issues
search
spring-projects
/
spring-security
Spring Security
http://spring.io/projects/spring-security
Apache License 2.0
8.85k
stars
5.91k
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests
#16073
katya-tis
opened
2 weeks ago
1
OidcBackChannelLogoutWebFilter error response is not a correct JSON
#16072
katya-tis
opened
2 weeks ago
0
Add getDelegate() method to ObservationAuthenticationManager
#16071
mtommila
opened
2 weeks ago
5
Passkey Endpoints do not Honor .permitAll()
#16070
Jyosua
opened
2 weeks ago
0
Mutate breaks functionality of StrictFirewallHttpHeaders with recently modified HttpHeaders#writabeHttpHeaders
#16069
MichalStehlikCz
opened
2 weeks ago
1
Code Performance Tweaks
#16068
mosbat
closed
1 week ago
2
Bump io.micrometer:micrometer-observation from 1.13.6 to 1.13.7
#16067
dependabot[bot]
closed
2 weeks ago
2
Bump io.micrometer:micrometer-observation from 1.12.11 to 1.12.12
#16066
dependabot[bot]
closed
2 weeks ago
1
Bump io.micrometer:micrometer-observation from 1.12.11 to 1.12.12
#16065
dependabot[bot]
closed
2 weeks ago
1
Bump Gradle Wrapper from 8.10.2 to 8.11
#16064
github-actions[bot]
opened
2 weeks ago
0
Support ServerExchangeRejectedHandler @Bean
#16063
rwinch
closed
2 weeks ago
0
Support ServerExchangeRejectedHandler @Bean
#16062
rwinch
closed
2 weeks ago
0
Support ServerExchangeRejectedHandler @Bean
#16061
rwinch
closed
2 weeks ago
1
MAJOR BREAKING CHANGE - New ServerWebExchangeFirewall is non-overrideable in WebFlux security and rejects all requests with encoded characters
#16060
craigmiller160
closed
2 weeks ago
1
AuthorizeReturnObject should target the authorized object within MVC return values
#16059
jzheaux
opened
2 weeks ago
1
Exceptions for Authorized Objects should propagate when returned from a Controller
#16058
jzheaux
opened
2 weeks ago
0
Improve Integration between Authorized Objects and Spring MVC
#16057
jzheaux
opened
2 weeks ago
0
The bean 'conversionServicePostProcessor', defined in class path resource
#16056
ThePoppingCordaDuck
closed
1 week ago
2
Initialize OpenSAML in OpenSamlAssertingPartyMetadataRepository
#16055
ig-jinwoo
closed
2 weeks ago
3
Fix Documentation Typos
#16054
ngocnhan-tran1996
opened
2 weeks ago
0
Fix typo in oauth2 resource server documentation
#16053
martin-tarjanyi
closed
4 days ago
1
Why is UsernamePasswordAuthenticationFilter a GenericFilterBean and not OncePerRequestFilter?
#16052
d3bt3ch
closed
2 weeks ago
3
Not generating saml2: LogoutResponse and there is no logs to trace what happened
#16051
sasirekha98
closed
2 weeks ago
3
Delay initialization AuthenticationProvider in Global Authentication
#16050
kse-music
closed
3 days ago
4
Improve logging for Global Authentication
#16049
kse-music
opened
2 weeks ago
0
Bump org.hibernate.orm:hibernate-core from 6.6.1.Final to 6.6.2.Final
#16048
dependabot[bot]
closed
2 weeks ago
0
Circular reference when exposing a AuthenticationProvider with a dependency to HttpSecurity
#16047
dru1
closed
2 weeks ago
5
SAML login fails in Chromium based browser even after adding hash in the CSP
#16045
snpt62
closed
3 days ago
3
Bump org.htmlunit:htmlunit from 4.5.0 to 4.6.0
#16044
dependabot[bot]
closed
2 weeks ago
0
Bump org.seleniumhq.selenium:htmlunit3-driver from 4.25.0 to 4.26.0
#16043
dependabot[bot]
closed
2 weeks ago
0
OpenSamlAssertingPartyMetadataRepository should initialize OpenSAML
#16042
jzheaux
closed
2 weeks ago
4
Fix read-only issue in HttpHeaders#writableHttpHeaders when StrictFirewallHttpHeaders is enabled in a cloud gateway scenario (webflux)
#16041
gtjarks
closed
2 weeks ago
2
Can some addresses printed on the Default Security Filter Chain be hidden
#16040
851543
closed
2 weeks ago
1
Do not validate parameters in `ServerBearerTokenAuthenticationConverter` and `DefaultBearerTokenResolver` if not enabled
#16039
jonah1und1
opened
3 weeks ago
2
`ServerBearerTokenAuthenticationConverter` validates parameters when not enabled
#16038
sjohnr
opened
3 weeks ago
1
An empty-string bearer token should result in an appropriate HTTP status code
#16037
sjohnr
closed
3 weeks ago
0
An empty-string bearer token should result in an appropriate HTTP status code
#16036
sjohnr
closed
3 weeks ago
0
Updating to spring-security-web-6.3.4 breaks http request header mutation feature
#16035
Omkar-Shetkar
closed
3 weeks ago
2
HttpHeaders cannot be mutated with firewalled requests from StrictServerWebExchangeFirewall
#16034
LeovR
closed
3 weeks ago
1
Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4
#16033
dependabot[bot]
closed
3 weeks ago
0
Bump com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.17.3
#16032
dependabot[bot]
closed
3 weeks ago
0
Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4
#16031
dependabot[bot]
closed
3 weeks ago
0
Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4
#16030
dependabot[bot]
closed
3 weeks ago
0
Bump com.webauthn4j:webauthn4j-core from 0.27.0.RELEASE to 0.28.0.RELEASE
#16029
dependabot[bot]
closed
3 weeks ago
2
Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4
#16028
dependabot[bot]
closed
3 weeks ago
0
Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.4
#16027
dependabot[bot]
closed
3 weeks ago
0
Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.4 in /docs
#16026
dependabot[bot]
closed
3 weeks ago
1
Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.4 in /docs
#16025
dependabot[bot]
closed
3 weeks ago
1
Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.4 in /docs
#16024
dependabot[bot]
closed
3 weeks ago
1
Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.4 in /docs
#16023
dependabot[bot]
closed
3 weeks ago
1
Previous
Next