Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,320 Commits 54 Branches 379 Tags
de10e08348444c2ba93a2bbb1639119d12d42f6a
Commit Graph

3217 Commits

Author SHA1 Message Date
Rob Winch a4a4908d71 Enable Null checking in spring-security-cas via JSpecify 
Closes gh-16882
 2025-08-30 11:22:30 -05:00
Rob Winch c2ba662b91 Enable Null checking in spring-security-web via JSpecify 
Closes gh-17535
 2025-08-29 15:06:48 -05:00
Rob Winch 49f308adb0 Use Supplier<? extends @Nullable Authentication> 
Previously Supplier<@Nullable Authentication> was used. This prevented
Supplier<Authentication> from being used. The code now uses
Supplier<? extends @Nullable Authentication> which allows for both
Supplier<@Nullable Authentication> and Supplier<Authentication>.

Closes gh-17814
 2025-08-29 09:46:58 -05:00
Josh Cummings 36f1de945f Add OneTimeTokenAuthentication 
Closes gh-17799
 2025-08-22 15:46:54 -06:00
Josh Cummings 6663eea65f Polish OTT Tests 
Improve tests so that they do not rely on OneTimeTokenAuthenticationToken
as the concrete type.

Issue gh-17799
 2025-08-22 15:46:53 -06:00
Rob Winch f496ded4e5 AuthorizationManager allows null Authentication 
It is possible to have a null Authentication and so the
AuthorizationManager APIs should allow for passing it in.

Closes gh-17795
 2025-08-22 12:03:16 -05:00
Andrey Litvitski 47be93e694 Annotate AuthenticationTrustResolver methods with @Nullable 
Since AuthenticationTrustResolver can handle null arguments (this is
also stated in the implementation of this interface), we should mark
these arguments as `@Nullable`.

Closes: gh-17764

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-08-19 22:02:59 -05:00
Josh Cummings c45bc384da Interpret Expression Templates by Default 
Closes gh-17763
 2025-08-18 15:45:57 -06:00
Tran Ngoc Nhan dcd7490ddd Polish javadoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-08-13 11:03:26 -06:00
Rob Winch a5c38bdc94 Fix AuthorizationManager T Nullability 
Previously AuthorizationManager declared the generic's Nullability
incorrectly. This commit marks it properly.

Closes gh-17667
 2025-08-11 13:32:31 -05:00
Josh Cummings eeb383ac46 Fix Checkstyle 
Issue gh-17623
 2025-08-07 14:32:18 -06:00
Josh Cummings 6d1a886f92 Deprecate SERIAL_VERSION_UID 
Closes gh-17623
 2025-08-07 11:09:35 -06:00
Josh Cummings 6f1232ce79 Address Checkstyle 
Issue gh-17447

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2025-08-05 09:15:56 -06:00
Mike Heath 93cb01612b Add ExpressionTemplateValueProvider 
Closes gh-17447

Signed-off-by: Mike Heath <michael.heath@familysearch.org>
 2025-08-05 09:15:56 -06:00
Tran Ngoc Nhan 1a56023f7f Use Spring Framework Nullability Annotations 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-31 10:18:51 -06:00
Rob Winch f6cb0bd610 Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch 7c887d2da1 Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
Josh Cummings c312d18191 Add Publishing Predicate 
Closes gh-17503
 2025-07-09 17:33:10 -06:00
Tran Ngoc Nhan 242956a63c Remove deprecated elements from DaoAuthenticationProvider 
Closes gh-17298

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:38:34 -06:00
Tran Ngoc Nhan e52987d03c Remove RoleHierarchyImpl Deprecations 
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-07 13:22:22 -06:00
Tran Ngoc Nhan d8043dc8a7 Remove PrePostTemplateDefaults 
Closes gh-17296

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 15:47:27 -06:00
Tran Ngoc Nhan 9312fb7004 Remove Deprecated AuthorizationDecision Elements 
Closes gh-17299

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-07-03 14:32:49 -06:00
Rob Winch 00ead7f24d Update to Kotlin 2.2 2025-06-26 17:29:12 -05:00
Evgeniy Cheban 092bbfc8e7 ReactiveAuthorizationManager replace deprecated #check calls with #authorize 
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-06-12 11:11:49 -06:00
Evgeniy Cheban b0cecb37d2 Replace deprecated #check calls with #authorize 
Closes gh-16936

