The Wayback Machine - https://web.archive.org/web/20221004075025/https://github.com/spring-projects/spring-security/issues
Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

750 Open 9,133 Closed
750 Open 9,133 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Wrong OAuth2 optional access token response scope handling status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#11947 opened Oct 4, 2022 by klopfdreh
Remove deprecated Java Configuration's RequestMatcher methods in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#11939 opened Oct 3, 2022 by marcusdacoregio 6.0.0-RC1
@marcusdacoregio
Add static factory methods to RequestMatcher implementations in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#11938 opened Oct 3, 2022 by marcusdacoregio
Add opt-in strategy in for Authentication(Web)Filter should return a 500 on AuthenticationServiceExceptions status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#11932 opened Oct 3, 2022 by Kehrlann
Change XML default use-authorization-manager="true" in: config An issue in spring-security-config type: enhancement A general enhancement
#11929 opened Oct 1, 2022 by rwinch 6.0.0-RC1
@jzheaux
Document how to publish an AuthenticationManager @Bean without WebSecurityConfigurerAdapter in: docs An issue in Documentation or samples type: enhancement A general enhancement
#11926 opened Sep 30, 2022 by sjohnr 5.7.4
Race condition on remember-me cookie when doing requests in parallel status: feedback-provided Feedback has been provided status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#11921 opened Sep 29, 2022 by hadson172
3
Add CsrfTokenRepository.loadDeferredToken(HttpServletRequest, HttpServletResponse)
#11918 opened Sep 29, 2022 by sjohnr 5.8.0-RC1
@sjohnr
Extend AuthorizationChannelInterceptor for postReceive() implementation in: messaging An issue in spring-security-messaging status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#11915 opened Sep 28, 2022 by artembilan
@jzheaux
Document non Servlet code separately in: docs An issue in Documentation or samples status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#11910 opened Sep 27, 2022 by xenoterracide General Backlog
Log a warning when AuthorizationGrantType does not exactly match a pre-defined constant in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#11905 opened Sep 27, 2022 by sjohnr
3
documentation for testing client credentials status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#11903 opened Sep 26, 2022 by xenoterracide
@sjohnr
1
AnonymousAuthenticationFilter should cache its Supplier<SecurityContext> in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#11900 opened Sep 26, 2022 by jzheaux 5.8.0
@evgeniycheban
1
Use MvcRequestMatcher by default if Spring MVC is present in: config An issue in spring-security-config type: enhancement A general enhancement
#11899 opened Sep 26, 2022 by marcusdacoregio 6.0.0-RC1
@marcusdacoregio
EntityId ignored in xml relying-party-registration in: saml2 An issue in SAML2 modules type: bug A general bug
#11898 opened Sep 26, 2022 by micvm 5.6.8
3
OAuth2AuthenticationExceptionMixin doesn't work in JDK 17 in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided
#11893 opened Sep 22, 2022 by EvgeniGordeev
@jzheaux
3
IpAddressServerWebExchangeMatcher throws NullPointerException with framework forward-headers-strategy in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#11888 opened Sep 21, 2022 by dsbecker
1
@jzheaux
1
SecurityContextHolderStrategy bean should be copied to SecurityContextHolder by default in: config An issue in spring-security-config type: enhancement A general enhancement
#11886 opened Sep 20, 2022 by jzheaux General Backlog
Servlet-based ExchangeFilterFunctions should use Supplier<Authentication> in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#11885 opened Sep 20, 2022 by jzheaux General Backlog
Add saml2Metadata to the DSL in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
#11828 opened Sep 16, 2022 by marcusdacoregio
JwtAuthenticationProvider should not aggressively set authentication details in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#11822 opened Sep 15, 2022 by ch4mpy
1
@ch4mpy
docs zip does not contain reference html files (5.7.3) in: docs An issue in Documentation or samples type: bug A general bug
#11821 opened Sep 15, 2022 by fgunbin
8
ExceptionHandlingConfigurer provides no way to configure AuthenticationTrustResolver on ExceptionTranslationFilter in: config An issue in spring-security-config status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#11819 opened Sep 15, 2022 by nitsoni
SAML SSO: Force AuthnRequestsSigned for relying party in: saml2 An issue in SAML2 modules status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#11818 opened Sep 14, 2022 by wsalembi
Add a RelyingPartyRegistrationRepository constructor to Saml2MetadataFilter in: saml2 An issue in SAML2 modules status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#11815 opened Sep 13, 2022 by marcusdacoregio
2
ProTip! Adding no:label will show everything without a label.