5d8cf6a8bc
Polish gh-13588
2024-09-19 12:08:48 -05:00
4a9a350ed0
Update websocket integration docs
2024-09-18 11:50:57 -07:00
e27e8dfcd5
Merge branch '6.3.x'
2024-09-17 18:25:42 -06:00
dfce3a280d
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15822
2024-09-17 18:25:29 -06:00
1a0203ecf6
Fix AuthorizationManager API Documentation Typo
...
Closes gh-15704
2024-09-17 18:25:08 -06:00
8bb5875595
Expose OidcBackChannelLogoutHandler
...
This component already uses by default a URI that doesn't require
a CSRF token and aalready allows for configuring a cookie name.
So, by making it public and configurable in the DSL, both
of these tickets quite naturally close.
Closes gh-13841
Closes gh-14904
2024-09-15 21:30:55 -07:00
a939c100fc
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15808
2024-09-13 16:08:33 -05:00
1782f17e7f
Merge branch '5.8.x' into 6.2.x
...
Closes gh-15807
2024-09-13 16:08:04 -05:00
0a4eb0f09a
Update credential erasure examples
...
Closes gh-15683
2024-09-13 16:07:47 -05:00
243f0f87cd
Update credential erasure examples
...
Closes gh-15683
2024-09-13 16:06:01 -05:00
f8a78f1864
Update What's New
2024-09-13 15:55:47 -05:00
8bab9bcce8
Polish whats-new.adoc
2024-09-13 11:28:39 -05:00
0618d4e03f
Provide Runtime Hints for Beans used in Pre/PostAuthorize Expressions
...
Closes gh-14652
2024-09-13 08:42:14 -03:00
fc3de5e41a
Rework Method Security Reactive Docs
2024-09-10 12:01:29 -07:00
784e074a48
Document Programmatic Authorization in Reactive
2024-09-10 12:01:29 -07:00
ef8b0addbb
Support custom MethodSecurityExpressionHandler
...
Closes gh-15715
2024-09-10 12:01:29 -07:00
fd5d03d384
Add AuthorizeReturnObject Hints
...
Closes gh-15709
2024-09-10 11:57:31 -07:00
9b6ac637c9
Merge branch '6.3.x'
2024-09-10 12:51:08 -06:00
01eb41cac4
Merge branch '6.2.x' into 6.3.x
2024-09-10 12:50:48 -06:00
b9f051d15b
docs: update
2024-09-10 11:50:11 -07:00
64920c12de
Correct Title in logout.adoc
2024-09-06 11:29:43 -07:00
6417eb7159
Document how to customize OneTimeTokenService
...
Closes gh-15743
2024-09-06 09:39:25 -03:00
81e4c7273a
Add One-Time Token Login support to Kotlin DSL
...
Closes gh-15698
2024-09-04 09:13:38 -03:00
0b98eb4139
Correct ObservationRegistry Type Reference
2024-09-03 14:28:00 -07:00
febe5e6ddf
docs: update
2024-09-03 13:51:47 -07:00
d23f283598
Corrected AuthenticationEventPublisher Type
2024-09-03 13:24:09 -07:00
00e4a8fb54
Add support for One-Time Token Login
...
Closes gh-15114
2024-09-03 10:07:56 -03:00
add5c56136
Update AuthorizeReturnObject Jackson Docs
...
Now instructs to use MethodAuthorizationDeniedHandler
Issue gh-14601
2024-08-30 11:43:47 -06:00
fd05c5ad76
Remove Advised Methods from Authorization Proxy Objects
...
Closes gh-15561
2024-08-30 10:40:25 -07:00
e39b39dada
Corrected Reference to HttpServletRequest#authenticate
2024-08-26 15:35:13 -07:00
d2e8c19789
Merge branch '6.3.x'
2024-08-26 16:33:04 -06:00
279cb89eac
Merge branch '6.2.x' into 6.3.x
2024-08-26 16:32:58 -06:00
2ba9b6821a
Fix OIDC Logout Code Snippets
2024-08-26 15:32:35 -07:00
f372f5cf52
Replace OidcSessionStrategy References with OidcSessionRegistry
2024-08-26 15:32:35 -07:00
f0f04e490e
Merge branch '6.3.x'
2024-08-26 16:25:27 -06:00
6ea33ceaea
Merge branch '6.2.x' into 6.3.x
2024-08-26 16:25:12 -06:00
47723f6d39
Fix code format in OIDC Logout docs
2024-08-26 15:14:02 -07:00
8318a42959
Update What's New for 6.4
...
