04e0dcfe61
Allow configuration of security context through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
81d3cf1e7b
Allow configuration of authorize requests through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
1445d1b012
Allow configuration of request cache through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
fcb119b94e
Allow configuration of remember me through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
ae9eb6f56b
Allow configuration of x509 through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
bfc9538da1
Allow configuration of jee through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
86f0f84740
Allow configuration of port mapper through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
6fbea88e1e
Allow configuration of session management through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
6fd515813c
Allow configuration of cors through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
a9a1f8ee53
Allow configuration of form login through nested builder
...
Issue: gh-5557
2019-07-09 15:37:28 -04:00
758397f102
Allow configuration of headers through nested builder
...
Issue: gh-5557
2019-07-09 15:35:37 -04:00
6986cf3ef3
Allow configuration of csrf through nested builder
...
Issue: gh-5557
2019-07-09 10:14:18 -04:00
1a31376dda
Allow configuration of exception handling through nested builder
...
Issue: gh-5557
2019-07-09 10:14:18 -04:00
92314b0956
Allow configuration of logout through nested builder
...
Issue: gh-5557
2019-07-09 10:14:18 -04:00
d66d895e60
Migrate ServletApiConfigurerTests groovy->java
...
Issue: gh-4939
2019-07-04 12:14:49 -04:00
491da9db03
Added OAuth2TokenAttributes to wrap attributes
...
To simplify access to OAuth 2.0 token attributes
Fixes gh-6498
2019-07-02 07:45:56 -06:00
ee8182dceb
NamespaceSessionManagementTests groovy->java
...
Issue: gh-4939
2019-07-02 07:34:36 -06:00
7782e29a58
Allow custom ReactiveAuthenticationManager for basic and form auth
...
Prior to this change, "HttpBasicSpec#authenticationManager" and
"FormLoginSpec#authenticationManager" were always overridden by
"ServerHttpSecurity#authenticationManager".
This commit makes sure override only happens when custom authentication
manager was not specified.
Fixes: gh-5660
2019-06-28 11:04:21 -05:00
39ba1006ba
Migrate FormLoginConfigurerSpec groovy->java
...
Issue: gh-4939
2019-06-27 11:53:32 -04:00
3c240d0ce3
Migrate DefaultLoginPageConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-24 10:38:20 -04:00
12da990b6b
Allow configuration of HTTP basic through nested builder
...
Issue: gh-5557
Fixes: gh-6885
2019-06-20 13:58:13 -05:00
6e76df8f1d
Revert OAuth2AuthorizationCodeGrantWebFilter works with /{action}/
...
Issue #5856
Commit 385bdfc055#5856 . Only the ServerWebExchangeMatcher for OAuth2LoginSpec is reverted.
Fixes gh-6890
2019-06-19 16:06:38 -04:00
06943d2d39
Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests
...
Issue #5915
Commit 93ca455405
2019-06-19 16:06:38 -04:00
f6ed1db702
Introduced ReactiveAuthenticationManagerResolver
...
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
2019-06-13 08:52:19 -06:00
759e47ba84
Migrate OpenIDLoginConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-12 15:23:47 -04:00
e6ace0891f
Migrate X509ConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-11 17:31:53 -04:00
6ad46da426
Migrate ExpressionUrlAuthorizationConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-11 15:46:37 -04:00
56b716d9f7
Migrate SessionManagementConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-11 09:24:42 -04:00
1ec040e554
Disable bean proxying in configuration classes
...
Fixes gh-6967
2019-06-10 20:40:06 -05:00
371a3b9c7f
Migrate CorsConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-10 16:36:38 -04:00
c4dd800653
Merge pull request #6944 from eleftherias/gh-4939-channel-security-groovy-to-java
...
Migrate ChannelSecurityConfigurerTests groovy->java
2019-06-10 15:28:42 -04:00
b6e8997e95
Updates OAuth2ResourceServer configuration tests
...
Refactores collapsed imports
2019-06-07 11:56:03 -06:00
d285c6ab4c
Migrate JeeConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-07 12:05:25 -05:00
8e6db95048
Fix HttpSecurity Javadoc for jee() method
...
Fixes: gh-6958
2019-06-07 11:21:05 -05:00
fcd8a38f0b
Add success handler modification of OAuth2LoginSpec
...
Add the ability to modify the success handler used in OAuth2LoginSpec. The
default success handler remains unchanged.
Closes #6863
2019-06-05 13:25:34 -04:00
abe7da6b85
Migrate RememberMeConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-04 15:12:11 -05:00
06d3b60947
Replace bean method calls with injection
...
This is so that our configuration classes do not rely on CGLIB to proxy bean methods.
Fixes gh-6818
2019-06-03 15:45:28 -05:00
4f042a4ff1
Migrate ChannelSecurityConfigurerTests groovy->java
...
Issue: gh-4939
2019-06-03 11:09:49 -04:00
be651d9d16
Migrate CsrfConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 13:18:55 -06:00
6148eef689
Migrate SecurityContextConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 12:07:28 -06:00
16b0d782f4
Migrate HeadersConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 11:57:01 -06:00
7806ac21aa
Migrate RequestMatcherConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-31 11:48:34 -06:00
9fe8949883
Add @transient to OAuth2IntrospectionAuthenticationToken
...
fixes gh-6829
2019-05-29 08:42:09 -06:00
e15922322e
Migrate LogoutConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-27 22:53:51 -06:00
d660084538
Migrate HttpBasicConfigurerTests groovy->java
...
Issue: gh-4939
2019-05-23 09:24:58 -06:00
f5f965b6aa
Fix JavaDoc for defaultSuccessUrl
...
Fixes gh-3337
2019-05-17 10:50:30 -05:00
1ed9e3a1c6
Resource Server AuthenticationManager
...
Making the authentication manager for jwt() and opaqueToken()
configurable.
Fixes: gh-6832
Fixes: gh-6849
2019-05-07 17:04:51 -06:00
5aa50500cf
oauth2Login does not auto-redirect for XHR request
...
Fixes gh-6812
2019-05-02 16:04:09 -04:00
aef3f514fe
Set "rolePrefix" in ReactiveMethodSecurityConfiguration
...
Currently, `GrantedAuthorityDefaults` is not considered in
`ReactiveMethodSecurityConfiguration`.
This commit updates the configuration to be aware of
`GrantedAuthorityDefaults` and update `rolePrefix` when the bean is
available.
Also, use the same instance of `DefaultMethodSecurityExpressionHandler`
when constructing `ExpressionBasedAnnotationAttributeFactory`.
2019-05-02 10:46:27 -05:00
cf0c5f9026
Various NamespaceHttp*Tests groovy->java
...
Issue: gh-4939
2019-04-29 23:36:06 -06:00
b1195e7789
Opaque Token Intermediate Type
...
Introducing OAuth2TokenIntrospectionClient and also
ReactiveOAuth2TokenIntrospectionClient as configuration points.
The DSL looks in the application context for these types in the same
way it looks for JwtDecoder and ReactiveJwtDecoder, and exposes
similar configuration methods.
Fixes: gh-6632
2019-04-29 13:39:53 -06:00
9a67441507
Add x509 support for Reactive Security
...
[gh #5038 ]
2019-04-26 12:15:18 -05:00
5aacd0c955
Expose bean setters in @Configuration used by @EnableWebFluxSecurity
...
Fixes gh-6624
2019-04-23 11:46:09 -04:00
1c25fe26c9
Introduce Support for Reading RSA Keys
...
Fixes: gh-6494
2019-04-13 19:39:11 -06:00
570eb01733
review phase1
2019-04-13 19:22:44 -06:00
678e0b19e0
Introduce @CurrentSecurityContext for method arguments
2019-04-13 19:22:44 -06:00
21f7148e7a
Update filters documentation
...
Fixes: gh-5553
2019-04-13 19:21:10 -06:00
7e8aadeb96
Multi-tenancy for Resource Server
...
Fixes: gh-5351
2019-03-29 15:00:48 -06:00
4e9c37b1ae
Manual URL Cleanup
2019-03-29 13:24:11 -04:00
3617fd257e
Introduced placeholder support for Headers tag attributes
...
Added the functionality to allow the disabled and defaults-disabled
attribute of <header> tag to accept a placeholder and resolve it during
parsing.
- Updated the spring-security .rnc files starting from 4.2 up to 5.2
with xsd:token type instead of boolean
- Added unit tests for headers.disabled and headers.defaults-disabled
attributes with placeholder
- Modified the HeadersBeanDefinitionParser to support resolving
placeholders
- Updated spring.schemas to point to latest spring-security-5.2.xsd
Fixes gh-6547
2019-03-21 17:25:48 -06:00
bfe1e6a154
OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> @Bean is discovered by OAuth2ClientConfiguration
...
Fixes gh-6572
2019-03-21 11:56:16 -04:00
3b89754926
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated:
([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html ) result ClosedChannelException).
* http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated:
([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html ) result SSLHandshakeException).
* http://cujojs.com/ (200) with 1 occurrences could not be migrated:
([https](https://cujojs.com/ ) result SSLHandshakeException).
* http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated:
([https](https://erik.eae.net/archives/2007/07/27/18.54.15/ ) result SSLHandshakeException).
* http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated:
([https](https://javascript.nwbox.com/IEContentLoaded/ ) result SSLHandshakeException).
* http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated:
([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html ) result SSLHandshakeException).
* http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated:
([https](https://monkeymachine.co.uk/ ) result SSLHandshakeException).
* http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated:
([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/ ) result SSLHandshakeException).
* http://somesite.com/login (200) with 3 occurrences could not be migrated:
([https](https://somesite.com/login ) result AnnotatedConnectException).
* http://someurl.com/ (200) with 2 occurrences could not be migrated:
([https](https://someurl.com/ ) result SSLHandshakeException).
* http://sscce.org/ (200) with 1 occurrences could not be migrated:
([https](https://sscce.org/ ) result SSLHandshakeException).
* http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated:
([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf ) result 404).
* http://www.example.com:80/ (200) with 1 occurrences could not be migrated:
([https](https://www.example.com:80/ ) result NotSslRecordException).
* http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/qa/rfcc-1940.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc1945.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc3548.html ) result AnnotatedConnectException).
* http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated:
([https](https://www.zytrax.com/books/ldap/ ) result AnnotatedConnectException).
* http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated:
([https](https://blindsignals.com/index.php/2009/07/jquery-delay/ ) result SSLHandshakeException).
* http://www.faqs.org/ (301) with 1 occurrences could not be migrated:
([https](https://www.faqs.org/ ) result AnnotatedConnectException).
* http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated:
([https](https://sam.zoy.org/wtfpl/ ) result SSLHandshakeException).
* http://hey.openid.com/ (302) with 1 occurrences could not be migrated:
([https](https://hey.openid.com/ ) result SSLHandshakeException).
* http://iharder.net/base64 (303) with 2 occurrences could not be migrated:
([https](https://iharder.net/base64 ) result AnnotatedConnectException).
* http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated:
([https](https://jaspan.com/improved_persistent_login_cookie_best_practice ) result AnnotatedConnectException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://www.relaxng.org/ (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org/ ) result SSLHandshakeException).
* http://www.relaxng.org (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org ) result SSLHandshakeException).
* http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to:
https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ) result ReadTimeoutException).
* http://foo.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://foo.test.com ) result SSLHandshakeException).
* http://abc.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://abc.test.com ) result SSLHandshakeException).
* http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to:
https://192.168.1:8080 ([https](https://192.168.1:8080 ) result ConnectTimeoutException).
* http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page ) result ConnectTimeoutException).
* http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to:
https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ) result ReadTimeoutException).
* http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/ ([https](https://axschema.org/ ) result UnknownHostException).
* http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder ) result UnknownHostException).
* http://default (UnknownHostException) with 12 occurrences migrated to:
https://default ([https](https://default ) result UnknownHostException).
* http://endpoint (UnknownHostException) with 4 occurrences migrated to:
https://endpoint ([https](https://endpoint ) result UnknownHostException).
* http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token ) result UnknownHostException).
* http://example.com¶m1=value1¶m2=value2 (UnknownHostException) with 1 occurrences migrated to:
https://example.com¶m1=value1¶m2=value2 ([https](https://example.com¶m1=value1¶m2=value2 ) result UnknownHostException).
* http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to:
https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah ) result UnknownHostException).
* http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder ) result UnknownHostException).
* http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to:
https://id.openid.zz ([https](https://id.openid.zz ) result UnknownHostException).
* http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token ) result UnknownHostException).
* http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/user ([https](https://invalid-provider.com/user ) result UnknownHostException).
* http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to:
https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json ) result UnknownHostException).
* http://issuer/certs (UnknownHostException) with 1 occurrences migrated to:
https://issuer/certs ([https](https://issuer/certs ) result UnknownHostException).
* http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/ ) result UnknownHostException).
* http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to:
https://joe.myopenid.com/ ([https](https://joe.myopenid.com/ ) result UnknownHostException).
* http://logout (UnknownHostException) with 2 occurrences migrated to:
https://logout ([https](https://logout ) result UnknownHostException).
* http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token ) result UnknownHostException).
* http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to:
https://openid.aol.com/ ([https](https://openid.aol.com/ ) result UnknownHostException).
* http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to:
https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server ) result UnknownHostException).
* http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue ) result UnknownHostException).
* http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to:
https://some.site.org/index.html ([https](https://some.site.org/index.html ) result UnknownHostException).
* http://something/ (UnknownHostException) with 1 occurrences migrated to:
https://something/ ([https](https://something/ ) result UnknownHostException).
* http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to:
https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0 ) result UnknownHostException).
* http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to:
https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select ) result UnknownHostException).
* http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to:
https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules ) result UnknownHostException).
* http://www.faqs (UnknownHostException) with 1 occurrences migrated to:
https://www.faqs ([https](https://www.faqs ) result UnknownHostException).
* http://www.test123.com (UnknownHostException) with 1 occurrences migrated to:
https://www.test123.com ([https](https://www.test123.com ) result UnknownHostException).
* http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 ) result 400).
* http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to:
https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ) result 404).
* http://example.com/auth (404) with 2 occurrences migrated to:
https://example.com/auth ([https](https://example.com/auth ) result 404).
* http://example.com/info (404) with 2 occurrences migrated to:
https://example.com/info ([https](https://example.com/info ) result 404).
* http://example.com/jwkset (404) with 2 occurrences migrated to:
https://example.com/jwkset ([https](https://example.com/jwkset ) result 404).
* http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id ) result 404).
* http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2 ) result 404).
* http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to:
https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d ) result 404).
* http://example.com/pkp-report (404) with 5 occurrences migrated to:
https://example.com/pkp-report ([https](https://example.com/pkp-report ) result 404).
* http://example.com/token (404) with 2 occurrences migrated to:
https://example.com/token ([https](https://example.com/token ) result 404).
* http://example.net/pkp-report (404) with 7 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to:
https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ) result 404).
* http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to:
https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js ) result 404).
* http://json.org/json2.js (404) with 1 occurrences migrated to:
https://json.org/json2.js ([https](https://json.org/json2.js ) result 404).
* http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to:
https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/ ) result 404).
* http://provider.com/user (302) with 2 occurrences migrated to:
https://provider.com/user ([https](https://provider.com/user ) result 404).
* http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to:
https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0 ) result 404).
* http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to:
https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello ) result 404).
* http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to:
https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ) result 404).
* http://www.example.com/identity (404) with 1 occurrences migrated to:
https://www.example.com/identity ([https](https://www.example.com/identity ) result 404).
* http://www.example.com/login/openid (404) with 2 occurrences migrated to:
https://www.example.com/login/openid ([https](https://www.example.com/login/openid ) result 404).
* http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld ) result 404).
* http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html ) result 404).
* http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar ) result 404).
* http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to:
https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html ) result 404).
* http://www.example.com/realm (404) with 1 occurrences migrated to:
https://www.example.com/realm ([https](https://www.example.com/realm ) result 404).
* http://www.example.com/redirect (404) with 1 occurrences migrated to:
https://www.example.com/redirect ([https](https://www.example.com/redirect ) result 404).
* http://www.example.org/do/something (404) with 4 occurrences migrated to:
https://www.example.org/do/something ([https](https://www.example.org/do/something ) result 404).
* http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to:
https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ) result 404).
* http://www.json.org/json2.js (404) with 1 occurrences migrated to:
https://www.json.org/json2.js ([https](https://www.json.org/json2.js ) result 404).
* http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to:
https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to:
https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ) result 200).
* http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282 ) result 200).
* http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359 ) result 200).
* http://claimid.com/ with 2 occurrences migrated to:
https://claimid.com/ ([https](https://claimid.com/ ) result 200).
* http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to:
https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ) result 200).
* http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ) result 200).
* http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ) result 200).
* http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ) result 200).
* http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ) result 200).
* http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ) result 200).
* http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to:
https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking ) result 200).
* http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting ) result 200).
* http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep ) result 200).
* http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to:
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ) result 200).
* http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ) result 200).
* http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack ) result 200).
* http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern ) result 200).
* http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record ) result 200).
* http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy ) result 200).
* http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to:
https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation ) result 200).
* http://example.com with 8 occurrences migrated to:
https://example.com ([https](https://example.com ) result 200).
* http://example.com/ with 1 occurrences migrated to:
https://example.com/ ([https](https://example.com/ ) result 200).
* http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to:
https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ) result 200).
* http://flywaydb.org/ with 1 occurrences migrated to:
https://flywaydb.org/ ([https](https://flywaydb.org/ ) result 200).
* http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to:
https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css ) result 200).
* http://gradle.org with 1 occurrences migrated to:
https://gradle.org ([https](https://gradle.org ) result 200).
* http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to:
https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ) result 200).
* http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to:
https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ) result 200).
* http://jquery.com/ with 1 occurrences migrated to:
https://jquery.com/ ([https](https://jquery.com/ ) result 200).
* http://knockoutjs.com/ with 1 occurrences migrated to:
https://knockoutjs.com/ ([https](https://knockoutjs.com/ ) result 200).
* http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to:
https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools ) result 200).
* http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to:
https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ) result 200).
* http://openid.net with 1 occurrences migrated to:
https://openid.net ([https](https://openid.net ) result 200).
* http://openid.net/ with 1 occurrences migrated to:
https://openid.net/ ([https](https://openid.net/ ) result 200).
* http://openid.net/certification/ with 4 occurrences migrated to:
https://openid.net/certification/ ([https](https://openid.net/certification/ ) result 200).
* http://openid.net/connect/ with 4 occurrences migrated to:
https://openid.net/connect/ ([https](https://openid.net/connect/ ) result 200).
* http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to:
https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to:
https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to:
https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html ) result 200).
* http://sizzlejs.com/ with 2 occurrences migrated to:
https://sizzlejs.com/ ([https](https://sizzlejs.com/ ) result 200).
* http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to:
https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ) result 200).
* http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ ) result 200).
* http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ ) result 200).
* http://spring.io/projects with 1 occurrences migrated to:
https://spring.io/projects ([https](https://spring.io/projects ) result 200).
* http://spring.io/services with 1 occurrences migrated to:
https://spring.io/services ([https](https://spring.io/services ) result 200).
