root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity
15,975 Commits 47 Branches 367 Tags 125 MiB
Commit Graph

2198 Commits

Author SHA1 Message Date
Josh Cummings 0abc54c7de
Correct access(String) reference 
Closes gh-11280
 2022-05-27 14:52:20 -06:00
Josh Cummings ff0d85e2ac
Correct access(String) reference 
Closes gh-11280
 2022-05-27 14:51:45 -06:00
Josh Cummings f4c0fcb5ef
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 13:35:19 -06:00
Josh Cummings 101f11ba94
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 13:12:56 -06:00
Josh Cummings 18b903f6e3
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 13:12:56 -06:00
nor-ek 038266a94f
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 13:12:55 -06:00
Josh Cummings bbff945b95
Restore missing link text 
Issue gh-10934
 2022-05-27 13:00:20 -06:00
Josh Cummings 8690accd57
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:57:57 -06:00
Josh Cummings e3c15260e7
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:57:57 -06:00
nor-ek 9625382b22
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:57:56 -06:00
Josh Cummings dda026b5fc
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:57:02 -06:00
Josh Cummings 2363dbb4e4
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:56:57 -06:00
nor-ek 23cc1eb32b
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:56:51 -06:00
Josh Cummings ff0b1712b6
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:46:36 -06:00
Josh Cummings 0a64579b1e
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:46:27 -06:00
nor-ek 416f94f979 Update Junit5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:46:04 -06:00
Josh Cummings 8a03d1fcec Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 12:20:48 -06:00
Steve Riesenberg 0355e960d7
Next development version 2022-05-18 11:52:05 -05:00
Steve Riesenberg fdad14af63
Release 5.6.5 2022-05-18 11:03:25 -05:00
github-actions[bot] 07841794c5 Next development version 2022-05-18 16:02:48 +00:00
github-actions[bot] 8eb235d36e
Release 6.0.0-M5 2022-05-18 10:37:41 -05:00
Steve Riesenberg 14bbf33658
Revert "Release 6.0.0-M5" 
This reverts commit 6513f3ce71.
 2022-05-18 10:37:07 -05:00
github-actions[bot] 6513f3ce71 Release 6.0.0-M5 2022-05-18 15:26:59 +00:00
Rob Winch 4caf53e96d Next Development Version 2022-05-18 10:06:25 -05:00
Rob Winch 22a1c99b9e Release 5.7.1 2022-05-18 10:00:11 -05:00
github-actions[bot] 3a5eb47d0c Next development version 2022-05-16 19:13:07 +00:00
Steve Riesenberg eaac43a179
Release 6.0.0-M4 2022-05-16 13:42:14 -05:00
Steve Riesenberg cd024bdb80
Revert "Release 6.0.0-M4" 
This reverts commit 49a5f972be.
 2022-05-16 13:25:42 -05:00
Steve Riesenberg 49a5f972be
Release 6.0.0-M4 2022-05-16 12:51:47 -05:00
Rob Winch dc648cf79f Next Developement Version 2022-05-16 11:51:06 -05:00
Rob Winch 5155719877 Next Development Version 2022-05-16 11:44:53 -05:00
Rob Winch c2d2914a4f Release 5.6.4 2022-05-16 11:36:26 -05:00
Rob Winch 3497b0ed68 Release 5.7.0 2022-05-16 11:35:18 -05:00
Marcus Da Coregio 806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Josh Cummings 4ebd37ae77
Add 5.8 Support 2022-05-03 09:04:34 -06:00
Josh Cummings 1f43733749
Add 5.7.x branch to playbook 2022-05-03 09:03:51 -06:00
Josh Cummings 0e9228d10a
Prepare for Spring Security 5.8 2022-05-02 16:34:23 -06:00
Marcus Da Coregio a0232ed135 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:34:48 -03:00
Marcus Da Coregio e94adedb94 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:19:20 -03:00
Rob Winch 6c8f64d2bd Next Development Version 2022-04-18 14:55:35 -05:00
Rob Winch e80b3cc5a2 Release 5.7.0-RC1 2022-04-18 14:50:15 -05:00
Marcus Da Coregio 2a2c2dd209 Next development version 2022-04-18 13:27:01 -03:00
Marcus Da Coregio fa0e06ebdc Release 5.6.3 2022-04-18 11:59:42 -03:00
Rob Winch 9a9a43a0c0 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:18:25 -05:00
Rob Winch aaf78330b1 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:16:35 -05:00
Marcus Da Coregio 5367524030 Change the default of shouldFilterAllDispatchTypes to true 
Closes gh-11107
 2022-04-14 16:30:42 -03:00
Marcus Da Coregio 84b5c76a7b Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 16:10:36 -03:00
Marcus Da Coregio 7fea639a43 Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 15:58:00 -03:00
Marcus Da Coregio 86c3ce7efc Update What's New 2022-04-13 11:24:36 -03:00
Rob Winch 39b0620a84 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:44 -05:00
Rob Winch 7be32872e9 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:24 -05:00
Pascal Verdage b71d9bfdc2 Fix typo 2022-04-06 11:09:41 +02:00
Pascal Verdage ed8887e0fc Fix typo 2022-04-06 11:09:15 +02:00
Johannes Graf 4ee5800ec9
use okta as registration id 
looks like `ping` is some registration id used in the past.

Closes gh-11034
 2022-03-30 14:41:03 -06:00
Johannes Graf d4931ecf2b
use okta as registration id 
looks like `ping` is some registration id used in the past.
 2022-03-30 14:40:25 -06:00
Johannes Graf 51a99701ad use okta as registration id 
looks like `ping` is some registration id used in the past.
 2022-03-30 14:39:39 -06:00
Josh Cummings ce720ad38e
Document Authorization Events 
Issue gh-9288
 2022-03-29 16:37:22 -06:00
Josh Cummings 04c483387e
Document Authorization Events 
Issue gh-9288
 2022-03-29 16:03:20 -06:00
Eleftheria Stein 759d983d62 Fix formatting in reference docs 2022-03-24 15:15:20 +01:00
Eleftheria Stein d4d6ddbaae Fix formatting in reference docs 2022-03-24 15:13:50 +01:00
Eleftheria Stein 0a2a327476 Fix reference documentation redirects 
Closes gh-11018
 2022-03-23 09:01:42 +01:00
Steve Riesenberg 8fe6ecb459
Update antora.yml 2022-03-21 15:27:40 -05:00
github-actions[bot] e2e1689d9d
Release 6.0.0-M2 2022-03-21 13:56:04 -05:00
Marcus Da Coregio 7deaab8822 Next development version 2022-03-21 14:51:40 -03:00
Marcus Da Coregio ed0a323a71 Release 5.7.0-M3 2022-03-21 14:00:04 -03:00
Steve Riesenberg 28dd7dabfb
Update What's New for 5.7 2022-03-17 12:56:17 -05:00
Steve Riesenberg c38c722473
Update What's New for 5.7 2022-03-17 09:56:45 -05:00
Steve Riesenberg f0168c6c27
Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:53:16 -05:00
Steve Riesenberg 428216b322 Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:50:25 -05:00
Joe Grandja 4a8219d16c Update whats-new.adoc with gh-9812 2022-03-17 04:41:33 -04:00
Joe Grandja 54b033078b Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:36:10 -04:00
Joe Grandja a2ffc88294 Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:33:12 -04:00
Rob Winch fabeabd2db Fix docs SecurityContextHolder Diagram 
Issue gh-9635
 2022-03-12 13:44:45 -06:00
Rob Winch c49d47d9fa Fix docs SecurityContextHolder Diagram 
Issue gh-9635
 2022-03-12 13:44:12 -06:00
Rob Winch 972039e65c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-12 13:31:04 -06:00
Rob Winch 87ed31a99c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-11 17:22:23 -06:00
Rob Winch ae7d56d65b Add Persistence to documentation 
Closes gh-10962
 2022-03-11 13:43:11 -06:00
Rob Winch 6e45a376cd Remove "Hi ... there" From Docs 
Close gh-10963
 2022-03-11 13:42:38 -06:00
Rob Winch e4f1826622 Remove "Hi ... there" From Docs 
Close gh-10963
 2022-03-11 13:41:19 -06:00
Rob Winch b71b2f81e1 Add Persistence to documentation 
Closes gh-10962
 2022-03-11 13:41:19 -06:00
Rob Winch 9967078059 Antora 3.0.0 
Issue gh-10962
 2022-03-11 13:41:19 -06:00
Norbert Nowak abd33389be Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:49:29 -07:00
Norbert Nowak ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:23:35 -07:00
Lijamaija 660da6f4a0 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 17:49:43 +01:00
Lijamaija bc2bb8cb96 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 16:18:09 +01:00
Marcus Da Coregio 1762a4ce70 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 10:48:34 -03:00
Marcus Da Coregio 1cbe7a75d3 Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 10:40:26 -03:00
Marcus Da Coregio 93d4fd3559 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 09:18:01 -03:00
Marcus Da Coregio 73f839312d Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 09:18:01 -03:00
Talerngpong Virojwutikul 440ffce2eb Update PasswordEncoder declaration 
Closes gh-10910
 2022-03-01 07:50:55 -07:00
Talerngpong Virojwutikul acda921fe9 Update PasswordEncoder declaration 
Closes gh-10910
 2022-03-01 07:49:25 -07:00
Talerngpong Virojwutikul ff15bec02d update PasswordEncoder declaration 2022-03-01 07:48:31 -07:00
Marcus Da Coregio 344ab1814c Next development version 2022-02-21 11:56:40 -03:00
Marcus Da Coregio 2426989441 Release 5.7.0-M2 2022-02-21 11:00:07 -03:00
Marcus Da Coregio 1a32b399e6 Next development version 2022-02-21 10:49:06 -03:00
Marcus Da Coregio e9f3da94fc Release 5.6.2 2022-02-21 10:04:41 -03:00
Talerngpong Virojwutikul 386e8a86a1 add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:54:04 -03:00
Talerngpong Virojwutikul 45a88fc391 add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:49:27 -03:00
Talerngpong Virojwutikul 8a56e4f35e add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:46:20 -03:00
Eleftheria Stein a2d1965c25 Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant 
Closes gh-10837
 2022-02-15 11:30:45 +01:00
Eleftheria Stein c6b185465d Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant 
Closes gh-10837
 2022-02-15 11:24:23 +01:00
Yuriy Savchenko f64181ab41 Update docs to use multi-tenancy 
Closes gh-10572
 2022-02-14 17:18:48 +01:00
Yuriy Savchenko 77ba94e1db Update docs to use multi-tenancy 
Closes gh-10572
 2022-02-14 11:07:42 +01:00
Talerngpong Virojwutikul 015036741b Add Kotlin example for logout configuration of reactive authentication 
Closes gh-10819
 2022-02-11 13:16:47 +01:00
Talerngpong Virojwutikul d0faff62df Add Kotlin example for logout configuration of reactive authentication 
Closes gh-10819
 2022-02-11 13:01:43 +01:00
Eleftheria Stein 4142f06259 Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs 
Closes gh-10003
 2022-02-08 18:10:58 +01:00
Eleftheria Stein 4492e5b667 Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs 
Closes gh-10003
 2022-02-08 16:12:10 +01:00
giger85 85e531ec74 Fix typo in role hierarchy docs 
Closes gh-10804
 2022-02-04 16:32:47 +01:00
giger85 27ecae2545 Fix typo in role hierarchy docs 
Closes gh-10804
 2022-02-04 16:31:19 +01:00
Eleftheria Stein 28b363551e Use lambda DSL in logout header docs 2022-02-04 16:26:51 +01:00
Eleftheria Stein 7c9de7d0ff Use lambda DSL in logout header docs 2022-02-04 16:26:18 +01:00
Rob Winch ac990afa5d Document Authorize HTTP Requests for Reactive Security 
Closes gh-10801
 2022-02-03 13:47:35 -06:00
Rob Winch c1dfe407bc Document Authorize HTTP Requests for Reactive Security 
Closes gh-10801
 2022-02-03 13:46:27 -06:00
Rob Winch 51fc4a4ca3 Document Authorize HTTP Requests for Reactive Security 
Closes gh-10801
 2022-02-03 13:46:05 -06:00
Ken Dombeck 55cccbf727 Fix broken link to SAML2 login example 2022-02-03 10:20:45 -06:00
Ken Dombeck e5def290a1 Fix broken link to SAML2 login example 2022-02-03 10:10:04 -06:00
Ken Dombeck 13d8b69ee4 Fix broken link to SAML2 login example 2022-02-03 09:42:21 -06:00
Eleftheria Stein a095ea75a2 Fix typo in getting started docs 
Closes gh-10736
 2022-02-02 10:52:54 +01:00
Eleftheria Stein 8aa3f291b7 Fix typo in getting started docs 
Closes gh-10736
 2022-02-02 10:42:08 +01:00
Eleftheria Stein f465403a99 Fix typo in getting started docs 
Closes gh-10736
 2022-02-02 10:30:43 +01:00
Eleftheria Stein 99c488c6ae Polish LDAP reference docs 
Issue gh-10789
 2022-01-28 17:15:37 +01:00
Eleftheria Stein 869fc8c96c Use LDAP AuthenticationManager factory in reference docs 
Closes gh-10789
 2022-01-28 17:13:04 +01:00
Eleftheria Stein e280061538 Polish LDAP reference docs 
Issue gh-10789
 2022-01-28 17:04:39 +01:00
Eleftheria Stein d5824521e8 Use LDAP AuthenticationManager factory in reference docs 
Closes gh-10789
 2022-01-28 17:03:56 +01:00
Josh Cummings 5a2556879a Add Saml2AuthenticationRequestResolver 
Closes gh-10355
 2022-01-24 16:18:33 -07:00
Josh Cummings d538423f98 Add Saml2AuthenticationRequestResolver 
Closes gh-10355
 2022-01-24 15:09:45 -07:00
Rob Winch f94090a59b Remove spring-security-openid 
Closes gh-10773
 2022-01-21 16:55:19 -06:00
Rob Winch 55cf7c9683 Remove default display_version 2022-01-18 13:26:39 -06:00
Rob Winch c4812b17ee Default antora displayVersion 
Issue gh-10765
 2022-01-18 12:55:46 -06:00
Marcus Da Coregio c9a9087454 Add 6.0.* tag to antora-playbook 2022-01-17 14:45:31 -03:00
Marcus Da Coregio 3834268008 Next development version 2022-01-17 13:08:59 -03:00
Marcus Da Coregio 816831746f Release 6.0.0-M1 2022-01-17 11:22:05 -03:00
Josh Cummings 20c252982e Remove SAML 2.0 Logout Default 
Closes gh-10607
 2022-01-14 15:29:50 -07:00
Steve Riesenberg 7efbc9d5f7 Next Development Version 2022-01-14 12:51:23 -06:00
Steve Riesenberg a8457b518f Release 5.7.0-M1 2022-01-14 12:16:08 -06:00
Joe Grandja 525f40490c Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:59:14 -05:00
Joe Grandja 214cfe807e Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:42:10 -05:00
Rob Winch 96e5e67737 Update to Antora 3.0.0 2022-01-05 11:22:34 -06:00
Rob Winch 005d7465b0 Add fix for 5.6.1 version 2022-01-04 17:03:32 -06:00
Rob Winch 783a43ea35 Add CheckAntoraVersionPlugin 2022-01-04 15:52:05 -06:00
Rob Winch 07a176d11e Update antora to 5.6.2 2022-01-04 15:52:05 -06:00
Rob Winch 9b6c7af526 Add CheckAntoraVersionPlugin 2022-01-04 15:33:24 -06:00
Rob Winch 6884a16726 Add CheckAntoraVersionPlugin 2022-01-04 15:29:14 -06:00
Josh Cummings 45b7fed884 Remove SAML 2.0 Logout Default 
Closes gh-10607
 2022-01-03 13:14:12 -07:00
Josh Cummings 6b54afe9a3 Remove SAML 2.0 Logout Default 
Closes gh-10607
 2022-01-03 12:54:22 -07:00
Rob Winch 2471e3296d Fix xsd tests 2021-12-13 17:38:22 -06:00
Rob Winch 2fb056b5c1 Merge Clean up Reference Documentation 
Closes gh-9668
 2021-12-13 16:57:36 -06:00
Marcus Da Coregio 0beb725259 Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-08 11:07:09 +01:00
Marcus Da Coregio 65426a40ec Add Cross Origin Policies headers 
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers

