dd50dc0c40
Remove Generic Typing From Authentication.Builder
...
It would be better to introduce parameter types for
principal and credentials into Authentication.Builder
at the same time as doing so for Authentication
Issue gh-17861
2025-09-09 14:49:13 -06:00
3f774548d2
Move Authority Propagation Into Filters
...
Given that the filters are the level at which the
SecurityContextHolder is consulted, this commit moves
the operation that ProviderManager was doing into each
authentication filter.
Issue gh-17862
2025-09-09 14:49:13 -06:00
a0fe6a5fee
Polish Builders
...
- Added remaining properties
- Removed apply method since Spring Security isn't using
it right now
- Made builders extensible since the authentications are
extensible
Issue gh-17861
2025-09-09 14:49:13 -06:00
a201a2b862
Add Authentication.Builder
...
This commit adds a new default method to Authentication
for the purposes of creating a Builder based on the current
authentication, allowing other authentications to be
applied to it as a composite.
It also adds Builders for each one of the authentication
result classes.
Issue gh-17861
2025-09-09 14:49:13 -06:00
eeb4574bb3
Add AuthorizationManagerFactory
...
Signed-off-by: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
2025-09-09 15:36:49 -05:00
bd119ac411
Implement Equals and HashCode
...
Internally, RequestMatcher is sometimes used as a key to a
HashMap. Accordingly, each implementation should implement
equals and hashCode.
Closes gh-17842
2025-09-03 17:48:50 -06:00
f13d8d5c75
Fix Nullability in WebInvocationPrivilegeEvaluator
...
Issue gh-17535
2025-08-30 20:38:58 -05:00
c2ba662b91
Enable Null checking in spring-security-web via JSpecify
...
Closes gh-17535
2025-08-29 15:06:48 -05:00
49f308adb0
Use Supplier<? extends @Nullable Authentication>
...
Previously Supplier<@Nullable Authentication> was used. This prevented
Supplier<Authentication> from being used. The code now uses
Supplier<? extends @Nullable Authentication> which allows for both
Supplier<@Nullable Authentication> and Supplier<Authentication>.
Closes gh-17814
2025-08-29 09:46:58 -05:00
d1962201b5
Merge branch '6.5.x'
2025-08-22 11:07:59 -06:00
857ca9c412
Merge remote-tracking branch 'origin/6.4.x' into 6.5.x
2025-08-22 11:07:37 -06:00
894105aab5
Fix traceId discrepancy in case error in servlet web
...
Signed-off-by: Nikita Konev <nikit.cpp@yandex.ru>
2025-08-22 11:06:37 -06:00
806297da23
Fix misleading variable name in authentication filter
...
Rename DEFAULT_ANT_PATH_REQUEST_MATCHER to DEFAULT_PATH_REQUEST_MATCHER
to reflect PathPatternRequestMatcher usage instead of legacy Ant
pattern terminology.
Signed-off-by: Jaehwan Lee <jhrick0129@gmail.com>
2025-08-19 22:21:35 -05:00
eeb383ac46
Fix Checkstyle
...
Issue gh-17623
2025-08-07 14:32:18 -06:00
6d1a886f92
Deprecate SERIAL_VERSION_UID
...
Closes gh-17623
2025-08-07 11:09:35 -06:00
2fbe8dd8f6
Make Stricter IP Format Check
...
Closes gh-17499
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-31 10:30:57 -06:00
6873685fd0
Merge remote-tracking branch 'origin/6.5.x'
2025-07-31 10:12:39 -06:00
f180a04b74
Use final values in equals and hashCode
...
Closes gh-17584
Signed-off-by: Tim Boeckstaens <boeckstaenstim@gmail.com>
2025-07-31 10:12:24 -06:00
f6cb0bd610
Merge Use 2004-present Copyright Header
...
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
2025-07-29 10:52:42 -05:00
2fdca16c1a
Merge branch '6.4.x' into 6.5.x
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17634
2025-07-29 09:47:52 -05:00
392129b616
Use 2004-present Copyright Header
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.
The commit updated etc/checkstyle/header.txt
It also updated the copyright headers using the following find/replace:
Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.
Closes gh-17633
2025-07-29 09:45:23 -05:00
34742c9743
Reapply "Move webauthn runtimehints to spring-security-webauthn"
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Execute Gradle Wrapper Upgrade / Execution (push) Has been cancelled
Details
This reverts commit 9489ab48ab
2025-07-23 13:32:34 -05:00
9489ab48ab
Revert "Move webauthn runtimehints to spring-security-webauthn"
...
