-
### User Story (Required on creation)
As an administrator, I want to be able to use a camunda-provided docker image with minimal customization, dropping some code and jars to the userLib folder to …
-
**Expected Behavior**
One should be able to use the native build features of Spring Boot out of the box with `.spring-boot-starter-oauth2-client`.
I'm just doing the most naive login thru Google u…
-
### Environment (Required on creation)
Camunda Run with OAuth2.
### Description (Required on creation; please attach any relevant screenshots, stacktraces, log files, etc. to the ticket)
When loggi…
-
### Acceptance Criteria (Required on creation)
- Test OAuth2 classes:
- `CamundaBpmSpringSecurityDisableAutoConfiguration` is active when **no** oauth2 configuration is present.
- `CamundaSpringS…
-
I believe this documentation is wrong:
ReactiveOidcSessionStrategy should be ReactiveOidcSessionRegistry
Here:
https://docs.spring.io/spring-security/reference/reactive/oauth2/login/logout.ht…
-
I think it would be useful to disable the OAuth2 / OIDC discovery explicitly. At this moment this is possible implicitly by configuring every necessary detail of the clients registration and provider …
-
**Expected Behavior**
It is possible to enhance the documentation here to show how one can implement this with Redis? The OIDC Session Registry (for BackChannel Logouts)
https://docs.spring.io/s…
-
I'm using spring boot 3.3.1/spring security with oauth2. My Oauth2 / OIDC Provider is behind an Http Proxy. I need to customize the WebClient, in order to configure the HttpProxy.
Following the […
-
**Expected Behavior**
We are using an IDP that sends back-channel logout request with a token type set as `logout+jwt` which should be accepted by spring-security when using spring-webflux.
**Curr…
-
## CVE-2018-1260 - Critical Severity Vulnerability
Vulnerable Library - spring-security-oauth2-2.2.1.RELEASE.jar
Module for providing OAuth2 support to Spring Security
Library home page: http://stat…