* http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to:
https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security ) result 200).
* http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to:
https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ) result 200).
* http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to:
https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797 ) result 200).
* http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to:
https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469 ) result 200).
* http://vimeo.com/34436402 with 1 occurrences migrated to:
https://vimeo.com/34436402 ([https](https://vimeo.com/34436402 ) result 200).
* http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to:
https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ) result 200).
* http://www.ja-sig.org/cas (301) with 1 occurrences migrated to:
https://www.apereo.org ([https](https://www.ja-sig.org/cas ) result 200).
* http://ehcache.sourceforge.net (301) with 2 occurrences migrated to:
https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net ) result 200).
* http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to:
https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ) result 200).
* http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to:
https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt ) result 200).
* http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to:
https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt ) result 200).
* http://www.liquibase.org/ with 1 occurrences migrated to:
https://www.liquibase.org/ ([https](https://www.liquibase.org/ ) result 200).
* http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to:
https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.test.com with 9 occurrences migrated to:
https://www.test.com ([https](https://www.test.com ) result 200).
* http://www.thymeleaf.org with 25 occurrences migrated to:
https://www.thymeleaf.org ([https](https://www.thymeleaf.org ) result 200).
* http://www.thymeleaf.org/ with 3 occurrences migrated to:
https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/ ) result 200).
* http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to:
https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ) result 200).
* http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to:
https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ) result 200).
* http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to:
https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ) result 200).
* http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to:
https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ) result 200).
* http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to:
https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html ) result 200).
* http://www.w3.org/TR/selectors/ with 3 occurrences migrated to:
https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/ ) result 200).
* http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to:
https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU ) result 200).
* http://api.jquery.com/jQuery.browser with 1 occurrences migrated to:
https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ) result 301).
* http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ) result 301).
* http://code.google.com/p/openid-selector/ with 3 occurrences migrated to:
https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/ ) result 301).
* http://contributor-covenant.org with 1 occurrences migrated to:
https://contributor-covenant.org ([https](https://contributor-covenant.org ) result 301).
* http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to:
https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/ ) result 301).
* http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to:
https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/ ) result 301).
* http://docs.spring.io with 1 occurrences migrated to:
https://docs.spring.io ([https](https://docs.spring.io ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ) result 301).
* http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to:
https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ) result 301).
* http://help.github.com/set-up-git-redirect with 1 occurrences migrated to:
https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect ) result 301).
* http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to:
https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ) result 301).
* http://jquery.org/license with 1 occurrences migrated to:
https://jquery.org/license ([https](https://jquery.org/license ) result 301).
* http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647 ) result 301).
* http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941 ) result 301).
* http://openid.net/get/ with 2 occurrences migrated to:
https://openid.net/get/ ([https](https://openid.net/get/ ) result 301).
* http://openid.net/what/ with 2 occurrences migrated to:
https://openid.net/what/ ([https](https://openid.net/what/ ) result 301).
* http://technorati.com/people/technorati/ with 2 occurrences migrated to:
https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/ ) result 301).
* http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to:
https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html ) result 301).
* http://www.jasig.org/cas with 1 occurrences migrated to:
https://www.jasig.org/cas ([https](https://www.jasig.org/cas ) result 301).
* http://www.modernizr.com/ with 1 occurrences migrated to:
https://www.modernizr.com/ ([https](https://www.modernizr.com/ ) result 301).
* http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to:
https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php ) result 301).
* http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to:
https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads ) result 301).
* http://www.springframework.org/security with 1 occurrences migrated to:
https://www.springframework.org/security ([https](https://www.springframework.org/security ) result 301).
* http://www.springsource.com/ with 2 occurrences migrated to:
https://www.springsource.com/ ([https](https://www.springsource.com/ ) result 301).
* http://www.springsource.org with 1 occurrences migrated to:
https://www.springsource.org ([https](https://www.springsource.org ) result 301).
* http://www.springsource.org/sts with 1 occurrences migrated to:
https://www.springsource.org/sts ([https](https://www.springsource.org/sts ) result 301).
* http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to:
https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/ ) result 301).
* http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to:
https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/ ) result 301).
* http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to:
https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/ ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ) result 302).
* http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to:
https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ) result 302).
* http://example2.com with 3 occurrences migrated to:
https://example2.com ([https](https://example2.com ) result 302).
* http://flickr.com/ with 2 occurrences migrated to:
https://flickr.com/ ([https](https://flickr.com/ ) result 302).
* http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to:
https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html ) result 302).
* http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to:
https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ) result 302).
* http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
* http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ) result 302).
* http://spring.io/spring-security with 1 occurrences migrated to:
https://spring.io/spring-security ([https](https://spring.io/spring-security ) result 302).
* http://spring.io/spring-security/ with 2 occurrences migrated to:
https://spring.io/spring-security/ ([https](https://spring.io/spring-security/ ) result 302).
* http://spring.io/tools/sts with 1 occurrences migrated to:
https://spring.io/tools/sts ([https](https://spring.io/tools/sts ) result 302).
* http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to:
https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ) result 302).
* http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to:
https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html ) result 302).
* http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to:
https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ) result 302).
* http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to:
https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://java.sun.com/JSP/Page with 14 occurrences
* http://java.sun.com/jsp/jstl/core with 31 occurrences
* http://java.sun.com/jsp/jstl/fmt with 6 occurrences
* http://java.sun.com/jsp/jstl/functions with 1 occurrences
* http://java.sun.com/jstl/core with 1 occurrences
* http://java.sun.com/xml/ns/j2ee with 2 occurrences
* http://java.sun.com/xml/ns/javaee with 6 occurrences
* http://localhost with 20 occurrences
* http://localhost/ with 6 occurrences
* http://localhost/Test</value></property> with 1 occurrences
* http://localhost/appcontext/page with 1 occurrences
* http://localhost/authenticated with 1 occurrences
* http://localhost/authentication/login with 2 occurrences
* http://localhost/authorize/oauth2/code/registration-id with 3 occurrences
* http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences
* http://localhost/callback/client-1 with 1 occurrences
* http://localhost/callback/client-1?error=invalid_grant with 1 occurrences
* http://localhost/client-1 with 9 occurrences
* http://localhost/cookie with 1 occurrences
* http://localhost/cookie/delete with 1 occurrences
* http://localhost/custom-login with 1 occurrences
* http://localhost/custom-logout with 1 occurrences
* http://localhost/form-page with 1 occurrences
* http://localhost/iss with 1 occurrences
* http://localhost/issuer with 2 occurrences
* http://localhost/login with 38 occurrences
* http://localhost/login/oauth2/code/ with 4 occurrences
* http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences
* http://localhost/login/oauth2/code/registration-id with 3 occurrences
* http://localhost/login/oauth2/code/registration-id& with 2 occurrences
* http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences
* http://localhost/login/openid with 1 occurrences
* http://localhost/login2 with 1 occurrences
* http://localhost/loginPage with 2 occurrences
* http://localhost/logout with 1 occurrences
* http://localhost/messages with 4 occurrences
* http://localhost/oauth2/authorization/google with 1 occurrences
* http://localhost/openid-page with 1 occurrences
* http://localhost/saved-request with 1 occurrences
* http://localhost/secured with 2 occurrences
* http://localhost/signin with 1 occurrences
* http://localhost/some-url with 1 occurrences
* http://localhost/tosave with 1 occurrences
* http://localhost/user with 1 occurrences
* http://localhost:123456 with 3 occurrences
* http://localhost:1280/certs with 1 occurrences
* http://localhost:314 with 1 occurrences
* http://localhost:4080 with 1 occurrences
* http://localhost:543 with 1 occurrences
* http://localhost:8080 with 16 occurrences
* http://localhost:8080/ with 4 occurrences
* http://localhost:8080/SomeService with 1 occurrences
* http://localhost:8080/contacts with 1 occurrences
* http://localhost:8080/login/oauth2/code with 1 occurrences
* http://localhost:8080/login/oauth2/code/client-id with 2 occurrences
* http://localhost:8080/login/oauth2/code/facebook with 2 occurrences
* http://localhost:8080/login/oauth2/code/github with 2 occurrences
* http://localhost:8080/login/oauth2/code/google with 4 occurrences
* http://localhost:8080/login/oauth2/code/okta with 2 occurrences
* http://localhost:8080/path/page.html?query=string with 1 occurrences
* http://localhost:8080/sample/ with 15 occurrences
* http://localhost:8080/secure with 1 occurrences
* http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences
* http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences
* http://localhost:9080/protected with 2 occurrences
* http://localhost:9080/secured with 1 occurrences
* http://localhost:9080/unsecured with 1 occurrences
* http://localhost:9080/user with 1 occurrences
* http://test.com with 1 occurrences
* http://test.foobar.com with 1 occurrences
* http://testopenid.com?openid.return_to= with 1 occurrences
* http://www.springframework.org/schema/aop with 2 occurrences
* http://www.springframework.org/schema/beans with 8 occurrences
* http://www.springframework.org/schema/context with 2 occurrences
* http://www.springframework.org/schema/mvc with 2 occurrences
* http://www.springframework.org/schema/security with 45 occurrences
* http://www.springframework.org/schema/security/spring-security- with 1 occurrences
* http://www.springframework.org/schema/websocket with 2 occurrences
* http://www.springframework.org/security/tags with 17 occurrences
* http://www.springframework.org/tags with 12 occurrences
* http://www.springframework.org/tags/form with 14 occurrences
* http://www.w3.org/1999/XSL/Transform with 1 occurrences
* http://www.w3.org/1999/xhtml with 26 occurrences
* http://www.w3.org/2001/XMLSchema with 15 occurrences
* http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
2019-03-19 23:53:23 -05:00
e9de49efef
Polish URL Cleanup
...
Fixes: gh-6626
2019-03-19 19:04:51 -05:00
2bf126f4cf
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated:
([https](https://luke.taylor.openid.cn/ ) result SSLHandshakeException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/ ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://schema.openid.net/namePerson/friendly (UnknownHostException) with 1 occurrences migrated to:
https://schema.openid.net/namePerson/friendly ([https](https://schema.openid.net/namePerson/friendly ) result UnknownHostException).
* http://somehost/someUrl (UnknownHostException) with 1 occurrences migrated to:
https://somehost/someUrl ([https](https://somehost/someUrl ) result UnknownHostException).
* http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/ ) result UnknownHostException).
* http://example.net/pkp-report (404) with 1 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to:
https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ) result 404).
* http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to:
https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd ) result 404).
* http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to:
https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ) result 404).
* http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to:
https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://raykrueger.blogspot.com/ with 1 occurrences migrated to:
https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/ ) result 200).
* http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to:
https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects ) result 200).
* http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to:
https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ) result 200).
* http://www.springframework.org/dtd/spring-beans.dtd with 4 occurrences migrated to:
https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 5 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 20 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 267 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.2.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context.xsd with 6 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd ) result 200).
* http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ) result 200).
* http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 10 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security-2.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 266 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ) result 200).
* http://www.springframework.org/schema/tx/spring-tx.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util-3.0.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util.xsd with 4 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 6 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.headwaysoftware.com with 1 occurrences migrated to:
https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com ) result 301).
* http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to:
https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://appengine.google.com/ns/1.0 with 1 occurrences
* http://docbook.org/ns/docbook with 1 occurrences
* http://jakarta.apache.org/log4j/ with 1 occurrences
* http://java.sun.com/xml/ns/javaee with 22 occurrences
* http://www.springframework.org/schema/aop with 14 occurrences
* http://www.springframework.org/schema/beans with 576 occurrences
* http://www.springframework.org/schema/c with 6 occurrences
* http://www.springframework.org/schema/context with 18 occurrences
* http://www.springframework.org/schema/data/jpa with 2 occurrences
* http://www.springframework.org/schema/jdbc with 2 occurrences
* http://www.springframework.org/schema/mvc with 20 occurrences
* http://www.springframework.org/schema/p with 10 occurrences
* http://www.springframework.org/schema/security with 534 occurrences
* http://www.springframework.org/schema/tx with 10 occurrences
* http://www.springframework.org/schema/util with 16 occurrences
* http://www.springframework.org/schema/websocket with 12 occurrences
* http://www.w3.org/1999/xlink with 1 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 299 occurrences
2019-03-19 17:33:29 -05:00
a45df2c802
Move OIDC Reactive Packaging
2019-03-19 09:00:46 -06:00
8f5493acce
Move OIDC Servlet Packaging
2019-03-19 09:00:46 -06:00
fba31dfb6a
Reactive Oidc RP-Initiated Logout
...
Issue: gh-5350
2019-03-19 09:00:46 -06:00
248a8c030b
Support for OIDC RP-Initiated Logout
...
Fixes: gh-5350
2019-03-19 09:00:46 -06:00
9478abebd2
Internalize Nimbus JwtDecoder Builder
...
Issue: gh-6010
2019-03-18 12:32:44 -06:00
b93528138e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 15:46:20 -05:00
da0f969929
NamespaceExpressionHandlerTests groovy->java
...
Issue: gh-4939
2019-03-11 12:01:51 -06:00
9642d33a6b
NamespaceHttpX509Tests groovy->java
...
Fixes: gh-4939
2019-03-06 16:46:06 -07:00
ad9dc49d55
OAuth2LoginSpec discovers ReactiveOAuth2AccessTokenResponseClient @Bean
...
Fixes: gh-6477
2019-03-04 15:44:42 -05:00
82d527ed42
Add Support for Clear Site Data on Logout
...
Added an implementation of HeaderWriter for Clear-Site-Data HTTP
response header as welll as an implementation of LogoutHanlder
that accepts an implementation of HeaderWriter to write headers.
- Added ClearSiteDataHeaderWriter and HeaderWriterLogoutHandler
that implements HeaderWriter and LogoutHandler respectively
- Added unit tests for both implementations's behaviours
- Integration tests for HeaderWriterLogoutHandler that uses
ClearSiteDataHeaderWriter
- Updated the documentation to include link to
HeaderWriterLogoutHandler
Fixes gh-4187
2019-02-28 11:01:08 -07:00
2b960b074b
Polish Eager Header Config Tests
...
In the Java config tests, there is a simplified way to configure
Spring, and that is with SpringTestRule.
Also, test names typically follow the when-then convention.
Issue: gh-6501
2019-02-18 09:24:17 -07:00
ac13b55ecd
HeaderWriterFilter writes headers at beginning
...
Add support for HeaderWriterFilter to write headers at the beginning of the request
Fixes: gh-6501
2019-02-18 07:43:08 -07:00
fba25614bf
Reactive Opaque Token Support
...
Fixes: gh-6513
2019-02-15 15:59:25 -06:00
ef9c3e4771
Opaque Token Support
...
Fixes: gh-5200
2019-02-07 12:40:12 -07:00
594a169798
Introduce OAuth2AuthorizationRequest.attributes
...
Fixes gh-5940
2019-02-07 11:49:17 -05:00
5c2ee09bc3
Favor RestOperations in Resource Server Configurer
...
Also polished exposure of the JWK Set Uri for the tests where
MockWebServer is preferred.
Fixes: gh-6104
2019-01-29 15:43:09 -07:00
8e6bcc1c35
No RequestMatcher After AnyRequest
...
Don't allow any type of RequestMatchers
after any request by throwing IllegalStateException
Fixes: gh-6359
2019-01-25 11:14:33 -07:00
b581bb7eae
Add new configuration options for OAuth2LoginSpec
...
Fixes gh-5598
2019-01-24 10:37:52 -05:00
2e70d66063
Improve CsrfBeanDefinitionParser xml parsing
...
1. CsrfBeanDefinitionParser registers requestDataValueProcessor
if not already registered
2. Created Tests in CsrfBeanDefinitionParserTests
Fixes: gh-6423
2019-01-22 13:56:20 -06:00
ffe602fdbe
HTML markup fixed in DefaultLoginPageGeneratingFilter
...
Ending div moved out of condition.
Fixes: gh-6417
2019-01-22 13:20:35 -06:00
ca02d8a4f8
NamespaceLogoutTests groovy->java
...
Issue: gh-4939
2019-01-18 16:56:13 -07:00
e68b6f17de
NamespaceHttpBasicTests groovy->java
...
Issue: gh-4939
2019-01-18 15:41:26 -07:00
b7ed919cee
Add preload support to Strict-Transport-Security
...
1. Preload support in Servlet Security(XML & Java)
2. Preload support in Reactive Security
3. Test for preload support in Servlet Security
4. Test for preload support in Reactive Security
Fixes: gh-6312
2019-01-16 11:10:06 -06:00
d099a62a6f
hasRole should not be called on a string with "ROLE_" prefix ( #6353 )
...
Removed "ROLE_" from UrlAuthorizationConfigurer
This fixes IllegalArgumentException: ROLE_ANONYMOUS should not start
with ROLE_ since ROLE_
2019-01-15 08:59:34 -06:00
c94f13a971
Polish tests
2019-01-08 11:16:22 -06:00
1a02cafe81
NamespaceHttpAnonymousTests groovy->java
...
Issue: gh-4939
2019-01-07 15:04:26 -07:00
9b65107922
NamespaceDebugTests groovy->java
...
Issue: gh-4939
2019-01-04 17:53:31 -07:00
5f33bbe512
Removed isServlet30 check
2019-01-04 08:27:26 -07:00
6e1db1105b
Fixes typo in x,rnc files
...
1. Fixes type ammount to amount in *.rnc files
2. Regenerates *.xsd files from *.rnc files
Fixes: gh-6325
2019-01-02 11:17:02 -07:00
f289ef8689
Fixes Documentation Problem
...
Fixes documentation problem of Anonymous Authentication
in ServerHttpSecurity
Fixes: gh-6327
2019-01-02 11:13:18 -07:00
d77b12d229
authorization_uri Uses UriComponentsBuilder
...
Because of this, authorization_uri can now be a fully-qualified url.
Fixes: gh-5760
2018-12-21 13:23:47 -07:00
9c0d78da71
Extract OidcTokenValidator to an OAuth2TokenValidator
...
Fixes gh-5930
2018-12-21 11:06:40 -05:00
7a55af246e
Polish tests and javadoc
...
When using AssertJ, it's easy to commit the following error
assertThat(some boolean condition)
The above actually does nothing. It at least needs to be
assertThat(some boolean condition).isTrue()
This commit refines some assertions that were missing a verify
condition.
Also, one Javadoc was just a little bit confusing, so this
clarifies it.
Issue: gh-6259
2018-12-21 08:47:37 -07:00
086b105273
Remove Servlet 2.5 Support for Session Fixation
...
This commit removes existence validation of a method only available in Servlet 3.1.
Spring Framework baseline is Servlet 3.1 so is not longer required.
Fixes: gh-6259
2018-12-21 08:47:37 -07:00
12f320851d
Set openid scope in OAuth2LoginTests
2018-12-21 09:24:55 -06:00
8f4f52edb9
Support configurable JwtDecoder for IdToken verification
...
Fixes gh-5717
2018-12-21 09:24:55 -06:00
e60ae4984a
Add hasAnyAuthority() and hasAnyRole() in AuthorizeExchangeSpec
...
Fixes gh-6306
2018-12-19 09:55:47 -06:00
3bcb1d9458
Allow setting authenticationEntryPoint for Http Basic
...
