-
Notifications
You must be signed in to change notification settings - Fork 5.8k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
hasAuthority and custom Mono<Boolean> method in @PreAuthorize leads to ConverterNotFoundException error
in: core
An issue in spring-security-core
type: enhancement
A general enhancement
#15209
opened Jun 6, 2024 by
bskorka
CookieRequestCache should set SameSite on the REDIRECT_URI cookie
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15204
opened Jun 5, 2024 by
2is10
Support extracting nested authorities in JwtGrantedAuthoritiesConverter
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Oauth2 maximumSessions did not work
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-feedback
We need additional information before we can continue
type: bug
A general bug
#15194
opened Jun 3, 2024 by
DucNguyenVan
Consider Signing Metadata by Default
in: saml2
An issue in SAML2 modules
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Remove An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
authorizeRequests
from Kotlin DSL
in: config
Should OidcIdToken implement equals?
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Cannot convert value of type 'org.springframework.security.web.access.intercept.FilterSecurityInterceptor' to required type 'javax.servlet.Filter' for property 'filter': no matching editors or conversion strategy found
status: feedback-reminder
We've sent a reminder that we need additional information before we can continue
status: waiting-for-feedback
We need additional information before we can continue
#15153
opened May 23, 2024 by
guruscott-meyer
SAML metadata Content-Type should be application/samlmetadata+xml
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
Easier SAML metadata configuration via DSL
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15137
opened May 23, 2024 by
OrangeDog
Support An issue in spring-security-config
type: enhancement
A general enhancement
RoleHierarchy
Bean in authorizeHttpRequests
Kotlin DSL
in: config
add more constants to OAuth2ParameterNames
in: docs
An issue in Documentation or samples
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
#15130
opened May 22, 2024 by
xenoterracide
401 on SAML logout if asserting party did not sign reponse
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15123
opened May 21, 2024 by
OrangeDog
401 on SAML logout if asserting party does not support SLO
in: saml2
An issue in SAML2 modules
type: enhancement
A general enhancement
#15122
opened May 21, 2024 by
OrangeDog
Add Support for Passwordless Authentication with OTP
in: core
An issue in spring-security-core
type: enhancement
A general enhancement
#15114
opened May 20, 2024 by
marcusdacoregio
Allow Custom AuthorizationGrantType in OAuth2AuthorizationRequest
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
#15111
opened May 20, 2024 by
stetsche
(Spring Boot 2.7->3.2) Duplicate @PreAuthorize annotation error across class hierarchy
in: core
An issue in spring-security-core
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
#15097
opened May 19, 2024 by
arnaldop
Add support OAuth 2.0 Step-up Authentication Challenge Protocol
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15091
opened May 17, 2024 by
CrazyParanoid
Make OpenSamlMetadataRelyingPartyRegistrationConverter public
in: saml2
An issue in SAML2 modules
status: blocked
An issue that's blocked on an external project change
type: enhancement
A general enhancement
#15090
opened May 17, 2024 by
OrangeDog
Support Remember-Me for OAuth2 login
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15078
opened May 16, 2024 by
gotson
DefaultRedirectStrategy includes firewalled semicolon jsessionid in url
in: web
An issue in web modules (web, webmvc)
status: feedback-reminder
We've sent a reminder that we need additional information before we can continue
status: waiting-for-feedback
We need additional information before we can continue
#15077
opened May 15, 2024 by
xenoterracide
SessionRegistryImpl leaks principals under high load
in: core
An issue in spring-security-core
status: feedback-provided
Feedback has been provided
type: bug
A general bug
#15036
opened May 9, 2024 by
wojtassi
Prevent incorrect merges between branches
type: task
A general task
#15028
opened May 8, 2024 by
marcusdacoregio
Add interface IterableRelyingPartyRegistrationRepository or similar
in: saml2
An issue in SAML2 modules
type: enhancement
A general enhancement
SAML API should accept, adapt, and/or mirror OpenSAML's Credential API
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15019
opened May 7, 2024 by
OrangeDog
Previous Next
ProTip!
Type g p on any issue or pull request to go back to the pull request listing page.