Commit Graph

924 Commits

Author SHA1 Message Date
Josh Cummings
c2d79fcbd6 Add Conditions to Generating AuthnRequest
Closes gh-11657
2022-08-03 17:34:31 -06:00
Josh Cummings
aa225943d2 Polish Tests
Issue gh-11657
2022-08-03 17:34:26 -06:00
Josh Cummings
5dff157755 Polish HttpSecurity Formatting
Issue gh-11360
2022-07-14 12:50:40 -06:00
Evgeniy Cheban
400cd60368 Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
2022-07-14 12:48:39 -06:00
Josh Cummings
624fdfa731 Add AuthorizationManager for protect-pointcut
Closes gh-11323
2022-07-13 17:58:16 -06:00
Josh Cummings
c9a3d21b9b Add Configuration Test
Issue gh-11327
2022-07-07 14:46:37 -06:00
Josh Cummings
d27d431bbc Add AuthorizationFilter to filter chain validator
Closes gh-11327
2022-07-07 13:52:36 -06:00
Josh Cummings
cdafa4ee21 Clarify variable names
Issue gh-11327
2022-07-07 13:38:42 -06:00
Josh Cummings
74a007dc91 Support AuthorizationManager for intercept-methods Element
Closes gh-11328
2022-07-06 12:54:05 -06:00
Josh Cummings
e8723f1f43 Pick up SecurityContextHolderStrategy for WebClient integration
Issue gh-11061
2022-06-28 14:58:53 -06:00
Josh Cummings
27de315e5e Use SecurityContextHolderStrategy for Async Requests
Issue gh-11060
Issue gh-11061
2022-06-28 14:46:52 -06:00
Josh Cummings
98995f2225 Add SecurityContextHolderStrategy to Pre-authenticated scenarios
Issue gh-11060
Issue gh-11061
2022-06-28 12:04:37 -06:00
Josh Cummings
4a2d77d3f2 Use SecurityContextHolderStrategy for Remember-me
Issue gh-11060
Isuse gh-11061
2022-06-28 11:08:57 -06:00
Josh Cummings
74167d62b1 Add SecurityContextHolderStrategy XML Configuration for Messaging
Issue gh-11061
2022-06-27 15:55:28 -06:00
Josh Cummings
9292a13146 Add SecurityContextHolderStrategy Java Configuration for Messaging
Issue gh-11061
2022-06-27 15:55:28 -06:00
Josh Cummings
652c35db2f Add SecurityContextHolderStrategy XML Configuration for OAuth2
Issue gh-11061
2022-06-27 13:05:13 -06:00
Josh Cummings
1d22316574 Add SecurityContextHolderStrategy Java Configuration for OAuth2
Issue gh-11061
2022-06-27 13:05:13 -06:00
Josh Cummings
6c16ac101a Add SecurityContextHolderStrategy XML Configuration for Saml2
Issue gh-11061
2022-06-27 13:05:12 -06:00
Josh Cummings
97253c9293 Add SecurityContextHolderStrategy Java Configuration for Saml2
Issue gh-11061
2022-06-27 13:05:11 -06:00
Josh Cummings
9cd7c7b046 Add SecurityContextHolderStrategy XML Configuration for Method Security
Issue gh-11061
2022-06-27 13:05:07 -06:00
Josh Cummings
da57bac061 Add SecurityContextHolderStrategy Java Configuration for Method Security
Issue gh-11061
2022-06-27 13:03:11 -06:00
Josh Cummings
fa0086d3b0 Polish SecurityContextHolderStrategy Java Configuration for Defaults
Issue gh-11061
2022-06-27 13:01:22 -06:00
Josh Cummings
2a70707c35 Add SecurityContextHolderStrategy XML Configuration for Defaults
Issue gh-11061
2022-06-17 11:28:10 -06:00
Josh Cummings
2c09a300b6 Add SecurityContextHolderStrategy Java Configuration for Defaults
Issue gh-11061
2022-06-17 11:28:10 -06:00
Steve Riesenberg
79c2b8709b Allow form login when single OAuth2 Provider is configured
Closes gh-6802
2022-06-15 14:05:55 -05:00
Marcus Da Coregio
4c2401a576 Revert "Make source code compatible with JDK 8"
This reverts commit 60ed3602f6.
2022-06-02 19:24:42 +02:00
Josh Cummings
d994ddc9b8 Polish InterceptUrlConfigTests
Issue gh-11305
2022-05-31 16:04:02 -06:00
Josh Cummings
9dbd1f3e25 Use AuthorizationManager in <http>
Closes gh-11305
2022-05-31 15:10:00 -06:00
Josh Cummings
8a03d1fcec Add AuthorizationManager to Messaging
Closes gh-11076
2022-05-27 12:20:48 -06:00
Juny Tse
16664dcdbd Use Base64 encoder with no CRLF in output for SAML 2.0 messages
Closes gh-11262
2022-05-25 11:43:50 -06:00
Josh Cummings
b51c71c3b3 Use original query string to verify signature
Closes gh-11235
2022-05-23 13:56:28 -06:00
Josh Cummings
5adb6e25a3 Correctly encode query parameters
Issue gh-11235
2022-05-20 17:46:40 -06:00
Josh Cummings
ffaf5b4e61 Polish WebExpressionAuthorizationManager
- Add support for request variables
- Added additional tests