Closes gh-9385, gh-10118
 2021-12-07 17:23:06 +01:00
Steve Riesenberg 32ec8c3ae4 Fix Reactive OAuth2 Kotlin DSL examples 
Closes gh-10580
 2021-12-07 13:58:24 +01:00
Steve Riesenberg 7ec3b55ab3 Fix Reactive OAuth2 Kotlin DSL examples 
Closes gh-10580
 2021-12-07 13:48:11 +01:00
Steve Riesenberg 1896a5e669 Fix Reactive OAuth2 Kotlin DSL examples 
Closes gh-10580
 2021-12-06 13:05:50 +01:00
Henning Poettker f1ca42e501 Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 14:14:05 -03:00
Henning Poettker bb99d7d95a Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 14:13:12 -03:00
Henning Poettker 04161b9288 Fix return type for NoOpPasswordEncoder bean in documentation 2021-11-23 10:38:04 -03:00
Josh Cummings 16a21264d0 Polish AuthRequestConverter Sample Doc 
Issue gh-10364
 2021-11-18 13:36:31 -07:00
Josh Cummings 739cdc1a4c Polish AuthRequestConverter Sample Doc 
Issue gh-10364
 2021-11-18 13:36:10 -07:00
Josh Cummings 2dac210cac Polish AuthRequestConverter Sample Doc 
Issue gh-10364
 2021-11-18 13:32:36 -07:00
Norbert Nowak 1c0f092176 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:26:53 -07:00
Norbert Nowak 02cd1dd3c4 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:26:25 -07:00
Norbert Nowak 9316241c01 Fix AuthnRequestConverter Sample Typos 
Closes gh-10364
 2021-11-18 13:24:59 -07:00
Jeff Maxwell 32d79f3f4e Fix setJWTClaimSetJWSKeySelector Typo 
Closes gh-10504
 2021-11-16 15:33:42 -07:00
Jeff Maxwell b7cc667d21 Fix setJWTClaimSetJWSKeySelector Typo 
Closes gh-10504
 2021-11-16 15:33:27 -07:00
Jeff Maxwell 879b2d089f Fix setJWTClaimSetJWSKeySelector Typo 
Closes gh-10504
 2021-11-16 15:29:23 -07:00
Jeff Maxwell 088a24cf59 Fix jwtDecoder Documentation Usage 
Closes gh-10505
 2021-11-16 15:18:42 -07:00
Jeff Maxwell 3fb1565cc0 Fix jwtDecoder Documentation Usage 
Closes gh-10505
 2021-11-16 15:17:37 -07:00
Jeff Maxwell 5913501e1a #10505 Fix jwtDecoder 
Fixed jwtDecoder(JWTProcessor jwtProcessor, OAuth2TokenValidator<Jwt> jwtValidator)
 2021-11-16 14:05:43 -07:00
Josh Cummings 7b15098570 Update Spring Security to 5.7 
Closes gh-10509
 2021-11-15 17:10:00 -07:00
Josh Cummings 6b6f473a1b Added authorizeHttpRequests Docs 
Closes gh-10442
 2021-11-15 16:23:18 -07:00
Rob Winch e398fbf2a7 Include 5.6.0 Release in docs 2021-11-15 16:37:47 -06:00
Josh Cummings 7236f2c5f2 Added authorizeHttpRequests Docs 
Closes gh-10442
 2021-11-15 15:35:23 -07:00
Rob Winch 29a4b2bc9b Next Development Version 2021-11-15 16:13:45 -06:00
Rob Winch fa628f7491 Release 5.6.0 2021-11-15 16:13:12 -06:00
Joe Grandja 4f185724a3 Polish gh-10479 2021-11-12 15:09:50 -05:00
Joe Grandja eceb9ed479 Polish gh-10479 2021-11-12 15:08:11 -05:00
Rob Winch 939a5581f2 Antora remove unnecessary logging 2021-11-11 16:07:43 -06:00
Rob Winch 3c39761ca1 Add --stacktrace Antora argument 2021-11-11 16:01:17 -06:00
Rob Winch c93595969e Add Spring Security 5.6.0-RC1 2021-11-11 16:01:17 -06:00
Steve Riesenberg a3e658872c Update What's New for 5.6 2021-11-11 15:20:19 -06:00
Steve Riesenberg 0bdaa21867 Update What's New for 5.6 2021-11-11 14:51:40 -06:00
Steve Riesenberg 0e6722800d Polish gh-10479 2021-11-11 14:24:30 -06:00
Steve Riesenberg 73e1506e5e Consistency update for servlet docs 2021-11-11 14:24:29 -06:00
Steve Riesenberg 7d806b668f Separate OAuth 2.0 Client Reactive Docs 
Related gh-10367
 2021-11-11 14:24:29 -06:00
Steve Riesenberg 1246d5839d Revamp OAuth 2.0 Login Reactive documentation 
Related gh-8174
 2021-11-11 14:24:29 -06:00
Steve Riesenberg 9887b282ce Polish gh-10479 2021-11-11 14:05:55 -06:00
Rob Winch cba5d3239e Fix versions 2021-11-11 13:38:48 -06:00
Rob Winch 4f88bb8e5f Antora Playbook 2021-11-11 13:37:08 -06:00
Rob Winch 08dc83c781 Fix Antora Versions 2021-11-11 13:35:34 -06:00
Rob Winch 127e10e607 Antora Playbook 2021-11-11 13:34:54 -06:00
Steve Riesenberg ab794bf67a Consistency update for servlet docs 2021-11-11 10:41:12 -06:00
Steve Riesenberg 83f76fa1f6 Separate OAuth 2.0 Client Reactive Docs 
Related gh-10367
 2021-11-11 10:41:12 -06:00
Steve Riesenberg 0c12aeb7a1 Revamp OAuth 2.0 Login Reactive documentation 
Related gh-8174
 2021-11-11 10:41:12 -06:00
Josh Cummings 310a50587c Port Missing Integration Docs 
Closes gh-10465
 2021-11-10 16:09:50 -07:00
Josh Cummings b60020a40c Use authorizeHttpRequests in Docs 
Issue gh-8900
 2021-11-10 16:09:50 -07:00
Josh Cummings f4ddb4e3f4 Update What's New Links 2021-11-10 16:09:50 -07:00
Josh Cummings 09a14bf8a0 Port Missing Integration Docs 
Closes gh-10465
 2021-11-10 16:08:57 -07:00
Josh Cummings 812d6f7b18 Use authorizeHttpRequests in Docs 
Issue gh-8900
 2021-11-10 16:08:57 -07:00
Josh Cummings 03504e2233 Update What's New Links 2021-11-10 16:08:57 -07:00
Josh Cummings 75abf0cf78 Fix Broken Link 
Issue gh-10367
 2021-11-05 12:52:41 -06:00
Josh Cummings 4a9637483a Separate OAuth 2.0 Client Reactive Docs 
Issue gh-10367
 2021-11-05 12:45:46 -06:00
Josh Cummings 7708418fae Separate OAuth 2.0 Login Servlet Docs 
Issue gh-10367
 2021-11-05 12:45:46 -06:00
Josh Cummings 82696918ae Separate OAuth 2.0 Client Servlet Docs 
Issue gh-10367
 2021-11-05 12:45:46 -06:00
Steve Riesenberg e350c8a852 Document parameters converter in oauth2 client servlet docs 
Closes gh-10467
 2021-11-05 12:45:46 -06:00
Steve Riesenberg efa2fab061 Document authentication helper method in WebClient integration 
Closes gh-10120
 2021-11-05 12:45:46 -06:00
Josh Cummings 76ebbb84f7 Separate Namespace Servlet Docs 
Issue gh-10367
 2021-11-05 12:45:46 -06:00
Josh Cummings 50196537e1 Separate OAuth 2.0 Client Reactive Docs 
Issue gh-10367
 2021-11-04 12:45:39 -06:00
Josh Cummings 3db13de1e2 Separate OAuth 2.0 Login Servlet Docs 
Issue gh-10367
 2021-11-04 11:55:53 -06:00
Josh Cummings 8c508d6afa Separate OAuth 2.0 Client Servlet Docs 
Issue gh-10367
 2021-11-04 11:33:58 -06:00
Steve Riesenberg b27c7e17f4 Document parameters converter in oauth2 client servlet docs 
Closes gh-10467
 2021-11-03 17:09:44 -05:00
Steve Riesenberg 49f3c0ce53 Document authentication helper method in WebClient integration 
Closes gh-10120
 2021-11-03 15:57:12 -05:00
Josh Cummings 869e379099 Separate Namespace Servlet Docs 
Issue gh-10367
 2021-11-01 17:49:15 -06:00
Rob Winch c705a093a2 Quote the version for antora.yml 2021-11-01 15:35:37 -05:00
Rob Winch 46c5b91500 Put nav in generated docs 2021-11-01 10:28:08 -05:00
Rob Winch e4a465a704 Put nav in generated docs 2021-11-01 10:27:34 -05:00
Rob Winch e2c5772b3d Use explicit version from antora.yml 2021-11-01 09:58:23 -05:00
Rob Winch c7a50c40ae Use explicit version from antora.yml 2021-11-01 09:56:58 -05:00
Marcus Da Coregio caf4c47105 Remove CAS module 
Closes gh-10441
 2021-11-01 09:02:43 -03:00
Marcus Da Coregio db60df2f9c Update to Spring Framework 6.0 
Issue gh-10360
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio b2e6c60d94 Remove remoting technologies support 
Closes gh-10366
 2021-11-01 09:02:42 -03:00
Josh Cummings 11aa02c6fb Separate SAML 2.0 Login Docs 
Issue gh-10367
 2021-10-29 15:06:54 -06:00
Josh Cummings 6d2d3b9a69 Separate Resource Server Reactive Docs 
Issue gh-10367
 2021-10-29 13:06:38 -06:00
Josh Cummings f02a7d2b28 Separate Testing Servlet Docs 
Issue gh-10367
 2021-10-29 12:34:29 -06:00
Josh Cummings f39d272a86 Separate SAML Docs 
Issue gh-10367
 2021-10-29 11:30:41 -06:00
Josh Cummings b4ffe154d7 Separate Testing Reactive Docs 
Issue gh-10367
 2021-10-29 10:09:04 -06:00
Rob Winch 7a99542662 Docs Use Section Summary where appropriate 
Closes gh-10449
 2021-10-28 14:02:38 -05:00
Joe Grandja b77cb8d0cb Remove redundant docs for Reactive OAuth2 Client 
Issue gh-10373
 2021-10-28 09:23:32 -04:00
Joe Grandja ce09f3eff4 Polish gh-10373 2021-10-28 09:06:30 -04:00
Josh Cummings 4b0e74aac4 Separate Resource Server Servlet Docs 
Issue gh-10367
 2021-10-27 10:02:05 -06:00
Rob Winch d40e8f6732 Fix Antora warnings 2021-10-26 20:05:06 -05:00
Rob Winch 9357c2f05d antora.component.version extract major.minor only 2021-10-26 15:22:40 -05:00
Rob Winch 144af074b7 Use a dynamic version for Antora 2021-10-26 14:20:35 -05:00
Rob Winch 863bee2bc7
Revert 6.0 generated version 2021-10-25 21:16:05 -05:00
Rob Winch dbf8e9ecce
Use 6.0 for generated docs 2021-10-25 21:11:35 -05:00
Rob Winch 0c105ff44f Use ROOT component name 2021-10-25 10:48:53 -05:00
Rob Winch f27ad296d0 Generated docs use version URL 2021-10-21 10:11:11 -05:00
Rob Winch ecd7301893 Use version in docs URL 2021-10-21 10:10:24 -05:00
Rob Winch a8c7ac9010 Add Antora based docs in whats-new 2021-10-18 21:11:47 -05:00
Steve Riesenberg 47087ba9c5 Revamp OAuth 2.0 Client reactive documentation 
Related gh-8174
 2021-10-14 14:35:25 -05:00
Steve Riesenberg a487ef2d74 Add JwtEncoder to What's New in 5.6 2021-10-14 14:26:48 -05:00
Marcus Da Coregio c82722c412 Update What's New in 5.6 2021-10-14 09:27:39 -03:00
Steve Riesenberg 00f466a431 Update What's New in 5.6 2021-10-13 12:06:47 -05:00
Alexander Schwartz f561499683 Fix Antora cross-references that lead to other pages. 
Also using AsciiDoc style listings instead of Markdown style listings, and using explicit section IDs on all cross-references.
 2021-10-06 09:53:15 -06:00
Rob Winch 14fd213557 Better consistency between reactive and servlet 2021-09-23 15:50:14 -05:00
Rob Winch 77dc3d1a0e Move to servlet/configurations/* 2021-09-23 15:50:14 -05:00
Rob Winch ca2bc958df Create features/integrations 2021-09-23 15:50:14 -05:00
Rob Winch ab63ebbbee Add link to authorization from features. 2021-09-23 15:50:14 -05:00
Rob Winch 176e6b6000 Add additional info to overview 2021-09-23 15:50:14 -05:00
Rob Winch d6ada7fb18 Remove /servlet/hello/index.adoc 
This is now /servlet/getting-started.adoc
 2021-09-23 15:50:14 -05:00
Rob Winch e368734557 Update "Big Picture" to Architecture 2021-09-23 15:50:14 -05:00
Rob Winch 0d339aeda6 Add Reactive Getting Started Page 2021-09-23 15:50:14 -05:00
Rob Winch 7537aa5124 Add generic authorization page 2021-09-23 15:50:14 -05:00
Rob Winch a1c7a39bd3 Fix Firewall link in nav 2021-09-23 15:50:14 -05:00
Rob Winch d52aab88af Update nav text Project Modules 2021-09-23 15:50:14 -05:00
Rob Winch be9ff16583 Remove Asciidoctor from the build in favor of Antora 2021-09-23 15:50:14 -05:00
Rob Winch 871bc1c42c The next version of Security is 5.6 2021-09-23 15:50:14 -05:00
Rob Winch 7e2eb6894f Use component name of '' 
This makes it so that the URL contains security in the root of the deploy
folder. We will do this until we decide to add projects other than the
security related projects.
 2021-09-23 15:50:14 -05:00
Rob Winch 52bfae5e27 Servlet Authentication no a link in nav 2021-09-23 15:50:14 -05:00
Rob Winch a7f3f54a33 architecture/index.adoc -> ../architecture.adoc 
BASE_DIR=docs/modules/ROOT/pages

git --no-pager diff HEAD~1 --diff-filter=R -M | sed -Ez "s%(\nrename to|rename from |similarity index [^\n]+|diff[^\n]+|$BASE_DIR/)%%g" | grep "\S" | while read rename_from_to; do
  from=$(echo $rename_from_to | cut -f 1 -d " ")
  to=$(echo $rename_from_to | cut -f 2 -d " ")
  echo "processing rename from $from to $to"
  find "$BASE_DIR/../" -name "*.adoc" | while read adoc_file; do
    sed -i -E "s%xref:$from%xref:$to%g" "$adoc_file"
  done
done
 2021-09-23 15:50:14 -05:00
Rob Winch 583761f916 unpwd->passwords folder 2021-09-23 15:50:14 -05:00
Rob Winch e4ce7249cc Generate antora.yml and push to spring-security-docs-generated 2021-09-23 15:50:14 -05:00
Rob Winch a0e9c67482 Fix antora version 2021-09-23 15:50:13 -05:00
Rob Winch 0b587dcef1 Reduce folders 2021-09-23 15:50:13 -05:00
Rob Winch 2da377ec88 Fix antora security version 2021-09-23 15:50:13 -05:00
Rob Winch e681e44268 overview/ -> ../ 2021-09-23 15:50:11 -05:00
Rob Winch a64a694c60 Indent testing subsections in nav.adoc 2021-09-23 15:49:45 -05:00
Rob Winch 32331185dc Fix local anchor 2021-09-23 15:49:45 -05:00
Rob Winch 29a7669101 rg "xref:\S+?#\S+\[\]" docs/modules -l -g "*.adoc" | while read adoc_file_to_replace; do 
echo "Replacing $adoc_file_to_replace"
  for id_file in build/ids/*.id; do
    id=$(basename $id_file | sed 's/\.id$//')
    xref_page=$(cat $id_file)
    if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
    then
      echo "  - Skipping same page refid $id "
    else
      text_file=$(echo $id_file | sed 's/\.id$/.text/')
      default_text=$(cat $text_file)
      sed -i -E "s%xref:${xref_page}#${id}\[\]%xref:${xref_page}#${id}[$default_text]%g" $adoc_file_to_replace
    fi
  done
done
 2021-09-23 15:49:45 -05:00
Rob Winch 1f90df6a14 mkdir -p build/ids 
find -name "*.adoc" |  xargs -I{file} awk -v file={file} '/\[\[/ {  gsub("\[|\]", ""); id=$0; gsub("./docs/modules/ROOT/pages/", "", file); gsub("\[|\]", ""); id=$0;getline;text=$0; sub("^=+ ","", text); print file > "build/ids/"id".id"; print text > "build/ids/"id".text" }' {file}

find docs/modules -name "*.adoc"|while read adoc_file_to_replace; do
  echo "Replacing $adoc_file_to_replace"
  for id_file in build/ids/*.id; do
    id=$(basename $id_file | sed 's/\.id$//')
    xref_page=$(cat $id_file)
    if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
    then
      echo "  - Skipping same page refid $id "
    else
      sed -i -E "s%<<$id(|,([^,>]+))>>%xref:${xref_page}#${id}[\2]%g" $adoc_file_to_replace
    fi
  done
done
 2021-09-23 15:49:43 -05:00
Rob Winch d2affef356 Fix images 
- Move images into assets/
- Remove figures form antora.yml
- Add :figures: to each page that uses it
 2021-09-23 15:47:21 -05:00
Rob Winch f5274926cf Fix up reactive/oauth2/index.adoc links 2021-09-23 15:47:21 -05:00
Rob Winch 88ac7a5d2e Fixup servlet/authentication/architecture/index.adoc 2021-09-23 15:47:21 -05:00
Rob Winch b8a362a60f Remove include servlet/saml2/index.adoc 2021-09-23 15:47:20 -05:00
Rob Winch c3dfb1711d Remove includes 2021-09-23 15:45:22 -05:00
Rob Winch f01a13aa52 Antora 
mkdir -p docs/modules/ROOT/
mkdir -p docs/modules/ROOT/pages/
git checkout antora-2.x docs/antora.yml
git checkout antora-2.x docs/modules/ROOT/nav.adoc
mv docs/manual/src/docs/asciidoc/images docs/modules/ROOT/
mv docs/manual/src/docs/asciidoc/_includes/* docs/modules/ROOT/pages/
cp ~/code/rwinch/spring-reference/*antora* ~/code/spring-projects/spring-security/
mv docs/modules/ROOT/pages/about docs/modules/ROOT/pages/overview
 2021-09-23 15:45:22 -05:00
heqiang 131078dcae Fix typo in digest.adoc 
Closes gh-10304
 2021-09-21 14:45:43 -04:00
Marcus Da Coregio 220de60142 Update What's New in 5.6 2021-09-20 12:18:27 -03:00
Josh Cummings f0fd09bf79 Update What's New in 5.6 2021-09-20 09:09:45 -06:00
Steve Riesenberg d207d03bf7 Update What's New for 5.6 2021-09-17 14:40:57 -05:00
Marcus Hert da Coregio ab098f171d Propagate TestSecurityContextHolder to SecurityContextHolder 
Create SecurityMockMvcResultHandlers to define security related MockMvc ResultHandlers
Create a method to allow copying the SecurityContext from the TestSecurityContextHolder to SecurityContextHolder

Closes gh-9565
 2021-09-17 16:39:53 -03:00
Marcus Da Coregio 017c218bbd Update What's New section 
Adds the SAML 2.0 Single Logout Support and the new Saml2AuthenticationRequestRepository
 2021-09-17 13:57:23 -03:00
Ashley Scopes 729418ad7a Fix typo in headers asciidoc 2021-09-15 15:05:08 -06:00
Dmitriy Bogdanov fe274e7553 Fix some list punctuation and capitalization in docs 2021-09-15 10:49:02 -06:00
Dmitriy Bogdanov 31a8f8c4df Fix the use of "s" with code blocks in docs 2021-09-15 10:49:02 -06:00
Dmitriy Bogdanov af4cc03dec Fix some typos and mistakes in docs 2021-09-15 10:49:02 -06:00
Anthony Lofton 8cba9fbf9d Updated test.adoc SecurityMockServerConfigurers method references 
Updated all references to SecurityMockServerConfigurers to refer to
correct methods.
Added documentation for mockJwt to include the
SecurityMockServerConfigurers class.
 2021-09-14 15:04:08 -03:00
Josh Cummings 4f06fc6ed1 Add Saml2LogoutConfigurer 
Closes gh-9497
 2021-09-13 16:39:48 -06:00
Josh Cummings c63d618b26 Add Single Logout Support 
Closes gh-8731
 2021-09-13 16:39:48 -06:00
Josh Cummings 6488295cad Add RelyingPartyRegistrationResolver 
Closes gh-9486
 2021-09-13 16:39:48 -06:00
Josh Cummings f5a525e740 Add Registration to Saml2Authentication 
Closes gh-9487
 2021-09-13 16:39:48 -06:00
heqiang 3443eac829 Fix typo in index.adoc 2021-09-13 16:32:32 +02:00
Marcus Da Coregio 6fae98a6f4 Update docs to point to ACL samples 
Closes gh-10110
 2021-09-06 11:14:57 -03:00
Josh Cummings 989c1419d5 Clarify OAuth 2.0 Resource Server Multitenancy Snippet 
Closes gh-10233
 2021-09-03 16:54:41 -06:00
Ayush Kohli 1cfe84922c Add Java examples to session management docs 
Closes gh-8979
 2021-08-26 10:14:48 +02:00
YevheniiLutsyshyn ac8e912ea1 Update a broken link to Spring Boot documentation 2021-08-17 11:33:49 +02:00
Josh Cummings aed203f367
Docs for WebSessionServerLogoutHandler 
Issue gh-4838
 2021-08-16 13:09:42 -06:00
Josh Cummings d5c953b106
Polish Saml2AuthenticationRequestRepository 
- Moved docs into AuthnRequest section, changed links to be more
semantically valuable to search engines
- Moved tests to be nearer to similar tests

Issue gh-9185
 2021-07-27 14:56:23 -06:00
Marcus Da Coregio 16e17d242e Add Saml2AuthenticationRequestRepository 
Closes gh-9185
 2021-07-27 14:55:53 -06:00
Steve Riesenberg bfe94f9a80 Update deprecated usage in reference docs 
Closes gh-10063
 2021-07-21 10:21:02 -05:00
dmitrilc a4431264e6 Update oauth2-resourceserver.adoc 
fix the name of the parameter, from failure to badCredentials