1. Added method authenticationEntryPoint in ServerHttpSecurity to allow
setting authenticationEntryPoint.
2. Added test in ServerHttpSecurityTests to check if
if specified realm name set by authenticationEntryPoint is
returned
Fixes: gh-6270
2018-12-17 11:24:11 -06:00
2b369cfe98
Added support for Anonymous Authentication
...
1. Created new WebFilter AnonymousAuthenticationWebFilter to
for anonymous authentication
2. Created class AnonymousSpec, method anonymous to configure
anonymous authentication in ServerHttpSecurity
3. Added ANONYMOUS_AUTHENTICATION order after AUTHENTICATION for
anonymous authentication in SecurityWebFiltersOrder
4. Added tests for anonymous authentication in
AnonymousAuthenticationWebFilterTests and ServerHttpSecurityTests
5. Added support for Controller in WebTestClientBuilder
Fixes: gh-5934
2018-12-12 16:05:30 -06:00
9a357f8cb6
Moved CachingUserDetailsService to spring-core
...
Made CachingUserDetailsService constructor public and moved to spring-core to make it easier to configure caching in UserDetailsService
Fixes gh-4139
2018-12-11 13:22:08 -06:00
56eb658eae
RoleVoter Configuration Defaults Prefix Using GrantedAuthorityDefauts
...
Fixes: gh-4876
2018-12-07 14:17:44 -06:00
8b3fb55aea
Added methods to add filter relatively in ServerHttpSecurity
...
Addition of two new methods addFilterBefore and addFilterAfter in
ServerHttpSecurity to allow addition of WebFilter before and after of
specified order
Fixes: gh-6138
2018-12-04 13:29:53 -06:00
6bddb38cac
Update to Gradle 5.0
...
Change project's gradle version to 5.0, this requires to make some minor
adjustments.
Fixes: gh-6148
2018-11-30 08:50:47 -06:00
b8f038e86a
Polish OAuth2ResourceServerConfigurer
2018-11-30 06:37:00 -05:00
be423debfd
ServerAuthenticationConverter should be configurable
...
Fixes gh-6186
2018-11-29 14:37:22 -07:00
3a43ed8f1c
Register NullRequestCache When Disabled
...
Fixes: gh-6102
2018-11-20 07:15:09 -07:00
f30fcdda6b
RequestCacheConfigurerTests groovy->java
...
Issue: gh-4939
2018-11-16 15:40:12 -07:00
686393ed5c
ExceptionHandlingConfigurerTests groovy->java
...
Issue: gh-4939
2018-11-16 14:51:26 -07:00
1ea73e7d8e
Jwt Decoder Local Key Configuration
...
Adds support for configuring Resource Server DSL with a local public
key.
Fixes: gh-5131
2018-11-16 13:07:19 -06:00
d28e32b000
NimbusJwtDecoder Builder
...
A Builder to simply common construction patterns for NimbusJwtDecoder
Issue: gh-6010
2018-11-14 15:53:47 -06:00
db5e54266c
#3912 lazyBean method respects @Primary annotation
2018-11-14 14:31:29 -06:00
8eedb3919e
Policy OAuth2ResourceServerSpecTests
...
Issue: gh-6052
2018-11-12 15:01:15 -07:00
3a6582d2a6
Fix csrf:token-repository-ref XSD documentation
...
The documentation of the token-repository-ref attribute of the csrf
element in the schema has been updated to make clear the default
repository is lazy. Targets versions 4.2, 5.0 and 5.1.
Fixes gh-6037
2018-11-08 10:14:49 -06:00
9a13f9acde
Custom Bearer Token Error Handling Support
...
Users can specify a custom access denied handler and authentication
entry point for reactive resource servers.
Fixes: gh-6052
2018-11-07 16:29:56 -06:00
75e7e099ab
MiscHttpConfigTests groovy->java
...
Issue: gh-4939
2018-10-30 12:58:20 -06:00
52be2839ca
Migraged unit test from groovy to java
...
Moved AbstractConfigAttributeRequestMatcherRegistryTests.groovy to AbstractConfigAttributeRequestMatcherRegistryTests.java
gh-4939
2018-10-23 20:04:42 -05:00
8ef65ce5c5
Set AuthenticationEventPublisher on each AuthenticationManagerBuilder
...
Fixes gh-6009
2018-10-23 14:08:23 -04:00
8f49ca850a
Fixing IllegalStateException message in OAuth2ResourceServerConfigurer
...
Updated message to include `http.oauth2ResourceServer()`
2018-10-17 15:14:36 -05:00
bd9e3877f9
JDK 10 Compatibility
...
Upgrading dependencies and reconfiguring PowerMock
Issue: gh-5860
2018-10-17 15:03:42 -05:00
921abefaa2
Remove address and phone scope from CommonOAuth2Provider.OKTA
...
Fixes gh-5987
2018-10-17 11:50:34 -04:00
22bd8f1c1f
Reactive Jwt Authentication Converter Support
...
Fixes: gh-5092
2018-10-15 11:55:12 -05:00
93ca455405
OAuth2LoginAuthenticationFilter ignores authenticated Users
...
This ensures that OAuth2 Client support works with the same log in URL as
oauth2 login.
Fixes: gh-5915
2018-10-12 16:29:27 -05:00
5d18bb68ed
Add @formatter to @EnableWebFluxSecurity Javadoc
...
Fixes: gh-5898
2018-09-21 08:11:50 -05:00
45a9c0fd54
Polish Automatically Add CsrfServerLogoutHandler
...
Issue: gh-5337
2018-09-21 00:59:36 -05:00
b060ec050a
Automatically add CsrfServerLogoutHandler if csrf enabled
...
The configuration DSL should automatically add CsrfServerLogoutHandler if csrf is enabled
Fixes gh-5337
2018-09-21 00:59:36 -05:00
79828d4f7b
Polish WebFlux Referrer-Policy header config
2018-09-20 17:14:16 -05:00
8a49c431c3
Add OAuth2ClientSpec.and
...
Fixes: gh-5888
2018-09-20 10:19:21 -05:00
73c1abbba0
EnableGlobalMethodSecurity Misconfiguration Check
...
This polishes the EnableGlobalMethodSecurity misconfiguration check to
not error if the user has specified a custom method security metadata
source.
Issue: gh-5341
2018-09-20 07:55:03 -06:00
1e864ad764
Validate @EnableGlobalMethodSecurity usage
...
Fixes: gh-5341
2018-09-20 07:55:03 -06:00
9e0c7f17b7
Default RequestCache should ignore favicon
...
Fixes: gh-5875
2018-09-19 14:29:14 -05:00
8b0a3a760c
Use providedSessionAuthenticationStrategy
...
Fixes gh-5763
2018-09-19 07:04:49 -04:00
501c008526
Add WebFlux Redirect to HTTPS Reference
...
Fixes: gh-5869
2018-09-18 21:12:37 -05:00
54d07b6b8b
Add WebFlux HTTP Headers Reference
...
Fixes: gh-5868
2018-09-18 17:09:41 -05:00
72301e548a
Reactive OAuth2 DSL Customizations
...
Fixes: gh-5855
2018-09-17 21:21:36 -05:00
385bdfc055
OAuth2AuthorizationCodeGrantWebFilter works with /{action}/
...
This ensures that the same URL can work for both log in and
authorization code which prevents having to create additional registrations
on the client and potentially on the server (GitHub only allows a single
valid redirect URL).
Fixes: gh-5856
2018-09-17 21:21:36 -05:00
68bc649a45
Fix XsdDocumentedTests
...
Issue: gh-5836
2018-09-12 19:56:30 -05:00
42327a0aec
Polish OAuth2ResourceServerConfigurerTests
2018-09-10 13:24:16 -06:00
2c982a4168
Reactive Redirect to Https
...
This introduces the capability to configure Reactive Spring Security
to upgrade requests to HTTPS
Fixes: gh-5749
2018-09-07 14:25:58 -05:00
f164f2f869
Polish FilterComparator
...
Extracts STEP incrementing into a separate helper class
2018-09-07 10:30:57 -06:00
438d2911fb
OAuth2AuthorizedClientResolver
...
Extract out a private API for shared code between the argument resolver
and WebClient support. This makes it easier to make changes in both
locations. Later we will extract this out so it is not a copy/paste
effort.
Issue: gh-4921
2018-09-07 08:58:00 -05:00
07b6699fd9
ServerWebExchangeReactorContextWebFilter
...
Fixes: gh-5779
2018-09-07 08:49:27 -05:00
c60fcf263e
provide test for custom principal extractor config
...
Signed-off-by: Sola <dev@sola.love>
2018-09-05 15:51:14 -05:00
2980f96b55
Allow PrincipalExtractor to be customized.
...
Signed-off-by: Sola <dev@sola.love>
2018-09-05 15:51:14 -05:00
932ea245fb
AuthenticationManager for OAuth2ResourceServerSpec
...
This makes the AuthenticationManager used by the OAuth2 Resource
Server configurable, focusing at this point on the Jwt use case.
Fixes: gh-5750
2018-09-05 09:19:11 -05:00
25d1f49d84
Remove Resource Server's Session Policy Config
...
Resource Server doesn't need to set the session policy for the
application to STATELESS since it can rely on the
SessionManagementFilter ignoring token's annotated with @Transient,
which a JwtAuthenticationToken is.
Fixes: gh-5759
2018-09-04 14:55:40 -06:00
8510e9a285
Reactive Resource Server insufficient_scope
...
This introduces an implementation of ServerAccessDeniedHandler that is
compliant with the OAuth 2.0 spec for insufficent_scope errors.
Fixes: gh-5705
2018-08-31 10:33:11 -05:00
229b69dd35
Add DefaultAuthorizationCodeTokenResponseClient
...
Fixes gh-5547
2018-08-27 12:44:19 -04:00
cb0ba58b58
Fix WhitespaceAfterCheck Checkstyle check
2018-08-27 10:45:35 -05:00
1640a1f462
Polish ServerAuthenticationConverter
...
Fix package tangles
Issue: gh-5338
2018-08-24 09:44:27 -05:00
68d836d508
Reactive Resource Server Csrf Bypass
...
This makes requests identified as bearer token requests skip the csrf
filter.
Fixes: gh-5710
2018-08-24 09:44:01 -05:00
820fb7d828
Polish formatting ServerHttpSecurity JwtSpec
...
Fixes: gh-5728
2018-08-23 15:12:19 -05:00
cba2444e1a
ServerHttpSecurity ReactiveJwtDecoder discovery
...
This makes so that WebFlux OAuth 2.0 Resource Server configuration
will pick up a ReactiveJwtDecoder exposed as a bean.
Fixes: gh-5720
2018-08-23 15:12:14 -05:00
0fdc081ab5
Add unit tests
...
Added some unit tests around some untested parts of the code that I
will be touching for this issue.
Issue: gh-5720
2018-08-23 15:11:40 -05:00
ff6e1232c8
Flatten HttpSecurity.oauth2()
...
Fixes gh-5715
2018-08-22 05:58:04 -04:00
0f89e59707
Simplified oauth2().client() DSL
...
Fixes gh-5662
2018-08-22 04:45:35 -04:00
0dc80aed40
Flatten ServerHttpSecurity.oauth2()
...
Fixes: gh-5712
2018-08-21 15:48:41 -05:00
53652584b2
ResourceServerSpec->OAuth2ResourceServerSpec
...
Fixes: gh-5713
2018-08-21 14:51:22 -05:00
c3e19e29b5
Remove authorizationEndpoint.baseUri in OAuth2ClientConfigurer
...
Fixes gh-5661
2018-08-21 15:33:58 -04:00
f382b69507
Add reactive support for Referrer-Policy security header
2018-08-20 10:10:59 -05:00
10621a0f2c
Add reactive support for Content-Security-Policy security header
2018-08-20 10:03:42 -05:00
29cfc3dd1d
Add reactive support for Feature-Policy security header
...
Closes gh-5672
2018-08-20 09:02:12 -05:00
b9ab4929b7
Add OAuth2AuthorizationCodeGrantWebFilter
...
Issue: gh-5620
2018-08-19 21:12:41 -05:00
d0ebe47cd5
OAuth2LoginReactiveAuthenticationManager uses OAuth2AuthorizationCodeReactiveAuthenticationManager
...
Issue: gh-5620
2018-08-19 21:12:32 -05:00
f843da1942
Add OAuth2LoginAuthenticationWebFilter
...
This is necessary so that the saving of the authorized client occurs
outside of the ReactiveAuthenticationManager. It will allow for
saving with the ServerWebExchange when ReactiveOAuth2AuthorizedClientRepository
is added.
Issue: gh-5621
2018-08-19 21:11:43 -05:00
dd7925cb63
OAuth2AuthorizedClientArgumentResolver Uses ServerOAuth2AuthorizedClientRepository
...
Issue: gh-5621
2018-08-19 21:11:24 -05:00
b02ce59188
TestClientRegistrations
...
Fixes: gh-5651
2018-08-19 21:08:02 -05:00
5ddb25fff8
Consistent .server package for ServerWebExchange OAuth2
...
Fixes: gh-5663
2018-08-19 21:05:55 -05:00
e3eaa99ad0
Polish ServerAuthenticationConverter
...
Update changes for ServerAuthenticationConverter to be passive.
Issue: gh-5338
2018-08-18 19:55:39 -05:00
46f71cc232
Update to assertj 3.11.0
...
Fixes: gh-5686
2018-08-17 21:10:47 -05:00
2c27e18eb3
GlobalMethodSecurityConfiguration uses BeanFactoryAware
...
This works around an issue found when updating to
Spring 5.1.0.RC2
Issue: gh-5679
2018-08-17 21:09:37 -05:00
ff8163f4c7
Run rnc generation after Feature-Policy Support
...
After the Feature-Policy support changes the format of the xsd did not
align with the generator which meant running the build caused changes
for the commit.
This commit ran the xsd generation so that the formatting would be
consistent with the generator.
Issue: gh-5670
2018-08-17 11:20:26 -05:00
d610f31425
Jwt -> Authentication Conversion
...
Exposes ability to specify a strategy for converting Jwt into an
Authentication, specifically in JwtAuthenticationProvider.
Fixes: gh-5629
2018-08-17 11:04:27 -05:00
938dbbf424
Add OAuth2AuthorizationRequestResolver.resolve(HttpServletRequest,String)
...
Previously there was a tangle between
DefaultOAuth2AuthorizationRequestResolver and
OAuth2AuthorizationRequestRedirectFilter with
AUTHORIZATION_REQUIRED_EXCEPTION_ATTR_NAME
This commit adds a new method that can be used for resolving the
OAuth2AuthorizationRequest when the client registration id is known.
Issue: gh-4911
2018-08-16 20:41:13 -05:00
7c524aa0c8
Jwt Claim Validation
...
This introduces OAuth2TokenValidator which allows the customization of
validation steps that need to be performing when decoding a string
token to a Jwt.
At this point, two validators, JwtTimestampValidator and
JwtIssuerValidator, are available for use.
Fixes: gh-5133
2018-08-16 13:19:26 -05:00
c6ea447cc0
Add support for Feature-Policy security header
2018-08-16 09:31:02 -05:00
a4bd0d3923
OIDC Provider Configuration - ClientRegistrations
...
OIDC Provider Configuration is now being used to create more than just
ClientRegistration instances. Also, the endpoint is being addressed in
more contexts than just the client.
To that end, this refactors OidcConfigurationProvider in the config
project to ClientRegistrations in the oauth2-client project.
Fixes: gh-5647
2018-08-14 13:26:46 -06:00
950a314c9f
RememberMeConfigTests groovy->java
...
Issue: gh-4939
2018-08-10 11:17:54 -06:00
68878a1675
Replace isEqualTo(null) with isNull()
2018-08-09 18:04:48 -06:00
4de3d0b860
Create AuthorizationEndpointConfig.configure
...
Issue: gh-5654
2018-08-08 16:02:40 -05:00
52622bc6dd
Move OAuth2ClientConfigurer.configure to AuthorizationCodeGrantConfigurer
...
Issue: gh-5654
2018-08-08 16:02:34 -05:00
952743269d
Add support for client_credentials grant
...
Fixes gh-4982
2018-08-08 08:06:47 -05:00
14a7387190
Made JwtConfigurer fluent
...
Adjusted return type of #decoder(JwtDecoder) and #jwkSetUri(String)
to return the JwtDecoder itself. Added new method #and() that returns
the enclosing OAuth2ResourceServerConfigurer.
Fixes gh-5595
2018-08-08 08:28:26 -04:00
6a2dd78f88
Regenerate spring-security-5.1.xsd
...
Commit 884fdbf9
2018-08-03 10:57:54 -05:00
4e8f2a3ee4
Add @Configuration to ServerHttpSecurityConfiguration
...
Fixes: gh-5635
2018-08-03 09:37:03 -05:00
cecbc2175b
Add CORS WebFlux Support
...
Fixes: gh-4832
2018-07-31 11:37:50 -05:00
afa2d9cbc7
Remove ExchangeFilterFunctions
...
Issue: gh-5612
2018-07-30 15:34:44 -05:00
6d0369647b
Add OAuth2LoginSpec.and()
...
Fixes: gh-5609
2018-07-30 12:07:51 -05:00
e215d2733f
Add OAuth2Spec
...
Issue: gh-5605
2018-07-30 11:39:45 -05:00
f3c9cce56d
Rename to WebClientAuthorizationCodeTokenResponseClient
...
Rename NimbusReactiveAUthorizationCodeTokenResponseClient to
WebClientReactiveAuthorizationCodeTokenResponseClient
Fixes: gh-5529
2018-07-26 15:14:11 -05:00
1c8a931e33
Rename to OidcAuthorizationCodeReactiveAuthenticationManager
...
Renamed OidcReactiveAuthenticationManager to
OidcAuthorizationCodeReactiveAuthenticationManager since it only handles
authorization code flow.
Fixes: gh-5530
2018-07-26 15:14:11 -05:00
7b2b1a877d
Default RequestCache as @Bean
...
Fixes: gh-5583
2018-07-26 15:14:11 -05:00
8ce244f5d2
Simplify Configuring RequestCache
...
Now the RequestCache is configured on any default success handler.
Fixes: gh-5582
2018-07-26 15:14:11 -05:00
6012bfdc6e
Rename FormLoginConfigurerTests to FormLoginConfigurerSpec
...
Rename so can add new Java based tests for gh-5582
Issue: gh-5582
2018-07-26 15:14:11 -05:00
fc5083ae0c
Bearer Token Exception Handling Configuration
...
This exposes #authenticationEntryPoint(), #accessDeniedHandler, on
the Resource Server DSL.
With these, a user can customize the error responses when a bearer
token request fails.
Fixes: gh-5497
2018-07-24 12:49:26 -06:00
6a45ecd4bb
Bearer Token Resolver Configuration
...
This introduces #bearerTokenResolver(BearerTokenResolver) to the
Resource Server DSL, allowing users to configure the resolver to allow
the access token as part of the request body or a query parameter. It
also allows the user to replace the resolver with a completely custom
one.
This also introduces the same ability by exposing a bean of type
BearerTokenResolver
Fixes: gh-5496
2018-07-24 13:12:16 -04:00
195a6943e2
OpenIDConfigTests groovy->java
...