This reverts commit fe411896af
2025-07-23 09:22:47 -05:00
fe411896af
Move webauthn runtimehints to spring-security-webauthn
...
Issue gh-17586
2025-07-23 09:20:39 -05:00
79cd982341
Extract spring-security-webauthn
...
Closes gh-17586
2025-07-22 17:18:38 -05:00
7c887d2da1
Add nullability to spring-security-core
...
Closes gh-17534
2025-07-22 16:29:13 -05:00
dadf4c0b8a
Remove shouldFilterAllDispatcherTypes
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Closes gh-12139
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-07-14 12:34:16 -06:00
b7ae9910b5
Remove Deprecated CookieServerCsrfTokenRepository Methods
...
Closes gh-14132
2025-07-10 11:13:37 -06:00
ee2b826362
Use setCookieCustomizer
...
Issue gh-14132
2025-07-10 11:13:21 -06:00
dadf10899c
Add WebExpressionAuthorizationManager.Builder
...
Closes gh-17504
2025-07-09 17:33:10 -06:00
c06b1f4916
Remove LazyCsrfTokenRepository
...
Closes gh-13196
2025-07-09 13:47:06 -06:00
e48fdd5ed4
Use UserWebTestClientConfigurer
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Closes gh-17496
2025-07-07 15:15:51 -05:00
74771a3d42
Merge branch '6.5.x'
2025-07-07 11:43:25 -06:00
ea3ba62022
Correct Servlet Path JavaDoc
...
Initially PathPatternRequestMatcher was designed to match relative
to the servlet path. However, this was changed to be relative to
the context path. This commit updates the documentation and removes
references to the servlet path other than in the context of setting
a basePath to remove boilerplate.
Issue gh-16430
2025-07-07 11:34:29 -06:00
596d44757a
Remove RequestVariablesExtractor
...
Closes gh-17308
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-03 14:41:12 -06:00
9312fb7004
Remove Deprecated AuthorizationDecision Elements
...
Closes gh-17299
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 14:32:49 -06:00
d3e9e3138d
Remove AntPath and MvcRequestMatcher
...
Closes gh-16886
Closes gh-16887
2025-07-03 13:37:50 -06:00
e8ed0f1b03
Use PathPatternRequestMatcher in web
...
Issue gh-16887
2025-07-03 13:37:48 -06:00
3e53cc2c4a
Use PathPatternRequestMatcher in config
...
This commit changes the config module to use
PathPatternRequestMatcher in favor of
MvcRequestMatcher and AntPathRequestMatcher.
This allows removing several HandlerMappingIntrospector
support classes as well which were in place to
support MvcRequestMatcher.
Issue gh-16886
Issue gh-16887
2025-07-03 13:37:47 -06:00
f709a9efef
Add pathPattern Factory Methods
...
Closes gh-17476
2025-07-03 13:37:47 -06:00
98686a5139
Standardize Mock Request Paths
...
Closes gh-17449
2025-07-03 13:37:47 -06:00
d869686d09
Add TestMockHttpServleRequests
...
Closes gh-17450
2025-07-03 13:37:46 -06:00
081c92a9e5
Improve logging clarity in CsrfFilter
...
Update toString() method in DefaultRequiresCsrfMatcher to better reflect its logic during trace-level logging.
Closes gh-17250
Signed-off-by: Deep Dhamala <dhamaladeep2@gmail.com>
2025-07-03 13:00:55 -06:00
890049c6f7
Merge remote-tracking branch 'origin/6.5.x'
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-07-02 13:19:00 -06:00
25d51a0d99
Include HTTP Method in equals and hashCode
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17180
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-07-02 13:18:36 -06:00
709f5db0e5
Polish Webauthn4JRelyingPartyOperations
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-17 13:35:52 -05:00
092bbfc8e7
ReactiveAuthorizationManager replace deprecated #check calls with #authorize
...
Closes gh-16936
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
b0cecb37d2
Replace deprecated #check calls with #authorize
...
Closes gh-16936
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
2025-06-12 11:11:49 -06:00
2b740b7f1f
Update SubjectX500PrincipalExtractor Javadoc
...
- Provide more details on how the principalName is extracted
- Update to specify an OID is used for emailAddress
2025-06-12 12:09:20 -05:00
f690a7f3df
Encapsulate extractPrincipalNameFromEmail property
...
