Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-26 07:13:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,592 Commits 56 Branches 379 Tags
6.5.2
Commit Graph

1206 Commits

Author SHA1 Message Date
Josh Cummings 7960d2803d Add Migration Steps for PathMatcher Usage 
Issue gh-17509
 2025-07-10 14:53:39 -06:00
Josh Cummings 4b15b2b94e Add Migration Steps for Messaging 
Closes gh-17509
 2025-07-10 13:19:42 -06:00
Josh Cummings 9209a33678 Remove References to Deprecated OpenSaml Components 
Issue gh-11658
 2025-07-09 14:10:33 -06:00
Rob Winch 6eee256e12 Demonstrate include-code usage 
Closes gh-17161
 2025-05-22 14:59:35 -05:00
Rob Winch 0fecaf4924 Add include-code extension setup for docs 
Closes gh-17160
 2025-05-22 14:59:35 -05:00
Josh Cummings 7d49c41e03 Merge branch '6.4.x' into 6.5.x 2025-05-21 14:44:03 -06:00
Josh Cummings fbfb28456a Merge branch '6.3.x' into 6.4.x 2025-05-21 14:43:44 -06:00
Gurunathan a4cd6f4278 Advise Overriding equals() and hashCode() in UserDetails Implementations 
This commit adds a documentation note explaining the importance of
overriding equals() and hashCode() in custom UserDetails implementations.

The default SessionRegistryImpl in Spring Security uses an in-memory
ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to
associate principals with sessions. If a custom UserDetails class does
not properly override equals() and hashCode(), user sessions may not
be tracked or matched correctly.

I believe this helps developers avoid subtle session management issues
when implementing custom authentication logic.

Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>
 2025-05-21 12:41:44 -06:00
Josh Cummings 02a516d7f2 Merge branch '6.4.x' into 6.5.x 2025-05-15 18:16:53 -06:00
Josh Cummings 70c940fd4f Merge branch '6.3.x' into 6.4.x 2025-05-15 18:16:44 -06:00
Josh Cummings eb30fd7f59 Add Missing Header 
Issue gh-11161
 2025-05-15 18:16:36 -06:00
Josh Cummings 8548d8e18a Merge branch '6.4.x' into 6.5.x 2025-05-15 17:20:08 -06:00
Josh Cummings fbdf4a88a0 Merge branch '6.3.x' into 6.4.x 2025-05-15 17:19:55 -06:00
snowykte0426 260d298cc5 Add Migration Guide from Spring Security SAML Extension 
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.

Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback

Closes gh-11161

Signed-off-by: snowykte0426 <snowykte0426@naver.com>
 2025-05-15 17:17:43 -06:00
Josh Cummings 26f359a4db Merge branch '6.4.x' into 6.5.x 2025-05-13 11:18:31 -06:00
Josh Cummings 5ba4ab5e11 Merge branch '6.3.x' into 6.4.x 2025-05-13 11:18:02 -06:00
Danilo Piazzalunga 27319e3f9b Add missing registration property in YAML listing 
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
 2025-05-13 11:17:35 -06:00
Danilo Piazzalunga ec462e8bc5 Update assertingparty property usage in YAML snippets 
Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration.*.identityprovider.*
to spring.security.saml2.relyingparty.registration.*.assertingparty.*.

Closes gh-12810.

Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
 2025-05-13 11:17:35 -06:00
Joe Grandja e3c39f02bc Add documentation for DPoP support 
Closes gh-17072
 2025-05-09 16:02:14 -04:00
Josh Cummings 211b1b7285 Update Method Security Migration Steps 2025-05-06 16:44:20 -06:00
Josh Cummings 84db5bb312 Add Cookie Customizer Migration Steps 2025-05-06 16:43:04 -06:00
Josh Cummings 74a25c3fc1 Add shouldFilterAllDispatcherTypes Migration Steps 2025-05-06 16:40:10 -06:00
Josh Cummings 084990736e Move Opaque Token Migration Steps 2025-05-06 16:39:16 -06:00
Josh Cummings c6bba38458 Update SAML 2.0 Migration Steps 2025-05-06 16:38:32 -06:00
Josh Cummings 45b453f59b Add ACL Migration Steps 2025-05-06 16:38:19 -06:00
Rob Winch 9b79b99150 Merge branch '6.4.x' 
- Correct method name in logout.adoc

