Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

912 Open 11,482 Closed
912 Open 11,482 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

carrier thread be suspended by synchronized in RemoteJWKSet status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15866 opened Sep 30, 2024 by me0106
Support dynamic multi-tenancy (adding tenants at runtime, with their own configurations, that should be editable) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15860 opened Sep 27, 2024 by sebutzu
Leave Filter Chain Observations Off By Default in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15858 opened Sep 26, 2024 by jzheaux 7.0.x
@jzheaux
Cache miss for REQUEST dispatch to 'url' (previous null). Performing MatchableHandlerMapping lookup. This is logged once only at WARN level, and every time at TRACE. in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided
#15855 opened Sep 26, 2024 by shahar-d-ali
2
JwtDecoderProviderConfigurationUtils incorrectly handles issuer URI status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15852 opened Sep 25, 2024 by bodograumann
2
Make it possible to specify the refresh token expiration in the OAuth2AccessTokenResponse in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#15851 opened Sep 25, 2024 by Seregy
@sjohnr
1
Inconsistent ReactiveOAuth2UserService in OAuth2LoginSpec status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15846 opened Sep 24, 2024 by blacelle
1
1
Oauth2 jwt not work if no Authorization attribute in http header or Authorization not start with 'Bearer ' status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15844 opened Sep 24, 2024 by tongshushan
3
OpenID Connect 1.0 UserService customization doesn't work status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15840 opened Sep 23, 2024 by NZhuravlev
Consider adding ClientRegistrationIdResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15825 opened Sep 18, 2024 by sjohnr 6.4.x
@sjohnr
Consider favoring ObjectProvider#getIfAvailable in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15821 opened Sep 17, 2024 by jzheaux 7.0.x
Add support for requesting protected resources with RestClient via a ServletBearerExchangeFilterFunction or equivalent in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15820 opened Sep 17, 2024 by azizabah
@sjohnr
ServerBearerTokenAuthenticationConverter does not support form encoded body parameter in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15818 opened Sep 17, 2024 by jonah1und1
@sjohnr
Consider removing one level of the OIDC Backchannel Logout DSL in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15817 opened Sep 16, 2024 by jzheaux General Backlog
1
Provide a way to append extra request matchers to the default matcher for AbstractPreAuthenticatedProcessingFilter status: feedback-reminder We've sent a reminder that we need additional information before we can continue status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#15785 opened Sep 10, 2024 by crizzis
1
@jzheaux
4
Remove 5.8.x from Auto Merge Forward Dependabot PRs type: task A general task
#15770 opened Sep 9, 2024 by marcusdacoregio 5.8.15
@sjohnr
InitializeUserDetailsBeanManagerConfigurer does configure a DaoAuthenticationProvider without Encoder although there are encoders found status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15751 opened Sep 6, 2024 by tkrah
1
Improve Integration between Authorized Objects and Spring Data in: core An issue in spring-security-core type: enhancement A general enhancement
#15746 opened Sep 5, 2024 by jzheaux 6.4.x
@jzheaux
2
Include Compromised Password Information in UserDetails in: core An issue in spring-security-core type: enhancement A general enhancement
#15745 opened Sep 5, 2024 by marcusdacoregio
Consider allowing oneTimeTokenLogin() to authenticate different devices in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15744 opened Sep 5, 2024 by marcusdacoregio
1
Webservice returns invalid response containing Empty Headers (":") (2) status: feedback-reminder We've sent a reminder that we need additional information before we can continue status: waiting-for-feedback We need additional information before we can continue type: bug A general bug
#15738 opened Sep 5, 2024 by david0
@jzheaux
2
Consider adding OneTimeTokenService for a clustered environment type: enhancement A general enhancement
#15735 opened Sep 4, 2024 by CrazyParanoid
1
10
Consider deprecating Global Authentication status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15722 opened Sep 2, 2024 by Kehrlann
Provide a way to customize the default RequestCache without replacing the entire implementation in: config An issue in spring-security-config type: enhancement A general enhancement
#15707 opened Aug 28, 2024 by eric-creekside
5
Add Reactive One-Time Token Login support in: config An issue in spring-security-config type: enhancement A general enhancement
#15699 opened Aug 27, 2024 by marcusdacoregio
1
@CrazyParanoid
3
ProTip! Exclude everything labeled bug with -label:bug.