Commit Graph

1159 Commits

Author SHA1 Message Date
Josh Cummings
ca0140c586 saml2Login Honors AuthenticationProvider bean
Closes gh-13654
2023-08-16 17:54:14 -06:00
Josh Cummings
ee13216882 Merge branch '5.8.x' into 6.0.x
Closes gh-13579
2023-07-24 11:31:29 -06:00
Josh Cummings
c4f061c63d Do Not Re-register Method Security Advisors
Closes gh-13572
2023-07-24 11:24:03 -06:00
Josh Cummings
fe7bee9236 Merge branch '5.8.x' into 6.0.x 2023-07-17 11:09:38 -06:00
Josh Cummings
bb46a54270 Add DispatcherServlet to Tests
Issue gh-13551
2023-07-17 10:58:30 -06:00
Josh Cummings
df239b6448 Improve RequestMatcher Validation
Closes gh-13551
2023-07-17 08:41:30 -06:00
Marcus Da Coregio
933b302979 Fix once-per-request="true" not taking any effect
Closes gh-13491
2023-07-12 14:30:18 -03:00
Marcus Da Coregio
4e3517e03a Merge branch '5.8.x' into 6.0.x
Closes gh-13281
2023-06-05 16:03:58 -03:00
Marcus Da Coregio
b47420f8a2 Merge branch '5.7.x' into 5.8.x
Closes gh-13280
2023-06-05 16:02:30 -03:00
Marcus Da Coregio
7250abc185 Does not apply a Configurer when disabled from another DSL
Closes gh-13203
2023-06-05 16:01:20 -03:00
Josh Cummings
71703dc371 Update Symlink for 6.0
Issue gh-13131
2023-05-24 14:40:50 -06:00
Josh Cummings
73cb9862ad Update Symlink for 5.8
Issue gh-13131
2023-05-24 14:37:18 -06:00
Josh Cummings
1eefd433b6 Add spring-security.xsd symlink
Closes gh-13131
2023-05-22 15:42:02 -06:00
Josh Cummings
b438bc5384 Merge branch '5.8.x' into 6.0.x
Closes gh-13182
2023-05-15 17:30:14 -06:00
lukasz.migdalek
f4915890cc Use Spec Order for Verifying Signatures
Closes gh-12346
2023-05-15 17:24:22 -06:00
Josh Cummings
46ad9c122e Merge branch '5.8.x' into 6.0.x
Closes gh-13127
2023-05-02 16:56:06 -06:00
Josh Cummings
e9a02bc6e9 RememberMeConfigurer Picks Up SecurityContextRepository
Closes gh-13104
2023-05-02 16:46:35 -06:00
Marcus Da Coregio
69338ecdfa Only Observe AuthenticationManager if it is not null
Closes gh-13084
2023-05-02 10:12:46 -03:00
Josh Cummings
c3479ddb45 Pick Up SecurityContextRepository
Closes gh-13008
2023-04-17 17:06:06 -06:00
Marcus Da Coregio
a484044591 Merge branch '5.8.x' into 6.0.x 2023-04-17 07:29:42 -03:00
Marcus Da Coregio
6cf8c53aaa Merge branch '5.7.x' into 5.8.x 2023-04-17 07:16:47 -03:00
Marcus Da Coregio
2d52fb8e4b Clear Repository on Logout 2023-04-17 06:47:57 -03:00
Marcus Da Coregio
1a4a2a9055 Merge branch '5.8.x' into 6.0.x 2023-04-14 13:32:10 -03:00
Marcus Da Coregio
54117d7d27 Fix test suffix to align with checkstyle 2023-04-14 13:29:15 -03:00
twosom
cbb4e40166 fix typo in RequestCacheResultMatcher 2023-03-20 17:02:00 -06:00
Marcus Da Coregio
7d22e02593 Merge branch '5.8.x' into 6.0.x
Closes gh-12777
2023-02-23 15:17:25 -03:00
Marcus Da Coregio
97ba596ca3 Merge branch '5.7.x' into 5.8.x
Closes gh-12776
2023-02-23 15:17:04 -03:00
Marcus Da Coregio
1c3ce1e401 Fix entity-id ignored in RelyingPartyRegistration XML config
Closes gh-11898
2023-02-23 15:16:40 -03:00
Josh Cummings
cedb9fd199 Merge branch '5.8.x' into 6.0.x
Closes gh-12687
2023-02-16 14:56:32 -07:00
Josh Cummings
0baf650f38 Merge branch '5.7.x' into 5.8.x
Closes gh-12686
2023-02-16 14:55:22 -07:00
Leonid Rozenblyum
000b4bc495 Fix NPE in HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter
Before the fix, these methods would throw a NPE in case when the filter class passed as the second parameter, is not registered yet.

