b130e728b7
Polish gh-18153
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Issue gh-18144
2025-11-11 14:27:50 -05:00
e6db56ab4f
Add a minimal authorization server configuration
...
Closes gh-18144
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-11-11 14:27:36 -05:00
571bd60d82
Document OAuth 2.0 Protected Resource Metadata support
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-17244
2025-11-04 14:37:19 -05:00
6471a32d66
Merge branch '6.5.x'
...
Closes gh-18132
2025-11-04 11:37:11 -06:00
c1e9e10bf0
Merge branch '6.4.x' into 6.5.x
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-18131
2025-11-04 11:28:40 -06:00
fed6df5167
Default WebAuthnConfigurer#rpName to rpId
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:
> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.
Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-11-04 11:16:22 -06:00
5213cc44fc
Merge branch '6.5.x'
2025-11-04 10:24:32 -06:00
8fa2fc0e1e
Merge branch '6.4.x' into 6.5.x
2025-11-04 10:24:15 -06:00
4feeb0f843
Docs: document effects of disabling CORS configurer
...
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-11-04 10:23:46 -06:00
884cf0d62e
EnableGlobalMultiFactorAuthentication->EnableMultiFactorAuthentication
...
Closes gh-18127
2025-11-03 22:42:28 -06:00
b6ed037c39
Document device_code grant disabled by default
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Issue gh-17998
2025-10-31 06:38:09 -04:00
5da0cbea4b
Document OAuth 2.0 Dynamic Client Registration support
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-17964
2025-10-30 16:01:51 -04:00
e6b4d461e7
Fix OAuth2AuthorizationServerJacksonModule type validator configuration
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-18102
2025-10-30 07:19:45 -04:00
da46ba2619
Update Password Samples for Nullability
...
Issue gh-16226
2025-10-20 17:04:22 -06:00
a406f5fe2d
Merge remote-tracking branch 'origin/6.5.x'
2025-10-20 16:46:49 -06:00
dcb4e47cd5
Add Include-Code to the Password Storage page
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
References gh-16226
Signed-off-by: Himanshu Pareek <himanshupareekiit01@gmail.com>
2025-10-20 16:35:23 -06:00
9c7b34a48b
Favor Relative Redirects by Default
...
Closes gh-16300
2025-10-20 10:25:17 -06:00
d5d7fd414d
Update What's New
2025-10-20 10:25:17 -06:00
95abf61c88
Refine Jackson 3 format description
2025-10-20 09:11:22 -05:00
8f8a25533a
Refine documentation for Jackson 3
...
This commit refines the documentation by:
- Updating Jackson documentation for Jackson 3
- Removing the outdated documentation in servlet
- Adding migration guidelines
Closes gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
2025-10-19 17:03:19 -05:00
65a14d6c6d
Add Jackson 3 support
...
This commit adds support for Jackson 3 which has the following
major differences with the Jackson 2 one:
- jackson subpackage instead of jackson2
- Jackson type prefix instead of Jackson2
- JsonMapper instead of ObjectMapper
- For configuration, JsonMapper.Builder instead of ObjectMapper
since the latter is now immutable
- Remove custom support for unmodifiable collections
- Use safe default typing via a PolymorphicTypeValidator
Jackson 3 changes compared to Jackson 2 are documented in
https://cowtowncoder.medium.com/jackson-3-0-0-ga-released-1f669cda529a
and
https://github.com/FasterXML/jackson/blob/main/jackson3/MIGRATING_TO_JACKSON_3.md .
This commit does not cover webauthn which is a special case (uses
jackson sub-package for Jackson 2 support) which will be handled in
a distinct commit.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
2025-10-19 17:03:19 -05:00
ba42b9c4cc
Update Documentation for All-Factor Propagation
...
Issue gh-18000
2025-10-16 13:41:46 -06:00
2e7cdd7b14
Revert "Merge branch 'builder-enhancements'"
...
This reverts commit 95644fb73cfbf7bb3be1
2025-10-16 13:41:45 -06:00
e535e61c8b
Move toBuilder to BuildableAuthentication
...
Closes gh-18052
2025-10-15 12:01:11 -06:00
78701f94ee
Document RequiredFactor Valid Duration
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Issue gh-17997
2025-10-10 16:24:47 -05:00
702878acae
Create AuthorizationManagerFactories.multiFactor
...
Closes gh-18032
2025-10-10 16:24:47 -05:00
d18431a78d
Move FACTOR_ constants to FactorGrantedAuthority
...
Previously GrantedAuthorities had an implicit package tangle because it
was located in ~.core and FactorGrantedAuthority is in ~.core.authority
and FactorGrantedAuthority's authority property was implicitly expected
to be constants found in `GrantedAuthorities`.
