root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 8 Packages Projects Releases Wiki Activity
18,638 Commits 58 Branches 351 Tags 115 MiB
Commit Graph

113 Commits

Author SHA1 Message Date
Josh Cummings 777447e1d9
Format authorizeHttpRequests Blocks 
This commit formats authorizeHttpRequests blocks
to use the same parameter name and places the
reference on the same line as the parameter.

Issue gh-13067
 2025-06-20 10:46:51 -06:00
Josh Cummings c43afbf5e1
Format Lambda Expressions 
This commit updats lambda expressions so that
their variable is surrounded in parentheses.

Issue gh-13067
 2025-06-20 10:41:29 -06:00
Josh Cummings 9b724377ce Rework Saml2 Authentication Statement
CodeQL Advanced / codeql-analysis-call (push) Waiting to run Details
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Has been cancelled Details 
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.

Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.

As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.

Closes gh-10820
 2025-06-10 17:21:03 -06:00
Josh Cummings 02a516d7f2
Merge branch '6.4.x' into 6.5.x
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run Details
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details
2025-05-15 18:16:53 -06:00
Josh Cummings 70c940fd4f
Merge branch '6.3.x' into 6.4.x
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run Details
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details
2025-05-15 18:16:44 -06:00
Josh Cummings eb30fd7f59
Add Missing Header
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run Details
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
Issue gh-11161
 2025-05-15 18:16:36 -06:00
Josh Cummings 8548d8e18a
Merge branch '6.4.x' into 6.5.x 2025-05-15 17:20:08 -06:00
Josh Cummings fbdf4a88a0
Merge branch '6.3.x' into 6.4.x 2025-05-15 17:19:55 -06:00
snowykte0426 260d298cc5 Add Migration Guide from Spring Security SAML Extension 
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.

Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback

Closes gh-11161

Signed-off-by: snowykte0426 <snowykte0426@naver.com>
 2025-05-15 17:17:43 -06:00
Josh Cummings 26f359a4db
Merge branch '6.4.x' into 6.5.x 2025-05-13 11:18:31 -06:00
Josh Cummings 5ba4ab5e11
Merge branch '6.3.x' into 6.4.x 2025-05-13 11:18:02 -06:00
Danilo Piazzalunga 27319e3f9b Add missing registration property in YAML listing 
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
 2025-05-13 11:17:35 -06:00
Danilo Piazzalunga ec462e8bc5 Update assertingparty property usage in YAML snippets 
Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration.*.identityprovider.*
to spring.security.saml2.relyingparty.registration.*.assertingparty.*.

Closes gh-12810.

Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
 2025-05-13 11:17:35 -06:00
Josh Cummings 3869b13e68
Add ResponseAuthenticationConverter
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.

Closes gh-12136
 2025-04-09 17:38:24 -06:00
Josh Cummings 3e686abf50
Add ResponseValidator 
Issue gh-14264
Closes gh-16915
 2025-04-09 17:32:40 -06:00
Josh Cummings a283700ef8
Add CacheSaml2AuthenticationRequestRepository
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Has been cancelled Details 
Closes gh-14793
 2025-04-03 17:43:48 -06:00
Josh Cummings 91b0936189
Add AssertionValidator
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
- Ships with support for customizing the OpenSAML validators to use
- Or, you can supply your own instance of SAML20AssertionValidator

Closes gh-15578
 2025-04-02 17:44:40 -06:00
Hao 6159e089d4 Fix inline code formatting in documentation
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
Tran Ngoc Nhan 40f8ac642a Fix Documentation Typos 2024-12-09 17:56:00 -07:00
Harpreet Singh cc2506b0c1 Fix: Correct OpenSAML 5.x Documentation 
- Fixed invalid XML tags in dependency examples.
- Corrected typo in `<artifactId>` ("opensaml-saml-imple" -> "opensaml-saml-impl").
- Excluded all OpenSAML 4.x dependencies.
- Removed redundant dependencies (`opensaml-core-api` and `opensaml-core-impl`) as they are transitively included in `opensaml-saml-api` and `opensaml-saml-impl`.