In particular, this exception can occur when mixing standard and custom DSL to register filters.

The fix doesn't change the situation that standard DSL for registration of filters cannot refer to filters that are registered via custom DSL even though those calls were done earlier.

It just provides more user-friendly error handling for this and most likely other scenarios of calls of HttpSecurity#addFilterBefore, HttpSecurity#addFilterAfter.

The error handling is implemented similarly to HttpSecurity#addFilter.

Closes gh-12637
2023-02-16 14:54:44 -07:00
Tobias Meurer
7dd5cc6082 Pick Up Custom SecurityContextRespository
Closes gh-12579
2023-02-07 12:46:12 -07:00
Marcus Da Coregio
3572111cf5 Add JwtDecoder hint for oauth2Login
Closes gh-12615
2023-02-03 14:34:32 -03:00
Steve Riesenberg
13487be268 Default to XorCsrfChannelInterceptor in 6.0.x
Closes gh-12378
2023-01-26 15:45:04 -06:00
Steve Riesenberg
1363a4eece Merge branch '5.8.x' into 6.0.x 2023-01-26 15:44:47 -06:00
Josh Cummings
c3563df25a Include HttpStatusRequestRequestedHandler
Closes gh-12548
2023-01-26 14:07:22 -07:00
Josh Cummings
66711f2365 Add RequestRejectedHandler Test
Issue gh-12548
2023-01-26 13:07:16 -07:00
Steve Riesenberg
c306df9b46 Add XorCsrfChannelInterceptor
Issue gh-12378
2023-01-23 16:00:35 -06:00
Josh Cummings
5b6b3d585f Change EnableReactiveMethodSecurity Defaults
Closes gh-12506
2023-01-10 08:30:52 -07:00
Marcus Da Coregio
7080ea652f Add hints for ProxyFactoryBean AuthenticationManager
Closes gh-12367
2022-12-14 10:16:04 -03:00
Steve Riesenberg
dd9f954ace Fix tests in CsrfConfigurerTests
Closes gh-12241
2022-11-18 14:58:41 -06:00
Steve Riesenberg
5da78f44f2 Merge branch '5.8.x' 2022-11-18 14:54:33 -06:00
Steve Riesenberg
ea6ce05662 Add configurer tests for CookieCsrfTokenRepository
Issue gh-12236
2022-11-18 13:12:59 -06:00
Steve Riesenberg
2ed7cff643 Check for existing token before clearing
Closes gh-12236
2022-11-18 13:12:59 -06:00
Josh Cummings
e08ed89403 Polish Span and Meter Names
Closes gh-12156
2022-11-17 15:09:52 -07:00
Marcus Da Coregio
3b5d19c8a4 Adapt to Servlet API 6 changes and support Jakarta WebSocket 2.1
Closes gh-12146
Closes gh-12148
2022-11-08 08:34:21 -03:00
Josh Cummings
fc8e20b89f Merge branch '5.8.x'
Closes gh-12133
2022-11-02 15:49:18 -06:00
Josh Cummings
3192618220 Add authenticationFailureHandler
- To ServerHttpSecurity#httpBasic
- To ServerHttpSecurity#oauthResourceServer

Closes gh-12132
2022-11-02 15:35:01 -06:00
Rob Winch
d860775b45 Document Defer load CsrfToken
Closes gh-12105
2022-10-28 15:41:25 -05:00
Josh Cummings
abe68abfe4 Merge remote-tracking branch 'origin/5.8.x' 2022-10-26 17:13:02 -06:00