Replaces AuthenticationFailureEvent

Remove AuthenticationFailureEvent Reference

Closes gh-10062
 2021-07-16 11:56:57 -06:00
Rob Winch f73f213f50 Remove DependencySetPlugin 
Closes gh-10070
 2021-07-12 15:31:38 -05:00
Marcus Da Coregio ff47086d56 Update SAML docs to point to correct api url 
Closes gh-9953
 2021-07-09 11:09:55 -03:00
Luke Quinane e30b45c6fb Fix typos 2021-07-08 09:17:47 -03:00
Josh Cummings bd88f37a50
Document PasswordManagementConfigurer 
Issue gh-8657
 2021-07-01 16:58:43 -06:00
Evgeniy Cheban d121ab9565 Support A Well-Known URL for Changing Passwords 
Closes gh-8657
 2021-07-01 16:57:53 -06:00
Marcus Da Coregio 85e95719a0 Update docs links to point to minor version branches 
Closes gh-9986
 2021-07-01 09:01:25 -03:00
Marcus Hert da Coregio 03ded987af Allow Defining Custom SAML Response Validator 
Add a setter method into OpenSaml4AuthenticationProvider that allows defining a custom ResponseValidator

Closes gh-9721
 2021-06-30 08:26:42 -03:00
Marcus Hert da Coregio 6474a9e76e Allow Creating RelyingPartyRegistration from Metadata InputStream 
Update SAML2 Login reference documentation to reflect the changes

Closes gh-9558
 2021-06-30 08:02:24 -03:00
Marcus Da Coregio 58ebacc06f Use springFrameworkVersion property in docs links 
Closes gh-9987
 2021-06-29 13:20:47 -03:00
Josh Cummings 0080aeee94
Add OpenSAML 3 and 4 Explanation 
Closes gh-10014
 2021-06-28 13:25:07 -06:00
Josh Cummings 5940b8dee7
Update to use OpenSaml4AuthenticationProvider 
Closes gh-10013
 2021-06-28 13:25:02 -06:00
Josh Cummings 8d3e58f074
Polish Whitespace 
Issue gh-10013
 2021-06-28 13:24:57 -06:00
Eleftheria Stein da9d7414bd Add remaining Kotlin samples to reference docs 
Closes gh-8172
 2021-06-24 11:49:13 +02:00
Marcus Hert da Coregio bbf5614a9c Fix Broken Links in Docs 
Closes gh-9869
 2021-06-21 10:42:55 -03:00
Marcus Da Coregio 0aa93b18d6 Update links to point to migrated samples 
Closes gh-9816
 2021-06-21 10:42:55 -03:00
Marcus Hert da Coregio d60981fd59 Add messaging to documentation about sample migration 
Closes gh-9815
 2021-06-21 10:42:55 -03:00
Eleftheria Stein b51c18b37b Add missing WebFlux CORS Reference 
Closes gh-9951
 2021-06-18 16:31:02 +02:00
Eleftheria Stein 7f81b3fead Fix typos in RSocket reference docs 2021-06-18 14:39:15 +02:00
Eleftheria Stein ebef8c1425 Remove non-existent class from RSocket reference docs 
Closes gh-9949
 2021-06-18 14:15:45 +02:00
Eleftheria Stein 8bf970c805 Fix typos in WebFlux test docs 2021-06-18 13:12:10 +02:00
Eleftheria Stein ba8a5b1d20 Fix typo in WebFlux reference docs 2021-06-17 16:38:23 +02:00
Eleftheria Stein 56fd50fa2f Add remaining servlet Kotlin examples 
Issue gh-8172
 2021-06-16 10:34:21 +02:00
Eleftheria Stein 1b72e9d4e0 Fix typos in FAQ docs 2021-06-16 10:34:21 +02:00
Eleftheria Stein e89db9fd69 Fix typos in Mock MVC docs 2021-06-16 10:34:21 +02:00
Eleftheria Stein cf9071b0b2 Fix typos in SAML 2 docs 2021-06-15 09:53:53 +02:00
Josh Cummings c294050738
Anonymous Authentication Argument Resolution Docs 
Closes gh-3338
 2021-06-08 16:11:18 -06:00
Jay Bryant 252ef7842d Add missing delimiters 
I missed three block delimiters while restoring admonition formatting.
 2021-06-04 14:57:43 -05:00
Jay Bryant 7171521b47 Further changes based on feedback 
Mostly restoring the formatting of admonitions.
 2021-06-04 14:13:47 -05:00
Jay Bryant 93893ded53 Accounted for feedback 
Incorporated suggested changes from a review.
 2021-06-04 14:13:47 -05:00
Jay Bryant a6d0719177 Various fixes 
Fixes to make the build work.
 2021-06-04 14:13:47 -05:00
Jay Bryant 849aaa4f3e Change to main 
The switch to main triggered some conflicts, which I have fixed in this commit.
 2021-06-04 14:13:47 -05:00
Jay Bryant 0fdee9cdb8 Further changes 
A file changed while I was working on it, as the developers
added more material for Kotlin. I edited the changes, to make
everything be consistent.
 2021-06-04 14:13:47 -05:00
Jay Bryant 9219cbf9d1 Editing pass 
I went through everything to get it to fit with Spring's docuemntation standard.
Lots of small changes for punctuation, grammar, usage, voice, and so on.
Also added some links, mostly to the API Javadoc.
 2021-06-04 14:13:47 -05:00
Eleftheria Stein e3416640a7 Fix Resource Server clock skew default value in docs 
Closes gh-6611
 2021-06-02 12:19:36 +03:00
Josh Cummings 67e5c05a47 Polish AuthorizationManager Method Security 
- Removed consolidated pointcut advisor in favor of each interceptor
being an advisor. This allows Spring AOP to do more of the heavy
lifting of selecting the set of interceptors that applies
- Created new method context for after interceptors instead of
modifying existing one
- Added documentation
- Added XML support
- Added AuthorizationInterceptorsOrder to simplify interceptor
ordering
- Adjusted annotation lookup to comply with JSR-250 spec
- Adjusted annotation lookup to exhaustively search for duplicate
annotations
- Separated into three @Configuration classes, one for each set of
authorization annotations

Issue gh-9289
 2021-05-18 17:34:04 -06:00
Rob Winch 55f85bd3a1 Add Eleftheria Stein to Reference Authors 
Closes gh-9762
 2021-05-17 09:25:59 -05:00
Eleftheria Stein 30a203ed7a Add Kotlin samples for Jwt Client Authentication 
Issue gh-9578
 2021-05-17 10:33:42 +02:00
Joe Grandja e51ca79954 Document Jwt Client Authentication support 
Closes gh-9578
 2021-05-14 22:58:44 -04:00
Joe Grandja f874a12ddb Document jwt-bearer authorization grant 
Closes gh-9580
 2021-05-14 14:48:37 -04:00
Josh Cummings 498be8f431
Clarify requireInitialize Example 
Closes gh-9484
 2021-05-14 10:36:00 -06:00
Josh Cummings fc6fa79c86
Update permission-policy Docs 
Issue gh-9262
 2021-04-29 16:52:29 -06:00
Rob Winch 006b9b9607 master->main 
Closes gh-9683
 2021-04-26 16:55:43 -05:00
Josh Cummings 501d5ff497
Removed Method Security AuthorizationManager from What's New 
Issue gh-9596
 2021-04-12 15:53:44 -06:00
Josh Cummings 163b5943ca
Revert AuthorizationManager Method Security 2021-04-12 15:53:22 -06:00
Josh Cummings b352c8f1da
Removed SAML SLO from What's New 
Issue gh-9596
 2021-04-12 14:49:33 -06:00
Josh Cummings 8c92eddbe5
Revert "Add Registration to Saml2Authentication" 
This reverts commit efe42b93ce.
 2021-04-12 14:44:36 -06:00
Josh Cummings 55047fd996
Revert "Add RelyingPartyRegistrationResolver" 
This reverts commit 2f734a0975.
 2021-04-12 14:44:19 -06:00
Josh Cummings 37b40476e7
Revert "Add Single Logout Support" 
This reverts commit e807fae869.
 2021-04-12 14:44:04 -06:00
Josh Cummings 4e81bbe386
Revert "Add Saml2LogoutConfigurer" 
This reverts commit 6f52baba29.
 2021-04-12 14:43:19 -06:00
Josh Cummings 9b07b6a991
Added Sections to What's New 
Closes gh-9596
 2021-04-10 01:03:56 -06:00
Josh Cummings 6f52baba29
Add Saml2LogoutConfigurer 
Closes gh-9497
 2021-04-10 00:25:34 -06:00
Josh Cummings e807fae869
Add Single Logout Support 
Closes gh-8731
 2021-04-10 00:25:34 -06:00
Josh Cummings 2f734a0975
Add RelyingPartyRegistrationResolver 
Closes gh-9486
 2021-04-10 00:12:38 -06:00
Josh Cummings efe42b93ce
Add Registration to Saml2Authentication 
Closes gh-9487
 2021-04-10 00:12:38 -06:00
Josh Cummings df8abcfae7
Use Interceptors instead of Advice 
- Interceptor is a more descriptive term for what
method security is doing
- This also allows the code to follow a delegate
pattern that unifies both before-method and after-
method authorization

Issue gh-9289
 2021-04-09 18:45:31 -06:00
Josh Cummings 122346bd27
Document AuthorizationManager for Method Security 
Issue gh-9289
 2021-04-09 18:45:10 -06:00
Eleftheria Stein 21f9876d87 Add WebFlux section to What's New 
Closes gh-9590
 2021-04-09 19:36:43 +02:00
Eleftheria Stein e03fe7f089 Add coroutine support to pre/post authorize 
Closes gh-8143
 2021-04-09 19:33:06 +02:00
Eleftheria Stein 65b3f6769c Add Kotlin DSL section to What's New 
Closes gh-9589
 2021-04-09 16:36:47 +02:00
Eleftheria Stein c3739ff799 Add Configuration section to What's New 
Closes gh-9588
 2021-04-09 16:35:41 +02:00
Joe Grandja b225ab3bbe Add OAuth 2.0 Client section to What's New 
Closes gh-9587
 2021-04-09 10:15:14 -04:00
Rob Winch 60d3db5798 add management platform(project(":spring-security-dependencies")) 
Closes gh-9540
 2021-04-05 10:36:36 -05:00
Rob Winch de1b3e9d30 Remove DepencencyManagementPlugin 
Issue gh-9540
 2021-04-05 10:36:36 -05:00
Rob Winch 1a76ee7442 Update Gradle configuration names 
Closes gh-9540
 2021-04-05 10:36:36 -05:00
Eleftheria Stein 4a492846f1 Revert "Lock dependencies for 2.5.0-M3" 
This reverts commit f05cc6269c.
 2021-03-15 23:18:45 +01:00
Eleftheria Stein f05cc6269c Lock dependencies for 2.5.0-M3 2021-03-15 11:00:19 +01:00
Ivan 8f07ca4957
Fix missing return in example 
Closes gh-9481
 2021-03-03 13:37:26 +01:00
Josh Cummings c4be1c6a56
Revert "Lock Dependencies" 
This reverts commit a85caa4098.
 2021-02-11 15:49:59 -07:00
Josh Cummings a85caa4098
Lock Dependencies 2021-02-11 15:00:38 -07:00
Eleftheria Stein c836c716fe Fix typo in reactive CSRF docs 2021-02-08 15:02:16 +01:00
kavi87 10dce79c07 Update saml2-login.adoc 
Fix example on registering custom marshaller for saml request
 2021-02-04 10:06:39 -07:00
Josh Cummings 041e4aa22f
Change Example Name 
Closes gh-9379
 2021-01-28 11:22:02 -07:00
Rob Winch ad4497fb72 Add https://repo.spring.io/release to reference 2021-01-19 22:50:43 -06:00
Christophe Gilles 54d3839f63 Add permissionsPolicy http header 2020-12-11 12:32:18 +01:00
Eleftheria Stein 90b48554e4 Fix Custom DSL sample in docs 2020-12-09 10:48:15 +01:00
Eleftheria Stein d3ef340b26 Fix typos 2020-12-03 11:05:22 +01:00
Josh Cummings fe93326087
Update SAML 2.0 Metadata URL Docs 
Closes gh-9133
 2020-12-02 14:13:02 -07:00
Joe Grandja 58e3235093 Deprecate ClientAuthenticationMethod BASIC and POST 
Closes gh-9220
 2020-11-25 15:13:28 -05:00
Joe Grandja b95e1aa209 Revert "Lock dependencies for 5.5.0-M1" 
This reverts commit 25a7482c8c.
 2020-11-03 19:53:28 -05:00
Rob Winch 4e1f97a525 Document WithSecurityContextTestExecutionListener Nested Support 
Issue gh-9179
 2020-11-03 17:53:59 -06:00
Josh Cummings 8b7751f5f4
Polish Multiple Filter Chains Docs 
Issue gh-9178
 2020-11-02 13:49:24 -07:00
Guillaume Berche 69336fb3ec
Add Multiple Filter Chains Docs 
Closes gh-9178
 2020-11-02 13:45:04 -07:00
Guillaume Berche ab9a310485
Add Link to WebFlux Unit Tests 2020-11-02 13:45:04 -07:00
Josh Cummings b8f8fab54f
Document SigningMethod Support 
Issue gh-8952
Issue gh-9177
 2020-11-02 11:27:23 -07:00
Rob Winch 25a7482c8c Lock dependencies for 5.5.0-M1 2020-10-30 17:52:03 -05:00
Hideaki Matsunami 6d9ee5a354 add white space before strong notation. 2020-10-30 15:44:49 -06:00
Ayush Kohli ea68989421 Closes gh-8196 
Add leveloffset
 2020-10-28 14:55:30 -06:00
Josh Cummings 6714112961
Add SAML Response Decryption Documentation 
Issue gh-9044
Issue gh-9131
 2020-10-14 16:49:42 -06:00
Josh Cummings b06b17ca9b
Add Number 10 Diagram Image 2020-10-14 16:49:42 -06:00
Matthias Luppi 45a86a4b4d Rework community.adoc 
Fix link to CONTRIBUTING.adoc and use proper name of Stack Overflow according to their trademark guidelines (two words, capital letters)
 2020-10-12 13:18:02 -06:00
Josh Cummings 366146ff80
Polish JWT Signature Algorithm Discovery 
- Moved support to JwtDecoders and ReactiveJwtDecoders since there is
already the expectation that those classes make an outbound connection
to complete configuration. Since there's no outbound connection when
configuring a NimbusJwtDecoder or NimbusReactiveJwtDecoder, it would be
more intrusive to change that.

Closes gh-7160
 2020-10-09 14:17:30 -06:00
Josh Cummings a2aeb95b59
Update What's New Link 
Issue gh-9038
 2020-10-06 09:05:18 -06:00
Eleftheria Stein 320567128a Add expression based Kotlin samples 
Issue gh-8172
 2020-10-01 17:58:25 +02:00
Eleftheria Stein 0286d368c3 Add authentication event Kotlin samples 
Issue gh-8172
 2020-10-01 17:58:25 +02:00
Eleftheria Stein 669587409f Add Controller Kotlin sample for form login 
Issue gh-8172
 2020-10-01 17:58:25 +02:00
Josh Cummings a6d19474c4
Add Header and Parameter Value Documentation 
Closes gh-9038
 2020-09-30 20:50:29 -06:00
ilee c2d8939cf7 Update ssl setup guide link in tomcat server 2020-09-24 13:51:27 -06:00
Eleftheria Stein 019c27b0a0 Add servlet HTTP exploit samples 
Issue gh-8172
 2020-09-18 14:44:33 +02:00
Eleftheria Stein f26387a4b7 Add reactive HTTP exploit samples 
Issue gh-8172
 2020-09-18 14:44:10 +02:00
Eleftheria Stein 72acc2959e Add servlet CSRF Kotlin samples 
Issue gh-8172
 2020-09-18 14:14:32 +02:00
Joe Grandja 7b1f574769 Revert "Lock Dependency Versions for 5.4.0" 
This reverts commit 3d0e459182.
 2020-09-09 18:14:12 -04:00
Joe Grandja 3d0e459182 Lock Dependency Versions for 5.4.0 2020-09-09 13:45:03 -04:00
Josh Cummings 6222c5fe34 Add What's New in 5.4 
Closes gh-9001
 2020-09-09 13:27:22 -04:00
Eleftheria Stein 593a556991 Remove broken link from docs 
Closes gh-8986
 2020-09-07 14:07:42 +02:00
知一 58c7c21a6c Update abstract-authentication-processing-filter.adoc 2020-09-07 07:57:40 -04:00
Josh Cummings 0a4766f21e
Restructure SAML 2.0 Documentation 
- Add images
- Standardize terminology
- Add detail about working with OpenSAML
- Reorganize sections

Closes gh-8763
 2020-08-28 12:42:44 -06:00
Eleftheria Stein a9fe2cb377 Add servlet OAuth2 login Kotlin samples 
Issue gh-8172
 2020-08-28 18:15:59 +02:00
Eleftheria Stein 44399a5256 Add servlet OAuth2 resource server Kotlin samples 
Issue gh-8172
 2020-08-28 12:21:24 +02:00
Eleftheria Stein 7a5d9ce287 Fix typos in reference docs 2020-08-25 10:57:41 +02:00
Rob Winch 2abf59b695 Merge Formatting Changes 
Issue gh-8945
 2020-08-24 17:33:23 -05:00
Phillip Webb 8d80166aaf Update exception variable names 
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Eleftheria Stein cf48f986f6 Fix typo in resource server documentation 2020-08-24 09:10:33 +02:00
Josh Cummings e6d1e2cf81
Restructure SAML 2.0 Documentation 
Issue gh-8763
 2020-08-19 14:59:26 -06:00
Eleftheria Stein 69e0552c30 Add servlet OAuth2 client Kotlin samples 
Issue gh-8172
 2020-08-11 14:25:27 +02:00
Eleftheria Stein 380a11566e Add registered OAuth2 authorized client Kotlin samples 
Issue gh-8172
 2020-08-11 10:24:21 +02:00
Eleftheria Stein 324d6795c9 Add WebClient samples to docs 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein 496fcbb102 Add OAuth2 resource server WebFlux samples 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein d839e4dd71 Fix typos in resource server docs 
- Use withJwkSetUri instead of fromJwkSetUri
- Use ES512 instead of EC512
- Use NimbusReactiveOpaqueTokenIntrospector instead of NimbusOpaqueTokenIntrospector in reactive
- User authorizeExchange instead of authorizeRequests
 2020-08-11 08:33:46 +02:00
Eleftheria Stein 12a8795c3d Fix typo in resource server docs 2020-08-06 14:11:13 +02:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1" 
This reverts commit f3a1e5d40c.
 2020-08-05 14:59:11 -04:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Jakub Kubrynski 8a355240bc
SAML 2.0 SP Metadata Endpoint Support 
Issue gh-8693
 2020-08-05 10:08:47 -06:00
Joe Grandja 8146b1fdda Deprecate CustomUserTypesOAuth2UserService 
Closes gh-8908
 2020-08-04 13:23:44 -04:00
Joe Grandja 0ed919f072 Deprecate ClientRegistration.redirectUriTemplate 
Closes gh-8906
 2020-08-04 11:03:29 -04:00
Eleftheria Stein-Kousathana 31d5b5068c Kotlin OAuth2 client WebFlux samples 
Issue gh-8172
 2020-07-27 09:34:37 +02:00
Jay Bryant 48aa5cceda
Wording changes 
Replacing some terms
 2020-07-15 10:22:49 -04:00
Eleftheria Stein 683cb49c9d Add Kotlin WebFlux header configuration to docs 
Issue gh-8172
 2020-07-14 16:34:30 +02:00
Eleftheria Stein 793926b977 Add Kotlin header configuration samples to docs 
Issue gh-8172
 2020-07-10 16:08:02 +02:00
Eleftheria Stein f479f0ea49 Add Kotlin expression-based authorization 
Issue gh-8172
 2020-07-06 13:13:57 +02:00
Eleftheria Stein 0bdf6859be Add Kotlin logout samples to docs 
Issue gh-8172
 2020-07-06 12:45:41 +02:00
Josh Cummings 146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2" 
This reverts commit 68538897c8.
 2020-07-01 13:11:50 -06:00
Josh Cummings 68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Eleftheria Stein f5e0fe5907 Polish documentation formatting 
Issue gh-8199
 2020-06-29 18:16:59 +02:00
Heinz Wittig 08b69e77d2
Merge Project Modules and Dependencies Section of the docs 
Closes gh-8199
 2020-06-29 12:11:04 -04:00
Rob Winch ca1252be94 Replace whitelist with allowlist 
Issue gh-8676
 2020-06-10 11:49:21 -05:00
Rob Winch a907026eae Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive 
Closes gh-8677
 2020-06-10 11:48:56 -05:00
Robin Dupret bb0fac66d6 Fix a few typos in the documentation 2020-06-09 14:40:39 -05:00
Dayan d8aa208a9f Fix broken link in spring security reference document 
Fixes:#8593
 2020-06-02 05:36:19 -06:00
Eleftheria Stein a63a0e3765 Add reactive CSRF samples to docs 
Issue gh-8172
 2020-05-28 13:16:35 -04:00
Josh Cummings da05543ef6
Update OAuth 2.0 Client Testing Docs 
Issue gh-8603
 2020-05-28 10:33:02 -06:00
Markus Engelbrecht 7463583c1b Fix typos in BCryptPasswordEncoder documentation 
Resolves gh-8585
 2020-05-27 10:35:49 -05:00
Mazharul Islam bf9e8295d6 mentioning the default strength of BCryptPasswordEncoder 2020-05-21 11:15:45 -05:00
Thomas Turrell-Croft 014df98ebb Polish 
* Correct documented default schema to match default schema exposed as classpath resource
* Fix Java example of adding users to JdbcUserDetailsManager
 2020-05-21 11:09:31 -05:00
Andreas Volkmann 16b0a268d9 Update index.adoc 2020-05-20 08:01:56 -05:00
Joe Grandja c1abc9b134 Polish gh-8501 2020-05-15 13:26:09 -04:00
Thomas Vitale 78fa859798 Add issuerUri to ClientRegistration.providerDetails 
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.

