Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

StrictServerWebExchangeFirewall behavior in Spring-Security-Web 6.3.4 status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16019 opened Oct 31, 2024 by kpolli
Further document adding types to the Jackson allowlist status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16015 opened Oct 30, 2024 by jzheaux
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16001 opened Oct 25, 2024 by sjohnr 6.5.x
Implementations of OpaqueTokenIntrospector fail to URL encode client secret in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#15988 opened Oct 24, 2024 by joelossher 6.5.x
Fail when several filter chains have the same securityMatcher in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15982 opened Oct 24, 2024 by franticticktick 6.5.x
AbstractAuthenticationFilterConfigurer: add defaultSuccessUrl() function which doesn't override the successHandler field, or the variant with successHandler parameter in: web An issue in web modules (web, webmvc) status: feedback-reminder We've sent a reminder that we need additional information before we can continue status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#15980 opened Oct 23, 2024 by Hotvianskyi
Support ServerExchangeRejectedHandler @Bean in: web An issue in web modules (web, webmvc) status: forward-port An issue tracking the forward-port of a change made in an earlier branch type: enhancement A general enhancement
#15976 opened Oct 22, 2024 by rwinch 5.8.16
Support ServerExchangeRejectedHandler @Bean in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15975 opened Oct 22, 2024 by rwinch 5.7.14
Issues regarding the creator of DaoAuthenticationProvider in: core An issue in spring-security-core type: enhancement A general enhancement
#15973 opened Oct 22, 2024 by siwan9 6.5.x
Deprecate PortResolver type: task A general task
#15972 opened Oct 22, 2024 by rwinch 6.5.x
Remove PortResolver in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15971 opened Oct 22, 2024 by rwinch 7.0.0-M1
Upgrade nimbus-jose-jwt:jar to 9.37.3 in Spring Security 5.8.x in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-reminder We've sent a reminder that we need additional information before we can continue status: waiting-for-feedback We need additional information before we can continue type: dependency-upgrade A dependency upgrade
#15951 opened Oct 18, 2024 by blackat
s101 configuration is slow status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15921 opened Oct 16, 2024 by rwinch
Support Reactive One-Time Tokens in a Clustered Environment in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15901 opened Oct 11, 2024 by franticticktick 6.5.x
Implement Yescript in: crypto An issue in spring-security-crypto type: enhancement A general enhancement
#15899 opened Oct 11, 2024 by carnoxen
An empty-string bearer token should result in an appropriate HTTP status code in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: bug A general bug
#15885 opened Oct 8, 2024 by jacknie84 6.4.x
Allow comma-delimited scopes in OAuth2 access token response in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15878 opened Oct 5, 2024 by bfanyuk
Add OAuth2AuthorizedClientManager autoconfiguration without spring-boot-starter-web dependency in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15877 opened Oct 4, 2024 by yvasyliev
Make it easier to determine where a filter chain has been defined in: config An issue in spring-security-config type: enhancement A general enhancement
#15874 opened Oct 4, 2024 by wilkinsona
carrier thread be suspended by synchronized in RemoteJWKSet status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15866 opened Sep 30, 2024 by me0106
ProTip! Add no:assignee to see everything that’s not assigned.