Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
70 Open 986 Closed
70 Open 986 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Make it easier to determine where a filter chain has been defined for: team-attention This ticket should be discussed as a team before proceeding in: config An issue in spring-security-config type: enhancement A general enhancement
#15874 opened Oct 4, 2024 by wilkinsona
4
Leave Filter Chain Observations Off By Default in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15858 opened Sep 26, 2024 by jzheaux 7.0.x
@jzheaux
Auto config OidcReactiveOAuth2UserService When Oauth2UserService bean is Present in: config An issue in spring-security-config
#15848 opened Sep 25, 2024 by kse-music Loading…
1
@jzheaux
3
Consider favoring ObjectProvider#getIfAvailable in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15821 opened Sep 17, 2024 by jzheaux 7.0.x
Use SessionAuthenticationStrategy for Remember-Me authentication in: config An issue in spring-security-config status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#15748 opened Sep 6, 2024 by xhaggi Loading…
@jzheaux
2
Provide a way to customize the default RequestCache without replacing the entire implementation in: config An issue in spring-security-config type: enhancement A general enhancement
#15707 opened Aug 28, 2024 by eric-creekside
5
Remove authorizeRequests from Kotlin DSL in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15174 opened May 27, 2024 by marcusdacoregio 7.0.0-M1
LogoutConfigurer forces POST even if CSRF is disabled for /logout in: config An issue in spring-security-config status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#14913 opened Apr 15, 2024 by erizzo
@sjohnr
3
AnonymousConfigurer.authorities only accepts GrantedAuthorities but no subtypes of GrantedAuthorities in: config An issue in spring-security-config status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#14435 opened Jan 10, 2024 by tobias-lippert
@sjohnr
3
Fix Customizer.withDefaults() for authorizeHttpRequests for: team-attention This ticket should be discussed as a team before proceeding in: config An issue in spring-security-config type: enhancement A general enhancement
#14344 opened Dec 18, 2023 by manueljordan
3
Endpoint filters should be reachable when using spring.mvc.servlet.path in: config An issue in spring-security-config type: enhancement A general enhancement
#14230 opened Dec 1, 2023 by ldcsaa
@jzheaux
5
Consider warning users if securityMatchers do not match some filter in the chain in: config An issue in spring-security-config status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#14096 opened Nov 4, 2023 by Haarolean
3
Improve CVE-2023-34035 detection in: config An issue in spring-security-config type: bug A general bug
#13568 opened Jul 20, 2023 by dreis2211
5 of 6 tasks
@jzheaux
63
Default Servlet Headers Should Include Referrer-Policy in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13567 opened Jul 20, 2023 by marcusdacoregio 7.0.0-M1
Simplify MvcRequestMatcher construction in: config An issue in spring-security-config type: enhancement A general enhancement
#13562 opened Jul 18, 2023 by jzheaux
1
@jzheaux
1
Updating to mockito 4.11.0 causes OAuth2LoginBeanDefinitionParserTests and OAuth2ClientBeanDefinitionParserTests to fail in: config An issue in spring-security-config type: bug A general bug
#13546 opened Jul 15, 2023 by jzheaux
Remove AbstractConfiguredSecurityBuilder#apply in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13441 opened Jun 30, 2023 by marcusdacoregio 7.0.0-M1
Customizable set of JwtClaimValidators for OAuth Resource Server in: config An issue in spring-security-config type: enhancement A general enhancement
#13249 opened May 31, 2023 by romangr
7
Align Return Types of no-arg and Customizer arg Configuration Methods in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13093 opened Apr 25, 2023 by marcusdacoregio
2
Remove .and() and non lambda methods from DSL in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13067 opened Apr 18, 2023 by marcusdacoregio 7.0.0-M1
Simplify Request Authorization Configuration in: config An issue in spring-security-config type: enhancement A general enhancement
#13057 opened Apr 15, 2023 by jzheaux
1
Add remaining lambda methods to configuration in: config An issue in spring-security-config type: enhancement A general enhancement
#13003 opened Apr 12, 2023 by marcusdacoregio
6 tasks
1
Consider erroring when client authentication method is basic in: config An issue in spring-security-config type: bug A general bug
#12585 opened Jan 25, 2023 by jzheaux
Remove shouldFilterAllDispatcherTypes in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#12139 opened Nov 3, 2022 by marcusdacoregio 7.0.0-M1
Resolve ContentNegotiationStrategy from ApplicationContext in: config An issue in spring-security-config type: enhancement A general enhancement
#12028 opened Oct 17, 2022 by marcusdacoregio
ProTip! Exclude everything labeled bug with -label:bug.