Commit Graph

1372 Commits

Author SHA1 Message Date
Josh Cummings
dff3780c5e Merge branch '6.3.x' 2024-08-22 12:38:17 -06:00
Josh Cummings
4c0d969f1f Merge branch '6.2.x' into 6.3.x
Closes gh-15676
2024-08-22 12:37:45 -06:00
Josh Cummings
3ee5a96e53 Merge branch '5.8.x' into 6.2.x
Closes gh-15675
2024-08-22 12:24:56 -06:00
Josh Cummings
5c604b95fb Correct PostFilterAuthorizationMethodInterceptor Target Type
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.

Closes gh-15651
2024-08-22 12:10:25 -06:00
Josh Cummings
6352877bc4 Merge branch '6.3.x' 2024-08-19 12:34:32 -06:00
Josh Cummings
ae8e4d148e Produce Exactly One AuthorizationAdvisor Per Annotation
Closes gh-15592
2024-08-19 12:30:03 -06:00
DingHao
ed16c86115 Improve @CurrentSecurityContext meta-annotations
Closes gh-15551
2024-08-13 13:18:15 -06:00
Josh Cummings
08b8b09066 Update Copyright
Issue gh-15286
2024-08-10 11:48:14 -06:00
Josh Cummings
2b33f6f04a Add Config Tests for AuthenticationPrincipal Templates
Issue gh-15286
2024-08-10 11:46:51 -06:00
Josh Cummings
e40c98e6d7 Deprecate PrePostTemplateDefaults
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.

If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.

Issue gh-15286
2024-08-10 11:46:51 -06:00
Rob Winch
71f40f2bc4 Merge branch '6.3.x'
Use explicit types instead of var

Closes gh-155537
2024-08-08 15:30:16 -05:00
Daniel Garnier-Moiroux
109da2719f Use explicit types everywhere instead of var 2024-08-08 15:29:41 -05:00
Josh Cummings
816ebe38b5 Add OpenSAML to Config Build
Issue gh-11658
2024-08-06 18:14:12 -06:00
Josh Cummings
78a0173cc1 Use OpenSAML API for web
Issue gh-11658
2024-08-06 18:14:11 -06:00
Josh Cummings
ff9a925e88 Use OpenSAML API for metadata
Issue gh-11658
2024-08-06 18:14:10 -06:00
Daniel Garnier-Moiroux
bc8ba7f3b7 Inline CSS for default login and logout page
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
  in air-gapped or offline scenarios, and no dependency on an external CDN that may
  go away some day.
2024-08-05 09:27:18 -05:00
Josh Cummings
37a2812d1a Mimic Annotation Fallback Logic
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
2024-07-31 16:17:42 -06:00
Josh Cummings
f20ae1a71c Revert gh-13783
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
2024-07-31 16:16:34 -06:00
Marcus Hert Da Coregio
8231b8a03b Merge branch '6.3.x' 2024-07-29 14:56:16 -03:00
Marcus Hert Da Coregio
c1b3b329af Merge branch '6.2.x' into 6.3.x 2024-07-29 14:56:09 -03:00
baezzys
3d4bcf1b44 fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource
- Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present.
- Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.
2024-07-29 14:55:55 -03:00
Josh Cummings
fdcf3c6df9 Merge branch '6.3.x' 2024-07-18 15:51:21 -06:00
Josh Cummings
ba714d78ab Merge branch '6.2.x' into 6.3.x
Closes gh-15440
2024-07-18 15:51:10 -06:00
Josh Cummings
3daeeb8789 Merge branch '5.8.x' into 6.2.x
Closes gh-15439
2024-07-18 15:50:58 -06:00
Josh Cummings
dab48d25b0 Improve Error Message When Registration Missing
Closes gh-15363
2024-07-18 15:50:41 -06:00
Josh Cummings
796e4d6b6c Add query parameter support for authn requests
Closes gh-15017
2024-07-13 23:57:57 -06:00
Josh Cummings
8ee497f4c5 Merge branch '6.2.x' into 6.3.x
Closes gh-15410
2024-07-12 11:04:08 -06:00
Josh Cummings
7422a1134a Allow logout+jwt JWT type
Closes gh-15003
2024-07-12 10:03:40 -07:00
Marcus Hert Da Coregio
aa9c1bab67 Upgrade to Spring Framework 6.2.0-M4
Closes gh-15266
2024-06-18 14:07:05 -03:00
Max Batischev
4c780bf8d4 Add support checking AnyRequestMatcher securityFilterChains
Closes gh-15220
2024-06-17 13:05:36 -06:00
Steve Riesenberg
7eaab95639 Polish gh-15237 2024-06-13 16:05:15 -05:00
Max Batischev
4e52eda0f5 Add support configuring OAuth2AuthorizationRequestResolver as bean
Closes gh-15236
2024-06-13 16:05:15 -05:00
Josh Cummings
87ee464dce Merge branch '6.3.x' 2024-06-06 13:36:39 -06:00
Josh Cummings
22c7b8760a Merge branch '6.2.x' into 6.3.x
Closes gh-15211
2024-06-06 13:36:20 -06:00
Josh Cummings
f231ea277d Merge branch '5.8.x' into 6.2.x
Closes gh-15210
2024-06-06 13:35:56 -06:00
Josh Cummings
6aabd768a8 Pick MvcRequestMatcher for MockMvc requests
Closes gh-13849
2024-06-06 13:17:43 -06:00
Josh Cummings
81abc453fe Merge branch '6.3.x' 2024-06-03 17:43:12 -06:00
Josh Cummings
0aed8df549 Merge branch '6.2.x' into 6.3.x
Closes gh-15197
2024-06-03 17:42:58 -06:00
Josh Cummings
d6228e0882 Merge branch '5.8.x' into 6.2.x
Closes gh-15196
2024-06-03 17:42:25 -06:00
Josh Cummings
cdd626644e Use Request-Level Servlet Context
Spring Security cannot use the ServletContext attached
to the ApplicationContext since there may be child
ApplicationContext's with their own ServletContext.

