1
0
mirror of synced 2026-07-19 17:45:11 +00:00

Compare commits

...

45 Commits

Author SHA1 Message Date
github-actions[bot] ab8b139278 Release 7.1.0-M1 2026-01-19 15:23:49 +00:00
dependabot[bot] e19c34771b Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.24 to 1.5.25.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.24...v_1.5.25)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-01-19 10:06:16 -05:00
dependabot[bot] 318b4a785c Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.1 to 2025.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.1...2025.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-01-19 10:03:41 -05:00
Robert Winch c73696f129 doclint -missing
Temporarily using -missing to allow build to pass
2026-01-16 21:55:49 -06:00
Robert Winch 35d103843b Externalize java-toolchain configuration
We should not use subprojects to perform configuration becaause it
does not allow for lazy loading and it can cause ordering problems.
In this case, the toolchain was not being used but instead it was
using the JAVA_HOME.

By splitting the configuration into a plugin and applying it to each
project it fixes the toolchain configuration
2026-01-16 16:54:00 -06:00
Robert Winch 8746ef746c Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 2026-01-16 15:19:56 -06:00
Robert Winch e72c39cabc Merge branch '7.0.x' 2026-01-16 15:19:42 -06:00
Robert Winch a8ca5b7d42 Remove 6.4.x from antora ui updates
6.4.x is no longer supported
2026-01-16 15:16:34 -06:00
Robert Winch afa5804170 Remove 6.4.x dependabot
6.4.x is no longer has OSS support
2026-01-16 15:15:37 -06:00
dependabot[bot] 15dd96bddb Bump io.spring.nullability:io.spring.nullability.gradle.plugin
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.6 to 0.0.9.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.6...v0.0.9)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-01-16 15:10:17 -06:00
Robert Winch 6b2e0444dd Bump org.springframework:spring-framework-bom from 7.0.3-SNAPSHOT to 7.0.3
Closes gh-18515
2026-01-16 15:08:15 -06:00
Robert Winch 577d294fdc Remove milestone repository
Spring uses central for milestones now
2026-01-16 15:06:23 -06:00
Robert Winch 0993e5735e Add missing @NullMarked
Closes gh-18514
2026-01-16 14:53:16 -06:00
Robert Winch 048b6bdd88 Update to JDK 25 (release = 17)
This commit updates the build to use JDK 25 while remaining compatable with JDK 17.

Note that we must update our JAAS related tests to use release=25 due to the disabling of
the Security Manager. See
https://docs.oracle.com/en/java/javase/25/security/security-manager-is-permanently-disabled.html

Closes gh-18512
2026-01-16 11:25:59 -06:00
Robert Winch 6e9b4f86a4 Fix nullability for JDK 25
Closes gh-18511
2026-01-16 10:53:19 -06:00
Robert Winch 38b66e8407 Update to Gradle 9.2.1
Closes gh-18510
2026-01-16 10:48:28 -06:00
Robert Winch 9e5b3d9ea1 Update to Kotlin 2.3.0
Closes gh-18509
2026-01-16 10:46:58 -06:00
Robert Winch 7563932106 Update jococo 0.8.14
Closes gh-18508
2026-01-16 10:46:53 -06:00
Robert Winch 48f958cbbf Fix OAuth2AuthorizationRequestRedirectFilter constructor tests
OAuth2AuthorizationRequestRedirectFilterTests attempt to validate the constructors throw IllegalArgumentException if an invalid argument is provided, but
they are flawed because it is the relective code that is throwing the IllegalArgumentException due to imprecise type information.

This changes the tests to no longer use unnecessary reflection and casts the types so that the type information is used to target the correct
constructor.

