Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Support Remember-Me for OAuth2 login
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15078
opened May 16, 2024 by
gotson
DefaultRedirectStrategy includes firewalled semicolon jsessionid in url
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15077
opened May 15, 2024 by
xenoterracide
OAuth with Concurrent Session Management on Spring Webflux
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15071
opened May 14, 2024 by
jsantana3c
spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security
in: docs
An issue in Documentation or samples
type: bug
A general bug
#15045
opened May 11, 2024 by
douxiaofeng99
FilterInvocation should support getDispatcherType()
in: web
An issue in web modules (web, webmvc)
status: waiting-for-feedback
We need additional information before we can continue
type: bug
A general bug
#15042
opened May 10, 2024 by
chrylis
HttpSessionSecurityContextRepository used for AbstractPreAuthenticatedProcessingFilter
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15041
opened May 10, 2024 by
cristibozga
SessionRegistryImpl leaks principals under high load
in: core
An issue in spring-security-core
status: feedback-provided
Feedback has been provided
type: bug
A general bug
#15036
opened May 9, 2024 by
wojtassi
Prevent incorrect merges between branches
type: task
A general task
#15028
opened May 8, 2024 by
marcusdacoregio
Add interface IterableRelyingPartyRegistrationRepository or similar
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15027
opened May 8, 2024 by
OrangeDog
Saml2 Response assertion validation error with error code InvalidSignature - Need to expose createDefaultAssertionSignatureValidator() method in Opensaml4AuthenticationProvider class
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15022
opened May 8, 2024 by
itsUmashree
SAML API should accept, adapt, and/or mirror OpenSAML's Credential API
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15019
opened May 7, 2024 by
OrangeDog
RelyingPartyRegistrations does not verify signatures
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15018
opened May 7, 2024 by
OrangeDog
RelyingPartyRegistrations typically produces unusable registrationId
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15017
opened May 7, 2024 by
OrangeDog
Unintuitive behavior of multiple servlet contexts and HttpSecurity#securityMatcher pattern
in: web
An issue in web modules (web, webmvc)
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
#15004
opened May 3, 2024 by
arvyy
OIDC Backchannel Logout does not allow logout tokens having An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
typ
header of logout+jwt
in: oauth2
#15003
opened May 3, 2024 by
justin-tay
5.8.12: @Secured annotation on subclasses is not read by SecuredAuthorizationManager when method in superclass was called
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15002
opened May 2, 2024 by
artem103
Allow customizing AbstractRememberMeServices cookie
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#14990
opened Apr 30, 2024 by
ooraini
AuthorizationManagerAfterMethodInterceptor custom annotations and aspecj support
status: feedback-provided
Feedback has been provided
#14970
opened Apr 26, 2024 by
mira-silhavy
Reactive Security OAuth2 client doesn't propagate traces and baggage's in Spring Boot 3
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-provided
Feedback has been provided
type: bug
A general bug
#14946
opened Apr 23, 2024 by
DaceKonn
Support RFC9449 - DPoP Authentication scheme
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#14915
opened Apr 16, 2024 by
babisRoutis
LogoutConfigurer forces POST even if CSRF is disabled for /logout
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#14913
opened Apr 15, 2024 by
erizzo
DelegatingSecurityContextTaskExecutor / DelegatingSecurityContextRunnable / DelegatingSecurityContextCallable should provide extension points
in: core
An issue in spring-security-core
status: feedback-provided
Feedback has been provided
#14911
opened Apr 15, 2024 by
tkrah
Add Spring Session support to OIDC Back-Channel Logout
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#14904
opened Apr 13, 2024 by
pzgadzaj-equinix
Support Certificate-Bound (POP) Opaque Access Token Validation
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#14888
opened Apr 11, 2024 by
jgrandja
Previous Next
ProTip!
Follow long discussions with comments:>50.