This commit moves the constants to the FactorGrantedAuthority which
resolves this tangle. It wasn't initially done because
FactorGrantedAuthority did not exist at that time.
Closes gh-18030
2025-10-10 16:24:46 -05:00
e290c98e97
Document Multi-Factor Simple to Complex
...
This reworks the Multi-Factor documentation to start with the
simplest scenario and work to progressively more complex requirements.
Closes gh-18029
2025-10-10 16:23:38 -05:00
d5c5bb234c
Bump antora from 3.2.0-alpha.9 to 3.2.0-alpha.10 in /docs
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Bumps [antora](https://gitlab.com/antora/antora ) from 3.2.0-alpha.9 to 3.2.0-alpha.10.
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc )
- [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.9...v3.2.0-alpha.10 )
---
updated-dependencies:
- dependency-name: antora
dependency-version: 3.2.0-alpha.10
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-06 14:01:08 -05:00
2473378fcd
Use RequiredFactorErrors
...
Closes gh-18002
2025-10-03 15:20:03 -05:00
8c65dc93f2
Enable PKCE by default
...
Closes gh-17507
Signed-off-by: Rohan Naik <rohan.nn1203@gmail.com>
2025-10-03 13:08:04 -04:00
681e166be8
Remove default HttpSecurity.securityMatcher() for authorization server
...
Closes gh-17965
2025-10-01 11:45:21 -04:00
7f10897de3
SecurityMockMvcResultMatchers.withAuthorities(String...)
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17974
2025-09-30 10:39:14 -05:00
667cd4aa7c
Remove unnecessary throws Exception from spring-security-config
...
Closes gh-17957
2025-09-25 11:50:13 -05:00
ad6fe4fdc3
Polish MFA Samples
...
This commit removes unneeded AuthorizationManagerFactory
implementations, simplifies the custom AuthorizationManagerFactory
example, and updates usage of hasAllAuthorities.
Issue gh-17934
2025-09-24 17:54:59 -06:00
f652920bb3
Add @EnableGlobalMultiFactorAuthentication
...
Closes gh-17954
2025-09-24 14:47:26 -05:00
e33e4d80a9
Fix Antora Warnings in servlet/authentication/adaptive.adoc
...
Issue gh-2603
2025-09-24 13:05:50 -05:00
b2d76dfe66
Add GrantedAuthorities.FACTOR_*_AUTHORITY
...
Closes gh-17952
2025-09-24 09:53:56 -05:00
bbba2930e9
Add Initial Documentation
...
Issue gh-17934
2025-09-23 18:16:36 -06:00
4ef16b14d2
Update terminology to HTTP Service Clients
...
Closes gh-17947
2025-09-22 10:09:04 -05:00
765bdf1ed0
SpEL Expressions Support Returning AuthorizationManager
...
Closes gh-17936
2025-09-19 12:07:59 -06:00
1e1cb0097a
Document Authentication Factors
...
Issue gh-17933
2025-09-19 11:32:28 -06:00
9eaadcc70d
Add hasAll(Roles|Authorities) to SecurityExpressionRoot
...
This adds support for hasAllRoles and hasAllAuthorities to method security
expressions.
Issue gh-17932
2025-09-19 09:33:50 -05:00
675835e525
Add AuthorizationManagerFactory.hasAll(Authorities|Roles)
...
Closes gh-17932
2025-09-18 14:19:22 -05:00
bb6b8ae3f3
Add AllAuthoritiesReactiveAuthorizationManager
...
Issue gh-17916
2025-09-16 16:31:55 -05:00
5ca18a3b9c
Add password4j implementation of PasswordEncoder
2025-09-15 11:28:39 -05:00
d0372efadd
Use include-code for password4j docs
...
This follows the new convention of using include-code going forward to
ensure that the documentation compiles and is tested. This also corrected
a few errors in custom params for Ballooning and PBKDF2 examples.
Issue gh-17706
2025-09-15 11:03:44 -05:00
9f839384e9
Use non-redundant ids in password4j docs
...
Documentation ids no longer need to be globally unique, so they
do not need to include the path. This makes the ids less verbose and
integrates with include-code extension better.
Issue gh-17706
2025-09-15 11:00:51 -05:00
11bec09ffc
Escape attribute failures in Password4j docs
...
Issue gh-17706
2025-09-15 10:57:19 -05:00
c18aff7f5f
Password4j docs 1 sentence per line
...
The Antora documentation convention is to use a single sentence per line
as this helps with diffing and merging changes.
Issue gh-17706
2025-09-15 09:22:08 -05:00
Joe Grandja
Andrey Litvitski
Rob Winch
Daniel Garnier-Moiroux
Josh Cummings
Himanshu Pareek
Sébastien Deleuze
dependabot[bot]
Rohan Naik