Closes gh-18507
2026-01-16 10:34:10 -06:00
Josh Cummings 30d6b3a02b Merge branch '7.0.x' 2026-01-15 12:41:29 -07:00
Tran Ngoc Nhan cfe13c7c76 Fix typos
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2026-01-15 10:52:01 -07:00
Josh Cummings 3336f5f2ec Merge branch '7.0.x' 2026-01-14 14:47:31 -07:00
Josh Cummings 565896404c Merge branch '7.0.x' 2026-01-14 14:36:12 -07:00
박기현\qkrrl 91d8a04ec2 Fix duplicated use-authorization-manager in docs
Signed-off-by: 박기현\qkrrl <qkrrlgus114@naver.com>
2026-01-14 14:21:38 -07:00
Marcus Hert da Coregio 8254f589b8 Create Jackson Mixin for OneTimeTokenAuthentication
Closes gh-18095

Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>
2026-01-14 10:35:02 -07:00
dependabot[bot] 3f773abf7c Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-01-14 03:05:35 +00:00
Joe Grandja 92b7c41f2f Ensure Cursor imports Spring Security
Closes gh-8492
2026-01-13 17:01:21 -05:00
Bae Jihong 8692185de1 Fix javadoc warnings for spring-security-oauth2-client
- Fix a javadoc warning
- Apply javadoc-warnings-error plugin

Closes gh-18460

Signed-off-by: Bae Jihong <dasog@naver.com>
2026-01-13 10:01:13 -06:00
Robert Winch 7ca0f7723e Fix checkstyle 2026-01-12 16:28:22 -06:00
Stefano Cordio a612522ecd Add nullability contract to PasswordEncoder#encode
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
2026-01-12 16:28:22 -06:00
Robert Winch fe138d6434 Merge branch '7.0.x' 2026-01-12 16:05:51 -06:00
Robert Winch 93ae52aa58 Merge branch '7.0.x' 2026-01-12 15:48:57 -06:00
Robert Winch 43fe5f6b46 Fix update-antora-ui-spring.yml 2026-01-12 14:37:34 -06:00
Robert Winch f47f81351e Merge branch '7.0.x' 2026-01-12 14:32:23 -06:00
paulvas 0d47870928 Fix: migrate compiler-warnings-error plugin to gradle
Fixes: gh-18434
Signed-off-by: paulvas <paulvas@gmail.com>
2026-01-12 13:57:57 -06:00
paulvas da4362111a Fix: Enforce compiler warnings in oauth2-core
To prevent future compiler warnings from being introduced, this change
applies the `compile-warnings-error` plugin to the
`spring-security-oauth2-core` module.

This ensures that any new warnings will fail the build, maintaining
code quality and preventing warning accumulation.

Fixes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
Signed-off-by: paulvas <paulvas@gmail.com>
2026-01-12 13:57:57 -06:00
Pavel Vassiliev 1ddccd8a39 Fix spring-security-oauth2-core compiler warnings
Closes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: paulvas <paulvas@gmail.com>
2026-01-12 13:57:57 -06:00
Robert Winch 2825aa3ff1 Merge branch '7.0.x'
Closes gh-18485
2026-01-12 13:44:13 -06:00
Robert Winch ec06f08bb6 Merge branch '7.0.x' 2026-01-12 13:38:52 -06:00
rigu1 0a6883c586 Fix Javadoc warnings in spring-security-web
* Use <code> tags for external references in DelegatingMissingAuthorityAccessDeniedHandler and SwitchUserWebFilter
* Fix typo in SessionAuthenticationException
* Apply javadoc-warnings-error plugin

