3f74991ce9
Authentication adds FactorGrantedAuthority
...
Closes gh-18001
2025-10-03 15:20:03 -05:00
b2d76dfe66
Add GrantedAuthorities.FACTOR_*_AUTHORITY
...
Closes gh-17952
2025-09-24 09:53:56 -05:00
758b35df9c
Add Factor Tests for Authentication Providers
...
Issue gh-17933
2025-09-19 11:32:27 -06:00
e8accd0499
Add Factory Authority When Authentication Succeeds
...
Issue gh-17933
2025-09-19 11:32:26 -06:00
e7281a71c6
Polish SAML 2.0 Authentication Builder
...
Issue gh-17861
2025-09-09 14:59:14 -06:00
dd50dc0c40
Remove Generic Typing From Authentication.Builder
...
It would be better to introduce parameter types for
principal and credentials into Authentication.Builder
at the same time as doing so for Authentication
Issue gh-17861
2025-09-09 14:49:13 -06:00
a0fe6a5fee
Polish Builders
...
- Added remaining properties
- Removed apply method since Spring Security isn't using
it right now
- Made builders extensible since the authentications are
extensible
Issue gh-17861
2025-09-09 14:49:13 -06:00
a201a2b862
Add Authentication.Builder
...
This commit adds a new default method to Authentication
for the purposes of creating a Builder based on the current
authentication, allowing other authentications to be
applied to it as a composite.
It also adds Builders for each one of the authentication
result classes.
Issue gh-17861
2025-09-09 14:49:13 -06:00
c64b086878
Add SecurityAssertions
...
This commit introduces a simple, internal test API for
verifying aspects of an Authentication, like its name
and authorities.
Closes gh-17844
2025-09-03 17:53:42 -06:00
5506c487de
Remove OpenSaml4 Components
...
Issue gh-17707
2025-08-14 18:01:02 -06:00
7b1c917593
Merge branch '6.5.x'
2025-08-14 16:34:48 -06:00
4fab90b2b8
Merge branch '6.4.x' into 6.5.x
2025-08-14 15:54:16 -06:00
10948b5b7a
Make OpenSamlAssertingPartyDetails Serializable
...
Closes gh-17622
2025-08-14 15:52:58 -06:00
eeb383ac46
Fix Checkstyle
...
Issue gh-17623
2025-08-07 14:32:18 -06:00
6d1a886f92
Deprecate SERIAL_VERSION_UID
...
Closes gh-17623
2025-08-07 11:09:35 -06:00
1a56023f7f
Use Spring Framework Nullability Annotations
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-31 10:18:51 -06:00
f6cb0bd610
Merge Use 2004-present Copyright Header
...
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
2025-07-29 10:52:42 -05:00
2fdca16c1a
Merge branch '6.4.x' into 6.5.x
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17634
2025-07-29 09:47:52 -05:00
392129b616
Use 2004-present Copyright Header
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.
The commit updated etc/checkstyle/header.txt
It also updated the copyright headers using the following find/replace:
Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.
Closes gh-17633
2025-07-29 09:45:23 -05:00
da182a2d7c
Remove Deprecated OpenSaml Components
...
Closes gh-17306
2025-07-09 14:06:51 -06:00
7da352129c
Use PathPatternRequestMatcher in saml2
...
Issue gh-16887
2025-07-03 13:37:48 -06:00
98686a5139
Standardize Mock Request Paths
...
Closes gh-17449
2025-07-03 13:37:47 -06:00
1583c90433
Remove Unused Method in TestOpenSamlObjects
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
a9e28a2ae9
Remove OpenSamlRelyingPartyRegistration
...
Issue gh-17309
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
8c100c5c27
Update RelyingPartyRegistration JavaDoc
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
4d524b1fe1
Remove RelyingPartyRegistration Deprecations
...
Closes gh-17309
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 13:15:44 -06:00
e8f920e0ee
Polish JdbcAssertingPartyMetadataRepository
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
- Remove GetBytes since it's not used yet
- Remove customizable RowMapper since this can be added
later
- Change signing_algorithms to be a String since the conversion
strategy is simple
- Standardize test names
- Simplify conversion of credentials using ThrowingFunction
- Change column names to match RelyingPartyRegistration
field names
Issue gh-16012
2025-06-11 18:08:31 -06:00
2bd05128ec
Add JdbcAssertingPartyMetadataRepository#save
...
Issue gh-16012
Co-Authored-By: chao.wang <chao.wang@zatech.com>
2025-06-11 18:08:31 -06:00
e2e42a5580
Fix Checkstyle
...
Issue gh-16012
2025-06-11 18:08:31 -06:00
16fd24c002
Add JdbcAssertingPartyMetadataRepository
...
Closes gh-16012
Signed-off-by: chao.wang <chao.wang@zatech.com>
2025-06-11 18:08:31 -06:00
9b724377ce
Rework Saml2 Authentication Statement
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.
Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.
As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.
Closes gh-10820
2025-06-10 17:21:03 -06:00
02a8c416aa
Add NameID to SAML 2.0 Authentication Info
...
Issue gh-10820
2025-06-10 17:21:03 -06:00
36c7b91fb9
SAML 2.0 Single Logout Uses Saml2AuthenticationInfo
...
This allows SLO to be triggered without the authentication
principal needing to implement a given interface.
Issue gh-10820
2025-06-10 17:21:03 -06:00
aa3135169d
Polish Documentation
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-14635
2025-06-09 16:49:36 -06:00
3ddf201d66
Updated Copyrights
...
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
edfd7b9b43
Addressed review comments
...
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
eaf8184142
Send saml logout response even when validation errors happen
...
Signed-off-by: Liviu Gheorghe <liviu.gheorghe.ro@gmail.com>
2025-06-09 16:45:24 -06:00
f73f253beb
Add Switch for Processing GET Requests
...
Issue gh-17099
2025-06-03 13:12:37 -06:00
32c7e8a6ee
Use Saml2Error Static Factories
2025-06-03 13:12:37 -06:00
3de7312658
Add Saml2Error Static Factories
2025-06-03 13:12:37 -06:00
8953f464fb
Add Switch for Processing GET Requests
...
Closes gh-17099
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-03 13:10:45 -06:00
9df3a57d9e
Merge branch '6.4.x'
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
Execute Gradle Wrapper Upgrade / Execution (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-04-28 11:27:17 -06:00
868342b3a9
Add OpenSAML 5 Test
...
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
Trigger Dependabot Auto Merge Forward / Trigger Workflow (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Issue gh-17008
2025-04-28 11:25:31 -06:00
ce000ed190
Merge branch '6.3.x' into 6.4.x
...
Closes gh-17008
2025-04-28 11:18:46 -06:00
5354e4d2c5
Check for Null Issuer
...
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
Trigger Dependabot Auto Merge Forward / Trigger Workflow (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Closes gh-16989
2025-04-28 11:18:32 -06:00
834370d8eb
Update Deprecated Spring Web Usage
2025-04-23 11:29:19 -06:00
3f7f3dabe7
Correct JavaDoc Class Reference
2025-04-23 11:29:18 -06:00
b79d81a80f
Merge branch '6.4.x'
2025-04-21 08:32:54 -06:00
f8d417dc03
Preserve Encrypted Elements
...
Closes gh-16367
2025-04-21 08:32:07 -06:00
3869b13e68
Add ResponseAuthenticationConverter
...
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.
Closes gh-12136
2025-04-09 17:38:24 -06:00
Rob Winch
Josh Cummings
Tran Ngoc Nhan
chao.wang
Christian Schuster
Liviu Gheorghe