Commit Graph

1293 Commits

Author SHA1 Message Date
Josh Cummings
c611b7e33b Add AuthorizationProxyFactory Reactive Support
Issue gh-14596
2024-03-15 11:44:30 -06:00
Steve Riesenberg
77c30c431e Polish tests
Issue gh-11783
Issue gh-13763
2024-03-14 15:40:43 -05:00
Steve Riesenberg
80a8d3831a Simplify reactive OAuth2 Client configuration
Closes gh-13763
2024-03-14 15:40:43 -05:00
Josh Cummings
52dfbfb5b3 Add Authorization Proxy Support
Closes gh-14596
2024-03-13 14:35:07 -06:00
Steve Riesenberg
d6382b83dc Configure token-exchange via a bean
Issue gh-5199
Issue gh-11783
Closes gh-14701
2024-03-07 11:03:10 -06:00
Marcus Hert Da Coregio
f8ff056eb6 Update Max Sessions on WebFlux
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler

Issue gh-6192
2024-02-28 10:06:45 -03:00
Marcus Hert Da Coregio
a5ce8ae87f Polish Max Sessions on WebFlux
This commit changes the PreventLoginServerMaximumSessionsExceededHandler to invalidate the WebSession in addition to throwing the error, this is needed otherwise the session would still be saved with the security context. It also changes the SessionRegistryWebSession to first perform the operation on the delegate and then invoke the needed method on the ReactiveSessionRegistry

Issue gh-6192
2024-02-27 11:12:50 -03:00
Josh Cummings
c639d0a514 Add AOP Integration Test
Closes gh-14637
2024-02-26 13:56:56 -07:00
Josh Cummings
4d383023cb Add meta-annotation parameter support
Closes gh-14480
2024-02-26 10:50:35 -07:00
Marcus Hert Da Coregio
21580fd27d Merge branch '6.2.x' 2024-02-16 13:31:20 -03:00
Marcus Hert Da Coregio
15306c1007 Merge branch '6.1.x' into 6.2.x 2024-02-16 13:21:15 -03:00
Rob Winch
750cb30ce4 Add AuthenticationTrustResolver.isAuthenticated 2024-02-16 13:08:29 -03:00
Josh Cummings
7f0433c805 Merge branch '6.2.x' 2024-02-12 17:01:38 -07:00
Josh Cummings
2702a64be7 Use Localhost for Internal Logout Endpoint
Closes gh-14553
2024-02-12 17:00:58 -07:00
Josh Cummings
34526c3e01 Merge branch '6.2.x' 2024-02-12 12:54:29 -07:00
Josh Cummings
3ab323663a Do Not Wire Default OidcSessionStrategy without OidcLogoutConfigurer
Closes gh-14558
2024-02-12 12:53:48 -07:00
Marcus Hert Da Coregio
915d68e216 Remove includeExpiredSessions parameter
The reactive implementation of max sessions does not keep track of expired sessions, therefore we do not need such parameter

Issue gh-6192
2024-02-06 10:43:00 -03:00
DingHao
3f65f600de Use AuthorizationEventPublisher Bean
- For Jsr250MethodInterceptor and SecuredMethodInterceptor

Closes gh-14401
2024-01-17 17:40:38 -07:00
Marcus Hert Da Coregio
1daa9e27e2 Merge branch '6.2.x' 2024-01-05 15:17:01 -03:00
Marcus Hert Da Coregio
e2bab7b7ef Add .serialized suffix and consider them as binary in Git
Issue gh-3737
2024-01-05 15:14:22 -03:00
Marcus Hert Da Coregio
85177c0178 Merge branch '6.2.x'
Closes gh-14408
2024-01-05 14:22:49 -03:00
Marcus Hert Da Coregio
4fb6a33d36 Verify Serializable Objects Are Deserializable Between Minor Versions
This commit introduces a test that verifies that Spring Security domain classes that implements Serializable and have the same serialVersionUID as SpringSecurityCoreVersion#SERIAL_VERSION_UID can be deserialized between minor versions.

This commit also introduces another test that should be used to generate the files containing the serialized content of the objects.

