f8ff056eb6
Update Max Sessions on WebFlux
...
Delete WebSessionStoreReactiveSessionRegistry.java and gives the responsibility to remove the sessions from the WebSessionStore to the handler
Issue gh-6192
2024-02-28 10:06:45 -03:00
f3bcf7ed5d
Revert "Update max sessions docs"
...
This reverts commit c86fd99c8f
2024-02-28 08:30:05 -03:00
c86fd99c8f
Update max sessions docs
...
Add WebSessionStore constructor parameter to the handler
Issue gh-6192
2024-02-27 13:36:43 -03:00
16155537a5
Merge branch '6.2.x'
2024-02-26 11:10:49 -07:00
aedffa7919
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14653
2024-02-26 11:10:38 -07:00
ddd5d2e9cd
Fix Observability Typo
...
Closes gh-14651
2024-02-26 11:09:57 -07:00
5188012932
Merge branch '6.2.x'
2023-12-18 12:05:07 -07:00
edcba77df4
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14348
2023-12-18 12:04:53 -07:00
3f881eb127
Merge branch '5.8.x' into 6.1.x
...
Closes gh-14347
2023-12-18 12:04:37 -07:00
59461d94b0
Clarify RSocket Configuration Docs
...
Closes gh-13718
2023-12-18 12:02:49 -07:00
3b7c971960
Merge branch '6.2.x'
2023-12-11 11:45:33 -07:00
d130a18d3c
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14280
2023-12-11 11:45:16 -07:00
f0772dc788
Merge branch '5.8.x' into 6.1.x
...
Closes gh-14279
2023-12-11 11:44:44 -07:00
74d06f020d
Update to Latest Boot Property
...
Closes gh-14252
2023-12-11 11:44:08 -07:00
57ab15127a
Add Max Sessions on WebFlux
...
Closes gh-6192
2023-12-11 09:48:34 -03:00
22000b42e9
Merge remote-tracking branch 'origin/6.1.x'
2023-11-07 16:34:15 -07:00
42225371d7
Merge branch '6.0.x' into 6.1.x
...
Closes gh-14114
2023-11-07 16:33:45 -07:00
18c5f4354e
Merge branch '5.8.x' into 6.0.x
...
Closes gh-14113
2023-11-07 16:31:46 -07:00
b919ece045
Change Idempotent to Read-Only
...
Closes gh-13644
2023-11-07 16:25:28 -07:00
447f40949c
Revert unnecessary merges on 6.1.x
...
This commit removes unnecessary main-branch merges starting from
9f8db22b774d6ff49b9ded6ff670d1c823b0079444fad21363
2023-10-31 15:22:15 -05:00
9db33f33c7
Revert unnecessary merges on 6.0.x
...
This commit removes unnecessary main-branch merges starting from
8750608b5b5dce82c48b
2023-10-31 15:11:45 -05:00
a3227f041c
Polish OAuth2AuthorizationManagers
...
- Add OAuth2ReactiveAuthorizationManagers
- Code to interfaces
- Align error message with the same in
AuthorityAuthorizationManager
- Adjust expectations in tests to confirm an
appropriately constructed authorizaion manager
- Add JavaDoc and reference documentation
Issue gh-13654
2023-10-02 17:26:06 -06:00
6b0d82236d
Fix Documentation Errors
...
Issue gh-12570
2023-09-18 16:21:37 -06:00
cb33fd7850
Add OIDC Back-Channel Logout Support
...
Closes gh-12570
2023-09-16 15:12:21 -06:00
3b7e7f63d8
Update Jwt Multi-tenancy Documentation
...
Issue gh-13427
2023-08-08 10:03:11 -06:00
1416b0649e
Merge branch '6.0.x' into 6.1.x
...
Closes gh-13590
2023-07-27 11:25:19 -03:00
461d6edd85
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13589
2023-07-27 11:23:58 -03:00
13ca7ac4d4
Referrer-Policy is added by default in Reactive applications
...
Closes gh-13561
2023-07-27 11:22:21 -03:00
8407c9ebee
Merge branch '6.0.x'
...
Closes gh-13407
2023-06-18 21:41:16 -05:00
f66a5bab99
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13406
2023-06-18 21:33:58 -05:00
7da99acca7
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13405
2023-06-18 21:32:35 -05:00
0cf95dbf61
Merge branch '5.6.x' into 5.7.x
...
Closes gh-13404
2023-06-18 21:31:35 -05:00
39c43159f4
Convert to Asciidoctor Tabs
...
Closes gh-13403
2023-06-18 21:30:41 -05:00
04692d9ee8
Fix Antora Warnings
...
Closes gh-13210
2023-06-08 17:02:19 -05:00
b969179b5c
Merge branch '5.7.x' into 5.8.x
2023-05-10 15:53:22 -06:00
3469bcb822
Address Antora Warnings
2023-05-10 15:51:49 -06:00
42cd19fcee
Merge branch '6.0.x'
...
Closes gh-13103
2023-04-26 15:59:20 -03:00
8c5f13657e
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13102
2023-04-26 15:58:25 -03:00
5632469a90
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13101
2023-04-26 15:57:32 -03:00
e61adcb0cd
Clarify that Kotlin DSL needs an import
...
Closes gh-13092
2023-04-26 15:56:47 -03:00
76eba9bd0c
Add withIssuerLocation
...
Closes gh-10309
2023-04-12 16:36:15 -06:00
5db3e54647
Merge branch '6.0.x'
...
