Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge branch '5.8.x' into 6.1.x

Closes gh-14564
Marcus Hert Da Coregio 1 year ago
parent
547552ebd6 fc658d10d3
commit
ba1068e368
2 changed files with 20 additions and 3 deletions
Split View Show Diff Stats
  1. 19 2
      config/src/main/java/org/springframework/security/config/annotation/web/HttpSecurityBuilder.java
  2. 1 1
      config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterOrderRegistration.java

+ 19 - 2
config/src/main/java/org/springframework/security/config/annotation/web/HttpSecurityBuilder.java
View File 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2024 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -27,6 +27,7 @@ import org.springframework.security.oauth2.server.resource.web.authentication.Be
 
 import org.springframework.security.web.DefaultSecurityFilterChain;
 
 import org.springframework.security.web.access.ExceptionTranslationFilter;
 
 import org.springframework.security.web.access.channel.ChannelProcessingFilter;
 
+import org.springframework.security.web.access.intercept.AuthorizationFilter;
 
 import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
 
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
 
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
@@ -37,7 +38,11 @@ import org.springframework.security.web.authentication.rememberme.RememberMeAuth
 
 import org.springframework.security.web.authentication.switchuser.SwitchUserFilter;
 
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
 import org.springframework.security.web.authentication.www.DigestAuthenticationFilter;
 
+import org.springframework.security.web.context.SecurityContextHolderFilter;
 
 import org.springframework.security.web.context.SecurityContextPersistenceFilter;
 
+import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
 
+import org.springframework.security.web.csrf.CsrfFilter;
 
+import org.springframework.security.web.header.HeaderWriterFilter;
 
 import org.springframework.security.web.jaasapi.JaasApiIntegrationFilter;
 
 import org.springframework.security.web.savedrequest.RequestCacheAwareFilter;
 
 import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter;
 
@@ -45,6 +50,7 @@ import org.springframework.security.web.session.ConcurrentSessionFilter;
 
 import org.springframework.security.web.session.DisableEncodeUrlFilter;
 
 import org.springframework.security.web.session.ForceEagerSessionCreationFilter;
 
 import org.springframework.security.web.session.SessionManagementFilter;
 
+import org.springframework.web.filter.CorsFilter;
 
 
 /**
 
  * @param <H>
 
@@ -126,15 +132,24 @@ public interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>
 
 	 * The ordering of the Filters is:
 
 	 *
 
 	 * <ul>
 
-	 * <li>{@link ForceEagerSessionCreationFilter}</li>
 
 	 * <li>{@link DisableEncodeUrlFilter}</li>
 
+	 * <li>{@link ForceEagerSessionCreationFilter}</li>
 
 	 * <li>{@link ChannelProcessingFilter}</li>
 
+	 * <li>{@link WebAsyncManagerIntegrationFilter}</li>
 
+	 * <li>{@link SecurityContextHolderFilter}</li>
 
 	 * <li>{@link SecurityContextPersistenceFilter}</li>
 
+	 * <li>{@link HeaderWriterFilter}</li>
 
+	 * <li>{@link CorsFilter}</li>
 
+	 * <li>{@link CsrfFilter}</li>
 
 	 * <li>{@link LogoutFilter}</li>
 
+	 * <li>{@link org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter}</li>
 
+	 * <li>{@link org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter}</li>
 
 	 * <li>{@link X509AuthenticationFilter}</li>
 
 	 * <li>{@link AbstractPreAuthenticatedProcessingFilter}</li>
 
 	 * <li><a href="
 
 	 * {@docRoot}/org/springframework/security/cas/web/CasAuthenticationFilter.html">CasAuthenticationFilter</a></li>
 
+	 * <li>{@link org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter}</li>
 
+	 * <li>{@link org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter}</li>
 
 	 * <li>{@link UsernamePasswordAuthenticationFilter}</li>
 
 	 * <li>{@link org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter}</li>
 
 	 * <li>{@link org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter}</li>
 
@@ -147,9 +162,11 @@ public interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>
 
 	 * <li>{@link JaasApiIntegrationFilter}</li>
 
 	 * <li>{@link RememberMeAuthenticationFilter}</li>
 
 	 * <li>{@link AnonymousAuthenticationFilter}</li>
 
+	 * <li>{@link org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter}</li>
 
 	 * <li>{@link SessionManagementFilter}</li>
 
 	 * <li>{@link ExceptionTranslationFilter}</li>
 
 	 * <li>{@link FilterSecurityInterceptor}</li>
 
+	 * <li>{@link AuthorizationFilter}</li>
 
 	 * <li>{@link SwitchUserFilter}</li>
 
 	 * </ul>
 
 	 * @param filter the {@link Filter} to add

+ 1 - 1
config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterOrderRegistration.java
View File 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2023 the original author or authors.
 
+ * Copyright 2002-2024 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.