This simplifies the logic when extracting the principal and allows
more flexibility in the future by allowing the format and regex to be
added as setters.
2025-06-12 12:09:20 -05:00
5f2efbea6a
Remove unused statement
2025-06-12 12:09:20 -05:00
aba437d469
Add Support SubjectX500PrincipalExtractor
...
Closes gh-16980
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-12 12:09:20 -05:00
98c3453aa4
Merge branch '6.5.x'
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
2025-06-06 07:19:08 -04:00
d622183e62
Merge branch '6.4.x' into 6.5.x
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Closes gh-17216
2025-06-06 07:06:12 -04:00
a377175455
Merge branch '6.3.x' into 6.4.x
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Closes gh-17215
2025-06-06 06:50:45 -04:00
b0f8aa5ea0
Fix to allow multiple AuthenticationFilter instances to process each request
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Closes gh-17173
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-06-06 06:37:03 -04:00
215547f8c8
Use UsernameNotFoundException Factory
...
Issue gh-17179
2025-05-28 14:13:02 -06:00
f4b8e2421a
Add Support Credentialless COEP Header
...
Closes gh-16991
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-05-23 14:45:59 -06:00
9ba5c7b2ce
Add SwitchUserGrantedAuthority to Web Jackson Module
...
Closes gh-17041
Signed-off-by: John Niang <johnniang@foxmail.com>
2025-05-23 14:42:54 -06:00
8e2067bb3e
Remove deprecated `MemberCategory#DECLARED_FIELDS`
...
Issue gh-16889
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-23 14:36:54 -06:00
c9bbf3787b
Merge branch '6.5.x'
2025-05-23 11:36:22 -06:00
8aaa9c28fa
Merge branch '6.4.x' into 6.5.x
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-05-23 11:36:01 -06:00
2989d12743
Merge branch '6.3.x' into 6.4.x
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-05-23 11:35:25 -06:00
c0568ea9b0
Log Request Mismatch Only When Mismatches
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>
2025-05-23 11:34:48 -06:00
50f8ad55a8
Remove Redundant Punctation in JavaDoc
...
Signed-off-by: universe <daofei8754@126.com>
2025-05-23 10:05:27 -05:00
e19c9995ae
Merge branch '6.5.x'
2025-05-19 09:46:36 -06:00
78dd02a4c1
Merge branch '6.4.x' into 6.5.x
...
Closes gh-17147
2025-05-19 09:46:24 -06:00
edc8735eb8
Merge branch '6.3.x' into 6.4.x
...
Closes gh-17146
2025-05-19 09:46:10 -06:00
cae3467a8d
Improve AbstractPreAuthenticatedProcessingFilter docs
...
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Clarify misleading SecurityContextRepository setter documentation.
Note that AbstractPreAuthenticatedProcessingFilter saves the
SecurityContext upon successful authentication, and this behavior
can be customized via the setSecurityContextRepository setter.
Closes gh-14137
Signed-off-by: Mark Putsiata <m.putsiata@gmail.com>
2025-05-19 09:45:53 -06:00
86550fb84b
Cleanup code
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-13 12:40:18 -06:00
d48c463c03
Add logging to CsrfTokenRequestHandler implementations
...
Add trace-level logging to show the logical path of CSRF token processing
- Log token source (header or parameter) in resolveCsrfTokenValue
- Log request attribute names in handle methods
- Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding)
- Add similar logging to XorServerCsrfTokenRequestAttributeHandler
Improves debugging capabilities without changing functionality.
Closes gh-13626
Signed-off-by: yybmion <yunyubin54@gmail.com>
2025-05-12 18:49:40 -06:00
a90ce5142c
Add logging to CsrfTokenRequestHandler implementations
...
Add trace-level logging to show the logical path of CSRF token processing
- Log token source (header or parameter) in resolveCsrfTokenValue
- Log request attribute names in handle methods
- Log failures in XorCsrfTokenRequestAttributeHandler (especially Base64 decoding)
- Add similar logging to XorServerCsrfTokenRequestAttributeHandler
Improves debugging capabilities without changing functionality.
Closes gh-13626
Signed-off-by: yybmion <yunyubin54@gmail.com>
2025-05-12 18:48:45 -06:00
1e4dd713c5
Remove APPLICATION_JSON_UTF8 usage
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-05-07 14:59:14 -05:00
6118587ff8
SavedCookieMixinTests uses readValue(String,Object.class)
...
