Spring Operator
6cf279f52e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2118 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 1 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 20:23:37 -05:00
Ankur Pathak
88d57e0b8e
fixes setting paramName only when it is not null
...
Fixes: gh-6223
2019-01-10 10:34:32 -06:00
Joe Grandja
aea9ee5f2a
AuthenticationFailureEvent should publish once
...
Fixes gh-6281
2018-12-21 08:50:12 -05:00
Zhanwei Wang
78a6c48f84
Improve error message for Chinese.
2018-12-06 13:55:00 -06:00
Robbie Martinus
f6657b7771
SessionRegistryImpl uses computeIfAbsent
...
Fixes: gh-5834
2018-12-05 10:29:20 -06:00
Joe Grandja
d6da4d20b4
Set AuthenticationEventPublisher on each AuthenticationManagerBuilder
...
Fixes gh-6009
2018-10-23 14:49:44 -04:00
Johnny Lim
5e74da9b4f
Add a missing space in Secured.value() signature
2018-10-03 14:49:45 -04:00
Rob Winch
a1c381c276
Add JdbcUserDetailsManager(DataSource) constructor
...
Fixes: gh-5512
2018-07-13 15:58:36 -05:00
Rob Winch
8659a4b555
Add UserDetailsRepositoryReactiveAuthenticationManager.setScheduler
...
Fixes: gh-5417
2018-06-11 14:30:11 -05:00
Kazuki Shimizu
8883ec17e5
Fix JdbcDaoImpl Javadoc
...
Fix incorrect explanation for customizing query on JdbcDaoImpl
Issue: gh-5306
2018-05-04 10:48:55 -05:00
Rob Winch
a5dc48f9d9
Improve PasswordEncoder deprecated notices
...
Fixes: gh-5296
2018-05-03 15:13:20 -05:00
Rob Winch
2f441f18e6
Make MIN_SPRING_VERSION Dynamic
...
Fixes: gh-5065
# Conflicts:
# core/src/main/java/org/springframework/security/core/SpringSecurityCoreVersion.java
2018-05-03 11:01:27 -05:00
Joe Grandja
64cb256bb9
Update to Spring Framework 5.0.5
...
Fixes gh-5166
2018-04-04 10:27:43 -04:00
Joe Grandja
55019b2f0b
Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677
2018-04-03 11:16:50 -04:00
Rob Winch
151b545ed0
Polish Javadoc
...
Fixes: gh-5186
2018-03-29 15:33:31 -05:00
Rob Winch
6729c39905
Fix JDK 9
...
Issue: gh-5160
2018-03-28 15:00:41 -05:00
Josh Cummings
a7f180b2c7
Authorities authenticate TestingAuthenticationToken
...
In other extensions of `AbstractAuthenticationToken`, the constructors
that include `authorities` call `setAuthenticated(true)`. This includes
`PreAuthenticated`-, `UsernamePassword`-, and
`RememberMeAuthenticationToken`.
This change brings `TestingAuthenticationToken` in line with that
convention.
Note that this was done once already to one of the constructors
(ee13be4 ) in `TestingAuthenticationToken` that takes an arity of
`authorities`. It was not propagated to the constructor that takes a
collection, which is what this commit remedies.
Fixes: gh-5098
2018-03-09 13:26:36 -06:00
Johnny Lim
d316803596
Polish DaoAuthenticationProviderTests
2018-03-02 08:55:37 -06:00
Rob Winch
8d75554b6b
Lazily Create Throwables
...
Fixes: gh-5040
2018-02-26 16:24:40 -06:00
Rob Winch
831399be16
Update to Spring Framework 5.0.4
...
Fixes: gh-5027
2018-02-19 22:00:33 -06:00
Rob Winch
7063a9e111
Issue: gh-5018
2018-02-16 16:50:14 -06:00
Rob Winch
964a14b224
Document Reactive Method security requires Publisher return types
...
Fixes: gh-4988
2018-02-07 16:43:18 -06:00
Rob Winch
8b7f772761
Update to Jackson 2.9.4
...
Fixes: gh-4985
2018-02-01 13:45:06 -06:00
Rob Winch
994abb0d00
Document User.withDefaultPasswordEncoder unsafe for production
...