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-06-12 11:11:49 -06:00
dae won 9654e51bd4 Include UsernameNotFoundException in BadCredentialsException 
Closes gh-16496

Signed-off-by: dae won <eodnjs01477@gmail.com>
 2025-06-02 16:12:47 -06:00
Josh Cummings 215547f8c8 Use UsernameNotFoundException Factory 
Issue gh-17179
 2025-05-28 14:13:02 -06:00
Josh Cummings da2d9aa868 Add Username Property to Exception 
Closes gh-17179
 2025-05-28 14:12:27 -06:00
dae won 8612e952fe Make AuthorizationProxyFactory#proxy Generic 
Closes gh-16706

Signed-off-by: dae won <eodnjs01477@gmail.com>
 2025-05-23 14:48:11 -06:00
Tran Ngoc Nhan 8e2067bb3e Remove deprecated MemberCategory#DECLARED_FIELDS 
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Tran Ngoc Nhan 88369cd252 Polish 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Josh Cummings 33a0a12a20 Merge branch '6.5.x' 2025-05-19 09:26:37 -06:00
Josh Cummings c972de5369 Use .equals to Compare Methods 
Closes gh-17143
 2025-05-19 09:26:30 -06:00
Junhyeok Lee e30dc42d1e Update JdbcUserDetailsManager Javadoc and author 
Signed-off-by: Junhyeok Lee <jhl221123@naver.com>
 2025-05-14 13:41:02 -05:00
Junhyeok Lee 0722c2dc41 Implement UserDetailsPasswordService in JdbcUserDetailsManager 
Signed-off-by: Junhyeok Lee <jhl221123@naver.com>
 2025-05-14 13:41:02 -05:00
huhdy32 817938fa49 Add NullReturningMethodAuthorizationDeniedHandler 
This implementation of MethodAuthorizationDeniedHandler returns null
when authorization is denied.

Closes gh-16705

Signed-off-by: huhdy32 <mong3268@gmail.com>
 2025-05-14 11:45:48 -05:00
Shenker93 de622d1082 Improve JdbcUserDetailsManager.userExists method 2025-05-07 10:50:03 -05:00
Josh Cummings d04f7071c2 Add Missing Serialization Samples 
Closes gh-17038
 2025-05-05 15:34:24 -06:00
Josh Cummings 34a9f57aa6 Merge branch '6.4.x' 2025-05-05 15:29:44 -06:00
Josh Cummings c3c2bcd6b7 Ignore Serialization in Test Components 
Since we don't need to ensure the serializability of test components
across versions, we can ignore missing version UIDs when those
test components aren't about testing Java serialization.

Issue gh-17038
 2025-05-05 15:09:50 -06:00
Josh Cummings bc9ae1eed6 Improve NPE Handling 2025-04-23 12:11:09 -06:00
Josh Cummings 216680bb50 Update Deprecated Spring Jdbc Usage 2025-04-23 11:29:18 -06:00
Josh Cummings 2ad859a63c Add Missing Deprecation Markers 2025-04-23 11:29:18 -06:00
Josh Cummings 5841e35cae Invert AuthorizeReturnObjectMethodInterceptor Dependency 
Closes gh-16922
 2025-04-10 15:48:09 -06:00
minseok.park 88a38013bb Add validation for auth checks in AbstractUserDetailsAuthenticationProvider 
Add assertions to validate that preAuthenticationChecks and
postAuthenticationChecks are not null during initialization.
This allows errors to be detected earlier in the application lifecycle.

Closes PR-16710

Signed-off-by: minseok.park <minseok.park@hyosung.com>
 2025-03-27 16:46:23 -06:00
Josh Cummings 349964620e Merge branch '6.4.x' 2025-03-27 16:44:12 -06:00
Josh Cummings 1ad4323cec Merge branch '6.3.x' into 6.4.x 2025-03-27 16:43:43 -06:00
DingHao 1e7db094d1 Use correct message prompt 
Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-03-27 16:42:52 -06:00
Josh Cummings 40b84d3e44 Merge branch '6.4.x' 2025-03-27 16:34:39 -06:00
Josh Cummings 6c5b6d1c51 Merge branch '6.3.x' into 6.4.x 
Closes gh-16837
 2025-03-27 16:32:12 -06:00