For the remember me test, there is some hand configuration that was
carried over from the groovy test as there isn't a way via the xml
config to achieve the same result.
For the attribute exchange test, in order to reduce the amount of
endpoint configuration, the test uses a bit of reflection to disable
the OpenID association step. This is because the xml config does not
support wiring a custom ConsumerManager, like the java configurer
does.
Issue: gh-4939
2018-07-23 12:43:23 -06:00
6c7d49759e
Auto-redirect to provider login when one client configured
...
Fixes gh-5347
2018-07-23 10:24:20 -04:00
4fc1e63369
User-Specified JwtDecoder
...
This exposes JwtConfigurer#decoder as well as makes the configurer
look in the application context for a bean of type JwtDecoder.
Fixes: gh-5519
2018-07-20 11:33:14 -05:00
a4fdc28b27
Use context.getBean() for ClientRegistrationRepository
...
Fixes gh-5538
2018-07-20 09:47:35 -04:00
9a144d742e
Use OAuth2AuthorizedClientRepository in filters and resolver
...
Fixes gh-5544
2018-07-19 22:57:10 -04:00
39e336136f
MultiHttpBlockConfigTests groovy->java
...
Note that originally there were five tests in the groovy test, however
the last one, multipleAuthenticationManagersWorks, turned out to be a
duplicate after creating the test
requestWhenUsingMutuallyExclusiveHttpElementsThenIsRoutedAccordingly
As such, the new file contains just four tests.
Issue: gh-4939
2018-07-19 14:44:54 -06:00
79bbd6a39c
Fix a missing "throws Exception" for configure(AuthenticationManagerBuilder auth)
...
The actual method signature look this this:
```java
protected void configure(AuthenticationManagerBuilder auth) throws Exception
```
This PR aims at aligning the javadoc for this annotation with the actual method signature.
2018-07-19 09:30:51 -06:00
f48404a6a0
Default Log In Pages Use HTTPS for CSS
...
Fixes: gh-5539
2018-07-18 20:06:17 -05:00
fbf870a82e
Include email in user information attributes from Facebook
...
Fixes gh-5532
2018-07-18 17:09:33 -04:00
18db425861
Polish Javadoc to remove warning
2018-07-18 09:24:59 -06:00
f0f678d61e
SessionManagementConfigTests groovy->java
...
Issue: gh-4939
2018-07-17 10:47:44 -06:00
884fdbf9b3
Add Bearer Token filter to Security Filters
...
This introduces BearerTokenAuthenticationFilter to SecurityFilters so
that it can be used in the various addFilter methods and with the
`custom-filter` xml tag.
Fixes: gh-5479
2018-07-17 10:56:49 -05:00
2cd548221d
Allow configuring a custom OAuth2AuthorizationRequestResolver
...
Fixes gh-5521
2018-07-16 20:47:39 -04:00
a9bc384b48
Reliable Error State Tests
...
Some of Resource Server Configurer's tests were relying on specific
error messaging from Nimbus and from the JDK, which makes them
brittle.
These tests now simply confirm that resource server responses
contain the correct error state without relying on specific wording
outside of our control.
2018-07-16 14:19:23 -06:00
d595098823
Rename @TransientAuthentication to @Transient
...
It is quite likely we will need to prevent certain Exceptions from being
saved or from triggering a saved request. When we add support for this,
we can now leverage @Transient vs creating a new annotation.
Issue: gh-5481
2018-07-16 11:31:10 -05:00
40ccdb93f7
Resource Server Jwt Support
...
Introducing initial support for Jwt-Encoded Bearer Token authorization
with remote JWK set signature verification.
High-level features include:
- Accepting bearer tokens as headers and form or query parameters
- Verifying signatures from a remote Jwk set
And:
- A DSL for easy configuration
- A sample to demonstrate usage
Fixes: gh-5128
Fixes: gh-5125
Fixes: gh-5121
Fixes: gh-5130
Fixes: gh-5226
Fixes: gh-5237
2018-07-16 10:40:46 -05:00
28afb4e3d7
Access Denied Handling Defaults
...
This introduces the capability for users to wire denial handling
by request matcher, similar to how users can already do with
authentication entry points.
This is handy for when denial behavior differs based on the contents
of the request, for example, when the Authorization header indicates
an OAuth2 Bearer Token request vs Basic authentication.
Fixes: gh-5478
2018-07-16 10:40:46 -05:00
b7ccb63dfd
Disable CSRF by Request Matcher
...
This introduces an evolution on CsrfConfigurer#ignoreAntMatchers,
allowing users to specify a RequestMatcher in the circumstance where
more than just the path needs to be analyzed to determine whether
CsrfFilter should require a token for the request.
Simply put, a user can now selectively disable csrf by request matcher
in addition to the way it can already be done with ant matchers.
Fixes: gh-5477
2018-07-16 10:40:45 -05:00
ed20edd177
Improved Session Creation Policy Configuration
...
Other configurers can now offer their preference on session creation
policy without trumping what a user provided via the
sessionCreationPolicy method.
This is valuable for configurer's like Resource Server that would like
to have session management be stateless, but not at the expense of the
user's direct configuration.
Fixes: gh-5518
2018-07-16 10:40:45 -05:00
3c46727be1
Transient Authentication Tokens
...
This commit introduces support for transient authentication tokens
which indicate to the filter chain, specifically the
HttpSessionSecurityContextRepository, whether or not the token ought
to be persisted across requests.
To leverage this, simply annotate any Authentication implementation
with @TransientAuthentication, extend from an Authentication that uses
this annotation, or annotate a custom annotation.
Implementations of SecurityContextRepository may choose to not persist
tokens that are marked with @TransientAuthentication in the same way
that HttpSessionSecurityContextRepository does.
Fixes: gh-5481
2018-07-16 10:40:45 -05:00
371221d729
Support anonymous Principal for OAuth2AuthorizedClient
...
Fixes gh-5064
2018-07-16 10:15:41 -05:00
779597af2a
Add support for custom authorization request parameters
...
Fixes gh-4911
2018-07-16 09:39:06 -05:00
a3210c96d9
Default Log Out Page
...
Fixes: gh-5516
2018-07-15 19:45:20 -05:00
05ed028f9d
Modernize Default Log In Page
...
Fixes: gh-5515
2018-07-15 19:43:42 -05:00
a66b945ab7
Configuration for ReactiveUserDetailsPasswordService
...
Issue: gh-2778
2018-07-15 15:08:06 -05:00
3ca5810bc8
Configuration Support for UserDetailsPasswordManager
...
Issue: gh-2778
2018-07-15 14:56:45 -05:00
02b857d82a
Add PasswordEncoder.upgradeEncoding
...
Issue: gh-2778
2018-07-14 22:52:15 -05:00
2af69f08a9
Fix oauth2login loginProcessingUrl NPE for java config
...
Java Config http.oauth2Login().loginProcessingUrl("url"); throws NPE.
Override loginProcessingUrl method and cached config url.
Then when the config is initialized,
it calls the super method to complete the configuration.
Fixes gh-5488
2018-07-13 09:34:17 -04:00
522bfe9e05
Polish Javadoc in ServerHttpSecurity
2018-07-11 08:01:49 -05:00
555512e1f0
HstsSpec methods return this
...
HstsSpec methods maxAge and includeSubdomains use to return void
which broke using it as a fluent API.
The methods now return HstsSpec which fixes this issue.
Fixes: gh-5483
2018-07-05 13:58:45 -05:00
1d0bb08398
InterceptUrlConfigTests groovy->java
...
Issue: gh-4939
2018-07-02 10:39:24 -06:00
ec970c9b8e
Improve message for NoUniqueBeanDefinitionException in OAuth2ClientConfigurerUtils
2018-06-25 15:20:02 -04:00
b3a38fb0f6
OAuth2ClientWebMvcSecurityConfiguration handles multiple OAuth2AuthorizedClientService @Bean
...
Fixes gh-5321
2018-06-25 15:20:02 -04:00
b437ce03b0
HttpHeadersConfigTests groovy->java
...
Also, slightly modified the approach when asserting headers. In the
previous incarnation, the tests would assert an exact match against
the list of headers, which is more brittle than confirming that the
expected headers are there and the unexpected ones are not.
Now, should Spring Security add other headers that are outside the
purview of the secure headers configuration, the assertions won't
break.
Issue: gh-4939
2018-06-20 07:53:22 -06:00
6081451fa3
Polish OAuth2Configurer
2018-06-19 06:10:30 -04:00
3573167d77
ServerHttpSecurity oauth leverages OidcReactiveAuthenticationManager
...
Issue: gh-5330
2018-06-18 16:08:07 -05:00
4fc6d96073
Rename @OAuth2Client to @RegisteredOAuth2AuthorizedClient
...
Fixes gh-5360
2018-06-08 17:33:21 -04:00
81a73e1f55
Fix package tangle in OAuth2Configurer
...
Fixes gh-5342
2018-06-08 11:09:16 -04:00
dd1b1b9cc3
Use Spring Framework 5.1.0 SNAPSHOT
...
Fixes: gh-5408
2018-06-05 12:28:51 -05:00
3332ccbe50
SecurityContextHolderAwareRequestConfig groovy->java
...
Issue: gh-4939
2018-05-30 17:37:45 -06:00
73345e7434
Add Cross Site Tracing (XST) & HTTP Method Tampering Protection
...
Fixes: gh-5377
2018-05-24 09:35:40 -05:00
2c92496911
Polishing the OidcConfigurationProvider
...
See gh-5355
2018-05-21 12:20:58 -05:00
9d55a64465
OidcConfigurationProvider validate returned issuer
...
Validate the issuer that was returned matches the issuer that was
was requested.
Issue: gh-5355
2018-05-18 13:15:27 -05:00
db889973a8
OidcConfigurationProvider improve invalid issuer error
...
Issue: gh-5355
2018-05-18 11:21:45 -05:00
18c8af8f0d
Add OidcConfigurationProvider ClientAuthenticationMethod.POST support
...
Issue: gh-5355
2018-05-18 10:35:53 -05:00
7853c759d9
OidcConfigurationProvider uses OidcScopes.OPENID
...
Issue: gh-5355
2018-05-18 10:03:36 -05:00
cbf9a7b7a2
Polish OidcConfigurationProvider Javadoc
...
Issue: gh-5355
2018-05-18 10:02:07 -05:00
9862c7bbef
Move OidcConfigurationProvider to .oidc package
...
Issue: gh-5355
2018-05-18 09:57:12 -05:00
0eedfc717a
Revert "Revert "Add ClientRegistration from OpenID Connect Discovery""
...
This reverts commit 9fe0f50e3c
2018-05-18 09:40:43 -05:00
9fe0f50e3c
Revert "Add ClientRegistration from OpenID Connect Discovery"
...
This reverts commit 0598d47732
2018-05-18 09:20:51 -05:00
0598d47732
Add ClientRegistration from OpenID Connect Discovery
...
Fixes: gh-4413
2018-05-16 12:30:04 -05:00
658acf0332
PlaceHolderAndELConfigTests groovy->java
...
Issue: gh-4939
2018-05-15 08:47:33 -06:00
428b0e45aa
HttpCorsConfigTests groovy->java
...
Issue: gh-4939
2018-05-15 08:47:33 -06:00
306e9ed91c
HttpConfigTests groovy->java
...
Issue: gh-4939
2018-05-15 08:47:33 -06:00
32e368d9b7
Single ClientRegistration redirects by default
...
Fixes: gh-5339
2018-05-14 16:38:13 -05:00
f29e4cf91f
LoginPageGeneratingWebFilter conditionally renders formLogin
...
Issue: gh-4807
2018-05-14 16:38:13 -05:00
7013c6fd76
Add OAuth2LoginSpec
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
b91ebf7090
Fix @since for MockEventListener
2018-05-07 16:53:26 -05:00
fed15f2b01
Add accessDeniedHandler method to ExceptionHandlingSpec
...
This allows to configure accessDeniedHandler in ExceptionTranslationWebFilter through ServerHttpSecurity.
Issue: gh-5257
2018-05-07 16:22:29 -05:00
2a0f529ee4
Use spring-projects for organization in GitHub URLs
2018-05-04 21:01:39 -05:00
2273839aad
FormLoginConfigTests groovy->java
...
Issue: gh-4939
2018-05-01 08:11:04 -06:00
9bb841ac67
ExceptionTranslationFilter does not handle committed responses
...
Fixes: gh-5273
2018-04-30 16:49:51 -05:00
eb067bc3a1
DefaultWebSecurityExpressionHandler uses PermissionEvaluator Bean
...
The default instance of DefaultWebSecurityExpressionHandler uses the
PermissionEvaluator Bean by default.
Fixes: gh-5272
2018-04-30 12:15:50 -05:00
359a73eff2
Merge pull request #5260 from jzheaux/gh-4939-FormLoginBeanDefinitionParserTests
...
FormLoginBeanDefinitionParserTests groovy->java
2018-04-27 12:03:55 -06:00
3c1231efd3
CsrfConfigTests groovy->java
...
Issue: gh-4939
2018-04-25 11:41:32 -06:00
65326b1178
FormLoginBeanDefinitionParserTests groovy->java
...
Issue: gh-4939
2018-04-25 11:12:07 -06:00
9c0f2cc281
AccessDeniedConfigTests groovy->java
...
Issue: gh-4939
2018-04-24 08:11:47 -06:00
526e0fdd4f
Add OAuth2 Client HandlerMethodArgumentResolver
...
Fixes gh-4651
2018-04-02 12:13:52 -04:00
982fc360b2
Add support for authorization_code grant
...
Fixes gh-4928
2018-04-02 12:13:06 -04:00
234c20eb30
Polish XsdDocumentedTests
...
- NicerNoce->XmlNode
- NicerXmlSupport->XmlSupport
- NicerXmlParser->XmlParser
Issue: gh-4939
2018-03-29 16:36:41 -05:00
0c0abea3ad
XsdDocumentedTests groovy->java
...
Groovy has more extensive support for Xml parsing via XmlSlurper.
To replace it, this conversion also introduces a SAX wrapper,
NicerXmlParser, and a companion Node wrapper, NicerNode, that
allowed for less modification of the converted tests.
Issue: gh-4939
2018-03-29 16:36:41 -05:00
fb7394c1de
Polish Javadoc
...
Fixes: gh-5186
2018-03-29 15:33:57 -05:00
6e1e977778
Polish HeadersSpec
...
Fixes: gh-5187
2018-03-29 15:33:57 -05:00
7a204a5f58
Fixes for SPR-16624
...
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
ec46b7dbe1
WebSocketMessageBrokerConfigTests groovy->java
...
Of note is that this commit unrolls three Spock @Unroll-parameterized
tests into a separate test for each parameter.
Issue: gh-4939
2018-03-27 12:38:06 -05:00
d07cfe655d
Use Supplier variants of Assert methods
2018-03-27 10:58:55 -05:00
b1d013e8f0
Fix JDK 9
...
Issue: gh-5160
2018-03-27 09:30:56 -05:00
018ab7d92c
Fix Javadoc Typo uses->use
...
Issue: gh-5113
2018-03-19 15:36:31 -05:00
01152ede41
Clarify HttpSecurity.registerFilterAt
...
Fixes: gh-5113
2018-03-19 14:41:03 -05:00
e86becc151
Relax assertions in HeaderSpecTests
...
Fixes: gh-5116
2018-03-15 08:30:37 -05:00
4f709d47b9
Fix @since on GlobalAuthenticationConfigurerAdapter
...
Fixes: gh-5106
2018-03-13 14:23:36 -05:00
452d855396
Fix appendix tests
2018-03-09 16:34:49 -06:00
a2073b2b91
Support BeanResolver for Reactive AuthenticationPrincipal
...
Fixes: gh-4326
2018-03-09 12:05:55 -06:00
3121f9c000
NamespaceGlobalMethodSecurity groovy->java
...
Note that the `WhenUsingAspectJ` tests are still simply verifying structure instead of behavior. This is because the project appearsto be misconfigured in some way such that AspectJ advice isn't getting woven in at runtime. The original Groovy tests also only verified structure and they may be that way for a similar reason.
Either way, I will open up a ticket so we can review why that is the case and if there is a good fix.
Issue: gh-4939
2018-03-08 16:53:54 -06:00
c91ca0584c
Sec2758Tests groovy->java
...
Note that the old groovy test used a configuration of
```
http
.authorizeRequests()
.anyRequest().hasAnyAuthority("USER")
```
However, as I read the issue, gh-2984, the problem this issue
identifies is the non-passive change of defaulting to prefix
ROLE_ with all role-based configuration methods. So, the test now
does the following:
```
http
.authorizeRequests()
.anyRequest().access("hasAnyRole('USER')")
```
which demonstrates, given the configuration in this test, that
ROLE_ is correctly not prefixed in this expression, even though
it is a role-based configuration.
Issue: gh-4939
2018-03-08 16:52:20 -06:00
a5bd76b6ed
Revert authorization_code grant support
...
This reverts commit eae7afd9aa
2018-03-06 16:16:45 -05:00
c922fe3be1
WebSecurityConfigurationTests groovy->java
...
Issue: gh-4939
2018-03-06 09:24:52 -05:00
b1f3d495d9
Sec2515Tests groovy->java
...
Issue: gh-4939
2018-03-05 15:16:52 -05:00
0aa87e8501
EnableWebSecurityTests groovy->java
...
Issue: gh-4939
2018-03-05 10:23:48 -05:00
5af1d1d936
Polish HttpConfigurationTests
2018-03-05 08:36:15 -05:00
2a678ebc6e
Polish WebSecurityConfigurerAdapterTests
2018-03-05 06:20:27 -05:00
eae7afd9aa
Add support for authorization_code grant
...
Fixes gh-4928
2018-03-02 14:30:49 -05:00
1ed51033cc
Migrate config-debug groovy->java
...
All tests in `org.springframework.security.config.debug` are migrated.
Note that `SecurityDebugBeanFactoryPostProceessorTest` preserves the original structure-verifying strategy used in the Groovy test. Verifying debug behavior turns out to be fairly tricky since being behaviorally invisible is in its nature.
Issue: gh-4939
2018-03-02 08:55:07 -06:00
1b69c62d20
PortMapperConfigurerTests groovy->java
...
Issue: gh-4939
2018-02-27 11:44:21 -05:00
e08d4cc90c
AnonymousConfigurerTests groovy->java
...
This test now checks key and principal both, which differs from the original Groovy test
In order to keep from needing to execute logic internal to `AnonymousAuthenticationToken`, this test changed from the original Groovy test. In the Groovy test, `key` is tested; however in this new test, `principal` is tested instead.
A concern was raised that if `AnonymousAuthenticationProvider` were invoked in this test, then testing only `principal` would not confirm that `key` was correctly propagated to `AnonymousAuthenticationProvider`. So, the test now configures both `key` and `principal`. The former to confirm correct wiring of `AnonymousAuthenticationProvider` and the latter to confirm correct wiring of `AnonymousAuthenticationFilter`.
Issue: gh-4939
2018-02-27 11:30:02 -05:00
bb59733736
Sec2377Tests groovy->java
...
