4775fe41db
Merge branch '6.5.x'
2025-07-29 09:28:20 -06:00
a9fcec8b46
Merge branch '6.4.x' into 6.5.x
2025-07-29 09:27:47 -06:00
452d311a9b
Merge remote-tracking branch 'origin/6.3.x' into 6.4.x
2025-07-29 09:27:23 -06:00
edcb3b024e
Update Shibboleth repository URL
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Signed-off-by: Bernie Schelberg <bernard.schelberg@invicara.com>
2025-07-29 09:26:42 -06:00
0c42b61cc1
Restore legacy-websocket-configuration Link
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
In this way, links to this section will still arrive at something
helpful.
Issue gh-17295
2025-07-10 15:03:10 -06:00
2c87270dbc
Use authorizeHttpRequests
...
Issue gh-15174
2025-07-09 17:33:11 -06:00
dadf10899c
Add WebExpressionAuthorizationManager.Builder
...
Closes gh-17504
2025-07-09 17:33:10 -06:00
c312d18191
Add Publishing Predicate
...
Closes gh-17503
2025-07-09 17:33:10 -06:00
901b386ca6
Merge branch '6.5.x'
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-07-09 14:11:14 -06:00
9209a33678
Remove References to Deprecated OpenSaml Components
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-11658
2025-07-09 14:10:33 -06:00
02d69ec864
Keep EnableWebMvcSecurity Link
...
So that links across the Internet that are pointed at
#mvc-enablewebmvcsecurity still arrive at a relevant place,
this commit re-adds the mvc-enablewebmvcsecurity link, even
though @EnableWebMvcSecurity itself is now removed.
Issue gh-17294
2025-07-07 13:46:03 -06:00
a439bc65d6
Remove EnableWebMvcSecurity
...
Closes gh-17294
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:46:03 -06:00
242956a63c
Remove deprecated elements from DaoAuthenticationProvider
...
Closes gh-17298
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-07 13:38:34 -06:00
9312fb7004
Remove Deprecated AuthorizationDecision Elements
...
Closes gh-17299
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-07-03 14:32:49 -06:00
ce107795d8
Fix Broken JavaDoc Link
...
Issue gh-16886
2025-07-03 14:14:00 -06:00
b71a66bdaa
Use PathPatternRequestMatcher in docs
...
Issue gh-16886
Issue gh-16887
2025-07-03 13:37:50 -06:00
e869bcdfa3
Remove deprecated implementations of OAuth2AccessTokenResponseClient
...
Closes gh-16909
2025-07-03 14:23:23 -04:00
cfe38957d7
Remove Resource Owner Password Credentials grant
...
Closes gh-17446
2025-07-03 14:23:23 -04:00
e686ac6b11
Remove AbstractSecurityWebSocketMessageBrokerConfigurer
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-06-24 12:56:05 -06:00
777447e1d9
Format authorizeHttpRequests Blocks
...
This commit formats authorizeHttpRequests blocks
to use the same parameter name and places the
reference on the same line as the parameter.
Issue gh-13067
2025-06-20 10:46:51 -06:00
c43afbf5e1
Format Lambda Expressions
...
This commit updats lambda expressions so that
their variable is surrounded in parentheses.
Issue gh-13067
2025-06-20 10:41:29 -06:00
6ddb964c61
Remove ApacheDS Support
...
Closes gh-13852
2025-06-19 11:55:34 -06:00
b2325e4176
Add OAuth Support for HTTP Interface Client
...
Closes gh-16858
2025-06-17 09:53:51 -05:00
e3add59550
Update x509 Reference
...
- Use include-code
- Demo how to customize SubjectX500PrincipalExtractor
2025-06-12 12:09:20 -05:00
7bf2730a53
Add x509@principal-extractor-ref
...
Enables customizing the X500PrincipalExtractor
2025-06-12 12:09:20 -05:00
88ed4a5ccf
Use principalExtractor reference instead of properties
2025-06-12 12:09:20 -05:00
aba437d469
Add Support SubjectX500PrincipalExtractor
...
Closes gh-16980
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-12 12:09:20 -05:00
9b724377ce
Rework Saml2 Authentication Statement
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
This commit separates the authentication principal, the assertion details,
and the relying party tenant into separate components. This allows the
principal to be completely decoupled from how Spring Security triggers and
processes SLO.
