Update 3rd Party Licenses (#2362)

Signed-off-by: GitHub Action <action@github.com>
Co-authored-by: GitHub Action <action@github.com>

src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java

@@ -1,6 +1,5 @@
 package stirling.software.SPDF.config.security;
 
-import io.github.pixee.security.Newlines;
 import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.util.*;
@@ -164,30 +163,11 @@ public class SecurityConfiguration {
             http.sessionManagement(
                     sessionManagement ->
                             sessionManagement
+                            .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                                     .maximumSessions(10)
                                     .maxSessionsPreventsLogin(false)
                                     .sessionRegistry(sessionRegistry)
-
+                                    .expiredUrl("/login?logout=true"));
-                                    .expiredUrl("/login?logout=true"))
-            .addFilterBefore(
-                    new ForceEagerSessionCreationFilter(), 
-                    SecurityContextHolderFilter.class)
-            .addFilterBefore(new ForceEagerSessionCreationFilter(), SecurityContextHolderFilter.class);
-            
-            http.addFilterBefore(new OncePerRequestFilter() {
-                @Override
-                protected void doFilterInternal(HttpServletRequest request, 
-                        HttpServletResponse response, FilterChain filterChain) 
-                        throws ServletException, IOException {
-                    
-                    if (request.getRequestURI().startsWith("/saml2")) {
-                        response.setHeader("Set-Cookie", 
-                            Newlines.stripAll(response.getHeader("Set-Cookie")
-                                .concat(";SameSite=None;Secure")));
-                    }
-                    filterChain.doFilter(request, response);
-                }
-            }, SessionManagementFilter.class);
 
             http.authenticationProvider(daoAuthenticationProvider());
             http.requestCache(requestCache -> requestCache.requestCache(new NullRequestCache()));
@@ -473,19 +453,6 @@ public class SecurityConfiguration {
                         .build());
     }
     
-    @Bean
-    public CookieSerializer cookieSerializer() {
-        DefaultCookieSerializer serializer = new DefaultCookieSerializer();
-        serializer.setSameSite("None");
-        serializer.setUseSecureCookie(true); // Required when using SameSite=None
-        return serializer;
-    }
-
-    @Bean
-    public HttpSessionEventPublisher httpSessionEventPublisher() {
-        return new HttpSessionEventPublisher();
-    }
-    
     @Bean
     @ConditionalOnProperty(
             name = "security.saml2.enabled",

src/main/resources/static/3rdPartyLicenses.json

@@ -1386,6 +1386,13 @@
             "moduleLicense": "Apache License, Version 2.0",
             "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0"
         },
+        {
+            "moduleName": "org.springframework.session:spring-session-core",
+            "moduleUrl": "https://spring.io/projects/spring-session",
+            "moduleVersion": "3.4.0",
+            "moduleLicense": "Apache License, Version 2.0",
+            "moduleLicenseUrl": "https://www.apache.org/licenses/LICENSE-2.0"
+        },
         {
             "moduleName": "org.springframework:spring-aop",
             "moduleUrl": "https://github.com/spring-projects/spring-framework",