Because of that, it is necessary to always use the
ServletContext attached to the request.

Closes gh-14418
2024-06-03 17:41:51 -06:00
Josh Cummings
5a798e93f1 Polish MVC Tests
Issue gh-14418
2024-06-03 17:41:51 -06:00
Josh Cummings
9101bf1f7d Allow logout+jwt JWT type
Closes gh-15003
2024-05-31 14:41:05 -06:00
Marcus Hert Da Coregio
f6ea99d8a3 Prepare for Spring Security 6.4
Closes gh-15155
2024-05-24 11:41:28 -03:00
Marcus Hert Da Coregio
ddcaeb5c20 Serialize objects from 6.3.x
Issue gh-3737
2024-05-24 09:47:29 -03:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main
Issue gh-15016
2024-05-08 13:49:18 -03:00
Marcus Hert Da Coregio
b3c7f3ff19 Rename CompromisedPasswordCheckResult to CompromisedPasswordDecision
Issue gh-7395
2024-04-30 08:38:03 -03:00
Josh Cummings
29d3b438b9 Merge branch '6.1.x' into 6.2.x 2024-04-26 17:09:17 -06:00
Josh Cummings
1ecb036fba Merge branch '5.8.x' into 6.1.x 2024-04-26 17:09:05 -06:00
sheheryarumair
0e211382ee Remove useBase64 parameter 2024-04-26 17:05:49 -06:00
Josh Cummings
664dfd9b45 Defer Anonymous Filter Construction
By delaying when the AnonymousAuthenticationFilter is constructed,
it's now possible to call the principal and filter methods inside
of a custom DSL implementation.

This does not extend to setting the key or the authentication provider
though, as these must be set during the init phase.

Closes gh-14941
2024-04-25 14:03:10 -06:00