Commit Graph

916 Commits

Author SHA1 Message Date
Josh Cummings
150b81d008 Add SecurityContextHolderStrategy XML Configuration for Defaults
Issue gh-11061
2022-06-17 12:21:10 -06:00
Josh Cummings
ce218c78f9 Add SecurityContextHolderStrategy Java Configuration for Defaults
Issue gh-11061
2022-06-17 11:58:38 -06:00
Steve Riesenberg
a061191bd2 Allow form login when single OAuth2 Provider is configured
Closes gh-6802
2022-06-15 13:42:06 -05:00
Steve Riesenberg
d18291676f Update copyright year
Issue gh-11372
2022-06-15 13:14:07 -05:00
Steve Riesenberg
c7df39a3e6 Fix tests using root cause for exception messages
Closes gh-11372
2022-06-14 17:12:15 -05:00
Houssem BELHADJ AHMED
f4049c18b1 add SAML authentication request support to login configurer
Closes gh-8873
2022-06-06 08:05:33 -06:00
Josh Cummings
9683856956 Polish InterceptUrlConfigTests
Issue gh-11305
2022-05-31 16:05:17 -06:00
Josh Cummings
2afa9313eb Use AuthorizationManager in <http>
Closes gh-11305
2022-05-31 16:01:41 -06:00
Josh Cummings
f4c0fcb5ef Add AuthorizationManager to Messaging
Closes gh-11076
2022-05-27 13:35:19 -06:00
Juny Tse
f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 11:42:54 -06:00
Josh Cummings
5cbc1a47da Use original query string to verify signature
Closes gh-11235
2022-05-23 15:30:07 -06:00
Josh Cummings
88f9529329 Correctly encode query parameters
Issue gh-11235
2022-05-23 15:30:01 -06:00
Josh Cummings
0814136ee8 Polish WebExpressionAuthorizationManager
- Add support for request variables
- Added additional tests

Issue gh-11105
2022-05-13 14:14:42 -06:00
Evgeniy Cheban
c4766e64fe Add AuthorizationManager that uses ExpressionHandler
Closes gh-11105
2022-05-13 14:05:34 -06:00
Rob Winch
f34ea188e2 RequestRejectedException is 400 by Default
Closes gh-7568
2022-05-12 10:32:27 -05:00
Marcus Da Coregio
806e05855c Replace removed context-related operators
Closes gh-11194
2022-05-10 14:58:02 -03:00
Marcus Da Coregio
dc2bd2b4f8 Update copyright headers
Issue gh-10956
2022-05-06 14:33:59 -03:00
Marcus Da Coregio
de9b7b4fb8 Fix mvcMatchers overriding previous paths
Closes gh-10956
2022-05-06 14:33:59 -03:00
Marcus Da Coregio
995b2918bb Remove SAML Deprecations
Closes gh-11077
2022-05-06 10:15:42 -03:00
Rob Winch
dec0d97ef0 Multiple <authentication-manager> Do Not Duplicate Alias
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
2022-05-03 14:50:56 -05:00
Josh Cummings
4ebd37ae77 Add 5.8 Support 2022-05-03 09:04:34 -06:00
Josh Cummings
397ccbc1c8 Add 5.7 Schema 2022-05-03 09:03:50 -06:00
Eleftheria Stein
736f439bb5 Detect UserDetailsService bean in X509 configuration
Closes gh-11174
2022-04-28 14:48:40 +02:00
Eleftheria Stein
ac06057cf6 Detect UserDetailsService bean in remember me
Closes gh-11170
2022-04-28 12:44:27 +02:00
Rob Winch
e79b6b3ac8 Default SecurityContextHolderFilter
Closes gh-11110
2022-04-15 14:59:38 -05:00
Rob Winch
9a9a43a0c0 ForceEagerSessionCreationFilter
Closes gh-11109
2022-04-15 14:18:25 -05:00
Josh Cummings
c6ad72004e Revert "Pick up AuthorizationManager Bean"
This reverts commit 4ca5346871.

Issue gh-11067
2022-04-12 09:58:30 -06:00
Marcus Da Coregio
50f8df6f07 Use HttpStatusCode
Closes gh-11091
2022-04-11 09:19:56 -03:00
Rob Winch
7be32872e9 Add DisableUrlRewritingFilter
Closes gh-11084
2022-04-08 16:13:24 -05:00
Josh Cummings
4ca5346871 Pick up AuthorizationManager Bean
Closes gh-11067
Closes gh-11068
2022-04-08 11:42:37 -06:00
Josh Cummings
be434e1540 Add Default Test to HttpBasicConfigurerTests
Issue gh-10973
2022-04-05 17:32:13 -06:00
Josh Cummings
f09652d447 Polish Saml2LoginConfigurerTests
Issue gh-10973
2022-04-05 17:32:13 -06:00
Josh Cummings
bdd5f86526 Polish Authorization Event Support
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
2022-03-29 16:37:21 -06:00
Rob Winch
e176d764ba Add SecurityContextRepository.loadContext(HttpServletRequest)
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
2022-03-25 14:38:37 -05:00
Steve Riesenberg
8aa7029d07 Fix checkstyle errors
Issue gh-10989
2022-03-18 22:53:29 -05:00
Rob Winch
972039e65c Add SecurityContextHolderFilter
Closes gh-9635
2022-03-12 13:31:04 -06:00
Norbert Nowak
abd33389be Add UsernamePasswordAuthenticationToken factory methods
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
2022-03-09 15:49:29 -07:00
Marcus Da Coregio
1762a4ce70 Add SAML 2.0 Single Logout XML Support
Closes gh-10842
2022-03-09 10:48:34 -03:00
Marcus Da Coregio
1cbe7a75d3 Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 10:40:26 -03:00
Josh Cummings
5b9a45de01 Replace Apache Commons Base64 Decoding
Issue gh-10923
2022-03-02 16:30:21 -07:00
m0k045e
8cc18fa9dc OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager
Closes gh-10846
2022-02-28 15:31:22 -07:00
Eleftheria Stein
9f9fbb395f Apply configurers from spring.factories to HttpSecurity bean
Closes gh-10814
2022-02-09 14:42:04 +01:00
Josh Cummings
84616543a3 Polish ignoring() log messaging
- Public API remains unchanged

Issue gh-9334
2022-02-07 14:58:20 -07:00
Manuel Jordan
6ae651bd67 Print ignore message DefaultSecurityFilterChain
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.

Closes gh-9334
2022-02-07 14:58:20 -07:00
Josh Cummings
5a2556879a Add Saml2AuthenticationRequestResolver
Closes gh-10355
2022-01-24 16:18:33 -07:00
Rob Winch
f94090a59b Remove spring-security-openid
Closes gh-10773
2022-01-21 16:55:19 -06:00
Adam Ostrožlík
27cfb9c89d Support multiple RequestRejectedHandler beans
Closes gh-10603
2022-01-14 17:21:00 -07:00
Marcus Da Coregio
d884d9a461 Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
Closes gh-10554
2021-12-13 09:19:41 -03:00
Marcus Da Coregio
0beb725259 Add Cross Origin Policies headers
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
2021-12-08 11:07:09 +01:00
Marcus Da Coregio
263665ad55 Prevent using both authorizeRequests and authorizeHttpRequests
Closes gh-10573
2021-12-06 15:54:28 -03:00