Closes gh-12993
2023-04-11 09:58:20 -03:00
34015944f2
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12992
2023-04-11 09:57:52 -03:00
68fd755abc
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12991
2023-04-11 09:57:15 -03:00
e25117856e
Add static imports to code snippets
...
Closes gh-6597
2023-04-11 09:56:19 -03:00
3b447b938c
fix missing semi-colon java example in observability documentation
2023-03-03 15:04:16 -07:00
5286b78308
Merge branch '6.0.x'
...
Closes gh-12684
2023-02-16 13:27:17 -06:00
c4f68d83bf
Document default CsrfTokenRequestHandler in 6.0
...
Closes gh-12651
2023-02-16 13:26:23 -06:00
e139f1c2ba
Polish gh-12438
2022-12-22 11:16:19 -05:00
c60c10792c
Fix Observability Opt-out Documentation Typo
...
Issue gh-12268
2022-11-29 16:24:57 -07:00
cca999c57d
Merge remote-tracking branch 'origin/5.8.x'
2022-11-01 13:46:08 -06:00
d29ab8bcae
Merge branch '5.7.x' into 5.8.x
2022-11-01 13:43:40 -06:00
c94e33b6c8
Merge branch '5.6.x' into 5.7.x
2022-11-01 13:42:35 -06:00
8315545144
Update RP-Initiated Logout target URLs.
...
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.
Fixes: gh-12081
2022-11-01 12:35:39 -06:00
fe96a62dfc
Document Observability Support
...
Issue gh-10964
2022-10-12 20:32:25 -06:00
27059ced87
Default X-Xss-Protection header value to "0"
...
Closes gh-9631
2022-10-07 17:42:55 -05:00
6753f9745e
Merge branch '5.8.x'
...
# Conflicts:
# config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt
# docs/modules/ROOT/pages/reactive/exploits/csrf.adoc
2022-10-07 17:29:07 -05:00
f462134e87
Add reactive support for BREACH
...
Closes gh-11959
2022-10-07 16:34:17 -05:00
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
84f765a89c
Merge remote-tracking branch 'origin/5.8.x' into main
2022-08-25 14:46:48 -06:00
070dce1baf
Document ReactiveMethodSecurity improvements
...
Issue gh-9401
2022-08-25 14:36:03 -06:00
27ce5936cf
Add Caveat about Spring Security's co-routine support
...
Closes gh-10920
2022-08-25 14:36:02 -06:00
040111ae9e
Remove Configuration meta-annotation from Enable* annotations
...
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
2022-07-30 03:48:42 +02:00
a72c5a55db
Revert "Remove @Configuration from webflux config examples"
...
This reverts commit aec9effb88
2022-07-26 16:46:01 -05:00
aec9effb88
Remove @Configuration from webflux config examples
2022-07-26 16:34:10 -05:00
0f64d4c091
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 14:04:16 -03:00
7c7751635d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:56:41 -03:00
5322352427
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:49:21 -03:00
db9d60e82d
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 13:47:07 -03:00
aca3fc2412
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:51:44 -03:00
0c31cb21dc
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:50:56 -03:00
24701b547f
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:49:47 -03:00
b9acdd5058
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 13:43:42 +02:00
038266a94f
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 13:12:55 -06:00
9625382b22
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:57:56 -06:00
23cc1eb32b
Update JUnit 5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:56:51 -06:00
416f94f979
Update Junit5 annotations in documentation
...
- replace Before with BeforeEach
- replace RunWith with ExtendWith
Closes gh-10934
2022-05-27 12:46:04 -06:00
806e05855c
Replace removed context-related operators
...
Closes gh-11194
2022-05-10 14:58:02 -03:00
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
428216b322
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:50:25 -05:00
54b033078b
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:36:10 -04:00
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
660da6f4a0
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 17:49:43 +01:00
bc2bb8cb96
Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket
...
Closes gh-10932
2022-03-09 16:18:09 +01:00
f64181ab41
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 17:18:48 +01:00
77ba94e1db
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 11:07:42 +01:00
015036741b
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:16:47 +01:00
d0faff62df
Add Kotlin example for logout configuration of reactive authentication
...
Closes gh-10819
2022-02-11 13:01:43 +01:00
ac990afa5d
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:47:35 -06:00
c1dfe407bc
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:27 -06:00
51fc4a4ca3
Document Authorize HTTP Requests for Reactive Security
...
Closes gh-10801
2022-02-03 13:46:05 -06:00
525f40490c
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:59:14 -05:00
214cfe807e
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:42:10 -05:00
2fb056b5c1
Merge Clean up Reference Documentation
...
Closes gh-9668
2021-12-13 16:57:36 -06:00
0beb725259
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-08 11:07:09 +01:00
65426a40ec
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-07 17:23:06 +01:00
32ec8c3ae4
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:58:24 +01:00
7ec3b55ab3
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-07 13:48:11 +01:00
1896a5e669
Fix Reactive OAuth2 Kotlin DSL examples
...
Closes gh-10580
2021-12-06 13:05:50 +01:00
4f185724a3
Polish gh-10479
2021-11-12 15:09:50 -05:00
Marcus Hert Da Coregio
Josh Cummings
Steve Riesenberg
Rob Winch
Wyfrel
Joe Grandja
Ger Roza
Daniel Garnier-Moiroux
Joshua Sattler
Yuriy Savchenko
André Luis Gomes
nor-ek
Lijamaija
Talerngpong Virojwutikul