Closes gh-17049
 2025-05-06 10:24:14 -05:00
Rob Winch 63d79a97db Merge branch '6.3.x' into 6.4.x 
- Correct method name in logout.adoc

Closes gh-17048
 2025-05-06 10:23:58 -05:00
Tran Ngoc Nhan 505fe3abed Correct method name 
Closes gh-17031

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-06 10:17:29 -05:00
Josh Cummings df640f22dc Merge branch '6.4.x' 2025-05-02 15:59:13 -06:00
Josh Cummings 92160fa26f Merge branch '6.3.x' into 6.4.x 
Closes gh-17034
 2025-05-02 15:58:58 -06:00
Josh Cummings 51239359ed Fix ClearSiteData Code Snippet 
Closes gh-16948
 2025-05-02 15:57:31 -06:00
Josh Cummings 28091c8563 Merge branch '6.4.x' 2025-05-01 12:03:19 -06:00
Josh Cummings c4a0dfe838 Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-05-01 12:03:05 -06:00
Soumik Sarker bcef6ed74f Reformatted lines in x509 overview documentation 
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-05-01 12:02:45 -06:00
Josh Cummings d0a97917ad Merge branch '6.4.x' 2025-04-29 13:39:00 -06:00
Josh Cummings d76ccc6856 Merge branch '6.3.x' into 6.4.x 2025-04-29 13:38:41 -06:00
Yanming Zhou 9c76ab69f0 Use proper configuration key 
the getter method is `getOpaquetoken()` not `getOpaqueToken()`

See https://github.com/spring-projects/spring-boot/blob/c6045c3111c43bd7b0f99e6c2858bfb2999e358f/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java#L51

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-29 13:37:51 -06:00
Yanming Zhou ce5a12b2f7 Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector 
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-23 14:10:02 -06:00
Josh Cummings 61d6fbc2a9 Update Documentation for PathPatternRequestMatcher 
Issue gh-16765
 2025-04-23 12:11:09 -06:00
Steve Riesenberg 15c2b156f1 Update Client Authentication examples 
Closes gh-16925

987d9c9788ba0343f543083c87613fb5
 2025-04-11 15:10:05 -05:00
Josh Cummings 6438603cb6 Pick Up TargetVisitor Beans 
Closes gh-16923
 2025-04-10 15:48:09 -06:00
Josh Cummings 3869b13e68 Add ResponseAuthenticationConverter 
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.

Closes gh-12136
 2025-04-09 17:38:24 -06:00
Josh Cummings 3e686abf50 Add ResponseValidator 
Issue gh-14264
Closes gh-16915
 2025-04-09 17:32:40 -06:00
Steve Riesenberg 43ef4262da Update whats-new.adoc 
Issue gh-16913
 2025-04-09 11:19:50 -05:00
Michael Samborski bfb4878e29 Update kotlin.adoc to add required spread operator(*) 
Signed-off-by: Michael Samborski <msamborski@orbiscommunications.com>
 2025-04-08 14:12:09 -05:00
Josh Cummings f93a7a2f85 Deprecate HandlerMappingIntrospectorRequestTransformer 
Closes gh-16536
 2025-04-07 13:56:18 -06:00
Josh Cummings a283700ef8 Add CacheSaml2AuthenticationRequestRepository 
Closes gh-14793
 2025-04-03 17:43:48 -06:00
Josh Cummings 67c21de1cf Support Continue Filter Chain When No Relying Party 
Closes gh-16000
 2025-04-03 15:32:23 -06:00
Josh Cummings f280593566 Move Preparation Steps 
Closes gh-16873
 2025-04-03 11:08:24 -06:00
Josh Cummings 09b75719c2 Merge branch '6.4.x' 2025-04-03 11:08:11 -06:00