Closes gh-18468

Signed-off-by: rigu1 <dlsrbtla@gmail.com>
2026-01-12 13:24:47 -06:00
rigu1 c07a2e57bd Add javadoc-warnings-error build plugin
Signed-off-by: rigu1 <dlsrbtla@gmail.com>
2026-01-12 13:24:47 -06:00
Robert Winch 5a7d93ee3b Merge branch '7.0.x'
Closes gh-18471
2026-01-09 16:55:02 -06:00
Robert Winch a3b57c470f Merge branch '7.0.x' 2026-01-09 15:25:02 -06:00
Robert Winch d1a32b4b62 Merge branch '7.0.x' 2026-01-09 15:23:29 -06:00
Robert Winch 3833650d33 Update to 7.1.0-SNAPSHOT 2026-01-09 10:32:03 -06:00
276 changed files with 5647 additions and 240 deletions
+49 -33
View File
@@ -1,8 +1,5 @@
version: 2
registries:
spring-milestones:
type: maven-repository
url: https://repo.spring.io/milestone
shibboleth:
type: maven-repository
url: https://build.shibboleth.net/maven/releases
@@ -17,34 +14,6 @@ updates:
labels:
- 'type: dependency-upgrade'
registries:
- spring-milestones
- shibboleth
ignore:
- dependency-name: com.nimbusds:nimbus-jose-jwt
- dependency-name: org.python:jython
- dependency-name: org.apache.directory.server:*
- dependency-name: org.apache.directory.shared:*
- dependency-name: org.junit:junit-bom
update-types:
- version-update:semver-major
- dependency-name: org.mockito:mockito-bom
update-types:
- version-update:semver-major
- dependency-name: '*'
update-types:
- version-update:semver-major
- version-update:semver-minor
- package-ecosystem: gradle
target-branch: 6.4.x
directory: /
schedule:
interval: daily
time: '03:00'
timezone: Etc/UTC
labels:
- 'type: dependency-upgrade'
registries:
- spring-milestones
- shibboleth
ignore:
- dependency-name: com.nimbusds:nimbus-jose-jwt
@@ -63,7 +32,7 @@ updates:
- version-update:semver-minor
- package-ecosystem: gradle
target-branch: main
target-branch: 7.0.x
directory: /
schedule:
interval: daily
@@ -72,7 +41,6 @@ updates:
labels:
- 'type: dependency-upgrade'
registries:
- spring-milestones
- shibboleth
ignore:
- dependency-name: com.nimbusds:nimbus-jose-jwt
@@ -94,6 +62,36 @@ updates:
- version-update:semver-major
- version-update:semver-minor
- package-ecosystem: gradle
target-branch: main
directory: /
schedule:
interval: daily
time: '03:00'
timezone: Etc/UTC
labels:
- 'type: dependency-upgrade'
registries:
- shibboleth
ignore:
- dependency-name: com.nimbusds:nimbus-jose-jwt
- dependency-name: org.python:jython
- dependency-name: org.apache.directory.server:*
- dependency-name: org.apache.directory.shared:*
- dependency-name: org.junit:junit-bom
update-types:
- version-update:semver-major
- dependency-name: org.mockito:mockito-bom
update-types:
- version-update:semver-major
- dependency-name: com.gradle.enterprise
update-types:
- version-update:semver-major
- version-update:semver-minor
- dependency-name: '*'
update-types:
- version-update:semver-major
- package-ecosystem: npm
target-branch: docs-build
directory: /
@@ -111,3 +109,21 @@ updates:
labels:
- 'type: task'
- 'in: build'
- package-ecosystem: 7.0.x
target-branch: main
directory: /docs
schedule:
interval: weekly
labels:
- 'type: task'
- 'in: build'
- package-ecosystem: 6.5.x
target-branch: main
directory: /docs
schedule:
interval: weekly
labels:
- 'type: task'
- 'in: build'
+2 -4
View File
@@ -18,10 +18,8 @@ jobs:
strategy:
matrix:
include:
- java-version: 21-ea
toolchain: 21
- java-version: 17
toolchain: 17
- java-version: 25
toolchain: 25
with:
java-version: ${{ matrix.java-version }}
test-args: --refresh-dependencies -PforceMavenRepositories=snapshot,https://oss.sonatype.org/content/repositories/snapshots -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=7.+ -PreactorVersion=2025.+ -PspringDataVersion=2025.+ --stacktrace
@@ -21,7 +21,7 @@ jobs:
strategy:
matrix:
os: [ ubuntu-latest, windows-latest ]
jdk: [ 17 ]