Issue: gh-4939
2018-02-22 10:48:18 -05:00
dc9248e73c
NamespaceHttpTests groovy->java
...
Issue: gh-4939
2018-02-22 10:29:48 -05:00
fded710e04
HttpConfigurationTests groovy->java
...
Issue: gh-4939
2018-02-16 14:16:51 -05:00
210a510bba
Use HttpFirewall Bean
...
Fixes: gh-5022
2018-02-15 17:18:28 -06:00
52b5423b75
WebSecurityConfigurerAdapterTests groovy->java
...
Issue: gh-4939
2018-02-15 17:50:55 -05:00
7fc88a391f
SampleWebSecurityConfigurerAdapterTests groovy->java
...
Issue: gh-4939
2018-02-14 15:40:46 -05:00
c31c1a4616
AbstractConfiguredSecurityBuilderTests -> remove use of reflection
...
Issue gh-4939
2018-02-14 12:47:35 -05:00
780c9dd455
Fix GlobalMethodSecurityConfigurationTests checkstyle
...
Issue: gh-4939
2018-02-13 09:41:07 -06:00
8b6e77e5ab
Fix SpringTestContext checkstyle
...
Issue: gh-5015
2018-02-13 09:40:47 -06:00
6af1ac08db
GlobalMethodSecurityConfigurationTests groovy->java
...
Issue: gh-4939
2018-02-13 09:37:05 -06:00
6c52eb6ee1
MethodSecurityService add additional methods
...
Fixes: gh-5016
2018-02-13 09:36:57 -06:00
ca5fb78ee1
Authz check(boolean result)
...
Issue: gh-5016
2018-02-13 09:36:48 -06:00
1ad57adccc
SpringTestContext allow setting Context
...
Fixes: gh-5015
2018-02-13 09:36:39 -06:00
49e5b15ce2
Extract MockEventListener
...
Fixes: gh-5014
2018-02-13 09:36:27 -06:00
ce5fb51b20
Remove Mono.defer in ReactorContextWebFilter
...
Fixes: gh-5010
2018-02-08 16:19:10 -06:00
964a14b224
Document Reactive Method security requires Publisher return types
...
Fixes: gh-4988
2018-02-07 16:43:18 -06:00
ea3dd336aa
Cache headers only if no cache headers set
...
Fixes: gh-5004
2018-02-07 14:56:34 -06:00
2165cc72ef
BaseAuthenticationConfig groovy->java
...
Issue: gh-4939
2018-02-07 14:40:55 -06:00
2c519b7e74
NamespaceGlobalMethodSecurityTests groovy->java
...
Issue: gh-4939
2018-02-06 15:23:41 -06:00
9587f3280e
MethodSecurityServiceImpl groovy->java
...
Issue: gh-4939
2018-02-06 14:09:58 -06:00
751130ba04
MethodSecurityService groovy->java
...
Issue: gh-4939
2018-02-06 14:08:43 -06:00
9e23d684e7
Polish Imports in SpringTestRule
...
Fixes: gh-5001
2018-02-06 13:48:36 -06:00
73f5e89e4c
SpringTestRule clears SecurityContext
...
Fixes: gh-5001
2018-02-06 11:54:26 -06:00
1efc7ef5d7
Issue50Tests groovy->java
...
Issue: gh-4939
2018-02-06 11:53:19 -06:00
d12d9ba538
SecurityConfig groovy->java
...
Issue: gh-4939
2018-02-06 11:53:07 -06:00
9e3e7e9e29
ApplicationConfig groovy->java
...
Issue: gh-4939
2018-02-06 11:52:29 -06:00
11c8d5ddfb
UserRepository groovy->java
...
Issue: gh-4939
2018-02-06 11:51:58 -06:00
1217547ebd
User groovy->java
...
Issue: gh-4939
2018-02-06 11:51:38 -06:00
12bd506ee7
AutowireBeanFactoryObjectPostProcessorTests groovy->java
...
Issue: gh-4939
2018-02-06 11:13:00 -06:00
eb6d84eb36
MyAdvisedBean groovy->java
...
Issue: gh-4939
2018-02-06 11:12:47 -06:00
3cb06ec581
AroundMethodInterceptor groovy->java
...
Issue: gh-4939
2018-02-06 11:12:35 -06:00
9df708dbba
Add SpringTestRule.testConfigLocations
...
Fixes: gh-5000
2018-02-06 11:12:35 -06:00
0d92adf1be
PasswordEncoderConfigurerTests groovy->java
...
Issue: gh-4939
2018-02-05 17:13:21 -06:00
886bfa3daa
NamespacePasswordEncoderTests groovy->java
...
Issue: gh-4939
2018-02-05 16:46:42 -06:00
70db508218
NamespaceJdbcUserServiceTests groovy->java
...
Issue: gh-4939
2018-02-05 15:27:28 -06:00
a0918dd6d4
NamespaceAuthenticationProviderTests groovy->java
...
Issue: gh-4939
2018-02-05 14:53:50 -06:00
959f689e4e
NamespaceAuthenticationManagerTests groovy->java
...
Issue: gh-4939
2018-02-02 16:56:45 -06:00
1cb581a0c6
AbstractConfiguredSecurityBuilderTests, AbstractRequestMatcherRegistryTests -> .java
...
Issue gh-4939
2018-02-02 16:45:44 -05:00
87a216a6e6
AuthenticationManagerBuilderTests -> .java
...
Issue: gh-4939
2018-01-26 16:50:33 -06:00
8d96e83767
Fix checkstyle
2018-01-26 15:31:24 -06:00
e5d40c0599
AuthenticationConfigurationTests -> java
...
Issue: gh-4939
2018-01-26 15:14:34 -06:00
0eef5b4b42
Add StrictHttpFirewall
2018-01-24 11:06:08 -06:00
900ab1df81
Add javadoc for the OAuth 2.0 Security Configurer's
...
Fixes gh-4972
2018-01-24 06:18:08 -05:00
84679a5d64
Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login
2018-01-23 12:14:57 -05:00
444e2dade3
Support GrantedAuthoritiesMapper @Bean for oauth2Login
...
Fixes gh-4880
2018-01-23 09:51:14 -05:00
91ef7ce1cf
AuthenticationEventPublisher Bean used by Default
...
Fixes: gh-4940
2018-01-18 08:59:27 -06:00
196f02748d
Migrate UserDetailsManagerConfigurerTests groovy->java
2018-01-10 16:13:08 -06:00
f3830eec7d
Rename userDetailsRepository to userDetailsService
2018-01-10 16:04:48 -06:00
921157cdcd
Remove explicit super() calls
2017-12-21 15:11:51 -06:00
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
cfe40358bd
typo in java doc
2017-12-21 14:18:41 -06:00
316fd0572f
Remove @Nullable annotations in UserDetailsMapFactoryBean
2017-12-21 14:08:05 -06:00
c16456623f
Remove unused imports
2017-12-20 16:05:38 -06:00
9f6af4f3b8
Remove address and phone from default scope for Google
...
Fixes gh-4895
2017-12-12 16:05:02 -05:00
bd5d0bc6fd
Change default scope to 'read:user' for GitHub
...
Fixes gh-4893
2017-12-12 15:31:25 -05:00
ab6df7d154
Format security ilters enums for readability
2017-11-28 14:06:55 -06:00
3f1b09c248
Update javadoc for HttpSecurity.oauth2Login()
...
Fixes gh-4875
2017-11-27 13:17:19 -05:00
691bf2e11d
PasswordEncoder Bean for AuthenticationManagerBuilder
...
Issue: gh-4873
2017-11-27 11:42:56 -06:00
9afee9e4e2
PasswordEncoder as Bean default for XML
...
Issue: gh-4873
2017-11-27 11:42:56 -06:00
e377dcf81b
Make SessionManagementConfigTests deterministic
...
Fixes: gh-4871
2017-11-27 11:42:56 -06:00
5cf2883afc
AuthenticationManagerBeanDefinitionParserTests uses SpringTestContext
...
Issue: gh-4870
2017-11-27 11:42:56 -06:00
4d8f11a5a9
SpringTestContext improvements
...
Fixes gh-4870
2017-11-27 11:42:56 -06:00
d55db837e1
CsrfWebFilter places Mono<CsrfToken>
...
Fixes: gh-4855
2017-11-20 16:30:29 -06:00
701933c7f7
Fix copyright start years
...
See gh-4655
See gh-4725
2017-11-17 10:14:32 -06:00
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
cf3cba8f5f
Ensure Chrome Still SC_MOVED_TEMPORARILY
...
Issue: gh-4831
2017-11-16 10:33:51 -06:00
3e7e80a836
Accept */* triggers 401 by Default
...
Fixes gh-4831
2017-11-16 09:58:29 -06:00
dd33f0a7de
ClientRegistration.redirectUri -> redirectUriTemplate
...
Fixes gh-4827
2017-11-15 14:51:35 -05:00
e098c3707e
Update default redirect-uri to use 'baseUrl' template variable
...
Fixes gh-4826
2017-11-15 14:51:35 -05:00
0b1618d8b4
Fix RequestCache
...
Issue: gh-4789
2017-11-15 12:50:54 -06:00
a6733fae50
Polish
2017-11-15 12:50:54 -06:00
942b51dba7
Reactive Basic does not create session by default
...
Fixes: gh-4825
2017-11-15 12:50:29 -06:00
5f79fdd3eb
requiresLogoutMatcher naming polish
...
Issue: gh-4822
2017-11-14 16:42:41 -06:00
11f6e0477c
serverLogoutSuccessHandler->logoutSuccessHandler
...
Issue: gh-4822
2017-11-14 16:42:36 -06:00
bf570854b8
serverLogoutHandler->logoutHandler
...
Issue: gh-4822
2017-11-14 16:42:33 -06:00
2cbdb4ba02
serverCsrfTokenRepository->csrfTokenRepository
...
Issue: gh-4822
2017-11-14 16:42:27 -06:00
3bfda6cff7
serverAccessDeniedHandler->accessDeniedHandler
...
Issue: gh-4822
2017-11-14 16:42:24 -06:00
9e82fc0b83
serverAuthenticationEntryPoint->authenticationEntryPoint
...
Issue: gh-4822
2017-11-14 16:42:20 -06:00
520e0a5a68
serverAuthenticationSuccessHandler->authenticationSuccessHandler
...
Issue: gh-4822
2017-11-14 16:42:14 -06:00
5c83f92ddc
serverAuthenticationFailureHandler->authenticationFailureHandler
...
Issue: gh-4822
2017-11-14 16:42:10 -06:00
692233e431
ServerSecurityContextRepository members to securityContextRepository
...
Issue: gh-4822
2017-11-14 16:42:06 -06:00
9956de8f29
LogoutBuilder->LogoutSpec
...
Issue: gh-4822
2017-11-14 16:41:58 -06:00
7619556066
FormLoginBuilder->FormLoginSpec
...
Issue: gh-4822
2017-11-14 16:41:55 -06:00
83d4abb1c6
RequestCacheBuilder->RequestCacheSpec
...
Issue: gh-4822
2017-11-14 16:41:51 -06:00
eb7edf7092
HttpBasicBuilder->HttpBasicSpec
...
Issue: gh-4822
2017-11-14 16:41:47 -06:00
01154614d1
ExceptionHandlingBuilder->ExceptionHandlingSpec
...
Issue: gh-4822
2017-11-14 16:41:38 -06:00
903cbd7c35
CsrfBuilder->CsrfSpec
...
Issue: gh-4822
2017-11-14 16:41:31 -06:00
fd4726afaf
HeadersBuilder-HeadersSpec
...
Issue: gh-4822
2017-11-14 16:41:25 -06:00
53ddbfc0ab
AuthorizedExchangeBuilder->AuthorizedExchangeSpec
...
Issue: gh-4822
2017-11-14 16:41:08 -06:00
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
872a8f3189
Change constructor param order in oauth2 client filters
...
Fixes gh-4818
2017-11-13 17:32:22 -05:00
1b70efce2b
Add ServerRequestCache
...
Fixes: gh-4789
2017-11-13 15:49:34 -06:00
1ea66378f5
ServerHttpSecurity uses RedirectServerAuthenticationFailureHandler
...
Issue: gh-4816
2017-11-13 15:49:26 -06:00
3c7fb977fe
WebTestClientHtmlUnitDriverBuilder uses WebTestClient for localhost
...
Fixes gh-4815
2017-11-13 15:48:52 -06:00
aa9e057ba8
Fix CNF exception if oauth2-jose dependency not included
...
Fixes gh-4753
2017-11-12 12:27:18 -05:00
f2ccc53549
Add UserDetailsMapFactoryBean
...
Fixes gh-4804
2017-11-09 14:01:43 -06:00
99df632f24
Add missing @Override annotations
...
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
2017-11-08 13:27:24 -06:00
adec62cdf2
EnableWebFluxSecurity creates CsrfRequestDataValueProcessor
...
Fixes gh-4762
2017-11-07 22:25:48 -06:00
7622826b69
WebSessionServerCsrfTokenRepository saves on getToken
...
Fixes gh-4801
2017-11-07 22:25:23 -06:00
3f18881493
Remove additional attribute name from CsrfWebFilter
...
Fixes gh-4799
2017-11-07 22:24:42 -06:00
c7c84e0996
Fix CustomLoginPage test
...
Fixes gh-4797
2017-11-07 22:24:21 -06:00
1506dcd413
SpringTestContext.getContext()
...
Add accessor method for SpringTestContext.getContext()
Fixes gh-4796
2017-11-07 22:24:15 -06:00
21aec19d42
Add FormLoginBuilder.serverAuthenticationSuccessHandler
...
Fixes: gh-4786
2017-11-03 08:47:59 -05:00
1d4c7da1e1
Fix WebTestClientWebConnection for redirects
2017-11-03 08:46:56 -05:00
06c4bffc5f
Use id field instead of name field for GitHub and Facebook providers.
...
Fixes gh-4764
2017-11-01 10:48:57 -04:00
d664ff2e26
Lookup HandlerMappingIntrospector from Bean
2017-10-30 16:27:50 -05:00
ef9cd76607
Polish oauth2
...
Fixes gh-4758
2017-10-30 16:49:01 -04:00
511d702ee0
Remove JwtDecoderRegistry
...
Fixes gh-4754
2017-10-30 12:52:42 -04:00
727098d6c0
Fix NPE when configuring oauth2Login.loginPage
...
Fixes gh-4752
2017-10-30 06:26:07 -04:00
5280ac40e9
WebMvcConfigurerAdapter->WebMvcConfigurer
...
Fixes gh-4612
2017-10-30 01:30:08 -05:00
3d5989dea4
Change a default realm name
...
Change a default realm name of Basic Authentication for XML namespace to 'Realm'.
Fixes gh-4220
2017-10-30 00:59:39 -05:00
4295461830
ServerHttpSecurity extracts WebFilter from OrderedWebFilter
...
Fixes gh-4736
2017-10-30 00:45:26 -05:00
e0aca04a28
Polish AssertJ assertions
...
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
70165869b1
Add UnboundId LDAP inmemory support
...
This commit adds the capability to run a LDAP inmemory different than
apacheds. Both providers `apacheds` and `unboundid` are supported.
2017-10-29 21:59:55 -05:00
9a4513356d
Configure default OAuth2AuthorizedClientService
...
Fixes gh-4751
2017-10-29 22:45:57 -04:00
4fa9b4dd15
Add ServerHttpSecurity.exceptionHandling()
...
Fixes gh-4750
2017-10-29 21:00:10 -05:00
5fa822d114
Expose custom config for OidcUserService
...
Fixes gh-4715
2017-10-29 21:33:51 -04:00
a261c9a047
Polish OAuth2LoginConfigurer
...
Fixes gh-4747
2017-10-29 21:33:51 -04:00
a3e38fec47
Remove AuthorizationRequestUriBuilder
...
Make this API private since we don't have concrete use cases for exposing
it yet.
Fixes gh-4742
2017-10-29 19:50:02 -05:00
c3d2effc1d
Polish OAuth2AuthorizedClientService
...
Fixes gh-4746
2017-10-29 20:25:03 -04:00
e4887057bc
Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient
...
Fixes gh-4741
2017-10-29 17:49:15 -04:00
e2dd037b4a
Default WebFlux headers and Logout
2017-10-29 15:06:06 -05:00
6fbd435bdf
OAuth2LoginAuthenticationFilter requires collaborators
...
Fixes gh-4661
2017-10-29 04:41:23 -04:00
5a7466512e
Expose default constructor in AbstractAuthenticationFilterConfigurer
...
Fixes gh-4737
2017-10-29 04:41:23 -04:00
5a5ec58ca4
Add LogoutPageGeneratingWebFilter
...
Fixes gh-4735
2017-10-29 00:12:23 -05:00
0734d70d02
Logout requires POST
...
Issue: gh-4734
2017-10-29 00:11:59 -05:00
8da2c7f657
Add WebFlux CSRF Protection
...
Fixes gh-4734
2017-10-28 22:59:24 -05:00
f040bd054d
Javadoc @EnableWebFluxSecurity
2017-10-28 22:59:24 -05:00
b394ae5d5e
Polish
...
Restructure WebFluxSecurityConfiguration for easier copy paste of
default ServerHttpSecurity Bean
2017-10-28 22:59:24 -05:00
77acb34bcd
Add spring-security-test to spring-security-config test dependencies
2017-10-28 22:58:55 -05:00
b471dd1c54
Remove OAuth2TokenRepository
...
Fixes gh-4727
2017-10-28 21:40:33 -04:00
83dc902ff7
Map CustomUserTypesOAuth2UserService using clientRegistrationId
...
Fixes gh-4692
2017-10-28 18:11:39 -04:00
ddf87b54f7
Polish OAuth2LoginConfigurer
...
Fixes gh-4731
2017-10-28 17:48:45 -04:00
0c68eb1821
Re-factor OAuth2AuthorizationCodeAuthenticationToken
...
Fixes gh-4730
2017-10-28 17:15:31 -04:00
64d8c8b8a9
Re-factor AuthorizationGrantTokenExchanger
...
Fixes gh-4728
2017-10-28 17:12:14 -04:00
16e69d06b4
Add OAuth2AuthorizedClientService
...
Fixes gh-4726
2017-10-28 17:12:14 -04:00
67bac28481
OAuth2UserService uses OAuth2UserRequest
...
Fixes gh-4724
2017-10-27 22:34:25 -04:00
3d319f7592
Make AuthorizationRequestRepository a Generic
...
Fixes gh-4723
2017-10-27 21:31:45 -04:00
9afefef3b9
Polish class names in oauth2-client
...
Fixes gh-4722
2017-10-27 21:00:52 -04:00
34668e05af
Polish class names in oauth2-core
...
Fixes gh-4720
2017-10-27 20:42:58 -04:00
2060125ebd
ServerWebExchangeAttributeServerSecurityContextRepository->NoOpNoOpServerSecurityContextRepository
...
Issue: gh-4719
2017-10-27 18:17:52 -05:00
3281cea46a
Default use WebSessionServerSecurityContextRepository
...
Issue: gh-4719
2017-10-27 18:17:47 -05:00
faa0bd7143
Update WebFilter ordering
...
