-07 14:42:07 -06:00
Josh Cummings	01ffc93062	Add AuthorizationFilter to filter chain validator Closes gh-11327	2022-07-07 14:40:53 -06:00
Josh Cummings	ec8c13392c	Clarify variable names Issue gh-11327	2022-07-07 14:26:40 -06:00
Steve Riesenberg	696da87478	Use relative schema location for tests Issue gh-11328 Issue gh-11353 Issue gh-11365	2022-07-07 13:00:04 -05:00
Josh Cummings	148c926de0	Support AuthorizationManager for intercept-methods Element Closes gh-11328	2022-07-06 13:01:57 -06:00
Igor Bolic	d96b4a0463	Set the useTrailingSlashMatch to true for tests The Spring MVC changed the default behavior for trailing slash match with https://github.com/spring-projects/spring-framework/issues/28552. This causes failures in Spring Security's tests. Setting the `useTrailingSlashMatch` to `true` ensures that Spring Security will work for users who have modified the default configuration. Specifing the request mapper with trailing slash path ensures that the tests are successful when default behavior is used. Closes gh-11451	2022-07-05 11:29:36 -06:00
Josh Cummings	05b788d1ac	Use SecurityContextHolderStrategy for Concurrency Filter Issue gh-11060 Issue gh-11061	2022-06-28 15:33:05 -06:00
Josh Cummings	d24a89ad53	Pick up SecurityContextHolderStrategy for WebClient integration Issue gh-11061	2022-06-28 15:07:16 -06:00
Josh Cummings	a218d3e140	Use SecurityContextHolderStrategy for Async Requests Issue gh-11060 Issue gh-11061	2022-06-28 14:56:55 -06:00
Josh Cummings	83b3bb3209	Add SecurityContextHolderStrategy to Pre-authenticated scenarios Issue gh-11060 Issue gh-11061	2022-06-28 12:10:07 -06:00
Josh Cummings	97cb2a7d91	Polish SecurityContextHolderStrategy XML Configuration for Defaults Issue gh-11061	2022-06-28 12:09:56 -06:00
Josh Cummings	944f565c16	Use SecurityContextHolderStrategy for Remember-me Issue gh-11060 Isuse gh-11061	2022-06-28 11:09:38 -06:00
Josh Cummings	b316a3217b	Add SecurityContextHolderStrategy for Jaas Issue gh-11060 Issue gh-11061	2022-06-28 09:35:54 -06:00
Josh Cummings	bffe08465a	Add SecurityContextHolderStrategy XML Configuration for Messaging Issue gh-11061	2022-06-27 16:24:27 -06:00
Josh Cummings	484f35ca39	Add SecurityContextHolderStrategy Java Configuration for Messaging Issue gh-11061	2022-06-27 16:17:29 -06:00
Josh Cummings	5e4e7abf15	Add SecurityContextHolderStrategy XML Configuration for Method Security Issue gh-11061	2022-06-27 13:40:55 -06:00
Josh Cummings	74d646f569	Add SecurityContextHolderStrategy Java Configuration for Method Security Issue gh-11061	2022-06-27 13:17:46 -06:00
Josh Cummings	ef29d3944e	Polish SecurityContextHolderStrategy Java Configuration for Defaults Issue gh-11061	2022-06-27 13:17:44 -06:00
Josh Cummings	c29b91cec7	Polish SecurityContextHolderStrategy XML Configuration for Defaults Issue gh-11061	2022-06-27 13:17:43 -06:00
Marcus Da Coregio	a8c30f79e6	Add Core, MVC and MethodSecurity runtime hints Closes gh-11431	2022-06-27 09:25:49 -03:00
Josh Cummings	150b81d008	Add SecurityContextHolderStrategy XML Configuration for Defaults Issue gh-11061	2022-06-17 12:21:10 -06:00
Josh Cummings	ce218c78f9	Add SecurityContextHolderStrategy Java Configuration for Defaults Issue gh-11061	2022-06-17 11:58:38 -06:00
Steve Riesenberg	a061191bd2	Allow form login when single OAuth2 Provider is configured Closes gh-6802	2022-06-15 13:42:06 -05:00
Steve Riesenberg	d18291676f	Update copyright year Issue gh-11372	2022-06-15 13:14:07 -05:00
Steve Riesenberg	c7df39a3e6	Fix tests using root cause for exception messages Closes gh-11372	2022-06-14 17:12:15 -05:00
Jared Rufer	89989722d0	Support multiple SingleLogoutService bindings. Closes gh-11286	2022-06-09 12:50:33 -06:00
Houssem BELHADJ AHMED	f4049c18b1	add SAML authentication request support to login configurer Closes gh-8873	2022-06-06 08:05:33 -06:00
Josh Cummings	9683856956	Polish InterceptUrlConfigTests Issue gh-11305	2022-05-31 16:05:17 -06:00
Josh Cummings	2afa9313eb	Use AuthorizationManager in <http> Closes gh-11305	2022-05-31 16:01:41 -06:00
Josh Cummings	e125a76687	Fix rnc typo Issue gh-11076	2022-05-27 17:06:02 -06:00
Josh Cummings	f4c0fcb5ef	Add AuthorizationManager to Messaging Closes gh-11076	2022-05-27 13:35:19 -06:00
Juny Tse	f2d6ead398	Use Base64 encoder with no CRLF in output for SAML 2.0 messages Closes gh-11262	2022-05-25 11:42:54 -06:00
Josh Cummings	5cbc1a47da	Use original query string to verify signature Closes gh-11235	2022-05-23 15:30:07 -06:00
Josh Cummings	88f9529329	Correctly encode query parameters Issue gh-11235	2022-05-23 15:30:01 -06:00
Josh Cummings	0814136ee8	Polish WebExpressionAuthorizationManager - Add support for request variables - Added additional tests Issue gh-11105	2022-05-13 14:14:42 -06:00
Evgeniy Cheban	c4766e64fe	Add AuthorizationManager that uses ExpressionHandler Closes gh-11105	2022-05-13 14:05:34 -06:00
Rob Winch	f34ea188e2	RequestRejectedException is 400 by Default Closes gh-7568	2022-05-12 10:32:27 -05:00
Marcus Da Coregio	806e05855c	Replace removed context-related operators Closes gh-11194	2022-05-10 14:58:02 -03:00
Marcus Da Coregio	dc2bd2b4f8	Update copyright headers Issue gh-10956	2022-05-06 14:33:59 -03:00
Marcus Da Coregio	de9b7b4fb8	Fix mvcMatchers overriding previous paths Closes gh-10956	2022-05-06 14:33:59 -03:00
Marcus Da Coregio	995b2918bb	Remove SAML Deprecations Closes gh-11077	2022-05-06 10:15:42 -03:00
Rob Winch	dec0d97ef0	Multiple <authentication-manager> Do Not Duplicate Alias Previously, two authentication managers with different ids would duplicate the alias to the global authentication manager. This would cause failures for when allowBeanDefinitionOverriding = false. This commit ensures that if the global authentication manager alias is already set, then it is not set again. This means the first <authentication-manager> will be used as the global AuthenticationManager. Closes gh-8767	2022-05-03 14:50:56 -05:00
Josh Cummings	4ebd37ae77	Add 5.8 Support	2022-05-03 09:04:34 -06:00
Josh Cummings	397ccbc1c8	Add 5.7 Schema	2022-05-03 09:03:50 -06:00

1 2 3 4 5 ...

1933 Commits