Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

924 Open 11,580 Closed
924 Open 11,580 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[OAuth2] Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2 login and OAuth2 client configuration status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16105 opened Nov 15, 2024 by BWohlbrecht
Should return www-authenticate even for "X-Requested-With: XMLHttpRequest" requests in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#16103 opened Nov 15, 2024 by MartinEmrich
@sjohnr
4
Add OpenTelemetry Span Creation for Spring Security Filters and Expose as Configurable Property status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16092 opened Nov 14, 2024 by Seifenn
Getting error as The response contained an InResponseTo attribute [] but no saved authentication request was found in saml2 in: saml2 An issue in SAML2 modules status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16091 opened Nov 14, 2024 by sasirekha98
@jzheaux
Bump version com.nimbusds:oauth2-oidc-sdk status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16089 opened Nov 14, 2024 by bostandyksoft
Consider making the constructor of OAuth2AccessToken.TokenType public in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16086 opened Nov 13, 2024 by sjohnr
@sjohnr
Verification Options do not Return Saved Transports for Credentials in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16084 opened Nov 13, 2024 by Jyosua
@rwinch
Prepare release 6.4.0 type: task A general task
#16078 opened Nov 12, 2024 by jgrandja 6.4.0
Prepare release 6.3.5 type: task A general task
#16077 opened Nov 12, 2024 by jgrandja 6.3.5
Prepare release 6.2.8 type: task A general task
#16076 opened Nov 12, 2024 by jgrandja 6.2.8
Prepare release 5.8.16 type: task A general task
#16075 opened Nov 12, 2024 by jgrandja 5.8.16
Prepare release 5.7.14 type: task A general task
#16074 opened Nov 12, 2024 by jgrandja 5.7.14
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16073 opened Nov 12, 2024 by katya-tis
@jzheaux
OidcBackChannelLogoutWebFilter error response is not a correct JSON in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16072 opened Nov 12, 2024 by katya-tis
@jzheaux
Passkey Endpoints do not Honor .permitAll() in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16070 opened Nov 12, 2024 by Jyosua
@rwinch
Mutate breaks functionality of StrictFirewallHttpHeaders with recently modified HttpHeaders#writabeHttpHeaders in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16069 opened Nov 12, 2024 by MichalStehlikCz
@rwinch
1
AuthorizeReturnObject should target the authorized object within MVC return values
#16059 opened Nov 11, 2024 by jzheaux
Exceptions for Authorized Objects should propagate when returned from a Controller
#16058 opened Nov 11, 2024 by jzheaux
Improve Integration between Authorized Objects and Spring MVC in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16057 opened Nov 11, 2024 by jzheaux
2 tasks
6.5.x
@jzheaux
SAML login fails in Chromium based browser even after adding hash in the CSP in: web An issue in web modules (web, webmvc) status: feedback-reminder We've sent a reminder that we need additional information before we can continue status: waiting-for-feedback We need additional information before we can continue
#16045 opened Nov 7, 2024 by snpt62
2
ServerBearerTokenAuthenticationConverter validates parameters when not enabled in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#16038 opened Nov 4, 2024 by sjohnr 6.2.x
@jonah1und1
1
Further document adding types to the Jackson allowlist status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16015 opened Oct 30, 2024 by jzheaux
Add JdbcRelyingPartyRegistrationRepository status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16012 opened Oct 30, 2024 by sasirekha98
2
6.4.0-RC1 - BeanDefinitionOverrideException: Invalid bean definition with name 'webAuthorizationManagerPostProcessor' status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16011 opened Oct 30, 2024 by zyro23
@jzheaux
3
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter in: config An issue in spring-security-config type: enhancement A general enhancement
#16009 opened Oct 29, 2024 by vonZeppelin
@jzheaux @evgeniycheban
1
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.