Issue: gh-4719
2017-10-27 18:17:44 -05:00
9c31041dce
EnableWebFluxSecurityTests fixes
...
Issue: gh-4719
2017-10-27 18:17:25 -05:00
437ba56415
ReactorContextWebFilter & SecurityContextServerWebExchangeWebFilter
...
Issue: gh-4719
2017-10-27 18:17:10 -05:00
8527daa22a
Make OAuth2UserService Generic using OAuth2AuthorizedClient and OAuth2User types
...
Fixes gh-4706
2017-10-27 11:49:29 -04:00
3b80b6ded8
Move AuthorizationRequestUriBuilder to oauth2-client
...
Fixes gh-4703
2017-10-26 21:23:06 -04:00
747473257f
Use ReactorSecurityContextHolder
...
Issue gh-4713
2017-10-26 20:11:42 -05:00
e23134c3ed
Add LogoutBuilder ServerLogoutSuccessHandler
...
Fixes gh-4714
2017-10-26 20:11:42 -05:00
ef197d8215
Move JwtDecoderRegistry to oauth2.client.jwt package
...
Fixes gh-4705
2017-10-26 21:06:28 -04:00
70543dcb30
Move oidc package in oauth2-core and oauth2-client
...
Fixes gh-4710
2017-10-26 21:06:28 -04:00
86875e117b
Prevent ServerHttpSecurity from being built twice
...
Issue: gh-4711
2017-10-26 19:48:38 -05:00
36501f4530
Remove ServerHttpSecurity duplicate build
...
WebFluxSecurityConfiguration invoked build twice
which caused each WebFilter to be added twice
Fixes gh-4711
2017-10-26 19:48:32 -05:00
ef83bc8dd7
Move package client.authentication.userinfo -> client.userinfo
...
Fixes gh-4708
2017-10-26 15:39:04 -04:00
027ea78dab
Revert "Move OAuth2LoginAuthenticationProvider into userinfo package"
...
This reverts commit 54547f35b7
2017-10-26 14:55:25 -04:00
942b647c0d
OAuth2LoginAuthenticationFilter processes uri /login/oauth2/code/*
...
Issue gh-4687
2017-10-26 14:20:19 -04:00
54547f35b7
Move OAuth2LoginAuthenticationProvider into userinfo package
...
Fix package tangles. OAuth2LoginAuthenticationProvider requires
OAuth2UserService which is in a child package. We should move
OAuth2LoginAuthenticationProvider to the same package.
Issue: gh-4614
2017-10-26 11:22:21 -05:00
875aae012b
Polish
2017-10-26 07:50:32 -05:00
d0a4e49870
Map custom OAuth2User types using String
...
Fixes gh-4691
2017-10-25 17:13:44 -04:00
9fbea5a11e
Refactor SecurityTokenRepository
...
Fixes gh-4650
2017-10-25 16:00:34 -04:00
44b41e78cd
Flux member variables in favor of Collections
...
Fix gh-4694
2017-10-25 07:41:37 -05:00
3b85512e48
Polish
...
Issue gh-4694
2017-10-25 07:41:29 -05:00
4dbbcabacf
Rename AuthorizationCodeAuthenticationProvider -> OAuth2LoginAuthenticationProvider
...
Fixes gh-4690
2017-10-24 15:24:26 -04:00
049080290e
Refactor OAuth2 AuthenticationProvider's
...
Fixes gh-4689
2017-10-24 15:24:26 -04:00
0fb32a052e
OAuth2LoginAuthenticationFilter processes uri /login/oauth2/*
...
Fixes gh-4687
2017-10-24 15:24:26 -04:00
4ae24f2fbe
Rename AuthorizationCodeAuthenticationFilter -> OAuth2LoginAuthenticationFilter
...
Fixes gh-4686
2017-10-24 15:24:25 -04:00
09a94a4ef4
Merge AuthorizationCodeGrantConfigurer -> OAuth2LoginConfigurer
...
Fixes gh-4684
2017-10-24 15:24:25 -04:00
8291f20796
DaoAuthenticationProvider uses DelegatingPasswordEncoder
...
This means that passwords will be encoded with BCrypt by default
Fixes: gh-2775
2017-10-24 07:56:28 -05:00
d19b222b55
UserDetailsRepositoryReactiveAuthenticationManager uses DelegatingPasswordEncoder
...
This means passwords will be encoded with BCrypt by default
Issue: gh-2775
2017-10-24 07:56:28 -05:00
cdc992b132
Remove SaltSource
...
Fixes gh-4681
2017-10-24 07:56:28 -05:00
4529e09339
Remove PasswordEncoder from core
...
Issue: gh-4674
2017-10-24 07:56:28 -05:00
3a4a32e654
Remove LdapShaPasswordEncoder from core
...
Issue: gh-4674
2017-10-24 07:56:20 -05:00
6a3e981c80
Remove BaseDigestPasswordEncoder from core
...
Issue: gh-4674
2017-10-24 07:55:40 -05:00
a8aa65b828
Remove Md4PasswordEncoder from core
...
Issue: gh-4674
2017-10-24 07:55:32 -05:00
12dbf2e961
Remove PlainTextPasswordEncoder from core
...
Issue: gh-4674
2017-10-23 22:27:16 -05:00
40fd8d7aa7
Remove ShaPasswordEncoder from core
...
Issue: gh-4674
2017-10-23 22:27:16 -05:00
e98fc3556e
Remove Md5PasswordEncoder from core
...
Issue: gh-4674
2017-10-23 22:27:16 -05:00
7c95c88601
Add User/UserBuilder in UserDetailsManagerConfigurer
...
Fixes gh-4679
2017-10-23 22:27:16 -05:00
c5d4041ca8
Add 5.0.xsd
...
Fixes gh-4675
2017-10-23 22:27:16 -05:00
6d7d34c549
Move AuthorizationRequestUriBuilder and DefaultAuthorizationRequestUriBuilder
...
Fixes gh-4658
2017-10-23 10:19:31 -04:00
f0c9f85292
spring-security-jwt-jose -> spring-security-oauth2-jose
...
Fixes gh-4595
2017-10-23 09:04:01 -04:00
8e3a2a7123
Remove AuthorizationCodeAuthenticationFilter.AuthorizationResponseMatcher
...
Fixes gh-4654
2017-10-20 06:09:31 -04:00
eb82a79068
OAuth2 login url starts with /login/
...
Fixes gh-4659
2017-10-19 17:32:21 -04:00
d4dac21ca5
Make ClientRegistration.Builder constructor private
...
Fixes gh-4656
2017-10-19 14:15:59 -04:00
1f5edc98d5
ClientRegistration.Builder.scopes -> scope
...
Fixes gh-4663
2017-10-19 11:24:01 -04:00
1e891b38ab
Rename scope -> scopes for Set types
...
Fixes gh-4644
2017-10-18 17:56:39 -04:00
b81c1ce2c0
Move spring-security-webflux into spring-security-web
...
Fixes gh-4662
2017-10-18 16:20:09 -05:00
d231441cc0
EnableWebFluxSecurityTests uses SpringTestRule
...
This will hopefully resolve the periodic failures in
EnableWebFluxSecurityTests
2017-10-18 15:14:43 -05:00
9d46af3d7c
Introduce SpringTestContext
...
This adds support for testing different configurations per method.
2017-10-18 15:14:43 -05:00
7b8d131386
Fix package tangles -> OAuth2/Oidc AuthenticationProvider's
...
Fixes gh-4614
2017-10-16 20:56:32 -04:00
25052214ae
Polish
2017-10-16 18:33:27 -05:00
a74f7c6faa
Fix CSRF / DefaultLoginPageGeneratingFilter package tangle
...
Issue: gh-4636
2017-10-16 16:36:49 -05:00
7fd1cff3ce
Fix PrePostAdviceReactiveMethodInterceptor tangle
...
Issue: gh-4636
2017-10-16 16:36:43 -05:00
579282437b
Move GlobalAuthenticationConfigurerAdapter
...
Issue: gh-4636
2017-10-16 16:36:33 -05:00
a7d054c9f3
Remove AuthorizationGrantAuthenticator
2017-10-16 13:43:11 -04:00
3c824dc44b
Fix package tangles -> OAuth2UserService
...
Fixes gh-4614
2017-10-13 18:59:41 -04:00
cfa4858b04
Fix package tangles -> AuthorizationGrantTokenExchanger
...
Fixes gh-4614
2017-10-13 16:35:48 -04:00
c441f99567
Polish oauth2-client
2017-10-13 07:09:00 -04:00
211e8eae90
Remove formLogin() and httpBasic() from defaults
2017-10-12 16:41:01 -05:00
5fae710d69
Polish ServerHttpSecurityConfigurationBuilder
...
Fix copyright
2017-10-12 16:20:18 -05:00
30487c3b4b
Polish ServerHttpSecurity testing
2017-10-12 15:54:54 -05:00
015cc2203e
Fix ServerHttpSecurity
2017-10-12 15:54:54 -05:00
91d9404828
Fixed typo in HttpSecurity.authorizeRequests javadoc
2017-10-12 07:36:37 -05:00
18df9a869e
Move config AuthorizationCodeGrantConfigurer -> OAuth2LoginConfigurer
2017-10-11 17:39:21 -04:00
247f737bc8
Move HttpBasicServerAuthenticationEntryPoint
...
Move it up a package as www is too sparse. This is different than servlet
based support, but we also are now using a generic AuthenticationWebFilter
Fixes gh-4617
2017-10-11 16:24:14 -05:00
7271a427e8
SecurityContextServerRepository->ServerSecurityContextRepository
...
Issue gh-4615
2017-10-11 13:58:28 -05:00
792944eee7
HttpSecurity->ServerHttpSecurity
...
Issue gh-4615
2017-10-11 13:58:24 -05:00
185d3032f5
LogoutHandler->ServerLogoutHandler
...
Issue gh-4615
2017-10-11 13:58:21 -05:00
c9ce528206
AuthenticationFailureHandler->ServerAuthenticationFailureHandler
...
Issue gh-4615
2017-10-11 13:58:18 -05:00
897e7111e3
AccessDeniedHandler->ServerAccessDeniedHandler
...
Issue gh-4615
2017-10-11 13:58:14 -05:00
a5af2a07d7
HttpHeadersWriter->ServerHttpHeadersWriter
...
Issue gh-4615
2017-10-11 13:58:09 -05:00
2982b82b2d
AuthenticationSuccessHandler->ServerAuthenticationSuccessHandler
...
Issue gh-4615
2017-10-11 13:58:06 -05:00
b858985b0e
AuthenticationReactorContextFilter->AuthenticationReactorContextWebFilter
...
Issue gh-4615
2017-10-11 13:58:02 -05:00
bfcc2a602d
SecurityContextRepository->SecurityContextServerRepository
...
Issue gh-4615
2017-10-11 13:57:59 -05:00
e99e2a9f09
PrePostAdviceMethodInterceptor->PrePostAdviceReactiveMethodInterceptor
...
Issue gh-4615
2017-10-11 13:57:54 -05:00
d0de8d40dd
WebFilterChainFilter -> WebFilterChainProxy
...
Issue gh-4615
2017-10-11 13:57:50 -05:00
cfc5572b7a
AuthenticationEntryPoint->ServerAuthenticationEntryPoint
...
Issue gh-4615
2017-10-11 13:57:46 -05:00
8d4a73cf3f
Use Server<Description>AuthenticationConverter
...
Issue gh-4615
2017-10-11 13:57:43 -05:00
5502856095
UserDetailsRepositoryAuthenticationManager->UserDetailsRepositoryReactiveAuthenticationManager
...
Issue gh-4615
2017-10-11 13:57:35 -05:00
4681697581
UserDetailsRepository->ReactiveUserDetailsService
...
Issue gh-4615
2017-10-11 13:57:30 -05:00
f1bc82dcef
AuthenticatedAuthorizationManager->AuthenticatedReactiveAuthorizationManager
...
Issue gh-4615
2017-10-11 13:57:26 -05:00
866ce5eaec
AuthorityAuthorizationManager->AuthorityReactiveAuthorizationManager
...
Issue gh-4615
2017-10-11 13:57:08 -05:00
d840090cb0
Add support for implicit grant type
...
Fixes gh-4500
2017-10-11 13:54:59 -04:00
6963b3c5d5
Expose login page config for oauth2Login
...
Fixes gh-4570
2017-10-10 19:05:57 -04:00
da0a7afa38
Polish AuthorizationCodeAuthenticationFilter
...
Fixes gh-4599
2017-10-10 14:39:47 -04:00
efa4bf409c
Remove AuthorizationCodeRequestRedirectFilter. setAuthorizationRequestMatcher
2017-10-10 14:38:06 -04:00
6b16fa0d8c
Polish OAuth Security Configurers
2017-10-10 14:38:06 -04:00
23f56f568c
Update MockitJunitRunner import
...
Issue: gh-4608
2017-10-09 16:13:33 -05:00
445834784a
Update to Mockito 2.10.0
...
Issue: gh-4608
2017-10-09 16:13:11 -05:00
370fc48afe
Polish LogoutBuilder
...
Issue gh-4603
2017-10-06 16:37:11 -05:00
79e749790f
Add Reactive LogoutBuilder
...
Fixes gh-4541
2017-10-06 16:36:19 -05:00
c77cc72cd3
Fix EnableWebFluxSecurityTests
...
Fixes gh-4604
2017-10-06 16:28:57 -05:00
926ad45f21
Add default config for common OAuth2 Providers
...
Fixes gh-4597
2017-10-06 10:17:32 -04:00
29d36e4d16
Remove OAuth2ClientTemplatePropertiesLoader
...
Fixes gh-4598
2017-10-05 20:15:28 -04:00
1b7e761be4
Remove SecurityTokenRepository from AuthorizationCodeAuthenticationProvider constructor
...
Fixes gh-4591
2017-10-05 17:05:56 -04:00
eb320bfed4
AuthorizationCodeAuthenticationProcessingFilter -> AuthorizationCodeAuthenticationFilter
2017-10-05 16:40:12 -04:00
5c14e48b18
Add OAuth2UserAuthenticationProvider
...
Moved logic from AuthorizationCodeAuthenticationProvider
to OAuth2UserAuthenticationProvider (new) related to
loading user attributes via OAuth2UserService.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 15:15:35 -04:00
f8a9077d5a
Generalize AuthorizationCodeAuthenticationProvider
...
The AuthorizationCodeAuthenticationProvider implements part of the
Authorization Code Grant flow as defined in
OAuth 2.0 Authorization Framework and OpenID Connect Core 1.0.
The implementation needs to be de-coupled to allow for better re-use and readability.
This commit introduces the AuthorizationGrantAuthenticator and extracts logic from
AuthorizationCodeAuthenticationProvider and provides different implementations
for OAuth 2.0 and OpenID Connect 1.0.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 05:02:22 -04:00
fb57111ecd
redirect-uri property supports 'baseRedirectUrl' uri variable
...
Fixes gh-4589
2017-10-02 15:29:03 -04:00
66647070ab
Default login page supports Iterable<ClientRegistration>
...
Fixes gh-4596
2017-09-29 19:54:17 -04:00
99f06ca58c
HttpSecurity invokes configure(this)
...
Issue gh-4542
2017-09-29 16:04:47 -05:00
b3bd5ba946
Add Reactive HttpSecurity.addWebFilterAt
...
Fixes gh-4542
2017-09-29 16:04:35 -05:00
737c48de06
Polish
2017-09-29 14:13:02 -05:00
b9258aa6ee
Make AuthorizationRequestUriBuilder optional
...
Fixes gh-4577
2017-09-28 16:43:11 -04:00
9a8ddebc94
Use param matching for Authorization Response
...
Fixes gh-4576
2017-09-28 10:21:01 -04:00
8448a54678
Remove ClientRegistrationRepository.getRegistrations()
...
Fixes gh-4582
2017-09-28 07:02:59 -04:00
b463f8e6b5
Remove httpSecurity.oauth2Login().userInfoEndpoint().userNameAttributeName()
...
Related gh-4580
2017-09-27 15:39:39 -04:00
814742fef6
Rename ClientRegistration.clientAlias -> registrationId
...
Fixes gh-4575
2017-09-27 09:14:55 -04:00
38be35677d
Add userNameAttributeName to ClientRegistration
...
Fixes gh-4580
2017-09-26 21:55:19 -04:00
0e9b2807bf
Split up NimbusOAuth2UserService
...
Fixes gh-4447
2017-09-26 11:32:49 -04:00
6d26b86792
Add UserDetailsRepositoryResourceFactoryBean.fromString
...
Fixes gh-4566
2017-09-22 20:18:59 -05:00
a4c2073bcd
Add UserDetailsManagerResourceFactoryBean.fromString
...
Fixes gh-4567
2017-09-22 20:18:59 -05:00
bc99f8aff3
Add UserDetailsResourceFactoryBean.fromString
...
Fixes gh-4568
2017-09-22 20:18:59 -05:00
9e719bc313
Drop the `aopalliance:aopalliance` dependency
...
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.
This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)
The documentation is updated accordingly.
[1] https://jira.spring.io/browse/SPR-13984
2017-09-22 11:11:04 -05:00
8521ca8f94
Polish gh-4560
2017-09-21 17:21:41 -04:00
baa3b6f258
Add utility for loading properties of client types
...
Fixes gh-4560
2017-09-20 22:50:19 -04:00
8a66d0c78d
Polish PermissionEvaluator Autowired into Web Security
...
Issue gh-4077
2017-09-18 16:53:19 -05:00
3bf6bf10de
Configure permissionEvaluator and roleHierarchy by default
...
Implementations of AbstractSecurityExpressionHandler (such as the very commonly used DefaultWebSecurityExpressionHandler) get PermissionEvaluator and RoleHierarchy from the application context (if the application context is provided, and exactly one of such a bean exists in it). This approach matches that used in GlobalMethodSecurityConfiguration, making everything in Spring Security work the same way (including WebSecurity).
Issue gh-4077
2017-09-18 16:35:16 -05:00
f8ee9944ff
Copyright date range
2017-09-18 11:18:46 -05:00
1f4082e754
Fix copyright lines
2017-09-18 11:11:25 -05:00
01d4387f56
Fix empty lines in copyright
2017-09-18 10:53:04 -05:00
3ecf3ea034
Fix double * in Copyright headers
2017-09-18 10:47:26 -05:00
e14af37775
Add LogoutWebFilter
...
Fixes gh-4539
2017-09-13 16:43:04 -05:00
426e24c18e
Polish
...
Formatting changes
2017-09-13 15:31:32 -05:00
65b968f04a
Move servlet-specific classes to 'web' package
...
Fixes gh-4366
2017-09-13 16:13:32 -04:00
0a36359f11
WebFlux HTTP Basic & Form Login Sessions
...
By default both HTTP Basic and form log are enabled. Now HTTP Session will
not be used for HTTP Basic, but will be for form log in.
2017-09-13 14:47:44 -05:00
3d745e63f6
HttpSecurityConfiguration applies all defaults
...
HttpSecurity headers is off by default and relies on
HttpSecurityConfiguration to enable it. This is more consistent with the
other operators
2017-09-12 22:07:12 -05:00
b5edb58050
Polish reactive config
...