jdk: [ 25 ]
with:
runs-on: ${{ matrix.os }}
java-version: ${{ matrix.jdk }}
@@ -20,10 +20,10 @@ jobs:
git config --global user.email 'github-actions[bot]@users.noreply.github.com'
- name: Checkout
uses: actions/checkout@v4
- name: Set up JDK 17
- name: Set up JDK 25
uses: actions/setup-java@v4
with:
java-version: '17'
java-version: '25'
distribution: 'temurin'
- name: Set up Gradle
uses: gradle/gradle-build-action@v2
+2 -2
View File
@@ -15,7 +15,7 @@ jobs:
- name: Set up gradle
uses: spring-io/spring-gradle-build-action@v2
with:
java-version: '17'
java-version: '25'
distribution: 'temurin'
- name: Build with Gradle
run: ./gradlew clean build -PskipCheckExpectedBranchVersion --continue --scan
@@ -28,7 +28,7 @@ jobs:
- name: Set up gradle
uses: spring-io/spring-gradle-build-action@v2
with:
java-version: '17'
java-version: '25'
distribution: 'temurin'
- name: Run Antora
run: ./gradlew -PbuildSrc.skipTests=true :spring-security-docs:antora
+1 -1
View File
@@ -11,7 +11,7 @@ jobs:
strategy:
matrix:
# List of active maintenance branches.
branch: [ main, 6.5.x, 6.4.x, 6.3.x ]
branch: [ main, 7.0.x, 6.5.x, 6.4.x, 6.3.x ]
runs-on: ubuntu-latest
steps:
- name: Checkout
@@ -16,7 +16,7 @@ jobs:
name: Update on Supported Branches
strategy:
matrix:
branch: [ '6.4.x', '6.5.x', 'main' ]
branch: [ '6.5.x', '7.0.x', 'main' ]
steps:
- uses: spring-io/spring-doc-actions/update-antora-spring-ui@e28269199d1d27975cf7f65e16d6095c555b3cd0
name: Update
+1 -1
View File
@@ -3,4 +3,4 @@
# See https://sdkman.io/usage#config
# A summary is to add the following to ~/.sdkman/etc/config
# sdkman_auto_env=true
java=17.0.3-tem
java=25-librca
+1 -1
View File
@@ -1,3 +1,3 @@
{
"java.import.gradle.enabled": false
"java.gradle.buildServer.enabled": "off"
}
+2 -25
View File
@@ -1,5 +1,7 @@
import io.spring.gradle.IncludeRepoTask
import org.jetbrains.kotlin.gradle.dsl.JvmTarget
import trang.RncToXsd
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
buildscript {
dependencies {
@@ -46,31 +48,6 @@ springRelease {
replaceSnapshotVersionInReferenceDocUrl = true
}
def toolchainVersion() {
if (project.hasProperty('testToolchain')) {
return project.property('testToolchain').toString().toInteger()
}
return 17
}
subprojects {
java {
toolchain {
languageVersion = JavaLanguageVersion.of(toolchainVersion())
}
}
kotlin {
jvmToolchain {
languageVersion = JavaLanguageVersion.of(17)
}
}
tasks.withType(JavaCompile).configureEach {
options.encoding = "UTF-8"
options.compilerArgs.add("-parameters")
options.release.set(17)
}
}
allprojects {
if (!['spring-security-bom', 'spring-security-docs'].contains(project.name)) {
apply plugin: 'io.spring.javaformat'
@@ -0,0 +1,10 @@
import org.gradle.api.tasks.compile.JavaCompile
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
tasks.withType(JavaCompile) {
options.compilerArgs += "-Werror"
}
tasks.withType(KotlinCompile) {
kotlinOptions.allWarningsAsErrors = true
}
@@ -34,7 +34,7 @@ class JacocoPlugin implements Plugin<Project> {
project.tasks.check.dependsOn project.tasks.jacocoTestReport
project.jacoco {
toolVersion = '0.8.9'
toolVersion = '0.8.14'
}
}
}
@@ -35,6 +35,7 @@ class SpringModulePlugin extends AbstractSpringJavaPlugin {
pluginManager.apply(SpringMavenPlugin.class);
pluginManager.apply(CheckClasspathForProhibitedDependenciesPlugin.class);
pluginManager.apply("io.spring.convention.jacoco");
pluginManager.apply("java-toolchain");
def deployArtifacts = project.task("deployArtifacts")
deployArtifacts.group = 'Deploy tasks'
@@ -0,0 +1,36 @@
import org.jetbrains.kotlin.gradle.dsl.JvmTarget
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
def toolchainVersion() {
if (project.hasProperty('testToolchain')) {
return project.property('testToolchain').toString().toInteger()