Issue gh-15437
2024-08-22 13:12:33 -05:00
06febf7857
Update What's New
2024-08-21 18:19:18 -06:00
e3c19ba86c
Add RestClient interceptor
...
Closes gh-13588
2024-08-16 17:15:18 -05:00
12a9f9240c
Fix: Adjusted code formatting to remaining code examples.
2024-08-12 12:59:36 -03:00
e40c98e6d7
Deprecate PrePostTemplateDefaults
...
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.
If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.
Issue gh-15286
2024-08-10 11:46:51 -06:00
f4d9d0d54f
Document @AuthenticationPrincipal meta-annotations
...
Issue gh-15286
2024-08-10 11:46:51 -06:00
96682a1d5c
Document OpenSAML 4 vs OpenSAML 5 Support
...
Closes gh-11658
2024-08-06 18:14:12 -06:00
1da383b360
Add OpenSAML 5 Support
...
Issue gh-11658
2024-08-06 18:14:11 -06:00
1be596bb2f
Use OpenSAML API for registration
...
Issue gh-11658
2024-08-06 18:14:11 -06:00
51fc05630d
Use OpenSAML API for web.authentication.logout
...
Issue gh-11658
2024-08-06 18:14:10 -06:00
ef35c4a64a
Merge branch '6.3.x'
2024-07-29 15:10:50 -06:00
97a49e18b9
Merge branch '6.2.x' into 6.3.x
2024-07-29 15:10:32 -06:00
e51507e32d
Polish Inline Code Formatting
2024-07-29 14:08:01 -07:00
bfee6927c2
Correct Explanation for HttpSessionCsrfTokenRepository
2024-07-29 14:08:01 -07:00
e0be46ea84
Merge branch '6.3.x'
2024-07-29 13:40:27 -06:00
da65830569
Use Correct Meta-Annotation in Kotlin Sample
2024-07-29 13:39:34 -06:00
8231b8a03b
Merge branch '6.3.x'
2024-07-29 14:56:16 -03:00
c1b3b329af
Merge branch '6.2.x' into 6.3.x
2024-07-29 14:56:09 -03:00
3d4bcf1b44
fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource
...
- Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present.
- Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.
2024-07-29 14:55:55 -03:00
9d8888c5f0
Use AssertingPartyMetadata
...
Issue gh-15394
2024-07-19 18:48:23 -07:00
e6dfb63bdf
Add OpenSamlAssertingPartyMetadataRepository
...
Closes gh-12116
Closes gh-15395
2024-07-19 18:48:23 -07:00
796e4d6b6c
Add query parameter support for authn requests
...
Closes gh-15017
2024-07-13 23:57:57 -06:00
5bd4db1a13
Use javadoc macro
...
Closes gh-15386
2024-07-09 22:35:01 -05:00
f184d13096
Update the OAuth2 jwt and opaque resource server documentation with the Lambda DSL
...
The OAuth2ResourceServerConfigurer::opaqueToken() and ::jwt() methods are deprecated since Spring Security 6.1
2024-07-09 07:25:13 -07:00
290cee238d
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15380
2024-07-08 20:52:46 -06:00
f4cbaaa2dd
Fix typos and formatting in documentation
...
Closes gh-15353
2024-07-08 20:52:06 -06:00
148e7843bf
Fix typos and formatting in documentation
2024-07-08 19:51:06 -07:00
7b39800606
Add CachingRelyingPartyRegistrationRepository
...
Closes gh-15341
2024-07-01 19:43:09 -06:00
f532807836
Merge branch '6.3.x'
2024-07-01 17:20:52 -06:00
4975254124
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15340
2024-07-01 17:19:51 -06:00
99cda31579
Update prerequisites documentation
...
Raises the minimum version of the Java runtime for Spring
Security from 8 to 17
Closes gh-15323
2024-07-01 17:19:22 -06:00
48826201b1
Update architecture.adoc
...
The list of filters is printed at DEBUG level on the application startup and not INFO level, see DefaultSecurityFilterChain
2024-07-01 15:19:50 -06:00
ceb278c908
Update events.adoc
...