Fixes gh-8326
 2020-05-14 17:13:07 -04:00
Rob Winch e5d2aaf6fe
Deprecate OpenID 2.0 support 
Deprecate OpenID 2.0 support
 2020-05-12 09:37:56 -05:00
Jean-Pierre Bergamin fbd3cfa40e
Fix code snippets to configure timeouts 
Issue: gh-8487
 2020-05-11 15:59:11 -04:00
Dávid Kovács f2a2b469c4 Deprecate openID 2.0 support 
This commit adds deprecation notice to xml schema, parser of the schema and removes fixme comments.

Fixes gh-7153
 2020-05-09 12:04:13 +02:00
Jean-Pierre Bergamin 6d5d883518 Use Opaquetoken properties to configure timeouts 
Improve the documentation to show how to re-use the Opaquetoken properties of `OAuth2ResourceServerProperties` to set up basic auth in the configured `RestTemplate`.
 2020-05-07 15:20:50 -04:00
Joe Grandja 86ca6b013c Unlock dependencies 
This reverts commit 206960cf44.
 2020-05-06 17:27:35 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Andrii Hrytsiuk 7748fb00ba Fix typos in documentation 2020-05-05 10:45:42 -05:00
Dávid Kovács 339d44b5a1 Deprecate openID 2.0 support 
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)

Fixes gh-7153
 2020-05-02 10:18:31 +02:00
Eleftheria Stein 1ca47f5cd0 Fix typo in Java configuration docs 2020-05-01 14:24:40 -04:00
Dávid Kovács 70792a9072 Document description error 
Fixes gh-8119
 2020-04-21 09:17:01 -04:00
corneliouz Bett ebc6012ec7 Rename Preface to Introduction 
Closes gh-8188
 2020-04-20 11:44:13 -05:00
Philipp Gerhard b9b89035f6 Documented dependencies opaque Resource Server 
Extended the documentation for the opaque Resource Server in order to clearly state which dependencies are required in order for the minimal deployment to work. Replaced dead link for Contribute guidelines in README.adoc

Closes gh-8391
 2020-04-17 16:25:14 -05:00
Antonin Arquey 5cd1ec7bb3 Add AuthoritiesMapper setter for reactive OAuth2Login 
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login

- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
  and OAuth2LoginReactiveAuthenticationManager

- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager

Fixes gh-8324
 2020-04-17 16:55:05 -04:00
Souphorn 64a5bb053e Fix typo with correct capitalization 2020-04-17 10:22:37 -04:00
Josh Cummings 13b2b00093
Add JwtAuthenticationConverter docs 
Issue gh-8185
 2020-04-13 22:47:20 -06:00
Josh Cummings ad8c49acae
Add Docs 
Issue gh-8332
 2020-04-10 16:52:10 -06:00
Josh Cummings 419d7264f9
Add Docs for Custom Bearer Token Header 
Issue gh-8337
 2020-04-09 10:36:03 -06:00
Eleftheria Stein 5f1eb392ff Add WebFlux Kotlin samples to docs 
Issue: gh-8172
 2020-04-08 14:57:25 -04:00
Eleftheria Stein 681d2d68e7 Fix typos in FAQ reference docs 
Add missing space; use https in links
 2020-04-08 11:44:42 -04:00
Maksim Mednik b57c2f2821 Updating authorization docs to mention handling of Maps in @PreFilter and @PostFilter annotations 2020-04-06 18:36:32 -04:00
Joe Grandja 946de2a51e Revert "Fix links in oauth2 doc" 
This reverts commit ad5bfc868c.
 2020-03-30 13:31:08 -04:00
Eleftheria Stein 63c8072ebc Add crypto Kotlin samples to docs 
Issue gh-8172
 2020-03-30 11:32:43 -04:00
Eleftheria Stein 018cbfa93f Add preauth Kotlin samples to docs 
Issue gh-8172
 2020-03-30 11:31:59 -04:00
wassan128 ad5bfc868c Fix links in oauth2 doc 2020-03-27 16:56:13 -05:00
Josh Cummings 81ad2958bd
Clarify ServerBearerExchangeFilterFunction Docs 
Fixes gh-8220
 2020-03-27 13:23:57 -06:00
Eleftheria Stein 7c0023ecc9 Update Encryptors documentation 
Fixes gh-8208
 2020-03-27 09:50:46 -04:00
Eleftheria Stein 6d61b87213 Add security context holder Kotlin samples to docs 
Issue gh-8172
 2020-03-26 15:36:44 -04:00
Eleftheria Stein 8e5e0c4a9e Add delegating filter proxy Kotlin samples to docs 
Issue gh-8172
 2020-03-26 15:35:51 -04:00
Eleftheria Stein 5b4cb5b13d Add filter Kotlin samples to docs 
Issue gh-8172
 2020-03-26 15:10:42 -04:00
Josh Cummings e62b8a7585
Add Figures to Resource Server Docs 
Fixes gh-8182
 2020-03-25 16:30:48 -06:00
Josh Cummings dcacd06360
Polish Resource Server JWT Docs 
Issue gh-5935
 2020-03-24 15:35:57 -06:00
Josh Cummings 8872d8b7d0
Polish Resource Server Multi-tenancy Docs 
Issue gh-7532
 2020-03-24 15:24:43 -06:00
Josh Cummings 933104d2d6
Document JwtGrantedAuthoritiesConverter Features 
Fixes gh-8176
 2020-03-24 14:39:08 -06:00
Eleftheria Stein 2c103f34e3 Add password storage Kotlin samples to docs 
Issue gh-8172
 2020-03-24 10:29:11 -04:00
komuro.hiraku 10c66d282a Fix userNameAttribute property case style 
Fixes gh-8169
 2020-03-23 10:08:14 -04:00
Josh Cummings 0e9497de3c
Document SAML 2.0 Improvements 
Fixes gh-8079
Fixes gh-8078
 2020-03-20 17:08:01 -06:00
Joe Grandja d1dbd92903 Document OAuth2Authorization success and failure handlers 
Fixes gh-8073
 2020-03-20 16:30:05 -04:00
Joe Grandja 5bff741c31 Document AuthorizedClientServiceOAuth2AuthorizedClientManager 
Fixes gh-8152
 2020-03-19 20:15:34 -04:00
Joe Grandja 06fdb83fb8 Document Jackson serialization support for OAuth 2.0 Client 
Fixes gh-8075
 2020-03-18 17:05:56 -04:00
Joe Grandja 4da7235d9b Document OAuth2AuthorizationRequest customization improvements 
Fixes gh-8071
 2020-03-18 11:20:08 -04:00
Joe Grandja e00a030621 Document OAuth 2.0 Client XML Support 
Fixes gh-8074
 2020-03-17 13:27:29 -04:00
Joe Grandja 3d5a1522d6 Document OAuth 2.0 Login XML Support 
Fixes gh-8110
 2020-03-16 12:33:37 -04:00
Josh Cummings bfd36d9a54
Remove Redundant ConcurrentSessionFilter Refs 
Fixes gh-8105
 2020-03-13 16:27:30 -06:00
Josh Cummings 3b80c2e345
Document AuthenticationEventPublisher 
Fixes gh-8081
 2020-03-11 16:48:14 -06:00
Josh Cummings 5b1838fd73
Add Resource Server XML snippets 
Fixes gh-8077
 2020-03-09 18:49:49 -06:00
Josh Cummings 69e1034ddc
Document baseUrl Support for OIDC Logout 
Fixes gh-8072
 2020-03-06 23:06:25 -07:00
Josh Cummings 4ef37f289e
OAuth 2.0 Test Support Docs 
- Added WebTestClient documentation
- Updated MockMvc documentation to align

Fixes gh-8050
 2020-03-06 23:01:18 -07:00
Josh Cummings 93b8c656d8
Document JwtClaimValidator 
Fixes gh-8076
 2020-03-04 14:47:44 -07:00
Josh Cummings 6db921c95d
Fix broken links 
Fixes gh-8069
 2020-03-04 13:12:11 -07:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7.
 2020-03-04 12:02:48 -07:00
Josh Cummings 747d8817cb
Specify Section Ids in What's New 
Issue gh-8062
 2020-03-04 11:01:59 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings edb6665103
Update What's New Section 
Fixes gh-8062
 2020-03-04 09:04:45 -07:00
Joe Grandja b42f0f50ab Document JdbcOAuth2AuthorizedClientService 
Fixes gh-8061
 2020-03-04 10:14:16 -05:00
Hrushikesh Salunkhe 558924e88e Typo fix 
users passwords changed to users' passwords
 2020-03-04 06:41:04 -06:00
Eleftheria Stein 603eb1e647 Add OAuth2 Kotlin samples to docs 
Issue: gh-5558
 2020-03-03 22:24:14 -05:00
Josh Cummings b4cab71fd3
Fix broken doc links 
Issue gh-8050
 2020-03-03 17:26:15 -07:00
Josh Cummings 3766322f03
Added OAuth 2.0 MockMvc Test Support Docs 
Issue gh-8050
 2020-03-03 16:33:08 -07:00
Josh Cummings 80ee6627ba
Change Diagram Font to Sans-serif 
Fixes gh-8057
 2020-03-03 15:27:01 -07:00
Rob Winch 5c2074f01b Add SecurityFilterChain Figure 
Closes gh-8055
 2020-03-03 15:04:25 -06:00
Rob Winch 81e41f124b Add anchors to SAML 2.0 documentation 
Closes gh-8049
 2020-03-03 08:01:36 -06:00
Rob Winch 4f25641ee4 Polish Authentication 2020-03-02 22:46:22 -06:00
Eleftheria Stein 0bf59186a3 Add Kotlin Configuration section to docs 2020-03-02 14:51:39 -06:00
Joe Grandja c111099640 Polish client-registration xsd attributes 
Issue gh-4557
 2020-03-02 15:02:46 -05:00
Josh Cummings e97396b9c7 Add Resource Server XML Support 
Fixes gh-5185
 2020-03-02 11:51:40 -07:00
Rob Winch 0ba3ff6df2 Update UserDetailsService Docs 
Closes gh-8048
 2020-03-02 11:58:03 -06:00
Rob Winch 6bb056607f Fix Basic Figure Formating 
Issue gh-8039
 2020-03-01 19:23:31 -06:00
Rob Winch 57ac2207f2 Add Figures to Basic Authentication Docs 
Closes gh-8039
 2020-02-28 16:48:23 -06:00
Rob Winch bc16f1a526 Fix Link that is Code Styling 
Closes gh-8038
 2020-02-28 13:52:43 -06:00
Rob Winch 562c1d939e Remove Duplicated Docs 2020-02-28 12:19:40 -06:00
Rob Winch 4d8d95163f Polish Invalid === in Docs 2020-02-28 12:15:24 -06:00
Rob Winch 0cf9364d92 Fix DispatcherServlet Link 
Issue gh-8036
 2020-02-28 12:15:19 -06:00
Rob Winch c554a3fc41 Add Link to DispatcherServlet in Filter Review Doc 
Closes gh-8036
 2020-02-28 11:39:22 -06:00
Rob Winch 805ef55d9a Add Figures to Form Log In Docs 
Closes gh-8035
 2020-02-28 11:36:04 -06:00
Rob Winch ec61462566 Remove Duplicate Docs 2020-02-27 23:01:40 -06:00
Rob Winch f4d032a762 Polish Extract Doc Sections 2020-02-27 22:10:02 -06:00
Rob Winch ecc63f7c8c Extract Separate Sections of Docs 2020-02-27 22:04:20 -06:00
Rob Winch 5023aa6cf1 Add Request Credentials Figure 
Closes gh-8030
 2020-02-27 21:56:15 -06:00
Rob Winch b7091ff794 Switch palette to template 
Issue gh-8000
 2020-02-27 21:56:15 -06:00
Rob Winch d009a7b1de Add ProviderManager to Reference 
Closes gh-8029
 2020-02-27 21:56:15 -06:00
Eleftheria Stein bb72206eef Add Kotlin samples to docs 
Issue: gh-5558
 2020-02-26 10:11:24 -05:00
Eleftheria Stein 87ca71473e Fix typo in in-memory Kotlin example 2020-02-25 16:39:17 -05:00
Joe Grandja 204a612be1 Deprecate Implicit Grant 
Fixes gh-8013
 2020-02-23 19:34:52 -05:00
Rob Winch 7eb8a3daf5 Polish Authentication Docs Structure 2020-02-21 11:33:36 -06:00
Rob Winch 7d845447ec Extract AuthenticationManager Docs 
Closes gh-8006
 2020-02-21 10:52:52 -06:00
Rob Winch 21bd3d9a88 Polish Docs 
Issue gh-8005
 2020-02-21 10:52:52 -06:00
Rob Winch 42d79c684b Polish Docs 
Issue gh-8005
 2020-02-21 10:52:52 -06:00
Rob Winch 7adddb6b30 Remove old SecurityContextHolder Docs 
Issue gh-8005
 2020-02-21 10:52:51 -06:00
Rob Winch fbbb74c360 Extract GrantedAuthority Docs 
Closes gh-8005
 2020-02-21 10:52:51 -06:00
Rob Winch 1965446d6d Extract Authentication Docs 
Issue gh-8005
 2020-02-21 10:52:51 -06:00
Rob Winch 49fb6734dc Extract SecurityContext Docs 
Issue gh-8005
 2020-02-21 10:41:23 -06:00
Rob Winch 702cc1d2bb Extract SecurityContextHolder Docs 
Issue gh-8005
 2020-02-21 10:41:23 -06:00
Rob Winch 5e9c03aa83 Add AbstractAuthenticationProcessingFilter Docs 
Closes gh-8004
 2020-02-21 10:41:23 -06:00
Rob Winch 052e103aed Extract AuthenticationEntryPoint Docs 
Closes gh-8003
 2020-02-21 10:41:23 -06:00
Rob Winch 6b0891b081 Extract ExceptionTranslationFilter Docs 
Closes gh-8002
 2020-02-21 10:41:23 -06:00
Rob Winch 32ee30e8a1 Extract FilterSecurityInterceptor Docs 
Closes gh-8001
 2020-02-21 10:41:23 -06:00
Rob Winch b8d4f33004 Use Color Palette that is Accessible for Color Blind 
See https://venngage.com/blog/color-blind-friendly-palette for more
details on selecting color blind friendly palettes

Closes gh-8000
 2020-02-21 10:41:23 -06:00
Rob Winch ef8176a198 Add palette.odg 
Closes gh-7999
 2020-02-21 10:41:23 -06:00
Rob Winch c6d1d3ef61 Add numbers icons 
Closes gh-7998
 2020-02-21 10:41:23 -06:00
Joe Grandja 8a4ff4452b Add XML namespace support for oauth2-client 
Fixes gh-5184
 2020-02-20 20:05:48 -05:00
Joe Grandja c5cb6952ea Polish client-registrations namespace doc 
Issue gh-4557
 2020-02-20 05:34:57 -05:00
Joe Grandja ff8002eb2e Polish gh-4557 2020-02-12 15:47:57 -05:00
Ruby Hartono 71a5c9521c Add XML namespace support for oauth2-login 
Fixes gh-4557
 2020-02-12 15:26:17 -05:00
Joe Grandja 40c0a452d7 Define oauth2-login xsd elements 
Issue gh-4557
 2020-02-12 15:26:17 -05:00
Rob Winch f9b783bcee Remove Duplicate Runtime Environment From Docs 
Closes gh-7980
 2020-02-12 13:32:54 -06:00
Rob Winch 72a9c15278 Refactor Duplicate Security Filter Chain Doc 
This removes the duplicate Security Filter Chain Doc and moves the
HttpFirewall to exploits portion of the documentation.

Closes gh-7979
 2020-02-12 12:58:56 -06:00
Rob Winch eb7df6416a Fix asciidoctorPdf images 
We need to use png and disable interlaced mode.

Issue gh-7973
 2020-02-11 07:49:54 -06:00
Rob Winch b173877705 Fix missing asciidoctorPdf attributes 
Issue gh-7973
 2020-02-11 07:49:54 -06:00
Rob Winch 2909d46060 Fix Asciidoctor Warnings 
Closes gh-7973
 2020-02-10 13:30:52 -06:00
Josh Cummings 3e46dacb4b
NamespaceHttpAccessDaniedHandlerTests groovy->java 
Fixed broken link

Issue gh-4939
 2020-02-10 10:38:40 -07:00
Rob Winch cb695ae60f Add Dave Syer to Authors 
Much of the content from architecture is borrowed, with permission
from Dave.