}
return 25
}
java {
toolchain {
languageVersion = JavaLanguageVersion.of(toolchainVersion())
}
}
tasks.withType(JavaCompile).configureEach {
options.encoding = "UTF-8"
options.compilerArgs.add("-parameters")
options.release = 17
}
pluginManager.withPlugin("org.jetbrains.kotlin.jvm") {
kotlin {
jvmToolchain {
languageVersion = JavaLanguageVersion.of(toolchainVersion())
}
}
tasks.withType(KotlinCompile).configureEach {
compilerOptions {
javaParameters = true
jvmTarget.set(JvmTarget.JVM_17)
}
}
}
@@ -0,0 +1,7 @@
import org.gradle.api.tasks.javadoc.Javadoc
project.tasks.withType(Javadoc).configureEach {
options.addBooleanOption('Werror', true)
// temporarily disable missing to get build to pass with JDK 25
options.addStringOption('Xdoclint:all,-missing')
}
@@ -0,0 +1,30 @@
import org.gradle.api.tasks.compile.JavaCompile
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
/**
* We need to compile with JDK 25 for nullability support, but using JDK 25 means that our tests will fail due to the
* <a href="https://docs.oracle.com/en/java/javase/25/security/security-manager-is-permanently-disabled.html">removal
* of the Java Security Manager</a>. For example, in JDK 25 {@code Subject.getSubject(AccessControlContext)} throws an
* {@code UnsupportedOperationException}.
*
* To resolve this, we must migrate tests to use the new APIs (e.g. {@code Subject.current()}) but those APIs are not
* available in the JDK 17 source, so compiling with JDK 25 and release 17 fails. The plugin overrides the test
* compilation to use release 25.
*
* @see <a href="https://docs.oracle.com/en/java/javase/25/security/security-manager-is-permanently-disabled.html">The
* Security Manager Is Permanently Disabled</a>
* @see <a href="https://inside.java/2024/07/08/quality-heads-up/">Quality Outreach Heads-up - JDK 23: Re-Specified
* Subject.getSubject API</a>
*/
tasks.withType(JavaCompile).configureEach { task ->
if (task.name == 'compileTestJava' || task.name == 'compileIntegrationTestJava') {
task.options.release.set(25)
}
}
tasks.withType(KotlinCompile).configureEach { task ->
if (task.name == 'compileTestKotlin' || task.name == 'compileIntegrationTestKotlin') {
task.kotlinOptions.jvmTarget = '25'
}
}
@@ -17,4 +17,7 @@
/**
* Jackson 3+ serialization support for CAS.
*/
@NullMarked
package org.springframework.security.cas.jackson;
import org.jspecify.annotations.NullMarked;
+1
View File
@@ -4,6 +4,7 @@ import trang.RncToXsd
apply plugin: 'io.spring.convention.spring-module'
apply plugin: 'trang'
apply plugin: 'security-kotlin'
apply plugin: 'test-compile-target-jdk25'
configurations {
opensaml5 {
@@ -94,7 +94,7 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
public BeanDefinition parse(Element element, ParserContext pc) {
if (!namespaceMatchesVersion(element)) {
pc.getReaderContext()
.fatal("You cannot use any XSD older than spring-security-7.0.xsd. Either change to spring-security.xsd or spring-security-7.0.xsd",
.fatal("You cannot use any XSD older than spring-security-7.1.xsd. Either change to spring-security.xsd or spring-security-7.1.xsd",
element);
}
String name = pc.getDelegate().getLocalName(element);
@@ -219,7 +219,7 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
private boolean matchesVersionInternal(Element element) {
String schemaLocation = element.getAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "schemaLocation");
return schemaLocation.matches("(?m).*spring-security-7\\.0.*.xsd.*")
return schemaLocation.matches("(?m).*spring-security-7\\.1.*.xsd.*")
|| schemaLocation.matches("(?m).*spring-security.xsd.*")
|| !schemaLocation.matches("(?m).*spring-security.*");
}
@@ -14,6 +14,8 @@
