root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 9 Packages Projects Releases Wiki Activity
10,248 Commits 47 Branches 345 Tags 116 MiB
Java 94.6%
Kotlin 4.7%
JavaScript 0.3%
Groovy 0.2%
Go to file
Rob Winch 415a674edc AnonymousAuthenticationFilter Avoids Eager SecurityContext Access 
Previously AnonymousAuthenticationFilter accessed the SecurityContext to
determine if anonymous authentication needed setup eagerly. Now this is done
lazily to avoid unnecessary access to the SecurityContext which in turn avoids
unnecessary HTTP Session access.

Closes gh-11457
 		2022-07-05 15:34:21 -05:00
.github Enable BackportBot on 5.8.x 2022-06-06 13:53:58 -05:00
.idea Fix checkstyle rules could not be parsed 2020-11-23 14:33:18 -05:00
acl Use SecurityContextHolderStrategy for ACL 2022-06-28 08:05:15 -06:00
aspects Update aspectj-plugin to 6.3.0 2021-11-16 12:52:42 -06:00
bom fix bom 2021-05-17 22:29:45 -05:00
buildSrc Add initScripts and projectProperties to IncludeCheckRemotePlugin 2022-05-11 16:12:36 -03:00
cas Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
config Use SecurityContextHolderStrategy for Concurrency Filter 2022-06-28 15:32:05 -06:00
core Use SecurityContextHolderStrategy for Context Propagation 2022-06-30 11:18:07 -06:00
crypto Prevent instantiation of DelegatingPasswordEncoder if idPrefix contains idSuffix 2022-04-05 09:16:44 -05:00
data Use SecurityContextHolderStrategy for Data 2022-06-27 16:35:02 -06:00
dependencies Remove dependency on commons-codec by using java.util.Base64 2022-06-09 06:50:01 -06:00
docs Add SecurityContextHolderStrategy XML Configuration for Messaging 2022-06-27 15:55:28 -06:00
etc Add SecurityContextHolderStrategy to Default Components 2022-06-17 11:28:10 -06:00
gradle/wrapper Update to Gradle 7.3 2021-11-10 11:35:49 -03:00
itest Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
ldap Use SecurityContextHolderStrategy for Ldap 2022-06-27 15:55:27 -06:00
messaging Use SecurityContextHolderStrategy for Messaging 2022-06-27 15:55:28 -06:00
oauth2 Add SecurityContextHolderStrategy to OAuth2 2022-06-27 13:05:12 -06:00
openid Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
remoting Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
rsocket Add UsernamePasswordAuthenticationToken factory methods 2022-03-09 15:23:35 -07:00
saml2/saml2-service-provider Add SecurityContextHolderStrategy to Saml2 2022-06-27 13:05:11 -06:00
scripts Exclude duplicate issues from changelog 2022-04-20 09:02:55 -03:00
taglibs Use SecurityContextHolderStrategy for Taglibs 2022-06-27 17:45:01 -06:00
test Add SecurityContextHolderStrategy Test Support 2022-06-27 13:02:11 -06:00
web AnonymousAuthenticationFilter Avoids Eager SecurityContext Access 2022-07-05 15:34:21 -05:00
.editorconfig Fixed link in .editorconfig 2021-10-13 15:36:10 -06:00
.gitattributes Install Structure101 Plugin 2021-09-27 14:56:03 -06:00
.gitignore Ignore Lock Files 2020-02-07 13:59:05 -06:00
.sdkmanrc Add .sdkmanrc 2022-02-18 13:48:05 -06:00
CONTRIBUTING.adoc master->main 2021-04-26 16:55:43 -05:00
LICENSE.txt Add LICENSE.txt 2020-04-15 16:44:13 -05:00
README.adoc Fix README local Maven install command 2021-07-07 12:01:57 +02:00
RELEASE.adoc Document sagan Release tasks require read:org scope 2022-06-21 14:47:46 -05:00
build.gradle Remove dependency on commons-codec by using java.util.Base64 2022-06-09 06:50:01 -06:00
class_mapping_from_2.0.x.txt SEC-1148: Simple classname mapping from 2.0 to 3.0 2009-12-02 22:44:30 +00:00
gradle.properties Point to samples branch 5.8.x 2022-05-12 11:16:23 -03:00
gradlew Update to Gradle 7.3 2021-11-10 11:35:49 -03:00
gradlew.bat Update to Gradle 6.6.1 2020-10-12 17:41:16 -06:00
local-antora-playbook.yml Add spring-security-docs-generated to local-antora-playbook.yml 2021-09-23 15:50:14 -05:00
notice.txt URL Cleanup 2019-03-19 23:53:23 -05:00
settings.gradle Bump up Gradle plugin dependencies 2022-01-18 13:40:58 +01:00

README.adoc 

image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]

image:https://github.com/spring-projects/spring-security/workflows/CI/badge.svg?branch=main["Build Status", link="https://github.com/spring-projects/spring-security/actions?query=workflow%3ACI"]

image:https://img.shields.io/badge/Revved%20up%20by-Gradle%20Enterprise-06A0CE?logo=Gradle&labelColor=02303A["Revved up by Gradle Enterprise", link="https://ge.spring.io/scans?search.rootProjectNames=spring-security"]

= Spring Security

Spring Security provides security services for the https://docs.spring.io[Spring IO Platform]. Spring Security 5.0 requires Spring 5.0 as
a minimum and also requires Java 8.

For a detailed list of features and access to the latest release, please visit https://spring.io/projects[Spring projects].

== Code of Conduct
Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct]

== Downloading Artifacts
See https://docs.spring.io/spring-security/site/docs/current/reference/html5/#getting[Getting Spring Security] for how to obtain Spring Security.

== Documentation
Be sure to read the https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference].
Extensive JavaDoc for the Spring Security code is also available in the https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API Documentation].

== Quick Start
See https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-hello[Hello Spring Security] to get started with a "Hello, World" application.

== Building from Source
Spring Security uses a https://gradle.org[Gradle]-based build system.
In the instructions below, https://vimeo.com/34436402[`./gradlew`] is invoked from the root of the source tree and serves as
a cross-platform, self-contained bootstrap mechanism for the build.

=== Prerequisites
https://help.github.com/set-up-git-redirect[Git] and the https://www.oracle.com/technetwork/java/javase/downloads[JDK11 build].

Be sure that your `JAVA_HOME` environment variable points to the `jdk-11` folder extracted from the JDK download.

=== Check out sources
[indent=0]
----
git clone git@github.com:spring-projects/spring-security.git
----

=== Install all spring-\* jars into your local Maven cache
[indent=0]
----
./gradlew publishToMavenLocal
----

=== Compile and test; build all jars, distribution zips, and docs
[indent=0]
----
./gradlew build
----

Discover more commands with `./gradlew tasks`.
See also the https://github.com/spring-projects/spring-framework/wiki/Gradle-build-and-release-FAQ[Gradle build and release FAQ].

== Getting Support
Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow].
https://spring.io/services[Commercial support] is available too.

== Contributing
https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/main/CONTRIBUTING.adoc[contributor guidelines] for details.

== License
Spring Security is Open Source software released under the
https://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].