Issueh gh-7955
 2020-02-07 15:54:32 -06:00
Rob Winch 55f42fc153 Add High Level Servlet Architecture 
- Review of Filters
- DelegatingFilterProxy
- FilterChainProxy
- Security Filters

Fixes gh-7955
 2020-02-07 14:25:31 -06:00
Josh Cummings a90e579350 Add JwtIssuerReactiveAuthenticationManagerResolver 
Fixes gh-7857
 2020-02-06 13:45:13 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef.
 2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Rob Winch 1d7208f8ef Add RSocket Authentication Extension Support 
Fixes gh-7935
 2020-02-04 23:36:47 -06:00
Eleftheria Stein a2fb2c91c2 Kotlin examples in documentation 
Issue: gh-5558
 2020-01-22 14:36:34 +01:00
Eleftheria Stein 57fba90c0e Fix LDIF file example in LDAP docs 
Fixes: gh-7832
 2020-01-20 10:24:20 +01:00
Rob Winch a769f6a0c4 Polish LDAP Authentication 
Issue gh-7628
 2020-01-16 09:38:40 -06:00
Rob Winch 841275e152 Polish Username Password Storage wording 
Issue gh-7801
 2020-01-13 16:40:12 -06:00
Rob Winch c4a0ed0db5 Fix indentation of user-details-service.adoc 
Issue gh-7801
 2020-01-13 16:40:05 -06:00
Rob Winch 2e2974fc13 Add Dependency Versions to Asciidoctor 
Add dependency versions to asciidoctor and
spring-version -> spring-core-version

Issue gh-7801
 2020-01-13 16:39:57 -06:00
Rob Winch ad7c44f7fd Add More role=primary/secondary 
Issue gh-7801
 2020-01-10 10:58:24 -06:00
Rob Winch 729da6463f Fix appendix-schema id 2020-01-10 10:58:24 -06:00
Eleftheria Stein 1e33627d87 Use standard lambda syntax in documentation 
Fixes: gh-7774
 2020-01-10 13:12:17 +01:00
Rob Winch 3fb87d10e9 Add role=primary/secondary example 
Issue gh-7801
 2020-01-09 12:05:20 -06:00
Rob Winch b85b4b8643 spring-build-conventions:0.0.28.BUILD-SNAPSHOT 
Fixes gh-7801
 2020-01-09 12:05:06 -06:00
Rob Winch 04b6096d19 Fix Asciidoctor Warnings 
Issue gh-7801
 2020-01-09 12:04:58 -06:00
Josh Cummings de87675f6d Add JwtIssuerAuthenticationManagerResolver 
Fixes gh-7724
 2020-01-07 23:30:42 -07:00
artmiar e306482a96 Fix description of PasswordEncoder 2020-01-07 06:17:39 -05:00
Rafael Renan Pacheco 96d82ecbf2 Fix docs that cause unchecked assignment and NPE 2020-01-02 11:29:05 -05:00
Eleftheria Stein f109388211 Use lambda DSL in all samples in documentation 
Issue: gh-7774
 2019-12-30 17:49:35 +01:00
Rafael Renan Pacheco 0295b51e78 Fix var typo and code readability 2019-12-27 15:25:04 +01:00
Josh Cummings 40d4dce329
Polish Documentation 
Changed indentation on saml2Login() snippets to align more closely
with surrounding documentation.

Also removed call to super.configure as this would enable formLogin as
well as httpBasic. Replaced with default endpoint authorization
statement.

Issue gh-7654
 2019-12-18 10:53:59 -07:00
Filip Hanik af415948b1 Allow configuration of AuthenticationManagerResolver in saml2Login() 
Fixes gh-7654

https://github.com/spring-projects/spring-security/issues/7654
 2019-12-17 13:34:27 -08:00
Rob Winch 83d796cf1a Docs ServerRSocketFactoryCustomizer->ServerRSocketFactoryProcessor 
The documentation incorrectly used ServerRSocketFactoryCustomizer which
was renamed to ServerRSocketFactoryProcessor. The docs now use the correct
class name

Fixes gh-7737
 2019-12-12 15:30:33 -06:00
Rob Winch 9c991a5430 Start Servlet Authentication Cleanup 
Issue gh-7628
 2019-12-06 10:52:38 -06:00
Eleftheria Stein 55f1c695e1 Include security configuration context in test sample 
Fixes: gh-7688
 2019-12-02 10:13:24 +01:00
Rob Winch e5932131a9 Next Development Version 2019-11-27 08:05:44 -06:00
David Eisner 56f5242595 Fix minor typo. 2019-11-27 09:43:41 +01:00
ryenus 42ab6736e1 typo fix: consecutive-word duplications (#7673) 
* fix typo: require require

* more typo fix: consecutive-word duplications

Following previously finding, I then used `rg` to find other similar
typos, with false positives manually excluded, using the following
command:

    rg -t asciidoc -Pp '\b(\w+)\s+\1\b'
 2019-11-26 18:35:28 +01:00
Rob Winch af47e730a0 Only Hello Spring Security Boot 
For those getting started, we really need to send the message of using
Spring Boot.

Fixes gh-7627
 2019-11-26 08:38:29 -06:00
Rob Winch b3d177fc7e Extract HTTPS Documentation 
Fixes gh-7626
 2019-11-25 15:49:51 -06:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support 
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
 2019-11-22 15:07:05 -07:00
Rob Winch e1fad001d9 Extract HTTP Response Headers Documentation 
Fixes gh-7625
 2019-11-07 10:55:40 -06:00
Kristine Jetzke 97fd3d7c84 Clarify usage of hasAnyRole and hasAnyAuthority 2019-11-07 10:07:42 +01:00
Josh Cummings 63647e9546
Add Resource Server Multi-tenancy Docs 
Fixes: gh-7532
 2019-11-04 10:15:56 -07:00
Rob Winch badb0a08c6 Fix exploits indendation 
Issue gh-2567
 2019-10-28 16:00:51 -05:00
Rob Winch 2827af15e0 Document Reactive CSRF Support 
Fixes gh-6487
 2019-10-28 15:14:14 -05:00
Rob Winch 9b4c170af0 Create Exploits Section for Reactive 
Issue gh-2567
 2019-10-24 15:03:05 -05:00
Rob Winch bbda755a07 Fix Servlet exploits leveloffset 
Fixes gh-2567
 2019-10-24 14:14:02 -05:00
Rob Winch 08fb9c960b Fix invalid ids 
Issue gh-2567
 2019-10-24 14:06:23 -05:00
Rob Winch 55a98b9969 CSRF Documentation 
Issue gh-2567
 2019-10-24 13:24:44 -05:00
Rob Winch 02aaba37cd Documentation TOC on the left 
This better aligns with other documentation

Issue gh-2567
 2019-10-24 13:24:36 -05:00
Ramon Pires da Silva 0387723334 fix webflux samples documentation path 
The documentation of webflux integration sample projects was pointing to the `javaconfig` instead of `boot` folder.
 2019-10-16 10:52:08 -04:00
Filip Hanik 8bc3ad16ef SAML 2 Login - Documentation 
Fixes gh-7472
https://github.com/spring-projects/spring-security/issues/7472
 2019-09-30 13:03:05 -07:00
Rob Winch 03e2efacf4 Add Hello RSocket Sample 
Fixes gh-7504
 2019-09-30 13:58:03 -05:00
Rob Winch d83aa34dde Add RSocket Reference 
Fixes gh-7502
 2019-09-30 11:03:00 -05:00
Josh Cummings 71bbc9849e
URL Cleanup 
Issue gh-2567
 2019-09-30 07:43:35 -06:00
Josh Cummings 35797f9a74
Add Resource Server to Modules Section 
Fixes gh-7498
 2019-09-30 07:31:20 -06:00
Josh Cummings 8421594397
Replace Servlet Guides w/ Hello World Samples 
Issue gh-2567

Co-authored-by: Jay Bryant <jbryant@pivotal.io>
Co-authored-by: Rob Winch <rwinch@users.noreply.github.com>
 2019-09-30 07:17:06 -06:00
Josh Cummings 25b5f48884
Rewrite Preface 
Issue gh-2567

Co-authored-by: Jay Bryant <jbryant@pivotal.io>
Co-authored-by: Rob Winch <rwinch@users.noreply.github.com>
 2019-09-30 07:17:05 -06:00
Joe Grandja aecebeac69 Polish ref doc for oauth2Login 2019-09-29 21:04:32 -04:00
Joe Grandja 7754913a74 Document OidcClientInitiatedLogoutSuccessHandler 
Fixes gh-7401
 2019-09-29 20:27:35 -04:00
Josh Cummings 29ed728a70 Add Jwt.Builder Link 
Fixes gh-7407
 2019-09-28 19:27:05 -06:00
Josh Cummings f43996b99f Add OAuth2AuthenticatedPrincipal Link 
Fixes gh-7406
 2019-09-28 19:25:34 -06:00
Josh Cummings 5d0e80c85c Polish BearerTokenResolver Docs 
Issue gh-6254
 2019-09-28 19:11:59 -06:00
kostya05983 69a4848850 BearerTokenResolver Docs 
Fixes gh-6254
 2019-09-28 19:11:59 -06:00
Joe Grandja 2e2554a8c3 Document OidcIdTokenDecoderFactory 
Fixes gh-7399
 2019-09-28 21:09:41 -04:00
Joe Grandja 9b40ce6ccc Update What's New section 2019-09-27 20:45:32 -04:00
Joe Grandja 3670888616 Polish ref doc for oauth2Login 2019-09-27 14:24:45 -04:00
Joe Grandja 6fe96c643f Polish ClientRegistrations documentation 
Issue #7462
 2019-09-27 11:38:36 -04:00
Joe Grandja 9944037cc7 Polish ref doc for oauth2-client 2019-09-27 10:46:19 -04:00
Ivo Smid a11e61432e Document OAuth2 Client behind proxy and redirect_uri 
Fixes gh-7312
 2019-09-26 14:09:21 -04:00
Joe Grandja 345bfdd437 Polish gh-7279 2019-09-26 12:33:21 -04:00
Stephen Doxsee 7dc3c8a8de Add documentation for Public Client PKCE support 
Fixes gh-7279
 2019-09-26 12:21:22 -04:00
Josh Cummings 4fa1d08e20
Restructure Docs 
Issue gh-5935
 2019-09-22 01:16:55 -06:00
Joe Grandja c5fd646afc Update ref doc for OAuth2AuthorizationRequestResolver 
Fixes gh-7405
 2019-09-20 20:56:51 -04:00
Joe Grandja 324e066717 Polish ref doc for RegisteredOAuth2AuthorizedClient 2019-09-20 16:18:29 -04:00
Joe Grandja 076692ceef Polish ref doc for oauth2-client 2019-09-20 16:18:29 -04:00
Joe Grandja 52f0e5287b Update ref doc for oauth2-client WebClient integration 
Fixes gh-7404
 2019-09-20 16:18:29 -04:00
Josh Cummings 38e87568a6
Document Clear Site Data 
Fixes gh-7463
 2019-09-20 13:02:06 -06:00
Josh Cummings 124d9964d7
Document Bearer Token Propagation 
Fixes gh-7461
 2019-09-20 12:05:24 -06:00
Josh Cummings 3a9ee46719
Document RFC 8414 Support 
Fixes gh-7462
 2019-09-20 10:53:53 -06:00
Josh Cummings b91668a34d
Break Out Resource Server Documentation 
Issue gh-5935
 2019-09-20 09:52:29 -06:00
Josh Cummings f22fdf1bc0
Align OAuth Reactive/Servlet Resource Server Docs 
Fixes gh-7430
Fixes gh-7425
Fixes gh-7460
 2019-09-19 17:15:01 -06:00
Joe Grandja c1ae997adc Update ref doc for OAuth2AuthorizedClientManager 
Issue gh-7403
 2019-09-19 15:33:42 -04:00
Joe Grandja eeb0f56bac Add ref doc for password grant 
Fixes gh-7397
 2019-09-19 14:00:45 -04:00
Joe Grandja 3425db6d16 Fix typo 2019-09-18 19:54:37 -04:00
Joe Grandja e8d98a54b7 Add ref doc for refresh_token grant 
Fixes gh-7398
 2019-09-18 19:54:37 -04:00
Joe Grandja 5aa37722b9 Add ref doc for client_credentials grant 
Fixes gh-6206
 2019-09-16 15:14:34 -04:00
Joe Grandja 8aa55fe81b Update auth_code ref doc for oauth2-client 2019-09-16 09:37:37 -04:00
Josh Cummings 338b637ab5
Document Mock Jwt Testing 
Fixes gh-7242
 2019-09-16 07:34:37 -06:00
Andreas Falk a085a12c99 Fix wrong java runtime version mentioned in reference doc 
The reference documentation still referred to Java 5.0 as minimum
runtime version which is wrong.
This commit changes this to the correct
Java 8 runtime version as required minimum version.
In addition it corrects a fuzzy wording regarding stripping down the
`spring-security-core` jar.

Fixes gh-7440
 2019-09-16 13:09:57 +01:00
Joe Grandja 1c257afa79 Update ref doc for oauth2-client 2019-09-13 21:07:26 -04:00
Joe Grandja 9920cb41d1 Update ref doc copyright year 2019-09-12 19:28:01 -04:00
Joe Grandja 33837d21be Polish oauth2-client ref doc 2019-09-12 18:57:57 -04:00
Joe Grandja cb5f9856fe Reorganize ref doc sections for oauth2-client 
Fixes gh-7428
 2019-09-12 18:42:23 -04:00
Joe Grandja 810e4cbbef Document OAuth2AuthorizedClientManager/Provider 
Fixes gh-7403
 2019-09-12 18:42:23 -04:00
Josh Cummings 7f1b8eef08
Document Resource Server User-Info Usage 
Fixes gh-7431
 2019-09-12 08:23:56 -06:00
Josh Cummings 33fb93f0ea
Add NimbusJwtDecoder Documentation 
Fixes gh-7408
 2019-09-11 13:45:45 -06:00
Josh Cummings c85358915a
Add Opaque Token Documentation 
Fixes gh-7420
 2019-09-11 08:06:48 -06:00
Josh Cummings 08f68c9122
Update JwtAuthenticationConverter Docs 
Replaced usage of deprecated API

Fixes gh-7062
 2019-09-05 16:15:55 -06:00
Angel Aguilera 1de885e298 use simple link instead of 'pass' macro 2019-08-29 06:17:06 -05:00
Angel Aguilera 24cd9b990a fix footnotes markup 
Fixes #3180
 2019-08-29 06:17:06 -05:00
Josh Cummings 052256db0a
Add WebSecurityConfigurerAdapter Doc Detail 
Fixes gh-6809
 2019-08-22 17:56:39 -06:00
Hideaki Matsunami 712dfbdabd Fix typo in docs 2019-08-19 12:53:54 -05:00
Rob Winch abc90280e0
Add unbounid support in xml 
Add unbounid support in xml

Fixes gh-6011
 2019-08-14 10:05:49 -05:00
Eleftheria Stein f396e0197e Fix websocket configuration documentation 
Fixes: gh-4845
 2019-08-14 10:24:59 -04:00
Eddú Meléndez 9b2af944fa Add unbounid support in xml 
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.

Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.

Fixes gh-6011
 2019-08-10 19:07:45 -05:00
kostya05983 646f257e01 docs, change name of class in multiple httpSecurity 2019-08-06 13:05:55 -05:00
Simeon Macke b3da1e466b Add Argon2PasswordEncoder 
Add PasswordEncoder for the Argon2 hashing algorithm (Password Hashing
Competition (PHC) winner).
This implementation uses the BouncyCastle-implementation of Argon2.

Fixes gh-5354
 2019-08-05 13:54:29 -05:00
Eleftheria Stein 0b4502b2c5 Remove exceptions from lambda security configuration 
Fixes: gh-7128
 2019-07-30 08:31:37 -05:00
Eleftheria Stein a288ce4b00 Support nested builder in DSL for reactive apps 
Fixes: gh-7107
 2019-07-23 15:57:10 -05:00
Rob Winch dc2705189f
Fix typo in documentation 
Fixed typo in documentation.
 2019-07-16 12:01:07 -05:00
Eleftheria Stein b004f9f677 Use http security nested builder in docs 
Issue: gh-5557
 2019-07-12 13:58:17 -04:00
George Sofianos 8948ba3a48 Fixed typo in documentation. 2019-07-09 23:41:40 +03:00
Behrang 3b5a4189ef Minor fix 
These four items, not three items, constitute the auth process:

. A user is prompted to log in with a username and password.
. The system (successfully) verifies that the password is correct for the username.
. The context information for that user is obtained (their list of roles and so on).
. A security context is established for the user
 2019-06-28 11:41:55 -05:00
Luca Graf c43e632a6d Fix typo in OAuth2TokenValidator doc 
Fixes gh-6925
 2019-06-10 11:07:20 -06:00
David Lozano Jarque 8e5dd19b3b Updates modules.adoc (typo fix) 
Typo fix
 2019-06-10 11:06:19 -06:00
Kirill Gavrilov f6998547b8 Remove '.html' from interface name 2019-05-20 16:25:30 -05:00
Kirill Gavrilov 9078885a1a Remove redundant for 2019-05-20 16:25:30 -05:00
Alexey Nesterov 0aa4805be8 Add documentation on Reactive x509 security 
[gh #5038]
 2019-04-26 12:15:18 -05:00
Tadaya Tsuyukubo 0957ecb1e9 Align webclient section level in documentation 
Make "WebClient for Servlet Environments" section level align with
other documents in "additional-topics".
 2019-04-25 14:48:54 -06:00
Kyle Anderson 4a6e91531a Fix Broken Documentation Link 
Fixes: gh-6553
 2019-04-13 20:58:03 -06:00
Denis Babochenko 4a286be2b9 Update samples documentation 2019-04-13 19:21:10 -06:00
Denis Babochenko 21f7148e7a Update filters documentation 
Fixes: gh-5553
 2019-04-13 19:21:10 -06:00
Ruslan Stelmachenko bf88e8790f Fix a typo 2019-04-01 11:06:48 -06:00
Joe Grandja 4e9c37b1ae Manual URL Cleanup 2019-03-29 13:24:11 -04:00
Spring Operator 3b89754926 URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.

* http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated:
   ([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html) result ClosedChannelException).
* http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated:
   ([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html) result SSLHandshakeException).
* http://cujojs.com/ (200) with 1 occurrences could not be migrated:
   ([https](https://cujojs.com/) result SSLHandshakeException).
* http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated:
   ([https](https://erik.eae.net/archives/2007/07/27/18.54.15/) result SSLHandshakeException).
* http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated:
   ([https](https://javascript.nwbox.com/IEContentLoaded/) result SSLHandshakeException).
* http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated:
   ([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html) result SSLHandshakeException).
* http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated:
   ([https](https://monkeymachine.co.uk/) result SSLHandshakeException).
* http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated:
   ([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/) result SSLHandshakeException).
* http://somesite.com/login (200) with 3 occurrences could not be migrated:
   ([https](https://somesite.com/login) result AnnotatedConnectException).
* http://someurl.com/ (200) with 2 occurrences could not be migrated:
   ([https](https://someurl.com/) result SSLHandshakeException).
* http://sscce.org/ (200) with 1 occurrences could not be migrated:
   ([https](https://sscce.org/) result SSLHandshakeException).
* http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated:
   ([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf) result 404).
* http://www.example.com:80/ (200) with 1 occurrences could not be migrated:
   ([https](https://www.example.com:80/) result NotSslRecordException).
* http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated:
   ([https](https://www.faqs.org/qa/rfcc-1940.html) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated:
   ([https](https://www.faqs.org/rfcs/rfc1945.html) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated:
   ([https](https://www.faqs.org/rfcs/rfc3548.html) result AnnotatedConnectException).
* http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated:
   ([https](https://www.zytrax.com/books/ldap/) result AnnotatedConnectException).
* http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated:
   ([https](https://blindsignals.com/index.php/2009/07/jquery-delay/) result SSLHandshakeException).
* http://www.faqs.org/ (301) with 1 occurrences could not be migrated:
   ([https](https://www.faqs.org/) result AnnotatedConnectException).
* http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated:
   ([https](https://sam.zoy.org/wtfpl/) result SSLHandshakeException).
* http://hey.openid.com/ (302) with 1 occurrences could not be migrated:
   ([https](https://hey.openid.com/) result SSLHandshakeException).
* http://iharder.net/base64 (303) with 2 occurrences could not be migrated:
   ([https](https://iharder.net/base64) result AnnotatedConnectException).
* http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated:
   ([https](https://jaspan.com/improved_persistent_login_cookie_best_practice) result AnnotatedConnectException).

# Fixed URLs

## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.