# limitations under the License.
#
http\://www.springframework.org/schema/security/spring-security.xsd=org/springframework/security/config/spring-security-7.1.xsd
http\://www.springframework.org/schema/security/spring-security-7.0.xsd=org/springframework/security/config/spring-security-7.1.xsd
http\://www.springframework.org/schema/security/spring-security.xsd=org/springframework/security/config/spring-security-7.0.xsd
http\://www.springframework.org/schema/security/spring-security-7.0.xsd=org/springframework/security/config/spring-security-7.0.xsd
http\://www.springframework.org/schema/security/spring-security-6.5.xsd=org/springframework/security/config/spring-security-6.5.xsd
@@ -42,7 +44,8 @@ http\://www.springframework.org/schema/security/spring-security-2.0.xsd=org/spri
http\://www.springframework.org/schema/security/spring-security-2.0.1.xsd=org/springframework/security/config/spring-security-2.0.1.xsd
http\://www.springframework.org/schema/security/spring-security-2.0.2.xsd=org/springframework/security/config/spring-security-2.0.2.xsd
http\://www.springframework.org/schema/security/spring-security-2.0.4.xsd=org/springframework/security/config/spring-security-2.0.4.xsd
https\://www.springframework.org/schema/security/spring-security.xsd=org/springframework/security/config/spring-security-7.0.xsd
https\://www.springframework.org/schema/security/spring-security.xsd=org/springframework/security/config/spring-security-7.1.xsd
https\://www.springframework.org/schema/security/spring-security-7.1.xsd=org/springframework/security/config/spring-security-7.1.xsd
https\://www.springframework.org/schema/security/spring-security-7.0.xsd=org/springframework/security/config/spring-security-7.0.xsd
https\://www.springframework.org/schema/security/spring-security-6.5.xsd=org/springframework/security/config/spring-security-6.5.xsd
https\://www.springframework.org/schema/security/spring-security-6.4.xsd=org/springframework/security/config/spring-security-6.4.xsd
@@ -114,7 +114,7 @@ public class SecurityNamespaceHandlerTests {
"<user-service id='us'><user name='bob' password='bobspassword' authorities='ROLE_A' /></user-service>",
"3.0.3", null))
.withMessageContaining(
"You cannot use any XSD older than spring-security-7.0.xsd. Either change to spring-security.xsd or spring-security-7.0.xsd");
"You cannot use any XSD older than spring-security-7.1.xsd. Either change to spring-security.xsd or spring-security-7.1.xsd");
}
// SEC-1868
@@ -65,7 +65,7 @@ public class XsdDocumentedTests {
String schema31xDocumentLocation = "org/springframework/security/config/spring-security-3.1.xsd";
String schemaDocumentLocation = "org/springframework/security/config/spring-security-7.0.xsd";
String schemaDocumentLocation = "org/springframework/security/config/spring-security-7.1.xsd";
XmlSupport xml = new XmlSupport();
@@ -151,8 +151,8 @@ public class XsdDocumentedTests {
.list((dir, name) -> name.endsWith(".xsd"));
// @formatter:on
assertThat(schemas.length)
.withFailMessage("the count is equal to 28, if not then schemaDocument needs updating")
.isEqualTo(28);
.withFailMessage("the count is equal to 29, if not then schemaDocument needs updating")
.isEqualTo(29);
}
/**
@@ -19,7 +19,6 @@ package org.springframework.security.config.http;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.AccessController;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Arrays;
@@ -989,7 +988,7 @@ public class MiscHttpConfigTests {
@GetMapping("/username")
String username() {
Subject subject = Subject.getSubject(AccessController.getContext());
Subject subject = Subject.current();
return subject.getPrincipals().iterator().next().getName();
}

Some files were not shown because too many files have changed in this diff Show More