-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
StrictServerWebExchangeFirewall behavior in Spring-Security-Web 6.3.4
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16019
opened Oct 31, 2024 by
kpolli
Further document adding types to the Jackson allowlist
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16015
opened Oct 30, 2024 by
jzheaux
There is no option to create relyingparty details through datasource in saml2
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16012
opened Oct 30, 2024 by
sasirekha98
6.4.0-RC1 - BeanDefinitionOverrideException: Invalid bean definition with name 'webAuthorizationManagerPostProcessor'
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16011
opened Oct 30, 2024 by
zyro23
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16009
opened Oct 29, 2024 by
vonZeppelin
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent
in: saml2
An issue in SAML2 modules
type: enhancement
A general enhancement
Authorized Objects with Pageable Spring Data throws ClassCastException
type: bug
A general bug
#15994
opened Oct 25, 2024 by
noshua
Implementations of OpaqueTokenIntrospector fail to URL encode client secret
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: bug
A general bug
Fail when several filter chains have the same securityMatcher
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
AbstractAuthenticationFilterConfigurer: add defaultSuccessUrl() function which doesn't override the successHandler field, or the variant with successHandler parameter
in: web
An issue in web modules (web, webmvc)
status: feedback-reminder
We've sent a reminder that we need additional information before we can continue
status: waiting-for-feedback
We need additional information before we can continue
type: enhancement
A general enhancement
#15980
opened Oct 23, 2024 by
Hotvianskyi
Support ServerExchangeRejectedHandler @Bean
in: web
An issue in web modules (web, webmvc)
status: forward-port
An issue tracking the forward-port of a change made in an earlier branch
type: enhancement
A general enhancement
Support ServerExchangeRejectedHandler @Bean
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
Issues regarding the creator of DaoAuthenticationProvider
in: core
An issue in spring-security-core
type: enhancement
A general enhancement
Remove PortResolver
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
Upgrade nimbus-jose-jwt:jar to 9.37.3 in Spring Security 5.8.x
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-reminder
We've sent a reminder that we need additional information before we can continue
status: waiting-for-feedback
We need additional information before we can continue
type: dependency-upgrade
A dependency upgrade
#15951
opened Oct 18, 2024 by
blackat
s101 configuration is slow
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15921
opened Oct 16, 2024 by
rwinch
Support Reactive One-Time Tokens in a Clustered Environment
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
Implement Yescript
in: crypto
An issue in spring-security-crypto
type: enhancement
A general enhancement
#15899
opened Oct 11, 2024 by
carnoxen
An empty-string bearer token should result in an appropriate HTTP status code
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: duplicate
A duplicate of another issue
type: bug
A general bug
Allow comma-delimited scopes in OAuth2 access token response
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#15878
opened Oct 5, 2024 by
bfanyuk
Add An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
OAuth2AuthorizedClientManager
autoconfiguration without spring-boot-starter-web
dependency
in: oauth2
#15877
opened Oct 4, 2024 by
yvasyliev
Make it easier to determine where a filter chain has been defined
in: config
An issue in spring-security-config
type: enhancement
A general enhancement
#15874
opened Oct 4, 2024 by
wilkinsona
carrier thread be suspended by synchronized in RemoteJWKSet
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15866
opened Sep 30, 2024 by
me0106
Previous Next
ProTip!
Add no:assignee to see everything that’s not assigned.