Code Checkstyle fixes
2017-09-12 21:56:09 -05:00
8b32b8db74
Polish
...
HeadersBuilder build is protected
2017-09-12 21:51:26 -05:00
d93c774691
Add FormLogin Configuration
...
Fixes gh-4537
2017-09-12 20:40:56 -05:00
a0a0a32bda
Add WebTestClient HtmlUnit Support
...
Fixes gh-4534
2017-09-12 20:40:56 -05:00
8d997fd079
Remove DefaultAuthenticationSuccessHandler
...
We always need to save the user after authentication, so it should be
part of AuthenticationWebFilter
Fixes gh-4524
2017-09-12 20:40:56 -05:00
4ff0b52f74
Remove HttpClientConfig
...
Issue gh-4478
2017-09-12 21:03:40 -04:00
d9bad2bc9d
Mono.currentContext()->subscriberContext()
...
Fixing refactoring by Reactor
2017-09-01 17:20:47 -05:00
be0081290b
EnableWebFluxSecurity uses PasswordEncoder Bean
2017-08-30 10:02:00 -05:00
9f2ea90f0d
Polish HttpSecurity
...
Code Style fixes
2017-08-29 20:34:20 -05:00
51ad53f76a
Remove Optional from Reactive HttpSecurity
2017-08-29 20:30:04 -05:00
20befc3702
Support .and() in Reactive HttpBasic & HeaderBuilder
2017-08-29 20:17:56 -05:00
c4917f359a
Fix for Reactor Refactor
...
- contextStart -> subscriberContext
2017-08-29 08:24:55 -05:00
bc6be86aec
Add in-memory AccessTokenRepository
...
Fixes gh-4508
2017-08-23 17:18:35 -04:00
91b0bd4ba5
Provide oauth2login.tokenEndpoint config
...
Fixes gh-4506
2017-08-23 17:18:01 -04:00
c06975080f
Allow configuring oauth2 authentication handlers
...
Fixes gh-4472
2017-08-23 17:17:34 -04:00
93c2b2533e
Allow configuring request paths for oauth2 filters
...
Fixes gh-4473
2017-08-23 17:17:01 -04:00
416ff3c77a
Add EnableReactiveMethodSecurity
...
Issue gh-4496
2017-08-17 16:42:01 -05:00
b0b9b32c0c
Add AuthenticationReactorContextFilter
...
Fixes gh-4501
2017-08-17 16:42:01 -05:00
e16b8e7976
Fix logback-test.xml
2017-08-17 16:42:01 -05:00
f3737b61e8
Add logback-classic as test dependency
2017-08-17 15:42:39 -05:00
efc3cadd43
Fixed Circular Bean References in Java Config
...
Fixes gh-4489
2017-08-09 16:24:01 -05:00
bfaead6f68
Removal of ParsingPathMatcher
...
Changes needed for the removal of ParsingPathMatcher in Spring Framework
b1440b6816 (diff-972650c759c249004b9725f94b570db3R156)
2017-08-02 11:11:11 -05:00
c872499eee
Enable custom configuration for HTTP client
...
Fixes gh-4477
2017-07-28 16:43:44 -04:00
9b7883fe10
Add WEB_FILTER_CHAIN_FILTER_ORDER
...
Fixes gh-4475
2017-07-27 21:02:38 -05:00
96ae0fe8f8
Expose configuration for authorities mapping
...
Fixes gh-4409
2017-07-12 17:35:16 -04:00
9cfb890207
Use id_token for user authentication
...
Fixes gh-4410
2017-07-07 12:44:26 -04:00
0e100be333
Fix Groovy 2.5 Compile Errors
...
Fixes gh-4415
2017-06-22 13:31:21 -05:00
8130965259
Fixes for changes in SPR-15657
...
Fixes gh-4408
2017-06-20 16:42:24 -05:00
ca6348800e
HttpSecurity.authorizeExchange() allows Method Chaining
...
Fixes gh-4397
2017-06-15 15:50:30 -05:00
9d19b7337e
Ensure Unique Names
...
Issue: gh-4394
2017-06-15 13:00:59 -05:00
fda0220fad
Provide default reactive HttpSecurity
...
Fixes gh-4396
2017-06-15 13:00:19 -05:00
9141a8a7c0
Add Multiple Reactive HttpSecurity
...
Fixes gh-4395
2017-06-15 13:00:19 -05:00
406e1e6951
Extract out HttpSecurityConfiguration
...
Fixes gh-4394
2017-06-15 13:00:19 -05:00
335a01577a
Typo "he" -> "the"
2017-06-15 12:47:41 -05:00
30132892a0
Polish UserDetailsResourceFactoryBean Support
...
Issues: gh-4380 gh-4381 gh-4382
2017-06-13 15:15:21 -05:00
337317a060
WebFlux now uses ParsingPathMatcher
...
Fixes gh-4388
2017-06-09 22:25:45 -05:00
6428cb411e
Add UserDetailsRepositoryResourceFactoryBean
...
Add the ability to easily create a UserDetailsRepository from a Properties
in the standard Spring Security user format.
Fixes gh-4382
2017-06-09 16:07:18 -05:00
4cb77e5386
Add UserDetailsManagerResourceFactoryBean
...
Add the ability to easily create a UserDetailsManager from a Properties
in the standard Spring Security user format.
Fixes gh-4381
2017-06-09 16:07:18 -05:00
256d14ede0
Add UserDetailsResourceFactoryBean
...
Add the ability to create a Collection<UserDetails> from a Properties
Resource using the standard Spring Security user format.
Fixes gh-4380
2017-06-09 16:07:18 -05:00
d09fb5b500
Move UserDetailsRepository to core.userdetails
...
Fixes gh-4383
2017-06-09 16:07:09 -05:00
6c0ecea494
Use java.util.Function instead of Converter
...
Fixes gh-4323
2017-06-01 17:25:39 -04:00
e5eda24054
Add ServerWebExchangeMatcherEntry
2017-05-31 16:13:20 -05:00
68368c87ca
Resolve compile errors -> WebTestClient methods removed
...
Fixes gh-4355
2017-05-25 11:14:29 -04:00
bc141febdb
Demo mock support with RouterFunction
2017-05-23 16:29:30 -05:00
9e6b10ce46
Fix JavaDoc for HeadersConfigurer
...
Corrected copy-paste error.
2017-05-22 00:32:19 +02:00
247635ed92
WebFluxSecurityConfiguration defaults HTTP Basic
...
Fixes gh-4346
2017-05-19 21:50:06 -05:00
1cec497a50
Add method chaining for AuthorizeExchangeBuilder
...
Fixes gh-4345
2017-05-19 21:25:50 -05:00
0428cdd934
Add @EnableWebFluxSecurity
...
Fixes gh-4344
2017-05-19 21:11:42 -05:00
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
b4f2777755
Add WebFlux
...
Fixes gh-4128
2017-05-10 00:13:02 -05:00
829c386756
Add support for OAuth 2.0 Login
...
Fixes gh-3907
2017-04-28 10:58:59 -04:00
dd6fc48dd8
Standardize Build
...
The build now uses spring build conventions to simplify the build
Fixes gh-4284
2017-04-21 10:55:05 -05:00
5a65da400d
Use ReflectionTestUtils rather than Whitebox
...
This is better because it no longer uses Mockito's internal API
Fixes gh-4305
2017-04-21 10:54:58 -05:00
2ce174dbf0
Update poms to 5.0.0.BUILD-SNAPSHOT
2017-04-07 16:49:50 -04:00
d2524eadfc
Update poms to new to SNAPSHOT version
2017-03-02 09:20:34 -06:00
081f0c4d94
Release version 4.2.2.RELEASE
2017-03-02 07:29:42 +00:00
f3edaa673a
Fix SecurityNamespaceHandler Version Error Message
...
Fixes gh-4210
2017-03-02 00:25:51 -06:00
546d44d6e7
Fix NPE in WebSocketMessageBrokerSecurityBeanDefinitionParser
...
Fixes gh-4112
Closes gh-4194
2017-03-01 23:58:02 -06:00
2ac51c9c7f
Fix class name in comment
2017-03-01 23:31:32 -06:00
9c03571bbb
Use message in all Assert
...
This ensures compatibility with Spring 5.
Fixes gh-4193
2017-01-30 19:58:24 -06:00
7a7ce11ebb
Release version 4.2.1.RELEASE
2016-12-21 17:23:28 +00:00
fc516b55a6
Fix Build Against Spring 5.0.0.BUILD-SNAPSHOT
...
Change Bean definition to static to avoid SPR-12646
Fixes gh-4150
2016-12-08 15:54:46 -06:00
f94399cff9
Polish
2016-11-17 09:49:41 -06:00
24fcb6c45a
Release version 4.2.0.RELEASE
2016-11-09 23:42:11 +00:00
23294c4c57
Add Referrer-Policy header support
...
Fixes gh-4110
2016-11-08 13:21:35 -06:00
97b4cb0b73
Release version 4.2.0.RC1
2016-10-26 02:49:23 +00:00
df3b8bc284
Add Spring MVC test for override cache control
...
Issue gh-3975
2016-10-24 15:57:32 -05:00
f432c04111
Create UserBuilder
...
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder
Fixes gh-4095
2016-10-21 16:42:03 -05:00
94e580fe64
Add Support for Custom Default Configuration in Web Security
...
Fixes gh-4102
2016-10-19 16:15:56 -05:00
af9139b613
Add intercept-url@request-matcher-ref
...
Fixes gh-4097
2016-10-18 22:27:31 -05:00
f019ea89e7
Remove unused lowercase-comparisons from XSD
...
Fixes gh-3932
2016-10-18 22:27:28 -05:00
0d700628dc
Add spring-security-4.2.xsd to spring.schemas
...
Fixes gh-4098
2016-10-18 22:27:22 -05:00
aaa9708b95
Add BeanResolver to AuthenticationPrincipalArgumentResolver
...
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.
This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.
Fixes gh-3949
2016-10-18 19:45:54 -05:00
badb466cc5
AuthenticationConfiguration imports ObjectPostProcessor
...
Fixes gh-4086
2016-10-17 20:00:27 -05:00
1222fc5f10
XML ref to bean
...
Spring 5 removes ref XML attribute in favor of bean XML attribute. This
commit updates all the samples and tests to use bean instead of ref.
Issue gh-4080
2016-10-17 17:00:17 -05:00
08c1f500a7
Version bumps for Spring 5
...
Issue gh-4080
2016-10-17 17:00:17 -05:00
c1b8150439
Release version 4.2.0.M1
2016-09-23 19:39:33 +00:00
b443baef04
Polish GrantedAuthorityDefaults
...
* Move GrantedAuthorityDefaults to config module
* Move setting of default role into config module vs
ApplicationContextAware
Issue gh-3701
2016-09-22 15:13:05 -05:00
eabeaf35d6
Make single definition of `defaultRolePrefix` and `rolePrefix`
...
Previous to this commit, role prefix had to be set in every class
causing repetition. Now, bean `GrantedAuthorityDefaults` can be used to
define the role prefix in a single point.
Fixes gh-3701
2016-09-21 14:55:41 -05:00
49f7c98c3e
Fix headers@defaults-disabled=true with no children
...
Previously <headers defaults-disabled="true"/> would fail if there were
no children with an IllegalArgumentException. This allows using
defaults-disabled="true" and no children as an alias for disabled="true".
Fixes gh-3986
2016-09-19 14:53:51 -05:00
4cc899feab
Fix Typo in Javadoc
...
Issue gh-4063
2016-09-19 10:09:48 -05:00
6650429283
Polish SessionInformationExpiredStrategy
...
* Fix passivity and add tests
* Introduce SessionInformationExpiredEvent as a value object
* Rename ExpiredSessionStrategy to SessionInformationExpiredStrategy
to account for the need of SessionInformation
* Switch to Constructor Injection
* Move the changes to the xsd to 4.2 xsd instead of 4.1
Issue gh-3808
2016-09-15 14:30:52 -05:00
67c9f12964
Configuration of session management strategies
...
This commit adds the possibility to configure the AuthenticationFailureHandler
of the SessionManagementFilter.
Fixes gh-3794
2016-09-15 11:10:36 -05:00
b88418b94a
Configuration of session management strategies
...
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.
Fixes gh-3794
Fixes gh-3795
2016-09-15 11:10:17 -05:00
4d02a5c0a0
Update pom.xml dependencies
2016-08-30 11:27:29 -05:00
c6366baee2
Remove MvcRequestMatcher.afterPropertiesSet()
...
The validation does not work due to restrictions within the servlet
container. Specifically we cannot access the servlets that are registered.
This commit reverts the validation logic for MvcRequestMatcher to determine
if servletPath is required.
Fixes gh-4027
2016-08-19 14:18:07 -04:00
f8bfe19a98
Fix typo in autowiring warning ( #4026 )
...
Fixes a misleading message that warns about
PermissionEvaluator when MethodSecurityExpressionHandler
should be mentioned instead.
Fixes gh-3402
2016-08-16 08:39:49 -05:00
bb997eecde
Fix defaultMethodExpressionHandler autowiring
...
Previously if a Bean for GlobalMethodSecurityConfiguration's
defaultMethodExpressionHandler was found on a Configuration that also
@Autowired a Bean that enabled method security, the Bean that was
@Autowired would not have security enabled.
This fixes the issue by delaying the lookup of Beans populated on
GlobalMethodSecurityConfiguration's defaultMethodExpressionHandler.
Fixes gh-4020
2016-08-10 23:48:07 -05:00
e080905a79
MvcRequestMatcher servletPath Polish / XML Config
...
Fixes gh-4014
2016-08-09 16:29:30 -05:00
3befb1c8a6
MvcRequestMatcher servletPath / JavaConfig
...
Issue: gh-3987
2016-08-09 16:29:30 -05:00
519c15efb3
Logout is 204 for XMLHttpRequest
...
Fixes gh-3997
2016-08-02 11:26:52 -07:00
c23c7982ca
Add ObjectPostProcessor support for SmartInitializingSingleton
2016-07-21 08:59:17 -05:00
ca170f8479
DummyRequest supports methods for MvcRequestMatcher
...
To support MvcRequestMatcher DummyRequest needs to support
getCharacterEncoding() and getAttribute(String)
2016-07-14 14:18:31 -05:00
ada146244e
Add HttpSecurity.mvcMatcher
...
Fixes gh-3970
2016-07-14 10:50:49 -04:00
945e2e2ad4
Fix NPE requestMatchers().mvcMatchers
...
Fixes gh-3969
2016-07-14 10:50:49 -04:00
80ff267749
Check RememberMe in ExceptionTranslationFilter
...
This commit adds a check for rememberme to the ExceptionTranslationFilter.
Using this when someone isn't fully authenticated he will be prompted with a
login screen and after that will be redirected to the original requested URI.
Fixes gh-2427
2016-07-13 16:58:00 -04:00
1effc1882a
Add CompositeLogoutHandler
...
Fixes gh-3895
2016-07-08 13:30:38 -05:00
885f074ddf
Fix XsdDocumentedTests
2016-07-07 15:05:04 -05:00
e297706e8b
Polish allow unlimitted sessions
...
Update the rnc file
Issue gh-3900
2016-07-07 14:31:40 -05:00
e3ff4130a5
Allow negative values to configure unlimited sessions
2016-07-07 14:29:18 -05:00
50d7d3287f
Add spring-security-4.2.xsd
2016-07-07 14:19:01 -05:00
13b0ddb7e6
Fix test assertions
2016-07-07 13:29:00 -05:00
919f000c80
Release version 4.1.1.RELEASE
2016-07-07 00:57:35 +00:00
310bb39a0d
Fix typo
2016-07-06 16:22:33 -05:00
764a4d8414
Fix Error Message typo
...
Fixes gh-3953
2016-07-06 16:19:29 -05:00
b17870ee07
LogoutConfigurer: only allow suitable http methods
2016-07-06 16:17:11 -05:00
e4c13e3c0e
Add MvcRequestMatcher
...
Fixes gh-3964
2016-07-06 15:47:23 -05:00
13bc70f693
Add CorsFilter support
2016-07-05 14:28:04 -05:00
c935d857eb
Add mvc namespace to XmlApplicationContext
2016-07-01 22:04:55 -05:00
7f3b3a8b59
Polish
...
Issue gh-180
2016-07-01 13:17:52 -05:00
bd5f71bb0d
Polish
...
Fix checkstyle for LDAP JavaConfig Authority mapping
Issue gh-2768
2016-06-21 17:08:37 -05:00
b76e3be822
LDAP Java Config supports GrantedAuthoritiesMapper
...
Fixes gh-2768
2016-06-21 16:43:13 -05:00
26ad1cb4a5
Polish RememberMe Validation
...
Issue gh-3909
2016-06-21 14:57:15 -05:00
87224f62e4
RememberMe JavaConfig Validation
...
Add validation when rememberMeServices and rememberMeCookieName are
provided
Fixes gh-3909
2016-06-21 14:57:01 -05:00
66858e22ad
Disable XMLHttpRequest for formLogin entry point
...
Previously the following:
http http://localhost:8080/user \
"X-Requested-With:XMLHttpRequest" "Accept:text/plain"
Produced a 302 instead of a 401
Fixes gh-3887
2016-06-20 15:30:00 -05:00
39ed7d0eca
Propagate rolePrefix to LdapAuthoritiesPopulator
...
Previous to this commit, custom rolePrefix was not propagated to
LdapAuthoritiesPopulator populating a wrong authority. Now, rolePrefix
is propagated and the authority is as expected.
Fixes gh-3921
2016-06-20 12:44:02 -05:00
a2ead4cf7a
Polish
...
Fixes gh-3892
2016-06-20 12:35:43 -05:00
2d6051625f
Update pom.xml
2016-06-17 14:30:11 -05:00
477573b3bc
Fix @EnableGlobalAuthentication & method seucrity on @Configuration class
...
Fixes gh-3934
2016-06-17 14:05:11 -05:00
fa1c484587
AuthenticationConfiguration.getAuthenticationManager() supports recursion
...
AuthenticationConfiguration.getAuthenticationManager() now supports
recursion. This is necessary in instances where something using
@EnableGlobalAuthentication requires an object using method level security.
Fixes gh-3935
2016-06-17 14:02:36 -05:00
9e3d2e2d99
HTTP Basic default logout ignores text/html
...
This fixes an issue where Chrome sends an accept header of application/xml
which triggers an HTTP 204 to be returned
Fixes gh-3902
2016-06-14 16:27:56 -05:00
d3b3f8e004
Fix WebSecurityConfigurerAdapter Javadoc
...
The constructor's Javadoc was incorrect. This commit
fixes it.
2016-05-23 08:12:50 -05:00
001b05569a
Release version 4.1.0.RELEASE
2016-05-05 04:25:46 +00:00
e68d8bfaea
Clarifies sessionAuthenticationStrategy setter
...
Fixes gh-234
2016-05-02 13:21:58 -05:00
491abf2600
Revert "Fix test for SessionManagementConfigurer"
...
This reverts commit 17b25d1477
2016-05-02 13:21:58 -05:00
0d2b797c2a
Revert "Fix sessionAuthenticationStrategy setter"
...
