Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

914 Open 11,557 Closed
914 Open 11,557 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Circular reference when exposing a AuthenticationProvider with a dependency to HttpSecurity in: web An issue in web modules (web, webmvc) status: waiting-for-feedback We need additional information before we can continue
#16047 opened Nov 7, 2024 by dru1
3
SAML login fails in Chromium based browser even after adding hash in the CSP in: web An issue in web modules (web, webmvc) status: waiting-for-feedback We need additional information before we can continue
#16045 opened Nov 7, 2024 by snpt62
1
OpenSamlAssertingPartyMetadataRepository should initialize OpenSAML in: saml2 An issue in SAML2 modules type: bug A general bug
#16042 opened Nov 6, 2024 by jzheaux 6.4.0
@jzheaux @ig-jinwoo
4
ServerBearerTokenAuthenticationConverter validates parameters when not enabled in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#16038 opened Nov 4, 2024 by sjohnr 6.2.x
@jonah1und1
1
Commit missed of overriding WebClient in ReactiveOidcIdTokenDecoderFactory status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16021 opened Nov 1, 2024 by JohnNiang
Further document adding types to the Jackson allowlist status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16015 opened Oct 30, 2024 by jzheaux
Add JdbcRelyingPartyRegistrationRepository status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16012 opened Oct 30, 2024 by sasirekha98
1
6.4.0-RC1 - BeanDefinitionOverrideException: Invalid bean definition with name 'webAuthorizationManagerPostProcessor' status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16011 opened Oct 30, 2024 by zyro23
@jzheaux
3
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter in: config An issue in spring-security-config type: enhancement A general enhancement
#16009 opened Oct 29, 2024 by vonZeppelin
@jzheaux @evgeniycheban
1
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16001 opened Oct 25, 2024 by sjohnr 6.5.x
@sjohnr
Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
#16000 opened Oct 25, 2024 by jzheaux 6.5.x
Authorized Objects with Pageable Spring Data throws ClassCastException type: bug A general bug
#15994 opened Oct 25, 2024 by noshua
@jzheaux
2
Implementations of OpaqueTokenIntrospector fail to URL encode client secret in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#15988 opened Oct 24, 2024 by joelossher 6.5.x
1
@ngocnhan-tran1996
8
Fail when several filter chains have the same securityMatcher in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15982 opened Oct 24, 2024 by franticticktick 6.5.x
4
Support ServerExchangeRejectedHandler @Bean in: web An issue in web modules (web, webmvc) status: forward-port An issue tracking the forward-port of a change made in an earlier branch type: enhancement A general enhancement
#15976 opened Oct 22, 2024 by rwinch 5.8.16
@rwinch
Support ServerExchangeRejectedHandler @Bean in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15975 opened Oct 22, 2024 by rwinch 5.7.14
@rwinch
Issues regarding the creator of DaoAuthenticationProvider in: core An issue in spring-security-core type: enhancement A general enhancement
#15973 opened Oct 22, 2024 by siwan9 6.5.x
1
@jzheaux
Deprecate PortResolver type: task A general task
#15972 opened Oct 22, 2024 by rwinch 6.5.x
@rwinch
Remove PortResolver in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15971 opened Oct 22, 2024 by rwinch 7.0.0-M1
@rwinch
Upgrade nimbus-jose-jwt:jar to 9.37.3 in Spring Security 5.8.x in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: dependency-upgrade A dependency upgrade
#15951 opened Oct 18, 2024 by blackat
@jzheaux
3
s101 configuration is slow status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15921 opened Oct 16, 2024 by rwinch
Support Reactive One-Time Tokens in a Clustered Environment in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15901 opened Oct 11, 2024 by franticticktick 6.5.x
@franticticktick
3
Implement Yescript in: crypto An issue in spring-security-crypto type: enhancement A general enhancement
#15899 opened Oct 11, 2024 by carnoxen
1
Allow comma-delimited scopes in OAuth2 access token response in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15878 opened Oct 5, 2024 by bfanyuk
@sjohnr
3
Add OAuth2AuthorizedClientManager autoconfiguration without spring-boot-starter-web dependency in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15877 opened Oct 4, 2024 by yvasyliev
5
ProTip! Updated in the last three days: updated:>2024-11-06.