* http://www.relaxng.org/ (301) with 1 occurrences migrated to:
  https://relaxng.org/ ([https](https://www.relaxng.org/) result SSLHandshakeException).
* http://www.relaxng.org (301) with 1 occurrences migrated to:
  https://relaxng.org/ ([https](https://www.relaxng.org) result SSLHandshakeException).
* http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to:
  https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options) result ReadTimeoutException).
* http://foo.test.com (302) with 2 occurrences migrated to:
  https://www.test.com ([https](https://foo.test.com) result SSLHandshakeException).
* http://abc.test.com (302) with 2 occurrences migrated to:
  https://www.test.com ([https](https://abc.test.com) result SSLHandshakeException).
* http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to:
  https://192.168.1:8080 ([https](https://192.168.1:8080) result ConnectTimeoutException).
* http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to:
  https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page) result ConnectTimeoutException).
* http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to:
  https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd) result ReadTimeoutException).
* http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to:
  https://axschema.org/ ([https](https://axschema.org/) result UnknownHostException).
* http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to:
  https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to:
  https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to:
  https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to:
  https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException).
* http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
  https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder) result UnknownHostException).
* http://default (UnknownHostException) with 12 occurrences migrated to:
  https://default ([https](https://default) result UnknownHostException).
* http://endpoint (UnknownHostException) with 4 occurrences migrated to:
  https://endpoint ([https](https://endpoint) result UnknownHostException).
* http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
  https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token) result UnknownHostException).
* http://example.com&param1=value1&param2=value2 (UnknownHostException) with 1 occurrences migrated to:
  https://example.com&param1=value1&param2=value2 ([https](https://example.com&param1=value1&param2=value2) result UnknownHostException).
* http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to:
  https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah) result UnknownHostException).
* http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
  https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder) result UnknownHostException).
* http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to:
  https://id.openid.zz ([https](https://id.openid.zz) result UnknownHostException).
* http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to:
  https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token) result UnknownHostException).
* http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to:
  https://invalid-provider.com/user ([https](https://invalid-provider.com/user) result UnknownHostException).
* http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to:
  https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json) result UnknownHostException).
* http://issuer/certs (UnknownHostException) with 1 occurrences migrated to:
  https://issuer/certs ([https](https://issuer/certs) result UnknownHostException).
* http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/) result UnknownHostException).
* http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to:
  https://joe.myopenid.com/ ([https](https://joe.myopenid.com/) result UnknownHostException).
* http://logout (UnknownHostException) with 2 occurrences migrated to:
  https://logout ([https](https://logout) result UnknownHostException).
* http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
  https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token) result UnknownHostException).
* http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to:
  https://openid.aol.com/ ([https](https://openid.aol.com/) result UnknownHostException).
* http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to:
  https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server) result UnknownHostException).
* http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to:
  https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue) result UnknownHostException).
* http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to:
  https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to:
  https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to:
  https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException).
* http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to:
  https://some.site.org/index.html ([https](https://some.site.org/index.html) result UnknownHostException).
* http://something/ (UnknownHostException) with 1 occurrences migrated to:
  https://something/ ([https](https://something/) result UnknownHostException).
* http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to:
  https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0) result UnknownHostException).
* http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to:
  https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select) result UnknownHostException).
* http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to:
  https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules) result UnknownHostException).
* http://www.faqs (UnknownHostException) with 1 occurrences migrated to:
  https://www.faqs ([https](https://www.faqs) result UnknownHostException).
* http://www.test123.com (UnknownHostException) with 1 occurrences migrated to:
  https://www.test123.com ([https](https://www.test123.com) result UnknownHostException).
* http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29) result 400).
* http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to:
  https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html) result 404).
* http://example.com/auth (404) with 2 occurrences migrated to:
  https://example.com/auth ([https](https://example.com/auth) result 404).
* http://example.com/info (404) with 2 occurrences migrated to:
  https://example.com/info ([https](https://example.com/info) result 404).
* http://example.com/jwkset (404) with 2 occurrences migrated to:
  https://example.com/jwkset ([https](https://example.com/jwkset) result 404).
* http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to:
  https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id) result 404).
* http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to:
  https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2) result 404).
* http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to:
  https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d) result 404).
* http://example.com/pkp-report (404) with 5 occurrences migrated to:
  https://example.com/pkp-report ([https](https://example.com/pkp-report) result 404).
* http://example.com/token (404) with 2 occurrences migrated to:
  https://example.com/token ([https](https://example.com/token) result 404).
* http://example.net/pkp-report (404) with 7 occurrences migrated to:
  https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404).
* http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to:
  https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/) result 404).
* http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to:
  https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js) result 404).
* http://json.org/json2.js (404) with 1 occurrences migrated to:
  https://json.org/json2.js ([https](https://json.org/json2.js) result 404).
* http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to:
  https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/) result 404).
* http://provider.com/user (302) with 2 occurrences migrated to:
  https://provider.com/user ([https](https://provider.com/user) result 404).
* http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to:
  https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0) result 404).
* http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to:
  https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello) result 404).
* http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to:
  https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true) result 404).
* http://www.example.com/identity (404) with 1 occurrences migrated to:
  https://www.example.com/identity ([https](https://www.example.com/identity) result 404).
* http://www.example.com/login/openid (404) with 2 occurrences migrated to:
  https://www.example.com/login/openid ([https](https://www.example.com/login/openid) result 404).
* http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to:
  https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld) result 404).
* http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to:
  https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html) result 404).
* http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to:
  https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar) result 404).
* http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to:
  https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html) result 404).
* http://www.example.com/realm (404) with 1 occurrences migrated to:
  https://www.example.com/realm ([https](https://www.example.com/realm) result 404).
* http://www.example.com/redirect (404) with 1 occurrences migrated to:
  https://www.example.com/redirect ([https](https://www.example.com/redirect) result 404).
* http://www.example.org/do/something (404) with 4 occurrences migrated to:
  https://www.example.org/do/something ([https](https://www.example.org/do/something) result 404).
* http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to:
  https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/) result 404).
* http://www.json.org/json2.js (404) with 1 occurrences migrated to:
  https://www.json.org/json2.js ([https](https://www.json.org/json2.js) result 404).
* http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to:
  https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5) result 404).

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to:
  https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html) result 200).
* http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to:
  https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282) result 200).
* http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to:
  https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359) result 200).
* http://claimid.com/ with 2 occurrences migrated to:
  https://claimid.com/ ([https](https://claimid.com/) result 200).
* http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to:
  https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to:
  https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to:
  https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to:
  https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html) result 200).
* http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to:
  https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html) result 200).
* http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to:
  https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html) result 200).
* http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to:
  https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html) result 200).
* http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
  https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/) result 200).
* http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html) result 200).
* http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html) result 200).
* http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/) result 200).
* http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/) result 200).
* http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to:
  https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/) result 200).
* http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html) result 200).
* http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html) result 200).
* http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html) result 200).
* http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to:
  https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking) result 200).
* http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to:
  https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing) result 200).
* http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to:
  https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery) result 200).
* http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to:
  https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting) result 200).
* http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep) result 200).
* http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to:
  https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) result 200).
* http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) result 200).
* http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to:
  https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) result 200).
* http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern) result 200).
* http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to:
  https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record) result 200).
* http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to:
  https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy) result 200).
* http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to:
  https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation) result 200).
* http://example.com with 8 occurrences migrated to:
  https://example.com ([https](https://example.com) result 200).
* http://example.com/ with 1 occurrences migrated to:
  https://example.com/ ([https](https://example.com/) result 200).
* http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to:
  https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice) result 200).
* http://flywaydb.org/ with 1 occurrences migrated to:
  https://flywaydb.org/ ([https](https://flywaydb.org/) result 200).
* http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to:
  https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css) result 200).
* http://gradle.org with 1 occurrences migrated to:
  https://gradle.org ([https](https://gradle.org) result 200).
* http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to:
  https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/) result 200).
* http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to:
  https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html) result 200).
* http://jquery.com/ with 1 occurrences migrated to:
  https://jquery.com/ ([https](https://jquery.com/) result 200).
* http://knockoutjs.com/ with 1 occurrences migrated to:
  https://knockoutjs.com/ ([https](https://knockoutjs.com/) result 200).
* http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to:
  https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools) result 200).
* http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to:
  https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html) result 200).
* http://openid.net with 1 occurrences migrated to:
  https://openid.net ([https](https://openid.net) result 200).
* http://openid.net/ with 1 occurrences migrated to:
  https://openid.net/ ([https](https://openid.net/) result 200).
* http://openid.net/certification/ with 4 occurrences migrated to:
  https://openid.net/certification/ ([https](https://openid.net/certification/) result 200).
* http://openid.net/connect/ with 4 occurrences migrated to:
  https://openid.net/connect/ ([https](https://openid.net/connect/) result 200).
* http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to:
  https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html) result 200).
* http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to:
  https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html) result 200).
* http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to:
  https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html) result 200).
* http://sizzlejs.com/ with 2 occurrences migrated to:
  https://sizzlejs.com/ ([https](https://sizzlejs.com/) result 200).
* http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to:
  https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time) result 200).
* http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to:
  https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/) result 200).
* http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to:
  https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/) result 200).
* http://spring.io/projects with 1 occurrences migrated to:
  https://spring.io/projects ([https](https://spring.io/projects) result 200).
* http://spring.io/services with 1 occurrences migrated to:
  https://spring.io/services ([https](https://spring.io/services) result 200).
* http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to:
  https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security) result 200).
* http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to:
  https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html) result 200).
* http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to:
  https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797) result 200).
* http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to:
  https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469) result 200).
* http://vimeo.com/34436402 with 1 occurrences migrated to:
  https://vimeo.com/34436402 ([https](https://vimeo.com/34436402) result 200).
* http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to:
  https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/) result 200).
* http://www.ja-sig.org/cas (301) with 1 occurrences migrated to:
  https://www.apereo.org ([https](https://www.ja-sig.org/cas) result 200).
* http://ehcache.sourceforge.net (301) with 2 occurrences migrated to:
  https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net) result 200).
* http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to:
  https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/) result 200).
* http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to:
  https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt) result 200).
* http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to:
  https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt) result 200).
* http://www.liquibase.org/ with 1 occurrences migrated to:
  https://www.liquibase.org/ ([https](https://www.liquibase.org/) result 200).
* http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to:
  https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps) result 200).
* http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200).
* http://www.test.com with 9 occurrences migrated to:
  https://www.test.com ([https](https://www.test.com) result 200).
* http://www.thymeleaf.org with 25 occurrences migrated to:
  https://www.thymeleaf.org ([https](https://www.thymeleaf.org) result 200).
* http://www.thymeleaf.org/ with 3 occurrences migrated to:
  https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/) result 200).
* http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to:
  https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd) result 200).
* http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to:
  https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to:
  https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to:
  https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html) result 200).
* http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to:
  https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html) result 200).
* http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to:
  https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/) result 200).
* http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to:
  https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html) result 200).
* http://www.w3.org/TR/selectors/ with 3 occurrences migrated to:
  https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/) result 200).
* http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to:
  https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU) result 200).
* http://api.jquery.com/jQuery.browser with 1 occurrences migrated to:
  https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to:
  https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to:
  https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx) result 301).
* http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to:
  https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx) result 301).
* http://code.google.com/p/openid-selector/ with 3 occurrences migrated to:
  https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/) result 301).
* http://contributor-covenant.org with 1 occurrences migrated to:
  https://contributor-covenant.org ([https](https://contributor-covenant.org) result 301).
* http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to:
  https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/) result 301).
* http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to:
  https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/) result 301).
* http://docs.spring.io with 1 occurrences migrated to:
  https://docs.spring.io ([https](https://docs.spring.io) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html) result 301).
* http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to:
  https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971) result 301).
* http://help.github.com/set-up-git-redirect with 1 occurrences migrated to:
  https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect) result 301).
* http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to:
  https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_) result 301).
* http://jquery.org/license with 1 occurrences migrated to:
  https://jquery.org/license ([https](https://jquery.org/license) result 301).
* http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to:
  https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647) result 301).
* http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to:
  https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941) result 301).
* http://openid.net/get/ with 2 occurrences migrated to:
  https://openid.net/get/ ([https](https://openid.net/get/) result 301).
* http://openid.net/what/ with 2 occurrences migrated to:
  https://openid.net/what/ ([https](https://openid.net/what/) result 301).
* http://technorati.com/people/technorati/ with 2 occurrences migrated to:
  https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/) result 301).
* http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to:
  https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html) result 301).
* http://www.jasig.org/cas with 1 occurrences migrated to:
  https://www.jasig.org/cas ([https](https://www.jasig.org/cas) result 301).
* http://www.modernizr.com/ with 1 occurrences migrated to:
  https://www.modernizr.com/ ([https](https://www.modernizr.com/) result 301).
* http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to:
  https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php) result 301).
* http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to:
  https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads) result 301).
* http://www.springframework.org/security with 1 occurrences migrated to:
  https://www.springframework.org/security ([https](https://www.springframework.org/security) result 301).
* http://www.springsource.com/ with 2 occurrences migrated to:
  https://www.springsource.com/ ([https](https://www.springsource.com/) result 301).
* http://www.springsource.org with 1 occurrences migrated to:
  https://www.springsource.org ([https](https://www.springsource.org) result 301).
* http://www.springsource.org/sts with 1 occurrences migrated to:
  https://www.springsource.org/sts ([https](https://www.springsource.org/sts) result 301).
* http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to:
  https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/) result 301).
* http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to:
  https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/) result 301).
* http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to:
  https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/) result 302).
* http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to:
  https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html) result 302).
* http://example2.com with 3 occurrences migrated to:
  https://example2.com ([https](https://example2.com) result 302).
* http://flickr.com/ with 2 occurrences migrated to:
  https://flickr.com/ ([https](https://flickr.com/) result 302).
* http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to:
  https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html) result 302).
* http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to:
  https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html) result 302).
* http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html) result 302).
* http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to:
  https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html) result 302).
* http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to:
  https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302).
* http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to:
  https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx) result 302).
* http://spring.io/spring-security with 1 occurrences migrated to:
  https://spring.io/spring-security ([https](https://spring.io/spring-security) result 302).
* http://spring.io/spring-security/ with 2 occurrences migrated to:
  https://spring.io/spring-security/ ([https](https://spring.io/spring-security/) result 302).
* http://spring.io/tools/sts with 1 occurrences migrated to:
  https://spring.io/tools/sts ([https](https://spring.io/tools/sts) result 302).
* http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to:
  https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt) result 302).
* http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to:
  https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html) result 302).
* http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to:
  https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context) result 302).
* http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to:
  https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt) result 302).

# Ignored
These URLs were intentionally ignored.

* http://java.sun.com/JSP/Page with 14 occurrences
* http://java.sun.com/jsp/jstl/core with 31 occurrences
* http://java.sun.com/jsp/jstl/fmt with 6 occurrences
* http://java.sun.com/jsp/jstl/functions with 1 occurrences
* http://java.sun.com/jstl/core with 1 occurrences
* http://java.sun.com/xml/ns/j2ee with 2 occurrences
* http://java.sun.com/xml/ns/javaee with 6 occurrences
* http://localhost with 20 occurrences
* http://localhost/ with 6 occurrences
* http://localhost/Test&lt;/value&gt;&lt;/property&gt with 1 occurrences
* http://localhost/appcontext/page with 1 occurrences
* http://localhost/authenticated with 1 occurrences
* http://localhost/authentication/login with 2 occurrences
* http://localhost/authorize/oauth2/code/registration-id with 3 occurrences
* http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences
* http://localhost/callback/client-1 with 1 occurrences
* http://localhost/callback/client-1?error=invalid_grant with 1 occurrences
* http://localhost/client-1 with 9 occurrences
* http://localhost/cookie with 1 occurrences
* http://localhost/cookie/delete with 1 occurrences
* http://localhost/custom-login with 1 occurrences
* http://localhost/custom-logout with 1 occurrences
* http://localhost/form-page with 1 occurrences
* http://localhost/iss with 1 occurrences
* http://localhost/issuer with 2 occurrences
* http://localhost/login with 38 occurrences
* http://localhost/login/oauth2/code/ with 4 occurrences
* http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences
* http://localhost/login/oauth2/code/registration-id with 3 occurrences
* http://localhost/login/oauth2/code/registration-id& with 2 occurrences
* http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences
* http://localhost/login/openid with 1 occurrences
* http://localhost/login2 with 1 occurrences
* http://localhost/loginPage with 2 occurrences
* http://localhost/logout with 1 occurrences
* http://localhost/messages with 4 occurrences
* http://localhost/oauth2/authorization/google with 1 occurrences
* http://localhost/openid-page with 1 occurrences
* http://localhost/saved-request with 1 occurrences
* http://localhost/secured with 2 occurrences
* http://localhost/signin with 1 occurrences
* http://localhost/some-url with 1 occurrences
* http://localhost/tosave with 1 occurrences
* http://localhost/user with 1 occurrences
* http://localhost:123456 with 3 occurrences
* http://localhost:1280/certs with 1 occurrences
* http://localhost:314 with 1 occurrences
* http://localhost:4080 with 1 occurrences
* http://localhost:543 with 1 occurrences
* http://localhost:8080 with 16 occurrences
* http://localhost:8080/ with 4 occurrences
* http://localhost:8080/SomeService with 1 occurrences
* http://localhost:8080/contacts with 1 occurrences
* http://localhost:8080/login/oauth2/code with 1 occurrences
* http://localhost:8080/login/oauth2/code/client-id with 2 occurrences
* http://localhost:8080/login/oauth2/code/facebook with 2 occurrences
* http://localhost:8080/login/oauth2/code/github with 2 occurrences
* http://localhost:8080/login/oauth2/code/google with 4 occurrences
* http://localhost:8080/login/oauth2/code/okta with 2 occurrences
* http://localhost:8080/path/page.html?query=string with 1 occurrences
* http://localhost:8080/sample/ with 15 occurrences
* http://localhost:8080/secure with 1 occurrences
* http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences
* http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences
* http://localhost:9080/protected with 2 occurrences
* http://localhost:9080/secured with 1 occurrences
* http://localhost:9080/unsecured with 1 occurrences
* http://localhost:9080/user with 1 occurrences
* http://test.com with 1 occurrences
* http://test.foobar.com with 1 occurrences
* http://testopenid.com?openid.return_to= with 1 occurrences
* http://www.springframework.org/schema/aop with 2 occurrences
* http://www.springframework.org/schema/beans with 8 occurrences
* http://www.springframework.org/schema/context with 2 occurrences
* http://www.springframework.org/schema/mvc with 2 occurrences
* http://www.springframework.org/schema/security with 45 occurrences
* http://www.springframework.org/schema/security/spring-security- with 1 occurrences
* http://www.springframework.org/schema/websocket with 2 occurrences
* http://www.springframework.org/security/tags with 17 occurrences
* http://www.springframework.org/tags with 12 occurrences
* http://www.springframework.org/tags/form with 14 occurrences
* http://www.w3.org/1999/XSL/Transform with 1 occurrences
* http://www.w3.org/1999/xhtml with 26 occurrences
* http://www.w3.org/2001/XMLSchema with 15 occurrences
* http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
 2019-03-19 23:53:23 -05:00
Spring Operator 2bf126f4cf URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.

* http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated:
   ([https](https://luke.taylor.openid.cn/) result SSLHandshakeException).

# Fixed URLs

## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.