The test should not provide SavedCookie.class to the ObjectMapper
since this is not done in production. In particular, it provides the
type that it should be deserialized, but this must be provided in the
JSON since the type is unknown at the time of deserialization.
Issue gh-17006
2025-05-07 14:55:54 -05:00
241c3cd35a
Remove deprecated Cookie usage
...
Remove usage of comment and verison usage
Signed-off-by: M-Faheem-Khan <faheem5948@gmail.com>
2025-05-07 14:55:54 -05:00
5f833fa236
Fix Checkstyle Errors
2025-05-07 10:50:41 -05:00
7fda87aecd
Remove deprecated methods from CookieServerCsrfTokenRepository
2025-05-07 10:50:41 -05:00
b453840c0a
HttpHeaders no longer a MultiValueMap
...
Closes gh-17060
2025-05-06 13:27:13 -05:00
e5e962ef90
Jakarta Cookie HttpOnly Serialization
...
The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".
This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
2025-05-06 13:27:13 -05:00
607705347c
MediaType.sortBySpecificityAndQuality->sortBySpecificity
...
Closes gh-17059
2025-05-06 13:26:17 -05:00
66319fc3bc
MockServerHttpRequest.method(String,String)->method(HttpMethod,String)
...
Closes gh-17058
2025-05-06 13:26:16 -05:00
cb0fdef236
Remove MediaType.APPLICATION_JSON_UTF
...
Closes gh-17050
2025-05-06 13:26:14 -05:00
6624e302ac
Favor Spring Framework NonNull over Reactor NonNull
...
Signed-off-by: Zhoudong <jearton@users.noreply.github.com>
2025-05-06 10:52:05 -06:00
aa338e9b0d
Merge branch '6.4.x'
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-05-02 10:58:22 -06:00
57fc29e614
Merge branch '6.3.x' into 6.4.x
...
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17032
2025-05-02 10:57:55 -06:00
e48f26e51e
Propagate StrictFirewallRequest Wrapper
...
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-16978
2025-05-02 10:57:07 -06:00
c855453e40
Fix Typo In SubjectDnX509PrincipalExtractorTests
...
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-04-29 12:25:41 -06:00
29380a87a0
Polish javadoc
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-04-23 14:36:45 -06:00
8525f0e3fd
Add FunctionalInterface To X509PrincipalExtractor
...
Closes gh-16949
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-04-23 14:27:42 -06:00
7d6bdfedc8
Add Null Guard for Authorization Result
2025-04-23 12:11:10 -06:00
0ab01eac14
Update Deprecated Security Usage
2025-04-23 12:11:08 -06:00
216680bb50
Update Deprecated Spring Jdbc Usage
2025-04-23 11:29:18 -06:00
2ad859a63c
Add Missing Deprecation Markers
2025-04-23 11:29:18 -06:00
3f7f3dabe7
Correct JavaDoc Class Reference
2025-04-23 11:29:18 -06:00
9908d96644
DeferredCsrfToken Implements Supplier
...
Closes gh-16870
Signed-off-by: Daeho Kwon <trewq231@naver.com>
2025-04-09 14:24:11 -06:00
f93a7a2f85
Deprecate HandlerMappingIntrospectorRequestTransformer
...
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-16536
2025-04-07 13:56:18 -06:00
8cbe02e3aa
Update WebAuthn Test Objects Class Names
...
Closes gh-16604
Signed-off-by: chu3la <elmansouri.houssam@gmail.com>
2025-04-03 16:33:34 -06:00
4cdc6dab21
Fix Formatting
...
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-16604
2025-04-03 12:55:51 -06:00
04d7130975
Update WebAuthn Test Objects Class Names
...
Renamed the WebAuthn test object class names
Closes gh-16604
Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>
2025-04-03 12:55:50 -06:00
b7d399ab89
Merge branch '6.4.x'
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-04-01 12:02:53 -06:00
Josh Cummings
Steve Riesenberg
Rob Winch
Nikita Konev
Jaehwan Lee
Andrey Litvitski
Tim Boeckstaens
DingHao
Tran Ngoc Nhan
Deep Dhamala
Evgeniy Cheban
Max Batischev
Joe Grandja
John Niang
Joaquin Santana
universe
Mark Putsiata
yybmion
M-Faheem-Khan
milaneuh
Zhoudong
Daeho Kwon
chu3la
Vasanth