Commit Graph

1310 Commits

Author SHA1 Message Date
Josh Cummings
bb43174752 Fix Bean Name
Issue gh-14480
2024-04-04 13:30:30 -06:00
Josh Cummings
3f7355abc6 Synthesize all annotation attributes
Issue gh-14601
2024-04-04 13:30:29 -06:00
Josh Cummings
6f07d63938 Support SpEL Returning AuthorizationDecision
Closes gh-14598
2024-04-04 11:32:00 -06:00
Josh Cummings
0a9c482f62 Revert "Support SpEL Returning AuthorizationDecision"
This reverts commit 77f2977c55.
2024-04-04 11:31:45 -06:00
Josh Cummings
77f2977c55 Support SpEL Returning AuthorizationDecision
Closes gh-14599
2024-04-04 09:52:15 -07:00
Marcus Hert Da Coregio
d85857f905 Add Authorization Denied Handlers for Method Security
Closes gh-14601
2024-04-03 09:25:12 -03:00
Marcus Hert Da Coregio
7d66525e23 Add Compromised Password Checker
Closes gh-7395
2024-04-01 09:48:07 -03:00
Steve Riesenberg
abf9dc165a Merge branch '6.2.x' 2024-03-26 10:55:48 -05:00
Steve Riesenberg
614123e6f9 Update tests that fail on Windows
Issue gh-14609
2024-03-26 10:49:47 -05:00
Josh Cummings
44033cd8b9 Make Internal Logout URI Configurable
Closes gh-14609
2024-03-22 16:31:44 -06:00
Josh Cummings
e18ec48134 Fix Test
Issue gh-14553
2024-03-22 16:31:42 -06:00
Josh Cummings
662cfed349 Make Internal Logout URI Configurable
Closes gh-14609
2024-03-22 16:28:21 -06:00
Josh Cummings
c95f009b23 Fix Test
Issue gh-14553
2024-03-22 16:27:16 -06:00
Josh Cummings
9898e0e993 Move AuthorizationAdvisorProxyFactory
To prevent package tangles

Issue gh-14596
2024-03-22 11:00:39 -06:00
Josh Cummings
795e44d11f Add Value-Type Ignore Support
Issue gh-14597
2024-03-22 11:00:39 -06:00
Josh Cummings
ce54a6db18 Add TestAuthentication convenience method
Issue gh-14597
2024-03-19 10:27:03 -06:00
Josh Cummings
d169d5a835 Add AuthorizeReturnObject
Closes gh-14597
2024-03-19 10:27:03 -06:00
Josh Cummings
c611b7e33b Add AuthorizationProxyFactory Reactive Support
Issue gh-14596
2024-03-15 11:44:30 -06:00
Steve Riesenberg
77c30c431e Polish tests
Issue gh-11783
Issue gh-13763
2024-03-14 15:40:43 -05:00
Steve Riesenberg
80a8d3831a Simplify reactive OAuth2 Client configuration
Closes gh-13763
2024-03-14 15:40:43 -05:00
Josh Cummings
52dfbfb5b3 Add Authorization Proxy Support
Closes gh-14596
2024-03-13 14:35:07 -06:00
Steve Riesenberg
d6382b83dc Configure token-exchange via a bean
Issue gh-5199
Issue gh-11783
Closes gh-14701
2024-03-07 11:03:10 -06:00
Marcus Hert Da Coregio
f8ff056eb6 Update Max Sessions on WebFlux
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler

Issue gh-6192
2024-02-28 10:06:45 -03:00
Marcus Hert Da Coregio
a5ce8ae87f Polish Max Sessions on WebFlux
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry

Issue gh-6192
2024-02-27 11:12:50 -03:00
Josh Cummings
c639d0a514 Add AOP Integration Test
Closes gh-14637
2024-02-26 13:56:56 -07:00
Josh Cummings
4d383023cb Add meta-annotation parameter support
Closes gh-14480
2024-02-26 10:50:35 -07:00
Marcus Hert Da Coregio
21580fd27d Merge branch '6.2.x' 2024-02-16 13:31:20 -03:00
Marcus Hert Da Coregio
15306c1007 Merge branch '6.1.x' into 6.2.x 2024-02-16 13:21:15 -03:00
Rob Winch
750cb30ce4 Add AuthenticationTrustResolver.isAuthenticated 2024-02-16 13:08:29 -03:00
Josh Cummings
7f0433c805 Merge branch '6.2.x' 2024-02-12 17:01:38 -07:00
Josh Cummings
2702a64be7 Use Localhost for Internal Logout Endpoint
Closes gh-14553
2024-02-12 17:00:58 -07:00
Josh Cummings
34526c3e01 Merge branch '6.2.x' 2024-02-12 12:54:29 -07:00
Josh Cummings
3ab323663a Do Not Wire Default OidcSessionStrategy without OidcLogoutConfigurer
Closes gh-14558
2024-02-12 12:53:48 -07:00
Marcus Hert Da Coregio
915d68e216 Remove includeExpiredSessions parameter
The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter

Issue gh-6192
2024-02-06 10:43:00 -03:00
DingHao
3f65f600de Use AuthorizationEventPublisher Bean
- For Jsr250MethodInterceptor and SecuredMethodInterceptor

Closes gh-14401
2024-01-17 17:40:38 -07:00
Marcus Hert Da Coregio
1daa9e27e2 Merge branch '6.2.x' 2024-01-05 15:17:01 -03:00
Marcus Hert Da Coregio
e2bab7b7ef Add .serialized suffix and consider them as binary in Git
Issue gh-3737
2024-01-05 15:14:22 -03:00
Marcus Hert Da Coregio
85177c0178 Merge branch '6.2.x'
Closes gh-14408
2024-01-05 14:22:49 -03:00
Marcus Hert Da Coregio
4fb6a33d36 Verify Serializable Objects Are Deserializable Between Minor Versions
This commit introduces a test that verifies that Spring Security domain classes that implements Serializable and have the same serialVersionUID as SpringSecurityCoreVersion#SERIAL_VERSION_UID can be deserialized between minor versions.

This commit also introduces another test that should be used to generate the files containing the serialized content of the objects.

Closes gh-3737
2024-01-05 12:00:02 -03:00
Marcus Hert Da Coregio
707588f870 Merge branch '6.2.x' 2023-12-26 15:58:51 -03:00
Marcus Hert Da Coregio
d385b53e3c Merge branch '6.1.x' into 6.2.x 2023-12-26 15:58:39 -03:00
Marcus Hert Da Coregio
92af758f1f Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive
Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state.

Issue gh-14362
2023-12-26 15:58:16 -03:00
Marcus Hert Da Coregio
778a63a763 Revert "Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing"
This reverts commit 8a93178da7.
2023-12-26 15:10:15 -03:00
Marcus Hert Da Coregio
5ad34d1f92 Merge branch '6.2.x'
Closes gh-14381
2023-12-26 11:20:51 -03:00
Marcus Hert Da Coregio
dd20f0694d Merge branch '6.1.x' into 6.2.x
Closes gh-14380
2023-12-26 11:20:41 -03:00
DingHao
7cd626fe25 Fix FilterChainProxy cannot be found when @EnableWebSecurity(debug = true)
Closes gh-14370
2023-12-26 11:20:09 -03:00
Marcus Hert Da Coregio
08d764dc84 Merge branch '6.2.x'
Closes gh-14378
2023-12-26 10:42:45 -03:00
Marcus Hert Da Coregio
f95cda6be7 Merge branch '6.1.x' into 6.2.x
Closes gh-14377
2023-12-26 10:42:37 -03:00
Marcus Hert Da Coregio
364bc10e78 Add hints for CompositeFilterChainProxy
Closes gh-14359
2023-12-26 10:41:56 -03:00
Marcus Hert Da Coregio
a628384d20 Merge branch '6.2.x'
Closes gh-14368
2023-12-22 08:40:24 -03:00