Rob Winch

icon indicating a website link http://spring.io/team/rwinch

icon company Pivotal

Results 120 issues of Rob Winch

Method Security for Filtering non-collections

We support filtering the results of collections, but it would be nice to filter non-collection types. I haven't decided on the syntax for this but here is a rough idea:...

Add OpenFGA Support

26 comment

We should look into adding OpenFGA support See https://openfga.dev/ Some NOTES for myself: - [ ] We can use [Testcontainers support](https://docs.spring.io/spring-boot/docs/3.2.x/reference/htmlsingle/#features.testcontainers.at-development-time) for starting the openfga Docker image - [ ]...

type: enhancement
theme: partner-use-cases

Method Security SpEL supports AuthorizationDecision return types

It would be nice if we supported `AuthrozationDecision` return types for Method Security SpEL. This would allow method security to easily convey more information to the framework on why authorization...

type: enhancement

Support Converter for SpEL return types to AuthorizationDecision

Support custom return types for for SpEL method security through the use of providing a Converter of that return type to the Authorization Decision. I don't think that I like...

Compatibility with JVM snapshots (OpenJDK's Project CRaC)

As a [project wide initiative](https://github.com/spring-projects/spring-framework/issues/29921) the portfolio is looking into support for Project CRaC which allows JVM snapshots to be taken and then restored for faster startup times. We will...

type: theme

Method Security SpEL supports throwing AccessDeniedException

It would be nice if we supported throwing `AccessDeniedException` for Method Security SpEL. This would allow method security to easily convey more information to the framework on why authorization failed...

Improve Gradle Configuration Time

12 comment

As a part of https://github.com/gradle/gradle/issues/1628 I submitted [Spring Security's](https://github.com/spring-projects/spring-security) Gradle [Configuration Time](https://scans.gradle.com/s/7yjns4i55vj66/). The Gradle team replied with: > The vast majority of the time (75%) is spent in the Gretty...

MockMvc Test Support

1 comment

I'm not sure exactly what we will need for this, but we should provide `MockMvc` support. One thing that is likely needed is the ability to easily create `Authentication` objects

Investigate Keycloak & Spring Integration

4 comment

Keycloak has come out with a [new beta](https://blog.keycloak.org/2018/05/keycloak-400beta2-released.html) which includes Spring Boot support. Ideally they would be able to use our new stuff instead of doing their own thing. We...

Keycloak

WithMockUserSecurityContextFactory support

We should be able to easily run as an `JwtAccessTokenAuthenticationToken` using the `WithMockUserSecurityContextFactory`. Something like this: ```java @WithMockJwt(...) @Test public void runWithJwtAccessTokenAuthenticationToken() { ... } ```