* http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to:
  https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to:
  https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException).
* http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 2 occurrences migrated to:
  https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to:
  https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException).
* http://schema.openid.net/namePerson/friendly (UnknownHostException) with 1 occurrences migrated to:
  https://schema.openid.net/namePerson/friendly ([https](https://schema.openid.net/namePerson/friendly) result UnknownHostException).
* http://somehost/someUrl (UnknownHostException) with 1 occurrences migrated to:
  https://somehost/someUrl ([https](https://somehost/someUrl) result UnknownHostException).
* http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
  https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/) result UnknownHostException).
* http://example.net/pkp-report (404) with 1 occurrences migrated to:
  https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404).
* http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to:
  https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng) result 404).
* http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to:
  https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd) result 404).
* http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to:
  https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd) result 404).
* http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to:
  https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller) result 404).

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://raykrueger.blogspot.com/ with 1 occurrences migrated to:
  https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/) result 200).
* http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to:
  https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects) result 200).
* http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to:
  https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd) result 200).
* http://www.springframework.org/dtd/spring-beans.dtd with 4 occurrences migrated to:
  https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 5 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd) result 200).
* http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 20 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 267 occurrences migrated to:
  https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context-3.2.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd) result 200).
* http://www.springframework.org/schema/context/spring-context.xsd with 6 occurrences migrated to:
  https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd) result 200).
* http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd) result 200).
* http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 10 occurrences migrated to:
  https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security-2.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 266 occurrences migrated to:
  https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200).
* http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd) result 200).
* http://www.springframework.org/schema/tx/spring-tx.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util-3.0.xsd with 3 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd) result 200).
* http://www.springframework.org/schema/util/spring-util.xsd with 4 occurrences migrated to:
  https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 6 occurrences migrated to:
  https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200).
* http://www.headwaysoftware.com with 1 occurrences migrated to:
  https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com) result 301).
* http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to:
  https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
  https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302).

# Ignored
These URLs were intentionally ignored.

* http://appengine.google.com/ns/1.0 with 1 occurrences
* http://docbook.org/ns/docbook with 1 occurrences
* http://jakarta.apache.org/log4j/ with 1 occurrences
* http://java.sun.com/xml/ns/javaee with 22 occurrences
* http://www.springframework.org/schema/aop with 14 occurrences
* http://www.springframework.org/schema/beans with 576 occurrences
* http://www.springframework.org/schema/c with 6 occurrences
* http://www.springframework.org/schema/context with 18 occurrences
* http://www.springframework.org/schema/data/jpa with 2 occurrences
* http://www.springframework.org/schema/jdbc with 2 occurrences
* http://www.springframework.org/schema/mvc with 20 occurrences
* http://www.springframework.org/schema/p with 10 occurrences
* http://www.springframework.org/schema/security with 534 occurrences
* http://www.springframework.org/schema/tx with 10 occurrences
* http://www.springframework.org/schema/util with 16 occurrences
* http://www.springframework.org/schema/websocket with 12 occurrences
* http://www.w3.org/1999/xlink with 1 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 299 occurrences
 2019-03-19 17:33:29 -05:00
Spring Operator b93528138e URL Cleanup 
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://www.apache.org/licenses/ with 1 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html) result 200).
 2019-03-14 15:46:20 -05:00
Rafiullah Hamedy 82d527ed42
Add Support for Clear Site Data on Logout 
Added an implementation of HeaderWriter for Clear-Site-Data HTTP
response header as welll as an implementation of LogoutHanlder
that accepts an implementation of HeaderWriter to write headers.

- Added ClearSiteDataHeaderWriter and HeaderWriterLogoutHandler
that implements HeaderWriter and LogoutHandler respectively
- Added unit tests for both implementations's behaviours
- Integration tests for HeaderWriterLogoutHandler that uses
ClearSiteDataHeaderWriter
- Updated the documentation to include link to
HeaderWriterLogoutHandler

Fixes gh-4187
 2019-02-28 11:01:08 -07:00
RusZh 0c2a7e03f7 Update resource-server.adoc 
Fix typo in the code sample
 2019-02-11 12:27:28 -07:00
Stephen Doxsee a7a9271313 Client OAuth2 properties to use scope not scopes 
OAuth2ClientProperties.Registration (which captures .properties and
.yml for OAuth2 Client) has a member `scope` but not `scopes`. Samples
and documentation were using `scopes` and have now been updated to use
`scope`.

Fixes gh-6510
 2019-02-08 11:54:18 -05:00
Josh Cummings c4b17475d9
Improve LDAP snippet formatting 
Issue: gh-6486
 2019-01-28 14:25:27 -07:00
Bryan Kelly 5abe6ca718 Missing spring: prefix on jwk-set-uri example 2019-01-25 08:31:13 -06:00
Andy Wilkinson 95ff451193 Fix formatting in Implicit OAuth2AuthorizedClient section 2019-01-18 10:24:01 -07:00
Ankur Pathak b7ed919cee Add preload support to Strict-Transport-Security 
1. Preload support in Servlet Security(XML & Java)
2. Preload support in Reactive Security
3. Test for preload support in Servlet Security
4. Test for preload support in Reactive Security

Fixes: gh-6312
 2019-01-16 11:10:06 -06:00
Rafael Renan Pacheco 0656d2bc05 cconfigured -> configured 2019-01-08 13:18:14 -06:00
Richard Valdivieso cb0ea0241b Spring Security provides a DelegatingSecurityContextRunnable 
abstraction for Runnable that can be used for async and
scheduled tasks. The primary contract for task scheduling is
TaskScheduler and there's no such wrapper available at the moment.

The new DelegatingSecurityContextTaskScheduler class implements
TaskScheduler interface.

Fixes gh-6043
 2018-12-17 14:30:55 -06:00
Joe Grandja f808740c57 Update reference manual to use NimbusJwtDecoder 
Fixes gh-6188
 2018-11-30 06:53:35 -05:00
Dongmin Shin b2c2f84f00 Fix Typo in Reference Docs 
Fixes gh-6076
 2018-11-14 11:36:27 -06:00
Rafael Dominguez ac026e23fe Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE 2018-11-14 10:51:38 -06:00
Gunnar Hillert 11b6b63364 Docs: Fix Maven Property example `spring-security.version` 2018-11-13 15:08:00 -06:00
Josh Cummings 2769b7ffb0
Leave Issuer As String - Documentation 
Update documentation that indicated the iss claim is proactively
coerced into a URL.

Issue: gh-6073
 2018-11-13 12:40:41 -07:00
Josh Cummings 78e27ca17f
Update Reactive Resource Server Docs 
Resource Server documentation for both Servlet and Reactive now have a
similar feel and offer deeper exposure to common use cases.

Fixes: gh-6054
 2018-11-07 12:05:21 -07:00
Vedran Pavic 605469db06 Clarify default OAuth 2.0 login page requirements 
Fixes gh-5996
 2018-10-22 09:20:49 -04:00
sunflower-seed e26bb2b326 Update x509.adoc 
Added Escaping for Adoc
 2018-10-17 14:56:45 -05:00
Joe Grandja 88f8bfeb57 Polish docs for WebClient OAuth2 Servlet Setup 2018-10-15 09:44:22 -04:00
Joe Grandja 26fcde6f8e Document new features for OAuth Client 
Fixes gh-5832
 2018-10-12 19:24:02 -04:00
Thomas Jensen e8045838e3 Fix minor typo in secure-objects.adoc 2018-10-10 10:43:34 -05:00
Josh Cummings 2307b01a7a
Resource Server Docs - Servlet 
Fixes: gh-5912
 2018-10-05 15:46:37 -06:00
Rob Winch cbb25f7b87 Polish Getting Spring Security Reference 
Fixes: gh-5921
 2018-10-04 17:27:09 -05:00
Josh Cummings d4c50a8fb8
Replace Section Links in What's New 
Fixes: gh-5857
 2018-09-20 07:50:30 -06:00
Rob Winch dcbf762a0b WebClient OAuth2 Support for defaultClientRegistrationId 
Fixes: gh-5872
 2018-09-19 11:47:04 -05:00
Josh Cummings f48055ce47
Polish Section Link in What's New 2018-09-19 10:20:42 -06:00
Rob Winch ece5de3f99 Polish What's New 
Issue: gh-5857
 2018-09-19 09:45:13 -05:00
Rob Winch 62db88ce6a Add WebFlux CORS Reference 
Fixes: gh-5870
 2018-09-18 21:24:36 -05:00
Rob Winch 501c008526 Add WebFlux Redirect to HTTPS Reference 
Fixes: gh-5869
 2018-09-18 21:12:37 -05:00
Rob Winch db9248e05a Polish WebFlux HTTP Headers Reference 
Issue: gh-5868
 2018-09-18 20:30:45 -05:00
Rob Winch 7b7f579746 What's New Links to WebFlux sections 
Issue: gh-5857
 2018-09-18 17:23:03 -05:00
Rob Winch 54d07b6b8b Add WebFlux HTTP Headers Reference 
Fixes: gh-5868
 2018-09-18 17:09:41 -05:00
Josh Cummings a7f94b2188
Separate Servlet and WebFlux Feature Lists 
Issue: gh-5857
 2018-09-18 12:05:20 -06:00
Josh Cummings 2a83e34db5
Remove NOTE bookmarks 
Originally, there were two references to "[[NOTE]]" which was
confusing since Asciidoc can't have two bookmarks of the same name.

Changed these to "[NOTE]" so they would display the "note" component
in the docs.

Issue: gh-5866
 2018-09-18 12:05:19 -06:00
Rob Winch 87243ea453 Add WebFlux Resource Server Reference 
Fixes: gh-5866
 2018-09-18 10:58:56 -05:00
Rob Winch 83af2df131 Add WebFlux @RegisteredOAuth2AuthorizedClient Reference 
Fixes: gh-5864
 2018-09-18 10:25:06 -05:00
Rob Winch 1e1b8ab3e7 Add WebFlux OAuth2 Client Reference 
Fixes: gh- 5865
 2018-09-18 10:24:59 -05:00
Rob Winch a44d07ecf4 Fix OAuth2 Login Reference Format 
Issue: gh-5836
 2018-09-18 09:42:09 -05:00
Rob Winch 3ecefab957 Add WebFlux OAuth2 Login Reference 
Fixes: gh-5863
 2018-09-18 09:41:45 -05:00
Rob Winch 735d755bb1 Add WebClient OAuth2 Documentation 
Fixes: gh-5859
 2018-09-17 22:26:33 -05:00
Josh Cummings 26afc18b66
What's New in Spring Security 5.1 
An initial skeleton pointing to the various sections of Spring
Security that received an update in Spring Security 5.1

Issue: gh-5857
 2018-09-17 16:37:47 -06:00
Rob Winch 5b8d66e911 Extract Preface 
Issue: gh-5836
 2018-09-12 17:04:41 -05:00
Rob Winch 57359058dd Separate Servlet and WebFlux 
Fixes: gh-5836
 2018-09-12 16:48:41 -05:00
Jisoo Youn 3f3a3e8351 Fix convention 2018-09-11 13:57:23 -05:00
Jason Zhekov 439538477a Add missing space in namespace.adoc 2018-08-27 10:43:53 -05:00
Do Nhu Vy cbd28cfd1e Polish Reference Documentation 2018-08-18 20:39:18 -05:00
Do Nhu Vy 329bde0db1 Update database-schema.adoc 2018-08-18 20:21:35 -05:00
Do Nhu Vy b192bf54f7 Update database-schema.adoc 2018-08-18 20:21:35 -05:00
Do Nhu Vy 594cacb0d6 Add SQL for Oracle at section USERS and revise ACL 
I feel very painful when using SQL script for Oracle database. I set datatype, number(18), number(38) is too big, all character is uppercase (because Oracle database is case-insensitive). ACL's SQL script has script for Oracle database, but section USERS, AUTHORITIES has not SQL scrip for Oracle database, therefore I add more.
 2018-08-18 20:21:35 -05:00
Do Nhu Vy 7f04d8d893 Polish Reference Documentation 
- Improve emphasis
- Fix formatting
- Update to Spring Framework 5
- Bom -> BOM

Fixes: gh-5695
 2018-08-18 20:09:31 -05:00
Do Nhu Vy 1d8db1085a Polish Reference Documentation 
- Fix Broken Link
- Update docs to state Spring Security 5 instead of Spring Security 4

Fixes: gh-5694
 2018-08-18 20:05:44 -05:00
Vedran Pavic c6ea447cc0 Add support for Feature-Policy security header 2018-08-16 09:31:02 -05:00
fdesu 9c478257d4 Fix the broken link in the WebSocket documentation 
Changeset 46bb855 (#4094) removed websocket chat
sample in favor of spring-session one. This commit
updates spring-security documentation link to
point to the up-to-date sample location
 2018-08-16 09:14:24 -05:00
Johnny Lim fe17c71775 Mention spring-security-data dependency for Spring Data in doc 
Closes #5556
 2018-07-31 09:56:57 -05:00
Henry Lin 7e52fe67f4 Fixed document error 2018-07-19 09:35:16 -06:00
Rob Winch 1137f3b46d Add cross references to ReactorContextTestExecutionListener 
Fixes: gh-5418
 2018-06-11 17:13:24 -05:00
Joe Grandja 81e19ad85e Move oauth2 samples under boot directory 
Issue gh-5397
 2018-06-06 09:37:36 -04:00
Joe Grandja de95583509 Move oauth2login samples under oauth2 directory 
Fixes gh-5397
 2018-05-30 12:16:05 -04:00
Rob Winch 73345e7434 Add Cross Site Tracing (XST) & HTTP Method Tampering Protection 
Fixes: gh-5377
 2018-05-24 09:35:40 -05:00
Robert Roth 4bfce2a591 Fixed typo in acl database schema appendix. 
Fixes gh-5204
 2018-05-07 16:44:32 -05:00
Robert Roth fddc28ba3b Fixed typo in CSRF documentation. 
Fixes gh-4792
 2018-05-07 16:44:32 -05:00
Johnny Lim 2a0f529ee4 Use spring-projects for organization in GitHub URLs 2018-05-04 21:01:39 -05:00
Johnny Lim 44b22e7208 Fix 'attributes' deprecation warning in spring-security-docs-guides 2018-05-04 14:12:14 -05:00
Josh Cummings f8247fa346
Remove Default URLs and Parameters Commentary 
This paragraph was originally there to explain why Spring Security was
moving from the old default URLs and parameters to new ones.

Now that the defaults are the same in XML and well as Java Config, the
explanation is now no longer relevant.

Fixes: gh-5242
 2018-04-19 08:53:23 -06:00
Joe Grandja 526e0fdd4f Add OAuth2 Client HandlerMethodArgumentResolver 
Fixes gh-4651
 2018-04-02 12:13:52 -04:00
Rob Winch 6e5105f899 Extract appendix subsections 
Issue: gh-2567
 2018-03-09 16:34:46 -06:00
Rob Winch 40bb73124c Move data to data/index 
Issue: gh-2567
 2018-03-09 16:34:42 -06:00
Rob Winch 780e6aefd2 Extract additional-topics subsections 
Issue: gh-2567
 2018-03-09 16:34:38 -06:00
Rob Winch 35345fac70 Extract authorization subsections 
Issue: gh-2567
 2018-03-09 16:34:35 -06:00
Rob Winch 8cf51032e0 Extract Subsections of Web 
Issue: gh-2567
 2018-03-09 16:34:31 -06:00
Rob Winch ae9075c023 Extract test subsections 
Issue: gh-2567
 2018-03-09 16:34:30 -06:00
Rob Winch cf4272ff64 Extract architecture subsections 
Issue: gh-2567
 2018-03-09 16:34:24 -06:00
Rob Winch 4152530e69 Fix new lines 
Issue: gh-2567
 2018-03-09 16:34:20 -06:00
Rob Winch 73cec43842 Extract subsections for preface 
Issue: gh-2567
 2018-03-09 16:34:12 -06:00
Rob Winch 86465026a1 Extract top level section of reference 
Issue: gh-2567
 2018-03-09 16:33:54 -06:00
Rob Winch e799f13ae2 Consistent new lines in referenche 
Issue: gh-2567
 2018-03-09 16:33:54 -06:00
Rob Winch d21338d212 Support errorOnInvalidType for Reactive AuthenticationPrincipal 
Fixes: gh-5096
 2018-03-09 12:05:55 -06:00
Rob Winch a2073b2b91 Support BeanResolver for Reactive AuthenticationPrincipal 
Fixes: gh-4326
 2018-03-09 12:05:55 -06:00
Rob Winch d816af2337 Add BadCredentials Jackson Support to What's New 
Issue: gh-5087
 2018-03-09 12:05:55 -06:00
Rob Winch 7fafd899ee Add Reactive WithUserDetails to What's new 
Issue: gh-4888
 2018-03-09 12:05:55 -06:00
Rob Winch abae2f3e87 Allow WithSecurityContextTestExecutionListener to execute after @Before 
Fixes: gh-2935
 2018-03-08 14:13:07 -06:00
Rob Winch 210a510bba Use HttpFirewall Bean 
Fixes: gh-5022
 2018-02-15 17:18:28 -06:00
Rob Winch 6f48afbfe6 Format HttpFirewall Reference 
Put each sentence on a newline.

Issue: gh-5022
 2018-02-15 17:18:28 -06:00
Rob Winch 964a14b224 Document Reactive Method security requires Publisher return types 
Fixes: gh-4988
 2018-02-07 16:43:18 -06:00
Rissy Lin 4fbfb710f5 fix typo in documentation: index.adoc 
1) for more on information on how the Spring Security `AuthenticationManager` is -> for more information on how the Spring Security `AuthenticationManager` is`

2) all the sames things -> all the same things
 2018-02-07 10:48:00 -06:00
Rob Winch e1a8d250de Add authenticated().withAuthentication(Consumer<Authentication>) 
This allows arbitrary assertions of the authenticated user

Fixes: gh-4996
 2018-02-02 16:56:45 -06:00
Rob Winch cd88c739e0 Add Guides to docsZip 
Fixes: gh-4327
 2018-01-30 15:35:30 -06:00
Joe Grandja 84679a5d64 Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login 2018-01-23 12:14:57 -05:00
Rob Winch 65c3862da9 Password Troubleshooting Reference Fix 
Correct the package to NoOpPasswordEncoder within the reference

Fixes: gh-4965
 2018-01-18 08:25:52 -06:00
Rob Winch 450600cbb8 Polish reference 2018-01-12 09:17:05 -06:00
Rob Winch 0991f31613 Document exchange password for short term credential 
Fixes gh-4959
 2018-01-12 09:15:35 -06:00
Joe Grandja aa900065b8 Document OAuth2UserService delegation-based strategy for authorities mapping 
Fixes gh-4909
 2018-01-11 10:07:58 -05:00
Johnny Lim f3830eec7d Rename userDetailsRepository to userDetailsService 2018-01-10 16:04:48 -06:00
Rob Winch 00e8795adc Update What's New 2017-11-27 11:50:37 -06:00
Rob Winch cd1a02225b Document PasswordEncoder 2017-11-27 11:42:56 -06:00
Rob Winch 690e22778a Polish Docs 2017-11-27 11:42:56 -06:00
Joe Grandja 4f85f3a12f Polish - Editing pass for OAuth 2.0 Login ref doc 2017-11-22 10:44:50 -05:00
Jay Bryant 3eb66f37e0 Editing pass for OAuth 2.0 Login ref doc 
Fixes gh-4850
 2017-11-21 22:01:15 -05:00
Joe Grandja 94a8d9b116 Add OAuth 2.0 Login in reference doc 
Fixes gh-4849
 2017-11-17 11:37:56 -05:00
Johnny Lim 9e22190198 Remove duplicate eruby option in asciidoctor task 2017-11-16 11:19:20 -06:00
Rob Winch 82adf744f5 Polish Docs 2017-10-31 10:27:34 -05:00
Rob Winch e95430fa36 Polish Reactive Method Security reference 
Issue gh-4757
 2017-10-30 16:27:50 -05:00
Rob Winch d664ff2e26 Lookup HandlerMappingIntrospector from Bean 2017-10-30 16:27:50 -05:00
Rob Winch 8e6c726fb2 Add WebFlux to What's New 5.0 
Fixes gh-4757
 2017-10-30 15:29:13 -05:00
Rob Winch 5280ac40e9 WebMvcConfigurerAdapter->WebMvcConfigurer 
Fixes gh-4612
 2017-10-30 01:30:08 -05:00
Arend v. Reinersdorff a558d408a3 Minor typos PreAuthenticatedAuthenticationProvider 2017-10-29 22:12:04 -05:00
Kyle Anderson a139a0052d Fix Typo in Reference Docs 2017-10-29 22:09:46 -05:00
Paul Wheeler 6decf1c8ef Allow use of non-numeric (e.g. UUID) values for ObjectIdentity.getIdentifier() 
Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.

