Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Ineffective CSRF Protection for SPAs as suggested by the Official Docs?
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15092
opened May 17, 2024 by
ptrckkk
Add support OAuth 2.0 Step-up Authentication Challenge Protocol
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15091
opened May 17, 2024 by
CrazyParanoid
Make OpenSamlMetadataRelyingPartyRegistrationConverter public
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15090
opened May 17, 2024 by
OrangeDog
LDIF file on official documentation breaks the startup process
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15089
opened May 17, 2024 by
aekarakus
Support Remember-Me for OAuth2 login
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15078
opened May 16, 2024 by
gotson
DefaultRedirectStrategy includes firewalled semicolon jsessionid in url
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15077
opened May 15, 2024 by
xenoterracide
OAuth with Concurrent Session Management on Spring Webflux
in: web
An issue in web modules (web, webmvc)
status: waiting-for-feedback
We need additional information before we can continue
type: enhancement
A general enhancement
#15071
opened May 14, 2024 by
jsantana3c
spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security
in: docs
An issue in Documentation or samples
type: bug
A general bug
#15045
opened May 11, 2024 by
douxiaofeng99
FilterInvocation should support getDispatcherType()
in: web
An issue in web modules (web, webmvc)
status: waiting-for-feedback
We need additional information before we can continue
type: bug
A general bug
#15042
opened May 10, 2024 by
chrylis
HttpSessionSecurityContextRepository used for AbstractPreAuthenticatedProcessingFilter
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15041
opened May 10, 2024 by
cristibozga
SessionRegistryImpl leaks principals under high load
in: core
An issue in spring-security-core
status: feedback-provided
Feedback has been provided
type: bug
A general bug
#15036
opened May 9, 2024 by
wojtassi
Prevent incorrect merges between branches
type: task
A general task
#15028
opened May 8, 2024 by
marcusdacoregio
Add interface IterableRelyingPartyRegistrationRepository or similar
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15027
opened May 8, 2024 by
OrangeDog
Saml2 Response assertion validation error with error code InvalidSignature - Need to expose createDefaultAssertionSignatureValidator() method in Opensaml4AuthenticationProvider class
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15022
opened May 8, 2024 by
itsUmashree
SAML API should accept, adapt, and/or mirror OpenSAML's Credential API
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15019
opened May 7, 2024 by
OrangeDog
RelyingPartyRegistrations typically produces unusable registrationId
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15017
opened May 7, 2024 by
OrangeDog
Unintuitive behavior of multiple servlet contexts and HttpSecurity#securityMatcher pattern
in: web
An issue in web modules (web, webmvc)
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
#15004
opened May 3, 2024 by
arvyy
OIDC Backchannel Logout does not allow logout tokens having An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
typ
header of logout+jwt
in: oauth2
#15003
opened May 3, 2024 by
justin-tay
5.8.12: @Secured annotation on subclasses is not read by SecuredAuthorizationManager when method in superclass was called
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15002
opened May 2, 2024 by
artem103
Allow customizing AbstractRememberMeServices cookie
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#14990
opened Apr 30, 2024 by
ooraini
AuthorizationManagerAfterMethodInterceptor custom annotations and aspecj support
status: feedback-provided
Feedback has been provided
#14970
opened Apr 26, 2024 by
mira-silhavy
Reactive Security OAuth2 client doesn't propagate traces and baggage's in Spring Boot 3
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-provided
Feedback has been provided
type: bug
A general bug
#14946
opened Apr 23, 2024 by
DaceKonn
Support RFC9449 - DPoP Authentication scheme
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#14915
opened Apr 16, 2024 by
babisRoutis
LogoutConfigurer forces POST even if CSRF is disabled for /logout
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#14913
opened Apr 15, 2024 by
erizzo
Previous Next
ProTip!
Updated in the last three days: updated:>2024-05-15.