issues
search
spring-projects
/
spring-security
Spring Security
http://spring.io/projects/spring-security
Apache License 2.0
8.45k
stars
5.76k
forks
source link
issues
Least commented
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
SEC-8: Windows NT Domain AuthenticationProvider
#269
spring-projects-issues
closed
16 years ago
73
Improve CVE-2023-34035 detection
#13568
dreis2211
opened
10 months ago
63
Migration path for Spring SAML Extension users
#8685
rajn
closed
1 year ago
55
Support OAuth 2.0 Authorization Server
#6320
jgrandja
closed
4 years ago
47
WebAuthn support
#6842
ynojima
closed
2 years ago
46
Provide support for OAuth 2.0 Token Exchange for client
#5199
jgrandja
closed
2 months ago
43
Support Mono<Boolean> for Method Security SpEL expressions
#4841
rwinch
closed
3 years ago
42
Deprecate WebSecurityConfigurerAdapter
#10822
eleftherias
closed
2 years ago
40
Add support for requesting protected resources with RestClient
#13588
mjeffrey
opened
9 months ago
38
Add support for OAuth 2.0 Client authentication methods
#6881
beuvenar
closed
3 years ago
38
Sign in with Apple Oauth2 Support
#9047
codeconsole
closed
3 years ago
35
BadCredentialsException is not serializable when using LDAP Authentication
#5378
iKrushYou
closed
5 years ago
34
SEC-977: Add support for CAS gateway feature
#40
miremond
closed
7 years ago
34
adding query parameter to authorization_uri creates malformed url
#5760
mlevkovsky
closed
5 years ago
33
Ease controllers unit tests in OAuth2 secured apps
#6557
ch4mpy
closed
3 years ago
31
Consider enabling PKCE for confidential clients
#6548
jgrandja
closed
2 years ago
31
Migrate Groovy to Java
#4939
rwinch
closed
4 years ago
31
SEC-2078: Pre-authentication fails when using check for principal change and using non String principals
#2302
spring-projects-issues
closed
8 years ago
31
Fix CSRF protection provided by @EnableWebSocketSecurity / Stomp
#12378
emopti-jrufer
closed
1 year ago
30
Exposing Beans for defaultMethodExpressionHandler can prevent Method Security
#4020
bitsofinfo
closed
7 years ago
30
SEC-2409: Spring Security / Spring Data Acl Integration
#2629
spring-projects-issues
opened
10 years ago
30
CSRF Support for SameSite
#7537
rwinch
closed
2 years ago
29
CookieServerCsrfTokenRepository does not add cookie
#5766
sagacity
opened
5 years ago
29
SecurityContextHolderFilter does not apply to async dispatch
#11962
jkjome
closed
1 year ago
28
Customize RestOperations / WebClient for OAuth 2.0
#8882
jgrandja
closed
8 months ago
28
Support JWT for Client Authentication
#8175
jgrandja
closed
3 years ago
28
Question: Set the timeouts used when retrieving Keys for JWT validation
#4474
hildo
closed
6 years ago
28
Form Login not possible when a single OAuth2 Provider is configured
#6802
netmikey
closed
1 year ago
27
Provide a way to handle RequestRejectedException
#5007
mario-philipps-icw
closed
4 years ago
27
SEC-2054: BasicAuthenticationFilter should not invoke on ERROR dispatch
#2278
spring-projects-issues
closed
9 years ago
27
SEC-2002: Add SessionFixationProtectionEvent
#2227
spring-projects-issues
closed
10 years ago
27
Add OpenFGA Support
#14121
rwinch
opened
6 months ago
26
Support PKCE for Authorization Server
#4943
eddumelendez
closed
4 years ago
26
SEC-1987 & SEC-1986
#14
leleuj
closed
2 years ago
26
DefaultLdapAuthoritiesPopulator throws NullPointerException
#12090
Andreas-PPI
closed
1 year ago
25
Support sending SAML 2.0 LogoutRequest to the IdP (Single Logout)
#8731
jeanblanchard
closed
2 years ago
25
Support OpenID Connect Back-Channel Logout
#7845
codependent
closed
7 months ago
25
Update to nimbus-jose-jwt:6.3
#6095
jzheaux
closed
5 years ago
25
Security configuration is failed to be initialized in a Servlet 6.0 container
#13794
hantsy
closed
6 months ago
24
Abstracts the method createAuthenticationToken
#11986
kcl-co
closed
3 months ago
24
SAML: Add RequestedAuthnContext to AuthnRequest in OpenSamlAuthenticationRequestFactory
#8141
Primedo
closed
3 years ago
24
Add Max Session to WebFlux
#6192
bentenzheng
closed
5 months ago
24
Make JdbcUserDetailsManager to be able to handle UserDetails'es: nonLocked, nonExpired, credentialsNonExpired
#4399
paul-ovchinnikov
closed
5 years ago
24
Enforce constant time comparison
#255
avri-schneider
closed
7 years ago
24
Introduce Customizable AuthorizationFailureHandler in OAuth2AuthorizationRequestRedirectFilter
#14168
leewin12
closed
2 months ago
23
Spring Security 6.x / Single Page Web Application / CSRF - formLogin not working anymore
#13011
jornfranke
closed
1 year ago
23
Regression with URL encode client credentials
#10018
petergphillips
closed
2 years ago
23
Session Creation Policy with Webflux Security
#6552
tine2k
closed
4 years ago
23
OAuth2 access token response parsing fails with nested JSON object
#6463
buckett
closed
4 years ago
23
Regression Cache-control headers are being ignored
#4307
czubin
closed
5 years ago
23
Next