This reverts commit 8f5d46ad68
2016-05-02 13:21:58 -05:00
17b25d1477
Fix test for SessionManagementConfigurer
...
Fixes gh-234
2016-04-21 16:50:03 -04:00
8f5d46ad68
Fix sessionAuthenticationStrategy setter
...
sessionAuthenticationStrategy was setting sessionFixationAuthenticationStrategy instead
Fixes gh-234
2016-04-21 16:21:54 -04:00
24d0069668
Release version 4.1.0.RC2
2016-04-21 01:47:25 +00:00
7fe0a135ec
Default AntPathRequestMatcher to be case sensitive
...
Issue gh-3831
2016-04-20 13:29:18 -05:00
510cd59980
Default logout negotiation in Java Configuration
...
This commit adds content negotiation for log out.
Fixes gh-3282
2016-04-20 10:59:14 -05:00
51995dc187
Add Java Configuration InvalidSessionStrategy ( #3827 )
...
Allow configuring the InvalidSessionStrategy in Java Configuration.
Fixes gh-3371
2016-04-20 09:59:27 -04:00
a5a8aeb550
Message SecurityExpressionHandler is post processed ( #3820 )
...
Previously the SecurityExpressionHandler for message based configuration
did not have a beanResolver set.
This commit post processes the default message SecurityExpressionHandler
to ensure the beanResolver is set.
Fixes gh-3797
2016-04-19 13:21:58 -04:00
c872a77ad1
RoleHiearchy Bean used in GlobalMethodSecurity ( #3394 )
...
Previously it required quite a bit of extra work to use RoleHiearchy
within Java Based Spring Security configuration.
Now if a single RoleHiearchy Bean is defined it will automatically
be picked up and used by method security.
Fixes gh-3394
2016-04-19 12:47:38 -04:00
933a7e8363
Remove duplicate words
...
Fixes gh-3826
2016-04-18 23:21:20 -05:00
fb5776cb5c
Support Camel case URI variables ( #3814 )
...
Perviously there were issues with case insenstive patterns and URI
variables that contained upper case characters. For example, the pattern
"/user/{userId}" could not resolve the variable #userId Instead it was
forced to lowercase and #userid was used.
Now if the pattern is case insensitive then so is the variable. This means
that #userId will work as will #userid.
Fixes gh-3786
2016-04-18 17:54:48 -04:00
b6800bdb4d
Update ExpressionUrlAuthorizationConfigurer Error Message
...
Update error message
2016-04-14 15:33:48 -05:00
59db9413aa
Add SpEL Bean reference test ( #3815 )
...
Issue gh-3797
2016-04-14 12:11:40 -05:00
6f169267c4
HttpSecurity comparitor->comparator
...
Rename HttpSecurity's comparitor to comparator
Fixes gh-3810
2016-04-13 15:04:22 -05:00
a7fb6d2e58
Add HttpSecurity.addFilterAt ( #3809 )
...
Fixes gh-3784
2016-04-13 16:01:25 -04:00
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
b82df4ecf3
Add alwaysRemember to RememberMe Java Config
...
Allow setting alwaysRemember from RememberMeConfigurer
Fixes gh-180
2016-04-12 13:37:44 -05:00
bd0c8a7baa
Fix HttpSecurity logout JavaDoc
...
Removed error provoking extra logout() from example code
2016-04-12 13:24:40 -05:00
fe94d654ed
Fix typos ( #228 )
2016-04-12 11:11:51 -05:00
c57dba6b77
Fix typo in setMessageExpessionHandler ( #3803 )
2016-04-12 11:08:52 -05:00
b90242f2fa
Updates all POM versions to 4.1.0 snapshot build.
...
Fixes gh-3804
2016-04-12 10:35:43 -04:00
d05fe8ec07
Fix typo in xsd
...
Fixes gh-3229
2016-04-05 09:47:48 -05:00
044acf7e27
Release version 4.1.0.RC1
2016-03-23 07:15:15 -07:00
2f7f2ff589
Adds support for Content Security Policy
...
Fixes gh-2342
2016-03-22 21:59:13 -05:00
4b650dc58d
Allow AuthenticationProvider Bean in Java Config
...
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.
Fixes gh-3091
2016-03-22 16:17:25 -05:00
533a5f0905
Fix <password-encoder> when authentication-manager@id specified
...
When <authentication-manager> specifies an id, the <password-encoder> is
not used because the parser changes the bean id without aliasing it to
BeanIds.AUTHENTICATION_MANAGER which is used by
AuthenticationManagerBeanDefinitionParser to look up the
AuthenticationManager bean.
This commit updates AuthenticationManagerBeanDefinitionParser to ensure
there is an alias to BeanIds.AUTHENTICATION_MANAGER when the id is
specified.
Fixes gh-3296
2016-03-21 22:48:49 -05:00
7bf014f678
Path Variables fail with different case
...
Fixes gh-3329
2016-03-21 10:09:50 -05:00
cf66487d3a
Add Java Configuration Test
...
Issue SEC-2256
2016-03-18 14:03:47 -05:00
41c6a797c3
Add RememberMeConfigurer set domain
...
Fixes gh-3408
2016-03-17 08:30:18 -05:00
ec4e6c7453
Update pom.xml to 4.1.0.BUILD-SNAPSHOT
2016-03-14 00:51:35 -05:00
f221920a19
Clean up code to conform to basic checkstyle
...
Issue gh-3746
2016-03-14 00:15:12 -05:00
35eff94e3d
Add Both Config names to duplicate WebSecurityConfigurer order
...
Previously the error message when multiple WebSecurityConfigurer with the
same Order did not include both WebSecurityConfigurer classes that were
involved in the duplicate Order. This made resolving errors difficult.
This commit ensures both WebSecurityConfigurers are include in the error
message.
Fixes gh-3380
2016-03-11 12:12:55 -06:00
e33e21fe6b
Add Forward after authentication attempt config support
...
Fixes gh-3728
2016-03-11 10:49:30 -06:00
5d6e8bc3c8
Remove SPR-11251 workaround from WebSecurityConfiguration
...
Fixes gh-3348
2016-03-09 16:48:24 -06:00
be36ddb614
Some formatting fixes for HttpSecurity Javadoc
2016-03-09 16:45:43 -06:00
2f4610e8b7
Update HttpSecurity.requestMatcher() Javadoc
...
Fixes gh-3365
2016-03-09 16:45:29 -06:00
71d4ce96ad
Convert to assertj
...
Fixes gh-3175
2016-03-09 14:30:17 -06:00
bb600a473e
Start AssertJ Migration
...
Issue gh-3175
2016-03-09 14:26:30 -06:00
3164bd6f8d
Polish Sorting ObjectPostProcessor
...
* Add Test
* Only sort on adding new entry
Issue gh-3572
2016-03-08 15:51:13 -06:00
a366489c3c
Sort ObjectPostProcessors prior to invoking them
...
Fixes gh-3572
2016-03-08 10:39:56 -06:00
db81977a1a
Polish HPKP
...
* Javadoc polish
* Whitespace cleanup
Issue gh-3706
2016-03-03 15:11:40 -06:00
331c7e91b7
HTTP Public Key Pinning
...
HTTP Public Key Pinning (HPKP) is a security mechanism which allows HTTPS websites
to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.
(For example, sometimes attackers can compromise certificate authorities,
and then can mis-issue certificates for a web origin.)
The HTTPS web server serves a list of public key hashes, and on subsequent connections
clients expect that server to use 1 or more of those public keys in its certificate chain.
This commit will add this new functionality.
Fixes gh-3706
2016-03-03 14:21:46 -06:00
337f1885ea
SEC-3170: Polish
...
* Prevent a null LogoutHandler from being set when RememberMeServices
does not implement LogoutHandler
* Fix test which invoked Mock from outside spock which failed
* Add explicit test for adding null LogoutHandler to
RememberMeConfigurer
2015-12-15 09:50:54 -06:00
b28c62a6fe
SEC-3170: Null check for Java Config of RememberMeServices
...
Added a null check in LogoutConfigurer.addLogoutHandler() method to
ensure that a logout handler is always provided..
2015-12-15 09:50:54 -06:00
1182d35d3c
SEC-3159: Fix Javadoc
...
The HttpSecurity#headers() Javadoc did not accurately reflect changes made to the
HeadersConfigurer in Spring Security 4.x.
2015-11-21 19:39:15 -05:00
205ef42cfb
SEC-3147: Add error parameter for default authentication-failure-url
2015-11-12 15:00:21 -06:00
53f85e2151
SEC-2848: LogoutConfigurer allows setting clearAuthentication
2015-10-30 13:54:01 -05:00
15b4406015
SEC-3135: antMatchers(<method>,new String[0]) now passive
2015-10-30 10:08:42 -05:00
6f1bb705ac
SEC-3135: antMatchers now allows method and no pattern
...
Previously, antMatchers(POST).authenticated() was not allowed. Instead
users had to use antMatchers(POST, "/**").authenticated().
Now we default the patterns to be "/**" if it is null or empty.
2015-10-29 12:48:29 -05:00
f76bf96e14
SEC-3132: securityBuilder cannot be null
...
If a custom SecurityConfiguererAdapter applies another
SecurityConfigurerAdapter it caused an error securityBuilder cannot be null.
This commit fixes this.
2015-10-23 10:27:09 -05:00
b9f8af3096
SEC-3063: rm ConditionalOnMissingBean for @Primary
...
ConditionalOnMissingBean can only work in a Spring Boot environment. This
means this approach is flawed.
Instead users that wish to override requestDataValueProcessor can use
@Primary.
2015-10-21 15:40:43 -05:00
8baafbb2f2
SEC-3116: Polish WebSecurity Javadoc
2015-10-01 15:50:22 -05:00
29f2cc0ab1
snasphot -> snapshot
2015-09-25 15:28:39 -05:00
bac980cbcb
SEC-2868: Simplify custom UserDetailsService Java Config
...
Exposing a UserDetailsService as a bean is now all that is necessary
for Java based configuration. Additionally, an optional PasswordEncoder
bean can be used to configure password encoding.
2015-08-27 20:41:15 -05:00
6b05b298ff
SEC-2059: Support Path Variables in Web Expressions
2015-08-20 17:11:01 -05:00
cbed1d75ee
SEC-3076: Add Method Level Security Meta Annotations
2015-08-19 16:07:03 -05:00
41c9431fcc
Test that form log in requires CSRF
2015-08-03 12:24:37 -05:00
453e6332da
Fix indentation of CsrfConfigTests
2015-08-03 12:03:05 -05:00
969f3a7d1b
Update pom.xml to latest snapshots
2015-08-03 09:46:01 -05:00
ad1d858e2b
SEC-3056 - Fix JavaDoc errors.
...
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
dab4cf18b8
SEC-3032: Correct documented logout-success-url default
2015-07-22 13:48:07 -05:00
e8c9f75f9c
Update pom.xml to latest versions
2015-07-22 12:51:04 -05:00
07fb2af74b
SEC-3011: AbstractUrlAuthorizationConfigurer postProcess default AccessDecisionManager
2015-07-21 08:52:36 -05:00
ab1b7a1eb6
Remove unnecessary @SuppressWarnings
2015-07-21 08:51:32 -05:00
9654df2cc3
SEC-3045: Conditionally add MethodSecurityMetadataSourceAdvisor
2015-07-17 15:16:09 -05:00
a3df41b380
Clean Import Statements
2015-07-17 14:52:23 -05:00
0e36f85dab
SEC-3019: Java Config for Http Basic supports Rememberme
2015-07-16 11:12:44 -05:00
474d624e8e
SEC-2988: Renamed OnBeanCondition.java to OnMissingBeanCondition.java
2015-07-13 22:51:45 -05:00
64938ebcfc
SEC-2996: Suport configuring SecurityExpressionHandler<Message<Object>>
2015-07-13 22:45:35 -05:00
ca0ffb8b5d
SEC-2948: Fix error message for wrong xsd schema
...
When using the wrong xsd schema < 4.0 a message was shown that the
schema needed to be version 3.2.
In reality this schema had to be version 4.0.
2015-07-09 23:17:16 -05:00
1f74ac811e
Fix Spring IO Tests
2015-07-08 11:09:29 -05:00
197ddb3cd1
SEC-3029: Fix Compatibility with Spring 4.2.x
2015-07-07 22:46:31 -05:00
0a118336d4
SEC-2955: Convert to "static" for inner classes
2015-04-30 12:54:52 -05:00
f1352ba492
SEC-2942: Add test EnableWebSecurity supports AuthenticationPrincipal
2015-04-23 16:34:04 -05:00
f548d89b27
SEC-2932: SecurityContextConfigurer defaults SecurityContextRepository
2015-04-22 16:50:51 -05:00
09acc2b7a5
SEC-2962: SecurityContextHolderAwareRequestFilter default rolePrefix
2015-04-21 11:42:48 -05:00
38e2e23b86
Fix indentation of InterceptUrlConfigTests
2015-04-21 09:38:17 -05:00
d5dfeeca49
SEC-2927: Update chat-jc pom so Maven Builds
...
Previously there were some incorrect dependency versions. This commit fixes
that.
We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
0bfbd2923a
SEC-2915: Fix defaut login page tests with tabs
2015-04-17 12:13:44 -05:00
4fdfb8caba
SEC-2915: More Tabs -> Spaces
2015-04-17 11:34:34 -05:00
5fa5630bc3
Polish ordering of Config and test in NamespaceRememberMeTests
...
The convention is to put the config just below the test.
This commit fixes the convention for NamespaceRememberMeTests
2015-04-17 11:20:39 -05:00
0c77c2071b
SEC-2880: Add a setter method to override the cookie name of remember-me
2015-04-17 11:14:58 -05:00
ec89fdcfaa
SEC-2919: Polish
...
Remove now unnecessary AuthenticationConfig.Builder#getLoginFormUrl
method.
2015-04-17 11:12:08 -05:00
052bd32f40
SEC-2919: DefaultLoginPageGeneratingFilter disabled when login-page specified
2015-04-17 11:12:08 -05:00
4ca936bb76
SEC-2913: Polish
2015-03-25 21:18:12 -05:00
6c541468f6
SEC-2913: Post Process default session fixation AuthenticationStrategy
...
Before the default session fixation AuthenticationStrategy used a
NullEventPublisher when using the Java Configuration. This was due to the
fact that it is not exposed as a Bean and is not post processed.
We now post process the default session fixation AuthenticationStrategy
which initializes the EventPublisher properly.
2015-03-25 21:11:52 -05:00
7b25b3e40d
SEC-2864: Default Spring Security WebSocket PathMatcher XML Namespace
2015-03-25 16:32:03 -05:00
db531d9100
SEC-2917: Update to Spring 4.1.6
2015-03-25 15:18:59 -05:00
57b06fb0b5
SEC-2864: Default Spring Security WebSocket PathMatcher
2015-03-25 13:14:15 -05:00
c94a5cf8e2
SEC-2916: disable-url-rewriting=true by default
2015-03-25 13:14:15 -05:00
ae6af5d73c
SEC-2915: Updated Java Code Formatting
2015-03-25 13:09:18 -05:00
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
2015-03-25 13:08:59 -05:00
cf9f58a4ac
SEC-2915: XML spaces->tabs
2015-03-25 13:08:52 -05:00
fbf3672eca
SEC-2908: mulitple invocations of http.requetMatchers() properly chains
2015-03-20 15:30:19 -05:00
e776a1fd35
SEC-2803: Add HttpStatusEntryPoint
2015-03-11 14:45:59 -05:00
bed20db905
Remove Unnecessary @Override
2015-02-27 16:18:31 -06:00
8b78194f31
SEC-2876: HttpSecurityBuilder addFilterAfter javadoc before->after
2015-02-24 22:19:50 -06:00
c8b79289c9
add setter for using a custom name for the rememberMeParameter
2015-02-24 21:45:23 -06:00
5f57e5b0c3
SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config
2015-02-24 20:49:56 -06:00
67cd8465c3
SEC-2826: Add remember-me-cookie attribute in xml namespace
2015-02-24 17:54:54 -06:00
d2fd852711
SEC-2832: Fix config tests
2015-02-24 17:53:39 -06:00
2bf4f28db9
Fix .properites user
2015-02-24 16:25:24 -06:00
df96e5573f
Add test .properties Authentication Java Config
2015-02-24 16:14:15 -06:00
37740cd020
SEC-2861: Add WebSocket Documentation & Sample
2015-02-24 10:29:47 -06:00
b9563f6102
SEC-2830: Cleanup disabling Same Origin SockJS
...
- Defaults for properties false
- Add XML Namespace support
2015-02-24 10:28:33 -06:00
b9e2a57131
SEC-2854: Add intercept-message@message-type
2015-02-20 11:43:16 -06:00
fea03536d6
SEC-2853: Rename WebSocket XML Namespace elements
2015-02-20 11:43:15 -06:00
706e7fd7a2
SEC-2863: Update to Spring 4.1.5
2015-02-20 11:43:04 -06:00
fb085cae25
Add session-management@session-fixation-protection=none test
2015-02-19 13:01:59 -06:00
6a8475adbb
SEC-2830: Provide Same Origin support for SockJS
2015-02-18 11:21:02 -06:00
a27c33754c
SEC-2859: Add CsrfTokenArgumentResolver
2015-02-18 10:51:30 -06:00
36fe0d0357
SEC-2845: SecurityContextChannelInterceptor support anonymous
2015-02-18 10:00:22 -06:00
c4fe630f8e
SEC-2846: Security HTTP Response Headers Configuration Cleanup
2015-02-10 10:36:00 -06:00
Eleftheria Stein
Clement Ng
Josh Cummings
Tadaya Tsuyukubo
Joe Grandja
Rafiullah Hamedy
Vishal Raj
Daniel Meier
Florian Aumeier
Alexey Nesterov
Dan Zheng
Denis Babochenko
Daniel Fritz
Spring Operator
Rob Winch
Aanuoluwapo Otitoola
Ankur Pathak
Nick Bromfield
Mohammad Sadeq Dousti
Johnny Lim
Farooq Khan
Rafael Dominguez
Robbie Martinus
ir73
Dongmin Shin
Daniel Bustamante Ospina
Eric Deandrea
Karl Goffin
Erik van Paassen
Bob Maertz
Brian Demers
Vedran Pavic
artsiom
Sola
Eric Hudon
Jonathan Chen
mhyeon.lee
Mahan Hashemizadeh
Kazuki Shimizu
Denys Ivano
Christoph Dreis
Adolfo Eloy
Aygiz Shaymardanov
Eddú Meléndez
Filip Hanik
Craig Walls
Antoine
bbelovic
shazin.sadakath@gmail.com
Stephan Schroevers
Craig Andrews
stonio
Thomas Darimont
Rob Winch
Spring Buildmaster
Joris Kuipers
Kazuki Miyahara
Fred Cooke
Marten Deinum
novotnyr
Michael J. Simons
Jakob Englisch
Tony Dalbrekt
didiez
Matthias Merdes
Leon Radley
Jeffrey Walraven
Nicolai Ehemann
Quinten De Swaef
Billy Korando
Wallace Wadge
Tim Ysewyn
Nikos Kastamoulas
William Gorder
zhanhb
Stijn
Alex Panchenko
Romain Fromi
Michael Cramer