Closes gh-16191
 2024-12-04 13:42:03 -07:00
James Howe aa635b02a8 Another spelling issue 2024-11-22 17:18:46 -07:00
James Howe d1e6806464 Spelling error in opensaml.adoc 2024-11-22 17:18:46 -07:00
Josh Cummings 5c7237be79
Merge branch '6.3.x' 2024-11-18 12:13:20 -07:00
Josh Cummings 1414b88ef3
Merge branch '6.2.x' into 6.3.x 2024-11-18 12:13:05 -07:00
Josh Cummings ba520db7f7
Merge branch '5.8.x' into 6.2.x 2024-11-18 12:12:46 -07:00
Josh Cummings 85248083c0
Add Dark Mode CSS Style 
Closes gh-14834
 2024-11-18 12:10:48 -07:00
Junkyu Lim 4ec5beb509 Update authentication.adoc 2024-11-04 12:09:18 -06:00
Steve Riesenberg 8bab9bcce8
Polish whats-new.adoc 2024-09-13 11:28:39 -05:00
Josh Cummings 06febf7857
Update What's New 2024-08-21 18:19:18 -06:00
Josh Cummings 96682a1d5c
Document OpenSAML 4 vs OpenSAML 5 Support 
Closes gh-11658
 2024-08-06 18:14:12 -06:00
Josh Cummings 1da383b360
Add OpenSAML 5 Support 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings 1be596bb2f
Use OpenSAML API for registration 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings 51fc05630d
Use OpenSAML API for web.authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings 9d8888c5f0 Use AssertingPartyMetadata 
Issue gh-15394
 2024-07-19 18:48:23 -07:00
Josh Cummings e6dfb63bdf Add OpenSamlAssertingPartyMetadataRepository 
Closes gh-12116
Closes gh-15395
 2024-07-19 18:48:23 -07:00
Josh Cummings 796e4d6b6c
Add query parameter support for authn requests 
Closes gh-15017
 2024-07-13 23:57:57 -06:00
Rob Winch 5bd4db1a13 Use javadoc macro 
Closes gh-15386
 2024-07-09 22:35:01 -05:00
Josh Cummings 290cee238d
Merge branch '6.2.x' into 6.3.x 
Closes gh-15380
 2024-07-08 20:52:46 -06:00
Seungrae f4cbaaa2dd
Fix typos and formatting in documentation 
Closes gh-15353
 2024-07-08 20:52:06 -06:00
Seungrae 148e7843bf Fix typos and formatting in documentation 2024-07-08 19:51:06 -07:00
Josh Cummings 7b39800606
Add CachingRelyingPartyRegistrationRepository 
Closes gh-15341
 2024-07-01 19:43:09 -06:00
Marcus Hert Da Coregio 08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Josh Cummings 8893f60157
Fix http Link 
Issue gh-14944
 2024-04-23 08:07:45 -06:00
Josh Cummings 74fb626f74
Revisit Saml2Logout Docs 
Issue gh-14944
 2024-04-22 11:12:45 -06:00
Marcus Hert Da Coregio a650fe9e87 Merge branch '5.8.x' into 6.1.x 
Closes gh-14294
 2023-12-13 09:12:20 -03:00
Marcus Hert Da Coregio 6d68f403fc Document that Shibboleth Repository is Required for SAML Support 
Closes gh-14286
 2023-12-13 09:11:27 -03:00
Marcus Da Coregio 73a0dd6f50 Merge branch '6.0.x' into 6.1.x 
Closes gh-13421
 2023-06-23 10:38:52 -03:00
Marcus Da Coregio 6e2c9b421b Merge branch '5.8.x' into 6.0.x 
Closes gh-13420
 2023-06-23 10:38:21 -03:00
Marcus Da Coregio 80a5028f3f saml2Login filterProcessingUrl should be loginProcessingUrl 
Closes gh-13417
 2023-06-23 10:38:04 -03:00
Rob Winch 8407c9ebee Merge branch '6.0.x' 
Closes gh-13407
 2023-06-18 21:41:16 -05:00