Fixes: gh-4793
2018-01-31 16:26:26 -06:00
Rob Winch
f7e49ace9f
Add TestAuthentication
2018-01-26 15:13:09 -06:00
Rob Winch
c5e6ee4563
Update Dependencies
...
Fixes: gh-4973
2018-01-24 13:48:14 -06:00
Rob Winch
6ba225b62d
Polish userNotFoundEncodedPassword
...
Ensure that if passwordEncoder is set that userNotFoundEncodedPassword
is encoded again if already set.
Issue: gh-4915
2018-01-24 11:06:08 -06:00
Phillip Webb
fd78d055aa
Lazily initialize userNotFoundEncodedPassword
...
Update `DaoAuthenticationProvider` so that `userNotFoundEncodedPassword`
is lazily initialized on the first call to `retrieveUser`, rather than
in `doAfterPropertiesSet`.
Since some `PasswordEncoder` implementations can be slow, this change
can help to improve application startup times and the expense of some
delay with the first login.
Note that `userNotFoundEncodedPassword` creation occurs on the first
user retrieval, regardless of whether the user is ultimately found. This
ensures consistent processing times, regardless of the outcome.
First Call:
Found = encode(userNotFound) + decode(supplied)
Not-Found = encode(userNotFound) + decode(userNotFound)
Subsequent Call:
Found = decode(supplied)
Not-Found = decode(userNotFound)
Fixes gh-4915
2018-01-24 11:06:08 -06:00
Johnny Lim
f3830eec7d
Rename userDetailsRepository to userDetailsService
2018-01-10 16:04:48 -06:00
Rob Winch
803cdcf01e
Test Jackson HashMap in Whitelist
...
Issue: gh-4889
2018-01-03 16:17:23 -06:00
Chris Burrell
cf97e16379
Add HashMap to Jackson whitelist
...
Issue: gh-4889
2018-01-03 16:17:23 -06:00
Rob Winch
b9152701a6
Javadoc Polish
2017-12-21 16:43:11 -06:00
Johnny Lim
921157cdcd
Remove explicit super() calls
2017-12-21 15:11:51 -06:00
Johnny Lim
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
Rob Winch
c856c376df
Fix UTF-8 in JdbcDaoImplTests
2017-12-20 15:50:23 -06:00
Joe Grandja
e19fdb6cc1
Remove AuthenticatedPrincipal from UserDetails
...
Issue gh-4877
2017-11-30 10:52:24 -05:00
Joe Grandja
50d1a81458
AbstractAuthenticationToken.getName() uses UserDetails.getUsername()
...
Fixes gh-4877
2017-11-30 09:17:42 -05:00
Rob Winch
ee1745b681
Update to Spring Framework 5.0.2.RELEASE
2017-11-27 11:57:03 -06:00
Rob Winch
691bf2e11d
PasswordEncoder Bean for AuthenticationManagerBuilder
...
Issue: gh-4873
2017-11-27 11:42:56 -06:00
Johnny Lim
701933c7f7
Fix copyright start years
...
See gh-4655
See gh-4725
2017-11-17 10:14:32 -06:00
Johnny Lim
5f518d00e5
Apply Checkstyle EmptyStatementCheck module
...
This commit adds Checkstyle `EmptyStatementCheck` module and aligns code with it.
2017-11-16 20:18:21 -06:00
Oleg Zhuravlev
563139c469
Fix keys in messages bundle
2017-11-16 11:28:57 -06:00
Benedikt Ritter
fffd781b03
Add localization to error messages from ExceptionTranslationFilter
...
Fixes gh-4504
2017-11-16 11:25:56 -06:00
Johnny Lim
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
Johnny Lim
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
Rob Winch
6d4b4bf2c7
Align Dependencies with Spring IO Cairo
...
Fixes gh-4821
2017-11-14 13:45:24 -06:00
Johnny Lim
99df632f24
Add missing @Override annotations
...
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
2017-11-08 13:27:24 -06:00
Rob Winch
d9abd2e443
User.UserBuilder only encodes once
...
Fixes gh-4794
2017-11-06 09:47:37 -06:00
Greg Turnquist
881cd0befb
Fix UsernamePasswordAuthenticationTokenMixin to handle null credentials/details
...
Resolves #4698
2017-10-31 16:34:07 -05:00
Rob Winch
e95430fa36
Polish Reactive Method Security reference
...
Issue gh-4757
2017-10-30 16:27:50 -05:00