Issue gh-11105
2022-05-13 13:53:38 -06:00
Evgeniy Cheban
07b0be3f42 Add AuthorizationManager that uses ExpressionHandler
Closes gh-11105
2022-05-13 13:52:49 -06:00
Marcus Da Coregio
18c220c870 Update copyright headers
Issue gh-10956
2022-05-06 14:26:29 -03:00
Marcus Da Coregio
18345feeed Fix mvcMatchers overriding previous paths
Closes gh-10956
2022-05-06 14:26:29 -03:00
Rob Winch
6420cf28a9 Multiple <authentication-manager> Do Not Duplicate Alias
Previously, two authentication managers with different ids would duplicate
the alias to the global authentication manager. This would cause failures
for when allowBeanDefinitionOverriding = false.

This commit ensures that if the global authentication manager alias is
already set, then it is not set again. This means the first
<authentication-manager> will be used as the global AuthenticationManager.

Closes gh-8767
2022-05-03 14:52:22 -05:00
Josh Cummings
0e9228d10a Prepare for Spring Security 5.8 2022-05-02 16:34:23 -06:00
Eleftheria Stein
5ac5edc2e6 Detect UserDetailsService bean in X509 configuration
Closes gh-11174
2022-04-28 14:47:18 +02:00
Eleftheria Stein
8e34cedcfe Detect UserDetailsService bean in remember me
Closes gh-11170
2022-04-28 12:43:13 +02:00
Rob Winch
aaf78330b1 ForceEagerSessionCreationFilter
Closes gh-11109
2022-04-15 14:16:35 -05:00
Josh Cummings
147ab42440 Revert "Pick up AuthorizationManager Bean"
This reverts commit 32b83aae63.

Issue gh-11067
2022-04-12 09:32:09 -06:00
Rob Winch
39b0620a84 Add DisableUrlRewritingFilter
Closes gh-11084
2022-04-08 16:13:44 -05:00
Josh Cummings
32b83aae63 Pick up AuthorizationManager Bean
Closes gh-11067
Closes gh-11068
2022-04-08 10:08:33 -06:00
Josh Cummings
b39f213e64 Revert "Add AuthorizationManager to Messaging"
This reverts commit 77a6e014a9.
2022-04-07 17:39:34 -06:00
Josh Cummings
77a6e014a9 Add AuthorizationManager to Messaging
Closes gh-11076
2022-04-07 17:39:10 -06:00
Josh Cummings
66213e5b2e Add Default Test to HttpBasicConfigurerTests
Issue gh-10973
2022-04-05 17:11:39 -06:00
Josh Cummings
47c8676be7 Polish Saml2LoginConfigurerTests
Issue gh-10973
2022-04-05 17:11:38 -06:00
Josh Cummings
061f69eb70 Polish Authorization Event Support
- Added spring-security-config support
- Renamed classes
- Changed contracts to include the authenticated user and secured
object
- Added method security support

Issue gh-9288
2022-03-29 16:03:19 -06:00
Rob Winch
67fd46bfa6 Add SecurityContextRepository.loadContext(HttpServletRequest)
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.

Closes gh-11028
2022-03-25 14:21:52 -05:00