Specifically, it adds Saml2AssertionAuthentication, a new authentication
implementation that allows an Object principal and a Saml2ResponseAssertionAccessor
credential. It also moves the relying party registration id from
Saml2AuthenticatedPrincipal to Saml2AssertionAuthentication.
As such, Saml2AuthenticatedPrincipal is now deprecated in favor of
placing its assertion components in Saml2ResponseAssertionAccessor and
the relying party registration id in Saml2AssertionAuthentication.
Closes gh-10820
2025-06-10 17:21:03 -06:00
d0db5e3ea3
Update database-schema.adoc
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
docs: match the database schema with https://github.com/spring-projects/spring-security/blob/6.5.0/docs/modules/ROOT/pages/servlet/authentication/passwords/jdbc.adoc
Signed-off-by: Lidoca <32785562+Lidoca@users.noreply.github.com>
2025-06-09 22:17:57 -05:00
eaab42a73c
Polish BearerTokenAuthenticationConverter Support
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
- Moved to BearerTokenAuthenticationFilter constructor to align with
AuthenticationFilter
- Undeprecated BearerTokenResolver to reduce number of migration scenarios
- Updated to 7.0 schema
- Added migration docs
Issue gh-14750
2025-06-04 18:17:17 -06:00
4967f3feee
Add Support BearerTokenAuthenticationConverter
...
Closes gh-14750
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-06-04 18:17:17 -06:00
1a4de49977
Create CsrfCustomizer for SPA configuration
...
Closes gh-14149
Signed-off-by: Felix Hagemans <felixhagemans@gmail.com>
2025-05-27 11:44:33 -06:00
cd27290260
Merge branch '6.5.x'
...
Closes gh-17163
2025-05-22 15:01:27 -05:00
6eee256e12
Demonstrate include-code usage
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Closes gh-17161
2025-05-22 14:59:35 -05:00
45e81c2d0a
Merge branch '6.5.x'
2025-05-21 14:44:23 -06:00
7d49c41e03
Merge branch '6.4.x' into 6.5.x
2025-05-21 14:44:03 -06:00
fbfb28456a
Merge branch '6.3.x' into 6.4.x
2025-05-21 14:43:44 -06:00
a4cd6f4278
Advise Overriding equals() and hashCode() in UserDetails Implementations
...
This commit adds a documentation note explaining the importance of
overriding equals() and hashCode() in custom UserDetails implementations.
The default SessionRegistryImpl in Spring Security uses an in-memory
ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to
associate principals with sessions. If a custom UserDetails class does
not properly override equals() and hashCode(), user sessions may not
be tracked or matched correctly.
I believe this helps developers avoid subtle session management issues
when implementing custom authentication logic.
Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>
2025-05-21 12:41:44 -06:00
07a50b460a
Merge branch '6.5.x'
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-05-15 18:17:05 -06:00
02a516d7f2
Merge branch '6.4.x' into 6.5.x
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-05-15 18:16:53 -06:00
70c940fd4f
Merge branch '6.3.x' into 6.4.x
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-05-15 18:16:44 -06:00
eb30fd7f59
Add Missing Header
...
CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-11161
2025-05-15 18:16:36 -06:00
b5db32994f
Merge branch '6.5.x'
2025-05-15 17:20:23 -06:00
8548d8e18a
Merge branch '6.4.x' into 6.5.x
2025-05-15 17:20:08 -06:00
fbdf4a88a0
Merge branch '6.3.x' into 6.4.x
2025-05-15 17:19:55 -06:00
260d298cc5
Add Migration Guide from Spring Security SAML Extension
...
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.
Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback
Closes gh-11161
Signed-off-by: snowykte0426 <snowykte0426@naver.com>
2025-05-15 17:17:43 -06:00
0698d3527d
Merge branch '6.5.x'
2025-05-13 11:18:43 -06:00
26f359a4db
Merge branch '6.4.x' into 6.5.x
2025-05-13 11:18:31 -06:00
5ba4ab5e11
Merge branch '6.3.x' into 6.4.x
2025-05-13 11:18:02 -06:00
27319e3f9b
Add missing registration property in YAML listing
...
Signed-off-by: Danilo Piazzalunga <danilopiazza@gmail.com>
2025-05-13 11:17:35 -06:00
Josh Cummings
Bernie Schelberg
Tran Ngoc Nhan
Joe Grandja
Rob Winch
Max Batischev
Lidoca
Felix Hagemans
Gurunathan
snowykte0426
Danilo Piazzalunga