Closes gh-3737
2024-01-05 12:00:02 -03:00
Marcus Hert Da Coregio
707588f870 Merge branch '6.2.x' 2023-12-26 15:58:51 -03:00
Marcus Hert Da Coregio
d385b53e3c Merge branch '6.1.x' into 6.2.x 2023-12-26 15:58:39 -03:00
Marcus Hert Da Coregio
92af758f1f Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive
Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state.

Issue gh-14362
2023-12-26 15:58:16 -03:00
Marcus Hert Da Coregio
778a63a763 Revert "Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing"
This reverts commit 8a93178da7.
2023-12-26 15:10:15 -03:00
Marcus Hert Da Coregio
5ad34d1f92 Merge branch '6.2.x'
Closes gh-14381
2023-12-26 11:20:51 -03:00
Marcus Hert Da Coregio
dd20f0694d Merge branch '6.1.x' into 6.2.x
Closes gh-14380
2023-12-26 11:20:41 -03:00
DingHao
7cd626fe25 Fix FilterChainProxy cannot be found when @EnableWebSecurity(debug = true)
Closes gh-14370
2023-12-26 11:20:09 -03:00
Marcus Hert Da Coregio
08d764dc84 Merge branch '6.2.x'
Closes gh-14378
2023-12-26 10:42:45 -03:00
Marcus Hert Da Coregio
f95cda6be7 Merge branch '6.1.x' into 6.2.x
Closes gh-14377
2023-12-26 10:42:37 -03:00
Marcus Hert Da Coregio
364bc10e78 Add hints for CompositeFilterChainProxy
Closes gh-14359
2023-12-26 10:41:56 -03:00
Marcus Hert Da Coregio
a628384d20 Merge branch '6.2.x'
Closes gh-14368
2023-12-22 08:40:24 -03:00
Marcus Hert Da Coregio
737678c66e Merge branch '6.1.x' into 6.2.x
Closes gh-14367
2023-12-22 08:40:15 -03:00
Marcus Hert Da Coregio
8a93178da7 Exclude SpringSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor from AOT processing
Closes gh-14362
2023-12-22 08:40:07 -03:00
Taehong Kim
ec02c22459 Add Request Path Extraction Support
Closes gh-13256
2023-12-19 18:15:49 -07:00
Yan Kardziyaka
99218db84a Add order offset to @EnableMethodSecurity
Closes gh-13214
2023-12-19 17:57:24 -07:00
Josh Cummings
d7a9a19161 Merge branch '6.2.x' 2023-12-18 11:47:39 -07:00
Josh Cummings
03e48905c7 Merge branch '6.1.x' into 6.2.x
Closes gh-14346
2023-12-18 11:47:23 -07:00
Josh Cummings
b855ccdb09 Merge branch '5.8.x' into 6.1.x
Closes gh-14345
2023-12-18 11:46:04 -07:00
Josh Cummings
eaaa813ede Fix header value typo
Closes gh-11948
2023-12-18 10:42:50 -07:00
Rob Winch
465642828a Merge branch '6.2.x'
Add HandlerMappingIntrospector Caching

Closes gh-14333
2023-12-14 16:11:08 -06:00
Rob Winch
6dd29520b0 Merge branch '6.1.x' into 6.2.x
Add HandlerMappingIntrospector Caching

Closes gh-14332
2023-12-14 16:10:50 -06:00
Rob Winch
70dfb3d391 Add HandlerMappingIntrospector Caching
Closes gh-14128
2023-12-14 16:08:36 -06:00
Marcus Da Coregio
57ab15127a Add Max Sessions on WebFlux
Closes gh-6192
2023-12-11 09:48:34 -03:00
DerChris173
e6bea1cfa1 Polish RoleHierarchy Bean Usage
Issue gh-12783
2023-12-07 16:27:14 -07:00
kandaguru17
b76f7c029d Use available RoleHierachy Bean for MethodSecurity Config
Closes gh-12783
2023-12-07 16:27:14 -07:00
Josh Cummings
bb6b55aca3 Add Not Support
Closes gh-14058
2023-12-07 16:24:19 -07:00
Josh Cummings
d50698a269 Prepare for Spring Security 6.3
Closes gh-14210
2023-12-05 15:49:42 -07:00
Josh Cummings
3ab235cd56 Merge branch '6.1.x' 2023-12-01 15:54:44 -07:00