-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Dark mode rendering issue with images on CSRF and Method Security pages
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16151
opened Nov 23, 2024 by
harpreets789
saml2 samllogout is expecting the singleLogoutServiceLocation to be in the form "logout/saml2/slo"
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16150
opened Nov 23, 2024 by
sasirekha98
OAuth2LoginAuthenticationFilter acts as an uber AuthenticationManager
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16142
opened Nov 21, 2024 by
jarek-jpa
Consider using An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
@Fallback
instead of BeanDefinitionRegistryPostProcessor
for OAuth2AuthorizedClientManager
in: oauth2
Improve startup validation of request matchers
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
[OAuth2] Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2 login and OAuth2 client configuration
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
Should return www-authenticate even for "X-Requested-With: XMLHttpRequest" requests
in: web
An issue in web modules (web, webmvc)
type: bug
A general bug
#16103
opened Nov 15, 2024 by
MartinEmrich
Add OpenTelemetry Span Creation for Spring Security Filters and Expose as Configurable Property
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16092
opened Nov 14, 2024 by
Seifenn
Getting error as The response contained an InResponseTo attribute [] but no saved authentication request was found in saml2
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16091
opened Nov 14, 2024 by
sasirekha98
Bump version com.nimbusds:oauth2-oidc-sdk
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16089
opened Nov 14, 2024 by
bostandyksoft
Consider making the constructor of An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
OAuth2AccessToken.TokenType
public
in: oauth2
Verification Options do not Return Saved Transports for Credentials
in: web
An issue in web modules (web, webmvc)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16084
opened Nov 13, 2024 by
Jyosua
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16073
opened Nov 12, 2024 by
katya-tis
OidcBackChannelLogoutWebFilter error response is not a correct JSON
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16072
opened Nov 12, 2024 by
katya-tis
Passkey Endpoints do not Honor .permitAll()
in: web
An issue in web modules (web, webmvc)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16070
opened Nov 12, 2024 by
Jyosua
Mutate breaks functionality of StrictFirewallHttpHeaders with recently modified HttpHeaders#writabeHttpHeaders
in: web
An issue in web modules (web, webmvc)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16069
opened Nov 12, 2024 by
MichalStehlikCz
AuthorizeReturnObject should target the authorized object within MVC return values
#16059
opened Nov 11, 2024 by
jzheaux
Exceptions for Authorized Objects should propagate when returned from a Controller
#16058
opened Nov 11, 2024 by
jzheaux
Improve Integration between Authorized Objects and Spring MVC
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
ServerBearerTokenAuthenticationConverter
validates parameters when not enabled
in: oauth2
Further document adding types to the Jackson allowlist
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16015
opened Oct 30, 2024 by
jzheaux
Add JdbcRelyingPartyRegistrationRepository
status: ideal-for-contribution
An issue that we actively are looking for someone to help us with
type: enhancement
A general enhancement
#16012
opened Oct 30, 2024 by
sasirekha98
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter
in: config
An issue in spring-security-config
type: enhancement
A general enhancement
#16009
opened Oct 29, 2024 by
vonZeppelin
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent
in: saml2
An issue in SAML2 modules
type: enhancement
A general enhancement
Previous Next
ProTip!
Follow long discussions with comments:>50.