Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
145 Open 3,937 Closed
145 Open 3,937 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Add Reactive One-Time Token Login Kotlin DSL Support status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15887 opened Oct 8, 2024 by CrazyParanoid
1
DefaultBearerTokenResolver Regarding throwing an IllegalArgumentException when creating a BearerTokenAuthenticationToken instance when the allowFormEncodedBodyParameter member field is true or the allowUriQueryParameter member field is true. in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-feedback We need additional information before we can continue type: bug A general bug
#15885 opened Oct 8, 2024 by jacknie84
1
@sjohnr
1
carrier thread be suspended by synchronized in RemoteJWKSet status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15866 opened Sep 30, 2024 by me0106
@rwinch
1
Avoid UriComponentsBuilder.fromUri type: bug A general bug
#15853 opened Sep 25, 2024 by bodograumann Loading…
1
@jzheaux
10
JwtDecoderProviderConfigurationUtils incorrectly handles issuer URI status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15852 opened Sep 25, 2024 by bodograumann
2
Inconsistent ReactiveOAuth2UserService in OAuth2LoginSpec status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15846 opened Sep 24, 2024 by blacelle
1
1
Oauth2 jwt not work if no Authorization attribute in http header or Authorization not start with 'Bearer ' status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15844 opened Sep 24, 2024 by tongshushan
3
OpenID Connect 1.0 UserService customization doesn't work status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15840 opened Sep 23, 2024 by NZhuravlev
InitializeUserDetailsBeanManagerConfigurer does configure a DaoAuthenticationProvider without Encoder although there are encoders found status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15751 opened Sep 6, 2024 by tkrah
1
IpAddressMatcher null pointer exception status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15527 opened Aug 6, 2024 by hananbs
1
unable to build from source , i am using jdk 17.0.8 & 18 versions status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15526 opened Aug 6, 2024 by bharathgowda11
Saml2: The metadata generated by the saml does not include keyinfo encryption part status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15514 opened Aug 4, 2024 by sasi29
InMemory[Reactive]OAuth2AuthorizedClientService does not support changes to the ClientRegistration at runtime status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15511 opened Aug 3, 2024 by kzander91
Race condition in HeaderWriterFilter when using asynchronous processing status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15510 opened Aug 2, 2024 by chschu
Authentication in the security context is not updated during the refresh token flow in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15509 opened Aug 1, 2024 by ch4mpy
@sjohnr
1
Endpoints with path variables match incorrectly with the MvcRequestMatcher in: web An issue in web modules (web, webmvc) type: bug A general bug
#15501 opened Jul 31, 2024 by npriebe
@jzheaux
1
SubjectDnX509PrincipalExtractor doesn't match escaped comma "\," in the CN status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15499 opened Jul 30, 2024 by scscgit
PreAuthorize not working on Services with an Interface, and also still not working on Kotlin Co-routines in: core An issue in spring-security-core status: feedback-provided Feedback has been provided type: bug A general bug
#15367 opened Jul 5, 2024 by dreamstar-enterprises
@jzheaux
3
OIDC logout not working for JPA/JDBC OAuth2AuthorizationService because DefaultSaml2AuthenticatedPrincipal does not implement equality status: feedback-provided Feedback has been provided type: bug A general bug
#15346 opened Jul 2, 2024 by limburgie
3
Antora documentation build fails on Windows; arguments not properly passed to gradlew in: build An issue in the build type: bug A general bug
#15326 opened Jun 30, 2024 by Marcono1234
4
Endpoint returns a 500, instead of 403 status code when the user does not have required permission type: bug A general bug
#15254 opened Jun 14, 2024 by dyleph
6
NullPointerException when GrantedAuthority.getAuthority() returns null in: core An issue in spring-security-core type: bug A general bug
#15243 opened Jun 13, 2024 by Crystark
3
401 on SAML logout if asserting party did not sign reponse status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15123 opened May 21, 2024 by OrangeDog
@jzheaux
SessionRegistryImpl leaks principals under high load in: core An issue in spring-security-core type: bug A general bug
#15036 opened May 9, 2024 by wojtassi
@sjohnr
6
5.8.12: @Secured annotation on subclasses is not read by SecuredAuthorizationManager when method in superclass was called in: core An issue in spring-security-core type: bug A general bug
#15002 opened May 2, 2024 by artem103
@jzheaux
5
ProTip! What’s not been updated in a month: updated:<2024-09-10.