Changes GenericAuthenticationFailureEvent to AbstractAuthenticationFailureEvent
The class GenericAuthenticationFailureEvent does not exist.
2024-07-01 15:19:00 -06:00
e7212b37f7
Update events.adoc
...
Changes type to DefaultAuthenticationEventPublisher
Only DefaultAuthenticationEventPublisher has the method
setDefaultAuthenticationFailureEvent, but not the interface
AuthenticationEventPublisher.
2024-07-01 15:19:00 -06:00
a9aefafb76
Fix malformed list in "Using Method Parameters" documentation
2024-07-01 15:18:17 -06:00
8572764583
Merge branch '6.3.x'
...
Closes gh-15322
2024-06-28 15:34:28 -03:00
113e72f18e
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15321
2024-06-28 15:34:14 -03:00
462ce1ee91
Merge branch '5.8.x' into 6.2.x
...
Closes gh-15320
2024-06-28 15:33:59 -03:00
779030b6cd
Document the role of CredentialsContainer
...
Closes gh-15319
2024-06-28 15:33:34 -03:00
dd7472272a
Merge branch '6.3.x'
...
Closes gh-15306
2024-06-26 14:04:27 -03:00
e16ce57fbb
Use AuthenticationFailureHandler instead of @ControllerAdvice
...
Closes gh-15305
2024-06-26 14:03:44 -03:00
d5328df82d
Merge branch '6.3.x'
2024-06-24 13:02:15 -06:00
345cd9976d
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15297
2024-06-24 13:02:05 -06:00
c4f70bee4b
Fix Broken Link
...
Closes gh-15288
2024-06-24 13:01:49 -06:00
8fd9997a47
Remove outdated note
...
Closes gh-15263
2024-06-17 08:12:54 -03:00
60a6b3845d
Merge branch '6.3.x'
...
Closes gh-15246
2024-06-13 16:04:30 -05:00
5c0f1730d6
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15245
2024-06-13 16:02:51 -05:00
e41771491b
Merge branch '5.8.x' into 6.2.x
...
Closes gh-15244
2024-06-13 16:02:05 -05:00
f622d8e2e2
Polish gh-15235
2024-06-13 16:00:03 -05:00
92cab2b678
Add 'Required Dependencies' section in ldap.adoc file
...
Closes gh-14699
2024-06-13 16:00:02 -05:00
68aef2056e
Fix wrong explanation for @PostAuthorize annotation
2024-06-12 11:15:51 -03:00
725e35977b
Removed extra import word
2024-06-10 15:27:19 -06:00
5bffa4e454
Fix import for example
2024-06-10 15:27:19 -06:00
7c43fc111f
Support RoleHierarchy Bean in authorizeHttpRequests Kotlin DSL
...
Closes gh-15136
2024-06-10 15:41:28 -03:00
aa9e1b5088
Merge branch '6.3.x'
2024-06-06 17:30:15 -06:00
c3f766f3b3
Update RoleHierarchy Documentation
...
Closes gh-15208
2024-06-06 17:25:28 -06:00
24e3bb11bc
Merge branch '6.3.x'
2024-06-06 13:46:08 -06:00
bce8035bb6
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15212
2024-06-06 13:45:56 -06:00
0532659245
Fix Typo in Oidc Logout Docs
...
Closes gh-15198
2024-06-06 13:45:35 -06:00
0cbec13f87
Merge branch '6.3.x'
...
Closes gh-15206
2024-06-05 13:59:47 -03:00
e013d96758
Clarify the behavior of Concurrent Session Management when an IdP is involved
...
Closes gh-15071
2024-06-05 13:59:24 -03:00
63f48167bd
Add Kotlin support to PreFilter and PostFilter annotations
...
Closes gh-15093
2024-05-31 12:32:28 -06:00
b5e9c4cb9f
Fix wrong Kotlin syntax
2024-05-30 17:24:54 -05:00
Steve Riesenberg
ReGius-igmt
Josh Cummings
Marcus Hert Da Coregio
DingHao
Tran Ngoc Nhan
Xi Minghui
Max Batischev
Hero Wanders
Junhyunny
Robert Danczak
Taha Körkem
baezzys
Rob Winch
Antoine Rey
Seungrae
Dumitru Boldureanu
Stefan Ganzer
Marcono1234
Harsh4902
Ivanov Maxim Romanovich
Blagoja Stamatovski
Stian Jørgensrud