root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity
11,519 Commits 38 Branches 345 Tags 114 MiB
Commit Graph

11519 Commits

Author SHA1 Message Date
Underground Hill 8b74bf9742 Updated reference to architecture page 
In the context of Servlet Authentication page, "Architecture" should probably link to "Servlet Authentication Architecture" page
 2022-09-01 09:38:10 -03:00
Marcus Da Coregio db95f6d5c5 Merge branch '5.6.x' into 5.7.x 
Closes gh-11767
 2022-08-30 10:54:50 -03:00
Marcus Da Coregio 40abf87ae6 Add buildScan to checkRemote 
Closes gh-11766
 2022-08-30 09:11:08 -03:00
Steve Riesenberg 517631eb8c
Merge branch '5.6.x' into 5.7.x 2022-08-24 16:41:16 -05:00
Steve Riesenberg 1c014eb512
Use 6.0.x instead of 3.0.x as default branch 2022-08-24 16:38:27 -05:00
Rob Winch 7d972b10db Merge branch '5.6.x' into 5.7.x 2022-08-23 13:46:56 -05:00
Rob Winch 8c69699458 Remove backportbot.yml 
Issue gh-11736
 2022-08-23 13:46:32 -05:00
Rob Winch f774c4de39 Merge branch '5.6.x' into 5.7.x 
Closes gh-11738
 2022-08-23 13:30:59 -05:00
Rob Winch fc10d5fc29 repository=spring-projects/spring-security 
Previously the repository used spring-project (missing the s)
 2022-08-23 13:30:20 -05:00
Rob Winch df785408f1 Merge branch '5.6.x' into 5.7.x 2022-08-23 13:23:15 -05:00
Rob Winch c79ebf4edf Setup Forward Merge 2022-08-22 16:19:44 -05:00
Marcus Da Coregio a8d6c1d21f Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:58:22 -03:00
Marcus Da Coregio c7912c551b Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder 
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService

Closes gh-11449
Closes gh-11726
 2022-08-19 09:51:53 -03:00
Steve Riesenberg 7c7f9380c7
Refresh remote JWK when unknown KID error occurs 
Closes gh-11621
 2022-08-18 16:54:45 -05:00
tinolazreg 888715bbb2
Add tests for unknown KID error 
Issue gh-11621
 2022-08-18 16:54:45 -05:00
Steve Riesenberg 53a3ff8932
Refresh remote JWK when unknown KID error occurs 
Closes gh-11621
 2022-08-18 16:53:45 -05:00
tinolazreg 77d11a3f9f
Add tests for unknown KID error 
Issue gh-11621
 2022-08-18 16:53:44 -05:00
jujunChen 13feb87171
Modify words 
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
 2022-08-16 14:51:36 -06:00
jujunChen d93bde7465
Modify words 
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
 2022-08-16 14:51:06 -06:00
Rob Winch faf9fb7337 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:46 -05:00
Rob Winch 9f00045638 NamespaceLdapAuthenticationProviderTests use Dynamic Port 
Closes gh-11710
 2022-08-15 15:26:30 -05:00
Rob Winch f33d7253b6 GitHubMilestoneApiTests due_on Uses LocalDate 
`GitHubMilestoneApiTests` uses `Instant.now()` for `due_on`. Since
`Instant.now()` is UTC time based,
`isMilestoneDueTodayWhenDueTodayThenTrue` fails when the computer that runs
the test is not the same day as it is in UTC time.

To fix it, `due_on` should be set to an `Instant` based upon the timezone
of the current computer.

Closes gh-11706
 2022-08-15 13:04:29 -05:00
Rob Winch d8ae2c8763 GitHubMilestoneApiTests due_on Uses LocalDate 
`GitHubMilestoneApiTests` uses `Instant.now()` for `due_on`. Since
`Instant.now()` is UTC time based,
`isMilestoneDueTodayWhenDueTodayThenTrue` fails when the computer that runs
the test is not the same day as it is in UTC time.

To fix it, `due_on` should be set to an `Instant` based upon the timezone
of the current computer.

Closes gh-11706
 2022-08-15 13:03:10 -05:00
github-actions[bot] db74e9d128 Next development version 2022-08-15 16:07:33 +00:00
github-actions[bot] c188b70c88 Next development version 2022-08-15 16:06:45 +00:00
github-actions[bot] 4559d269e0 Release 5.6.7 2022-08-15 15:25:05 +00:00
github-actions[bot] 173d74d693 Release 5.7.3 2022-08-15 15:24:54 +00:00
Josh Cummings 66cb3e02d0
Update org.springframework.data to 2021.2.2 
Closes gh-11698
 2022-08-11 14:20:52 -06:00
Josh Cummings 74675ef793
Update org.springframework to 5.3.22 
Closes gh-11697
 2022-08-11 14:20:48 -06:00
Josh Cummings a92ac82c4b
Update jsonassert to 1.5.1 
Closes gh-11696
 2022-08-11 14:20:45 -06:00
Josh Cummings db638c2a77
Update org.jetbrains.kotlinx to 1.6.4 
Closes gh-11695
 2022-08-11 14:20:41 -06:00
Josh Cummings f884527c1b
Update hibernate-entitymanager to 5.6.10.Final 
Closes gh-11694
 2022-08-11 14:20:38 -06:00
Josh Cummings dbd174418f
Update org.eclipse.jetty to 9.4.48.v20220622 
Closes gh-11693
 2022-08-11 14:20:35 -06:00
Josh Cummings 2eeee99d2e
Update io.projectreactor to 2020.0.22 
Closes gh-11691
 2022-08-11 14:20:28 -06:00
Josh Cummings e8c56420bf
Update mockk to 1.12.5 
Closes gh-11690
 2022-08-11 14:20:24 -06:00
Marcus Da Coregio 627809d2dc Update org.springframework.data to 2021.1.6 
Closes gh-11686
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio 4b1d7e9479 Update org.springframework to 5.3.22 
Closes gh-11685
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio d9980a4dfe Update jsonassert to 1.5.1 
Closes gh-11684
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio 8eb7e589eb Update hibernate-entitymanager to 5.6.10.Final 
Closes gh-11683
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio 0d7dce9d71 Update org.eclipse.jetty to 9.4.48.v20220622 
Closes gh-11682
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio da09788be9 Update io.projectreactor to 2020.0.22 
Closes gh-11680
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio ead587c597 Consistently handle RequestRejectedException if it is wrapped 
Closes gh-11645
 2022-08-09 08:32:42 -03:00
Marcus Da Coregio 6a2ca52aae Consistently handle RequestRejectedException if it is wrapped 
Closes gh-11645
 2022-08-09 08:32:10 -03:00
Rob Winch 269c711a64 RequestAttributeSecurityContextRepository never null SecurityContext 
Previously loadContext(HttpServletRequest) could return a Supplier that
returned a null SecurityContext

This commit ensures that null is never returned by the Supplier by
returning SecurityContextHolder.createEmptyContext() instead.

Closes gh-11606
 2022-08-08 13:52:56 -05:00
Steve Riesenberg 99f768bab9 Polish HttpSecurity 2022-07-29 17:43:00 -05:00
Steve Riesenberg 984355e637 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:43:00 -05:00
Steve Riesenberg 09173c95d6 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:43:00 -05:00
Steve Riesenberg 02459919cc
Skip workflows on forks of spring-security 2022-07-28 15:13:56 -05:00
Steve Riesenberg 57d212ddca
Use cache and user.name system property on Windows 2022-07-28 15:13:55 -05:00
Steve Riesenberg 539b17f6da
Only run prerequisites job if on upstream repo 2022-07-28 15:13:54 -05:00