Comments (2)
Ben Alex said:
See SEC-18 MethodInvocationPrivilegeEvaluator as it will need modification when this task is implemented.
from spring-security.
Ben Alex said:
New rejectPublicInvocations property added. By default it is false, meaning secure objects without configuration attributes will continue to be treated as βpublicβ or unauthorized. See JavaDocs for this property for full details. Also modified MethodInvocationPrivilegeEvaluator (SEC-18) to work with these changes. Unit tests pass.
from spring-security.
Related Issues (20)
- OpenSaml4AssertionValidator is not respecting clock skew settings
- Resolving invalid CSRF token values is not consistent HOT 1
- Resolving invalid CSRF token values is not consistent
- Resolving invalid CSRF token values is not consistent
- Resolving invalid CSRF token values is not consistent
- Exclude url form OAuth2 security authentication HOT 1
- Oauth2 maximumSessions did not work HOT 3
- DispatcherServletDelegatingRequestMatcher causes errors when running tests with MockMvc
- DispatcherServletDelegatingRequestMatcher causes errors when running tests with MockMvc
- Incorrect documentation for OIDC Back-Channel Logout
- Session Cookie name cannot be changed in OIDC back channel logout handler HOT 2
- Support extracting nested authorities in JwtGrantedAuthoritiesConverter HOT 1
- CookieRequestCache should set SameSite on the REDIRECT_URI cookie HOT 1
- Clarify the behavior of Concurrent Session Management when an IdP is involved
- default SpringOpaqueTokenIntrospector always returns empty authorities HOT 1
- Documentation clarification after #12783 has been closed is needed. HOT 1
- hasAuthority and custom Mono<Boolean> method in @PreAuthorize leads to ConverterNotFoundException error HOT 2
- AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc
- AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc
- Incorrect documentation for OIDC Back-Channel Logout
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-security.