root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity
10,488 Commits 36 Branches 345 Tags 113 MiB
Commit Graph

96 Commits

Author SHA1 Message Date
Rob Winch 425b3501b7 Remove `@Configuration` from `@Enable*` Annotations 
This removes `@Configuration` from all `@Enable` Annotations and explicitly
adds `@Configuration` to wherever the `@Enable*` Annotations are used.

Closes gh-11653
 2022-08-09 17:00:24 -05:00
Rob Winch a5069d7e35 Fix Add @Configuration to @Enable*Security Usage 
Issue gh-6613
 2022-08-09 17:00:16 -05:00
Igor Bolic 2e66b9f6cc Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:44:01 -05:00
Joshua Sattler 040111ae9e Remove Configuration meta-annotation from Enable* annotations 
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.

Closes gh-6613

Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
 2022-07-30 03:48:42 +02:00
Marcus Da Coregio 0c549ee147 Use SHA256 by default in Remember Me 
Closes gh-11520
 2022-07-25 10:33:12 -03:00
Marcus Da Coregio dda98f333c Polish 
Make encodingAlgorithm final and add it to the constructor
Add since tags
Add more tests
 2022-07-15 10:34:36 -03:00
Marcus Da Coregio e17fe8ced9 Add SHA256 as an algorithm option for Remember Me token hashing 
Closes gh-8549
 2022-07-15 10:34:36 -03:00
Josh Cummings 35fc437559
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-14 09:25:49 -06:00
Marcus Da Coregio 9608eaa138 Clarify authorize-http-requests docs 
Issue gh-11467
 2022-07-14 10:19:31 -03:00
Marcus Da Coregio 64ba31aebb Improve docs on dispatcherTypeMatcher 
Closes gh-11467
 2022-07-14 10:08:19 -03:00
Marcus Da Coregio 6455e98745 FilterSecurityInterceptor applies to every request by default 
Closes gh-11466
 2022-07-12 10:53:03 -03:00
Tim te Beek 2c0a4337a8
Clearly end sentence in note before next sentence 2022-07-11 17:36:30 -06:00
Tim te Beek 9f4b0ca8b5
Use Collection<ConfigAttribute> in examples 
To match `org.springframework.security.access.ConfigAttribute`.
 2022-07-11 17:36:30 -06:00
Josh Cummings 148c926de0
Support AuthorizationManager for intercept-methods Element 
Closes gh-11328
 2022-07-06 13:01:57 -06:00
Josh Cummings bffe08465a
Add SecurityContextHolderStrategy XML Configuration for Messaging 
Issue gh-11061
 2022-06-27 16:24:27 -06:00
Josh Cummings 5e4e7abf15
Add SecurityContextHolderStrategy XML Configuration for Method Security 
Issue gh-11061
 2022-06-27 13:40:55 -06:00
Vinícius Hashimoto 11a74a2926 Fix method call example on documentation 2022-06-24 17:05:31 -06:00
Josh Cummings 150b81d008
Add SecurityContextHolderStrategy XML Configuration for Defaults 
Issue gh-11061
 2022-06-17 12:21:10 -06:00
sKai.fun 6b1d5ec6ae Fix title render issue of Digest Authentication document 
Closes gh-11272
 2022-06-01 15:13:06 -05:00
André Luis Gomes b9acdd5058 Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 13:43:42 +02:00
Josh Cummings 2afa9313eb
Use AuthorizationManager in <http> 
Closes gh-11305
 2022-05-31 16:01:41 -06:00
Josh Cummings ff0d85e2ac
Correct access(String) reference 
Closes gh-11280
 2022-05-27 14:51:45 -06:00
Josh Cummings f4c0fcb5ef
Add AuthorizationManager to Messaging 
Closes gh-11076
 2022-05-27 13:35:19 -06:00
Josh Cummings bbff945b95
Restore missing link text 
Issue gh-10934
 2022-05-27 13:00:20 -06:00
Josh Cummings ff0b1712b6
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:46:36 -06:00
Josh Cummings 0a64579b1e
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:46:27 -06:00
nor-ek 416f94f979 Update Junit5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:46:04 -06:00
Marcus Da Coregio a0232ed135 Add shouldFilterAllDispatcherTypes to Kotlin DSL 
Closes gh-11153
 2022-04-28 08:34:48 -03:00
Rob Winch 9a9a43a0c0 ForceEagerSessionCreationFilter 
Closes gh-11109
 2022-04-15 14:18:25 -05:00
Marcus Da Coregio 5367524030 Change the default of shouldFilterAllDispatchTypes to true 
Closes gh-11107
 2022-04-14 16:30:42 -03:00
Marcus Da Coregio 84b5c76a7b Add Option to Filter All Dispatcher Types 
Closes gh-11092
 2022-04-14 16:10:36 -03:00
Rob Winch 7be32872e9 Add DisableUrlRewritingFilter 
Closes gh-11084
 2022-04-08 16:13:24 -05:00
Pascal Verdage ed8887e0fc Fix typo 2022-04-06 11:09:15 +02:00
Johannes Graf 51a99701ad use okta as registration id 
looks like `ping` is some registration id used in the past.
 2022-03-30 14:39:39 -06:00
Josh Cummings ce720ad38e
Document Authorization Events 
Issue gh-9288
 2022-03-29 16:37:22 -06:00
Eleftheria Stein 759d983d62 Fix formatting in reference docs 2022-03-24 15:15:20 +01:00
Steve Riesenberg 428216b322 Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:50:25 -05:00
Joe Grandja 54b033078b Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:36:10 -04:00
Rob Winch 972039e65c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-12 13:31:04 -06:00
Rob Winch ae7d56d65b Add Persistence to documentation 
Closes gh-10962
 2022-03-11 13:43:11 -06:00
Norbert Nowak abd33389be Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:49:29 -07:00
Marcus Da Coregio 1762a4ce70 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 10:48:34 -03:00
Marcus Da Coregio 1cbe7a75d3 Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 10:40:26 -03:00
Talerngpong Virojwutikul 386e8a86a1 add Kotlin examples for Spring Data Integration of servlet application 2022-02-18 08:54:04 -03:00
Eleftheria Stein a2d1965c25 Add DEFAULT_USER_SCHEMA_DDL_LOCATION constant 
Closes gh-10837
 2022-02-15 11:30:45 +01:00
Yuriy Savchenko f64181ab41 Update docs to use multi-tenancy 
Closes gh-10572
 2022-02-14 17:18:48 +01:00
Eleftheria Stein 4142f06259 Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs 
Closes gh-10003
 2022-02-08 18:10:58 +01:00
giger85 85e531ec74 Fix typo in role hierarchy docs 
Closes gh-10804
 2022-02-04 16:32:47 +01:00
Eleftheria Stein 28b363551e Use lambda DSL in logout header docs 2022-02-04 16:26:51 +01:00
Ken Dombeck 13d8b69ee4 Fix broken link to SAML2 login example 2022-02-03 09:42:21 -06:00