root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity
19,591 Commits 48 Branches 362 Tags 122 MiB
Commit Graph

301 Commits

Author SHA1 Message Date
Rob Winch d0372efadd
Use include-code for password4j docs 
This follows the new convention of using include-code going forward to
ensure that the documentation compiles and is tested. This also corrected
a few errors in custom params for Ballooning and PBKDF2 examples.

Issue gh-17706
 2025-09-15 11:03:44 -05:00
Mehrdad 2d74f9c334 Create a specific implementation for BalloonHashing and PBKDF2 password encoders using Password4j library 
Closes gh-17706

Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
Mehrdad 8c2ad4e4d1 Add Argon2 and BCrypt and Scrypt password encoders using Password4j library 
Closes gh-17706

Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
M.Bozorgmehr 9f5d27e8d0 Refactor Password4jPasswordEncoder to use AlgorithmFinder for algorithm selection and enhance documentation 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:40 +03:30
M.Bozorgmehr bd593a63d0 Refactor Password4jPasswordEncoder to use AlgorithmFinder for algorithm selection and enhance documentation 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>

Add Password4jPasswordEncoder for enhanced password hashing support

Signed-off-by: M.Bozorgmehr <m.bozorgmehr@emofid.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>

Add Password4jPasswordEncoder for enhanced password hashing support

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:40 +03:30
Rob Winch f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch 7c887d2da1
Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
Rob Winch 9db1ffbd79
Add Nullability to spring-security-crypto 
Closes gh-17533
 2025-07-22 16:29:13 -05:00
Soumik Sarker 2f53a2edb3 Removed deprecated Base64 of crypto package 
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-06-27 14:24:54 -05:00
Andrey Litvitski 3b492a9628 remove 32-byte minimum keyLength restriction in `Base64StringKeyGenerator` (#17012) 
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-05-14 11:41:30 -05:00
Rob Winch d52289bd7a Remove Unnecessary Backwards Compatability 
Since this is going to be merged into Spring Security 7 (a major release) and AESFastEngine is deprecated,
we should no longer support it (as it will likely be removed from Bouncy Castle)
 2025-05-07 11:19:27 -05:00
Steve Riesenberg 5eb232cd3d Polish gh-16164 2025-05-07 11:19:27 -05:00
Ferdinand Jacobs 2b22cf2877 Replace BouncyCastle's deprecated AESFastEngine with the default AESEngine 
- Update AESEngine to use the default AES engine, following BouncyCastle's recommendations
  (see release-1-56 of changelog: https://www.bouncycastle.org/download/bouncy-castle-java/?filter=java%3Drelease-1-56).
- Migrate to the latest API 'newInstance()' method to allow removal of @SuppressWarnings("deprecation")
- Remove @SuppressWarnings("deprecation")
 2025-05-07 11:19:27 -05:00
Rob Winch a80592a707
Use commons-logging directly 
Closes gh-17061
 2025-05-06 13:27:13 -05:00
Josh Cummings eda9142b6b
Merge branch '6.4.x' 2025-04-28 11:13:50 -06:00
Josh Cummings e6957bb854
Merge branch '6.3.x' into 6.4.x 2025-04-28 11:13:09 -06:00
Josh Cummings 547d174f3e Fix Formatting
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details
Trigger Dependabot Auto Merge Forward / Trigger Workflow (push) Waiting to run Details
2025-04-24 10:43:03 -06:00
Roman Trapickin d2d1275b39 Fix IllegalArgumentException message for unknown Argon2 types 
Array index 0 points to an empty string. Use index 1 instead.

