Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort

Issues list

Consider a ReactiveMaximumSessionExceededHandler that performs POST /logout in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14510 opened Jan 30, 2024 by marcusdacoregio
Publish Authorization Events on WebFlux in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14361 opened Dec 21, 2023 by marcusdacoregio Draft
Improve Single-Sign-On Redirect for SameSite=Lax and SameSite=Strict in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14297 opened Dec 13, 2023 by jzheaux
Simplify CSRF Configuration for SPAs in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14149 opened Nov 15, 2023 by jzheaux
Remove deprecated methods from CookieServerCsrfTokenRepository in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#14139 opened Nov 14, 2023 by milaneuh Loading… 7.0.0-M1
Remove deprecations from CookieCsrfTokenRepository in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#14132 opened Nov 13, 2023 by marcusdacoregio 7.0.0-M1
ConcurrentSessionFilter breaks permitAll endpoint on session expiration in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14077 opened Oct 31, 2023 by arvyy
Consider CSRF protection with a fixed custom header in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#13717 opened Aug 20, 2023 by SentretC
StrictHttpFirewall#setAllowedHeaderNames should augment with existing Predicate in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#13639 opened Aug 9, 2023 by gourav
Add logging to CsrfTokenRequestHandler implementations in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#13626 opened Aug 7, 2023 by jzheaux
Switching users creates user sessions in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#13435 opened Jun 28, 2023 by filiphr
Add Support for Passkeys in: web An issue in web modules (web, webmvc) theme: mfa Related to multi-factor authentication, & building blocks for MFA (such as WebAuthN & passkeys) type: enhancement A general enhancement
#13305 opened Jun 11, 2023 by asaikali
Simplify Content-Security-Policy Configuration in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#13241 opened May 26, 2023 by jzheaux
3 tasks
Remove LazyCsrfTokenRepository in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13196 opened May 18, 2023 by jzheaux
Reintroduce expressions for http security in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#13184 opened May 16, 2023 by puskaiz
Make DefaultRequestRejectedHandler Return HTTP 400 by default in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13081 opened Apr 24, 2023 by NathanD001
Add request to Observation Context at creation to enable filtering by the request in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#12854 opened Mar 8, 2023 by jonatan-ivanov
Observation(Web)FilterChainDecorator conventions should be configurable in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#12838 opened Mar 7, 2023 by jzheaux
Extract SessionManagementFilter into different components in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#12612 opened Feb 1, 2023 by marcusdacoregio
CsrfRequestDataValueProcessor uses a different attribute name then the rest of the CSRF parts. in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#12443 opened Dec 21, 2022 by mdeinum
Restructure DefaultSecurityFilterChain logs in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#12218 opened Nov 16, 2022 by jzheaux
StrictHttpFirewall: throw specialized exceptions for specific types of rejections in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#12191 opened Nov 10, 2022 by brandon1024
ProTip! Follow long discussions with comments:>50.