Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

914 Open 11,496 Closed
914 Open 11,496 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

UniqueSecurityAnnotationScanner throws ConcurrentModificationException status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15906 opened Oct 13, 2024 by nilshartmann
Unhandled exception in CookieRequestCache results in 500 Internal Server Error status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15905 opened Oct 13, 2024 by 2is10
Change .size() == 0 to .isEmpty() for Collections status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15904 opened Oct 12, 2024 by kwonyonghyun
1
Custom reactiveUserDetail or custom reactiveAuthenProvider , maximumSessions() not working status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15903 opened Oct 12, 2024 by githubanhduong
SecurityContextHolder is not populated in @BeforeAll/PostConstruct within @WithUserDetails status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15902 opened Oct 12, 2024 by bwgjoseph
Consider adding R2dbcReactiveOneTimeTokenService status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15901 opened Oct 11, 2024 by CrazyParanoid
Implement Yescript status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15899 opened Oct 11, 2024 by carnoxen
Document RestClient integration in: docs An issue in Documentation or samples type: enhancement A general enhancement
#15894 opened Oct 9, 2024 by sjohnr
@sjohnr
Enhancement: Improve Documentation on Adding a Custom Filter to the Filter Chain status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15893 opened Oct 9, 2024 by Kjeff24
Add Reactive One-Time Token Login Kotlin DSL Support status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15887 opened Oct 8, 2024 by CrazyParanoid
1
DefaultBearerTokenResolver Regarding throwing an IllegalArgumentException when creating a BearerTokenAuthenticationToken instance when the allowFormEncodedBodyParameter member field is true or the allowUriQueryParameter member field is true. in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: bug A general bug
#15885 opened Oct 8, 2024 by jacknie84
1
@sjohnr
4
Allow comma-delimited scopes in OAuth2 access token response in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15878 opened Oct 5, 2024 by bfanyuk
@sjohnr
Add OAuth2AuthorizedClientManager autoconfiguration without spring-boot-starter-web dependency in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#15877 opened Oct 4, 2024 by yvasyliev
@sjohnr
2
Make it easier to determine where a filter chain has been defined for: team-attention This ticket should be discussed as a team before proceeding in: config An issue in spring-security-config type: enhancement A general enhancement
#15874 opened Oct 4, 2024 by wilkinsona
4
Provide AbstractOneTimeTokenService status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15873 opened Oct 3, 2024 by CrazyParanoid
carrier thread be suspended by synchronized in RemoteJWKSet status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15866 opened Sep 30, 2024 by me0106
@rwinch
1
Leave Filter Chain Observations Off By Default in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15858 opened Sep 26, 2024 by jzheaux 7.0.x
@jzheaux
Cache miss for REQUEST dispatch to 'url' (previous null). Performing MatchableHandlerMapping lookup. This is logged once only at WARN level, and every time at TRACE. in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided
#15855 opened Sep 26, 2024 by shahar-d-ali
2
JwtDecoderProviderConfigurationUtils incorrectly handles issuer URI status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15852 opened Sep 25, 2024 by bodograumann
2
Inconsistent ReactiveOAuth2UserService in OAuth2LoginSpec status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15846 opened Sep 24, 2024 by blacelle
1
1
Oauth2 jwt not work if no Authorization attribute in http header or Authorization not start with 'Bearer ' status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15844 opened Sep 24, 2024 by tongshushan
3
OpenID Connect 1.0 UserService customization doesn't work status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15840 opened Sep 23, 2024 by NZhuravlev
Consider adding ClientRegistrationIdResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15825 opened Sep 18, 2024 by sjohnr 6.4.x
@sjohnr
Consider favoring ObjectProvider#getIfAvailable in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15821 opened Sep 17, 2024 by jzheaux 7.0.x
Add support for requesting protected resources with RestClient via a ServletBearerExchangeFilterFunction or equivalent in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15820 opened Sep 17, 2024 by azizabah
@sjohnr
ProTip! Follow long discussions with comments:>50.