Signed-off-by: Roman Trapickin <8594293+rntrp@users.noreply.github.com>
 2025-04-24 10:43:03 -06:00
Joe Grandja ef4479a554 Merge branch '6.4.x'
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details
2025-04-17 05:31:29 -04:00
Joe Grandja cb60d8b3ed Merge branch '6.3.x' into 6.4.x
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details
Trigger Dependabot Auto Merge Forward / Trigger Workflow (push) Waiting to run Details 
Closes gh-16951
 2025-04-17 05:17:38 -04:00
Joe Grandja c1aa99fdd2 Enforce BCrypt password length for new passwords only
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details
Trigger Dependabot Auto Merge Forward / Trigger Workflow (push) Waiting to run Details 
Closes gh-16802
 2025-04-17 04:53:33 -04:00
James Howe 8d7f6acab6 Typo in Base64StringKeyGenerator exception message 
Signed-off-by: James Howe <675056+OrangeDog@users.noreply.github.com>
 2025-04-08 09:56:14 -06:00
Rob Winch e6223dede3
Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch 05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Joe Grandja b97b555fde Merge branch '6.4.x' 2025-03-17 14:05:46 -04:00
Joe Grandja 806a0474f4 Merge branch '6.3.x' into 6.4.x 2025-03-17 13:52:36 -04:00
Joe Grandja 46f0dc6dfc Enforce BCrypt password length 2025-03-17 13:23:27 -04:00
Christian b56650100a
Removes the use of `StringUtils` from `DelegatingPasswordEncoder` 
Closes gh-16442

Signed-off-by: Christian Hösel <ChristianHoesel@users.noreply.github.com>
 2025-01-31 15:43:24 -06:00
Josh Cummings 244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Joe Grandja c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja 709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Jonny Coddington b90851d968 Improve Error Messages for PasswordEncoder 
Closes gh-14880

Signed-off-by: Jonny Coddington <bottlerocketjonny@protonmail.com>
 2024-09-17 14:16:08 -07:00
Marcus Hert Da Coregio 08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Josh Cummings 9d486ee4f4
Merge branch '6.1.x' into 6.2.x 2024-04-26 17:21:14 -06:00
Josh Cummings 1b8cf6cc55
Merge branch '5.8.x' into 6.1.x 2024-04-26 17:21:06 -06:00
Josh Cummings e5ee45d568
Fix Import Error 
Issue gh-14880
 2024-04-26 17:20:53 -06:00
Josh Cummings e7610027ae
Merge branch '6.1.x' into 6.2.x 
Closes gh-14974
 2024-04-26 17:13:52 -06:00
Josh Cummings 38ae090d3d
Merge branch '5.8.x' into 6.1.x 
Closes gh-14973
 2024-04-26 17:13:39 -06:00
Abimael Sergio 3b9991fc89 Improve PasswordEncoder Error Messaging 
Closes gh-14880
 2024-04-26 17:13:17 -06:00
Josh Cummings 8dd28b797a
Update to BouncyCastle 1.78 
Closes gh-14910
 2024-04-15 15:32:08 -06:00
Marcus Hert Da Coregio 93c2d1cc3c Disable spring-security-rsa tests on Windows 
Issue gh-14202
 2024-01-30 09:08:00 -03:00
Marcus Hert Da Coregio 6f7b9bbfde Migrate spring-security-rsa into spring-security-crypto 
Closes gh-14202
 2024-01-29 13:49:51 -03:00
Marcus Hert Da Coregio e3ab1c94d7 Use assertj assertions 2023-11-17 09:04:50 -03:00
Marcus Hert Da Coregio a7da9491d9 Use assertj assertions 2023-11-17 09:03:36 -03:00
Steve Riesenberg 9db33f33c7
Revert unnecessary merges on 6.0.x 
This commit removes unnecessary main-branch merges starting from
8750608b5b and adds the following
needed commit(s) that were made afterward:

- 5dce82c48b
 2023-10-31 15:11:45 -05:00
Marcus Da Coregio 6c9cb47125 Fix code style 2023-09-29 13:52:04 -03:00
Marcus Da Coregio 07b6c451fd Merge branch '6.1.x' 
Closes gh-13884
 2023-09-29 11:47:38 -03:00
Marcus Da Coregio 92c82191c9 Merge branch '5.8.x' into 6.0.x 
Closes gh-13882
 2023-09-29 11:46:00 -03:00