There are the following other changes:

 - BasicLookupStrategy has a new property, aclClassIdSupported, which
 is used to retrieve the new column from the database. This preserves
 backwards-compatibility, as it is false by default.

 - JdbcMutableAclService has the same property, aclClassIdSupported,
 which is needed to modify the insert statement to write to the
 new column. Defaults to false for backwards-compatibility.

 - Tests have been updated to verify both the existing functionality
 for backwards-compatibility and the new functionality.

Fixes gh-1224
 2017-10-29 21:29:12 -05:00
Rob Winch b91aa19b35 Doc DelegatingPasswordEncoder is default 
Fixes gh-gh-2775
 2017-10-24 07:56:28 -05:00
Rob Winch cdc992b132 Remove SaltSource 
Fixes gh-4681
 2017-10-24 07:56:28 -05:00
Rob Winch 6a3e981c80 Remove BaseDigestPasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:55:40 -05:00
Hanson, Tristan 53cb6c17e4 gh-4482 - Updating docs for `ConcurrentSessionFilter` configuration example 2017-10-12 07:41:11 -05:00
Robby Pond 9833f0090d Update to remove extra Header 
Update to remove extra Ldap Authentication Section Header
 2017-10-06 17:07:08 -05:00
Stephan Schroevers 9e719bc313 Drop the `aopalliance:aopalliance` dependency 
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.

This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)

The documentation is updated accordingly.

[1] https://jira.spring.io/browse/SPR-13984
 2017-09-22 11:11:04 -05:00
Rob Winch 3f58822d4d Fix MyCustomDsl Reference 
Fixes gh-4340
 2017-09-18 16:07:29 -05:00
stonio dbda7e35a4 Update index.adoc - add missing callout 
To fix WARNING: index.adoc: line 988: no callouts refer to list item 1
 2017-06-15 12:49:20 -05:00
Rob Winch 221d4f8fb1 Document WebFlux What Is New 
Issue gh-4325
 2017-05-10 00:28:16 -05:00
Joe Grandja 829c386756 Add support for OAuth 2.0 Login 
Fixes gh-3907
 2017-04-28 10:58:59 -04:00
Rob Winch dd6fc48dd8 Standardize Build 
The build now uses spring build conventions to simplify the build

Fixes gh-4284
 2017-04-21 10:55:05 -05:00
Rob Winch d59f128210 Fix asciidoc in manual 
Fixes gh-4301
 2017-04-21 10:50:30 -05:00
Rob Winch 49719480a8 Fix configuration-source-ref doc 
Fixes gh-4200
 2017-03-02 00:25:51 -06:00
pkovacs f99fe36e02 Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl 
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.

Fixes gh-4163.
 2017-03-02 00:09:14 -06:00
Artyom Kosykh 72d08a2a5f Fix index.adoc typo 2017-03-01 23:45:50 -06:00
stonio aa5df61eff Fix index.adoc typo 2016-12-21 10:19:51 -06:00
stonio 6df5b76f24 Fix test.adoc typo 2016-12-21 10:19:51 -06:00
stonio c8ed130008 Fix websocket.adoc typo 2016-12-21 10:19:51 -06:00
Johnny Lim f94399cff9 Polish 2016-11-17 09:49:41 -06:00
Dapeng 94fb1893de fix typo "RemoteIpValve" 2016-11-16 14:13:53 -06:00
Rob Winch fd9f57eb5f Update What's New changelogs 2016-11-09 17:00:09 -06:00
Rob Winch f0a9421aa4 SecurityJacksonModules->SecurityJackson2Modules 
Fixes gh-4121
 2016-11-09 16:42:41 -06:00
Rob Winch 14a656186d Polish Referrer Header Policy Docs 
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.

Move Referrer Header Polich outside of the CSP section.

Issue gh-4110
 2016-11-09 13:15:06 -06:00
stonio 2a197c72eb Fix typos in the reference 
Fix typos in the reference documentation

Fixes gh-4113
 2016-11-09 10:05:27 -06:00
Rob Winch ab5af87953 Add Referrer Policy to What's New 2016-11-08 16:14:20 -06:00
Eddú Meléndez 23294c4c57 Add Referrer-Policy header support 
Fixes gh-4110
 2016-11-08 13:21:35 -06:00
Kazuki Shimizu eb2870bf82 Polishing doc in What's New in Spring Security 4.2 2016-11-08 11:19:51 -06:00
Rob Winch cf3d6e7167 Fix Small Typo 
propoerty->property
 2016-10-31 11:31:52 -05:00
Rob Winch 8ca4b55d32 Update What's New Section of Reference 
Fixes gh-4109
 2016-10-25 15:03:59 -05:00
Rob Winch f432c04111 Create UserBuilder 
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder

Fixes gh-4095
 2016-10-21 16:42:03 -05:00
Rob Winch 94e580fe64 Add Support for Custom Default Configuration in Web Security 
Fixes gh-4102
 2016-10-19 16:15:56 -05:00
Rob Winch af9139b613 Add intercept-url@request-matcher-ref 
Fixes gh-4097
 2016-10-18 22:27:31 -05:00
Rob Winch f019ea89e7 Remove unused lowercase-comparisons from XSD 
Fixes gh-3932
 2016-10-18 22:27:28 -05:00
Rob Winch aaa9708b95 Add BeanResolver to AuthenticationPrincipalArgumentResolver 
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.

This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.

Fixes gh-3949
 2016-10-18 19:45:54 -05:00
Joe df9e6c973c linked to java configuration sample applications 
removed outdated description and linked directly to java configuration sample applications
 2016-10-17 21:12:17 -05:00
Paul Samsotha 1da9c06f3b Fix Reference (test.adoc) Typo 
@SpringExecutionListeners -> @SpringTestExecutionListeners
 2016-10-17 21:11:19 -05:00
Rob Winch 0c35209d77 Document Proxy Server 
Issue gh-4076
 2016-10-17 21:07:57 -05:00
Rob Winch 5e35e37a2b Update to Thymeleaf 3.0.2 and remove tiles 
Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.

Issue gh-4080
 2016-10-17 17:00:17 -05:00
Rob Winch 0b1e3b4e4a Fix Reference Typo 
unlimitted->unlimited
 2016-09-23 16:45:08 -05:00
Rob Winch 6b4a52715b Fix Typo in Reference 2016-09-23 14:57:52 -05:00
Rob Winch c0f5aaee78 Adds What's New Spring Security 4.2 
Fixes gh-4070
 2016-09-23 13:02:27 -05:00
Rob Winch d8690a59e2 Fix ??? in reference 2016-09-19 16:29:46 -05:00
Rob Winch 7f54c8b8b4 Fix link to CSP in Reference Doc 
Previously the link in the reference from x-frame-options to the
content security policy section was broken.

This commit fixes the link.

Issue gh-4063
 2016-09-19 10:21:04 -05:00
Fred Cooke 12173c04ee Fix Typo in Reference Docs 
Word substitution, it's foolproof, not full proof :-)

Fixes gh-4063
 2016-09-19 10:11:16 -05:00
Marten Deinum b88418b94a Configuration of session management strategies 
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.

Fixes gh-3794
Fixes gh-3795
 2016-09-15 11:10:17 -05:00
Kazuki Shimizu 37c6605062 Add explanation for DelegatingAuthenticationFailureHandler (#207) 2016-09-02 13:27:23 -05:00
Marek Jeszka 2deb722a1f JavaDoc links in 5.5 Handling Logouts fixed (#3993) 
Fixes gh-3992
 2016-08-15 10:13:36 -05:00
qwazer fe117bc445 [minor] fix grammar error (#4013) 
add space: that"collects" -> that "collects"
 2016-08-15 09:42:36 -05:00
Rob Winch 3befb1c8a6 MvcRequestMatcher servletPath / JavaConfig 
Issue: gh-3987
 2016-08-09 16:29:30 -05:00
Artur Owczarek 0b14664a8c Fix typos in reference (#3979) 2016-07-19 15:42:23 -05:00
Johnny Lim 69306a8b46 Fix typo (#3968) 
Fixes typo `advantadge`
 2016-07-13 12:37:26 -05:00
Johnny Lim 310bb39a0d Fix typo 2016-07-06 16:22:33 -05:00
Rob Winch e4c13e3c0e Add MvcRequestMatcher 
Fixes gh-3964
 2016-07-06 15:47:23 -05:00
Rob Winch 13bc70f693 Add CorsFilter support 2016-07-05 14:28:04 -05:00
Rob Winch dd9b59ba31 Document Digest is insecure 
Fixes gh-3894
 2016-06-20 14:10:36 -05:00
Shannon Carey 9fa2c64737 Documentation SecurityConfig->WebSecurityConfig 
Rename SecurityConfig to WebSecurityConfig in the documentation.

Fixes gh-153
 2016-06-17 16:55:46 -05:00
Pedro Vilaça 208f898403 Improve csrf login caveats 
Add a suggestion to retrieve a fresh csrf token right before the
form submission in order to avoid problems with invalid csrf tokens
due session timeouts.

Fixes gh-3925
 2016-06-13 16:26:16 +01:00
Ryan W. Moore 8aea83011d Docs: Remove broken link 
I think the originally intended destination no longer exists in the
documentation.
 2016-05-28 21:09:15 -04:00
Ryan W. Moore fd65652bbe Docs: Fix broken link to security database schema 2016-05-28 21:09:15 -04:00
Ryan W. Moore 38e9f6a851 Docs: Fix broken link to csrfInput tag info 
ID names are case sensitive.
 2016-05-28 21:09:15 -04:00
Ryan W. Moore cdb04c50e8 Docs: Fix broken link to websocket security info 2016-05-28 21:09:15 -04:00
Ryan W. Moore 057ea4fb17 Docs: Make 'Getting Started' a level 1 section heading 
This fixes the following build error:

  asciidoctor: ERROR: index.adoc: line 26: invalid part, must have at least one
  section (e.g., chapter, appendix, etc.)
 2016-05-28 21:09:01 -04:00
David Kane 503828c994 Add FAQ for JSP taglib & method security 
Updated FAQ to clarify how the url attribute of the authorize tag
interacts with method security
 2016-05-23 08:39:54 -05:00
Pedro Vilaça ea2b5dd412 Fix wrong class name reference in the docs 
In the documentation, there was a reference to a class called CsrfTokenResolver
and it should CsrfTokenArgumentResolver

Fixes gh-3890
 2016-05-18 20:26:20 +01:00
Rob Winch f363c62afd Document spring-security-test dependency 
Fixes gh-3873
 2016-05-16 10:56:50 -04:00
Joe Grandja 66980e827c Add Spring Boot Hello World guide 
Add Spring Boot Hello World Guide

Fixes gh-3866
 2016-05-13 14:05:29 -05:00
Rob Winch ede521dc8d authorizeUrls -> authorizeRequests 
Replace remaining authorizeUrls with authorizeRequests

Fixes gh-3875
 2016-05-09 10:34:36 -05:00
Rob Winch d4218c70f1 Update CookieCsrfTokenRepository docs to cookiHttpOnly=false 
Currently CookieCsrfTokenRepository does not specify that the httpOnly
flag needs set to false. We should update the reference to include this
setting (and a comment about it) since it states that the settings will
work with AngularJS.

This commit updates the documentation and provides a convenience factory
method to create a CookieCsrfTokenRepository with cookiHttpOnly=false

Fixes gh-3865
 2016-05-06 16:28:04 -04:00
Joe Grandja 447fb70f1d Add Hello World Xml guide 
Issue gh-3850
 2016-05-04 21:05:31 -04:00
Rob Winch 9745de9510 Add @AuthenticationPrincipal expression 
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.

Fixes gh-3859
 2016-05-03 18:08:52 -04:00
Patrick Cornelißen eaf8729941 Fixes RC1/RC2 URLs 
Fixes gh-3838
 2016-04-22 13:45:21 -04:00
Wim Deblauwe 85786824af Fix logout url in doc 
The default for logout is to redirect to `/login?logout`

Fixes gh-251
 2016-04-21 14:25:44 -04:00
Joe Grandja 4ee46a5f58 Add What's new in 4.1 RC2 
Add What's new in 4.1 RC2

Fixes gh-3830
 2016-04-20 19:26:54 -05:00
Johnny Lim 933a7e8363 Remove duplicate words 
Fixes gh-3826
 2016-04-18 23:21:20 -05:00
Joe Grandja 81c9fa805f Fix AuthenticationPrincipalArgumentResolver xml doc 
Fixes gh-3771
 2016-04-15 16:06:17 -05:00
Joe Grandja 2ef3da1b47 Documents the new @AuthenticationPrincipal in more detail. 
Fixes gh-3771
 2016-04-13 12:27:23 -04:00
Rob Winch 95a3e30d9f Polish Pbkdf2PasswordEncoder 
Fixes gh-2158
Fixes gh-51
 2016-04-12 17:16:38 -05:00
Rob Winch d3a9cc6eae Add CsrfTokenRepository (#3805) 
* Create LazyCsrfTokenRepository

Fixes gh-3790

* Add CookieCsrfTokenRepository

Fixes gh-3009
 2016-04-12 17:26:53 -04:00
Art O Cathain 1d271184c9 Fix Documentation Formatting 
Fix corrupted character and add formatting per the duplicated text
block

Fixes gh-193
 2016-04-12 13:07:07 -05:00
Soeun Park 8f7cf28435 Fix typos in documentation 
Fixes gh-196
Fixes gh-3109
 2016-04-12 12:59:21 -05:00
Johnny Lim fe94d654ed Fix typos (#228) 2016-04-12 11:11:51 -05:00
Joe Grandja 849c62b870 Disables doclint in Java 8 to prevent build error from javadoc task. 
Fixes gh-3767
 2016-04-11 18:19:30 -04:00
Joe Grandja 945a21a3fb Use xml / javaconfig folders for samples 
Fixes gh-3752
 2016-04-11 09:47:06 -05:00
Kamill Sokol 9c3db557dd Add missing # in SpEL expression doc 
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.

Fixes gh-3781
 2016-04-01 10:21:17 -05:00
Joe Grandja 9e5cdbd133 Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation. 
Fixes gh-3772
 2016-03-30 12:12:43 -04:00
Rob Winch b3d26ed5d6 Add changelog in What's New 
Issue gh-3768
 2016-03-22 22:40:58 -05:00
Rob Winch bf9a837b9a Polish What's New 
Issue gh-3768
 2016-03-22 22:37:52 -05:00
Rob Winch 40b7fa5b72 Update Issues Link 
Issue gh-3333
 2016-03-22 22:37:52 -05:00
Rob Winch 3e47531b19 Polish CSP reference 
Issue gh-3763
 2016-03-22 22:37:51 -05:00
Rob Winch e04f685747 Fix Typo in @WithUserDetails reference 
Issue gh-3346
 2016-03-22 22:37:41 -05:00
Joe Grandja 2f7f2ff589 Adds support for Content Security Policy 
Fixes gh-2342
 2016-03-22 21:59:13 -05:00
Rob Winch 4cb9b202f8 Remove subversion from reference 
Fixes gh-3766
 2016-03-22 16:37:39 -05:00
Rob Winch 683d751902 Polish What's New 
Fixes gh-3768
 2016-03-22 16:33:25 -05:00
Rob Winch 4b650dc58d Allow AuthenticationProvider Bean in Java Config 
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.

Fixes gh-3091
 2016-03-22 16:17:25 -05:00
Rob Winch 988b54ec3d Remove invalid ` from docs 
Fixes gh-3751
 2016-03-15 14:38:23 -05:00
Rob Winch 134a0a7f96 Move FAQ to appendix 
Fixes gh-3761
 2016-03-15 14:37:35 -05:00
Rob Winch 1382bd728b Clean up Javadoc log levels 
Issue gh-3757
 2016-03-15 08:37:01 -05:00
Shazin Sadakath e33e21fe6b Add Forward after authentication attempt config support 
Fixes gh-3728
 2016-03-11 10:49:30 -06:00
Rob Winch dbf73c4692 Update spring-security-config module description 
Include Java Configuration in the description.

Fixes gh-3298
 2016-03-10 10:45:15 -06:00
Rob Winch 835ac0a217 Add @WithUserDetails userDetailsServiceBeanName 
Fixes gh-3346
 2016-03-09 15:59:23 -06:00
Martin Macko dd8ba8c07e Fix formatting error in documentation 
Fixes gh-3279
 2016-03-09 15:00:52 -06:00
Rob Winch db81977a1a Polish HPKP 
* Javadoc polish
* Whitespace cleanup

Issue gh-3706
 2016-03-03 15:11:40 -06:00
Tim Ysewyn 331c7e91b7 HTTP Public Key Pinning 
HTTP Public Key Pinning (HPKP) is a security mechanism which allows HTTPS websites
to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.
(For example, sometimes attackers can compromise certificate authorities,
 and then can mis-issue certificates for a web origin.)
The HTTPS web server serves a list of public key hashes, and on subsequent connections
clients expect that server to use 1 or more of those public keys in its certificate chain.

This commit will add this new functionality.

Fixes gh-3706
 2016-03-03 14:21:46 -06:00
drdamour 004bb8e577 Fix ` in documentation 
There were a few rendering issues within the documentation
associated with `

This commit fixes those rendering issues

Fixes gh-3699
 2016-02-12 08:22:55 -06:00
Zied Zaïem 83992a7a27 fix typo in doc 2016-01-05 14:12:04 +01:00
Juzer Ali 1f32e96d31 SEC-3181: Fixed reference formatting 
The code ticks was broken.
 2015-12-21 17:23:16 -06:00
Kazuki Shimizu b7360a803d SEC-3152: Add @Retention to @WithMock documentation 2015-11-12 16:21:12 -06:00
Kazuki Shimizu 5c36c9f659 SEC-3151 Polishing reference document (springsoruce -> spring, etc..) 2015-11-12 16:04:01 -06:00
Rob Winch c93d6bc823 SEC-3120: Remove .and() from httpStrictTransportSecurity() doc 2015-10-30 09:11:47 -05:00
Rob Winch 0981cd975f SEC-3120: Reference hsts() -> httpStrictTransportSecurity() 2015-10-29 15:07:44 -05:00
Rob Winch 861ec76991 SEC-3133: Correct test doc username parameter 2015-10-26 12:59:44 -05:00
Rob Winch 8858419696 SEC-3052: Doc DEFAULT_MATCHER->DEFAULT_CSRF_MATCHER 2015-10-21 16:22:37 -05:00
Alex Derkach 777431758d Fix reference to Null Object pattern in the manual 2015-09-24 16:53:35 +03:00
Dan Dowma 09c4765191 Fix reference to Spring Security version in the manual 2015-09-07 00:44:16 -05:00
Rob Winch bac980cbcb SEC-2868: Simplify custom UserDetailsService Java Config 
Exposing a UserDetailsService as a bean is now all that is necessary
for Java based configuration. Additionally, an optional PasswordEncoder
bean can be used to configure password encoding.
 2015-08-27 20:41:15 -05:00
Rob Winch 35393098f8 SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor 2015-08-27 15:17:44 -05:00