Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
550 Open 4,873 Closed
550 Open 4,873 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Document RestClient integration in: docs An issue in Documentation or samples type: enhancement A general enhancement
#15894 opened Oct 9, 2024 by sjohnr
@sjohnr
Enhancement: Improve Documentation on Adding a Custom Filter to the Filter Chain status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15893 opened Oct 9, 2024 by Kjeff24
Add support for custom grant types in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15884 opened Oct 7, 2024 by sjohnr Loading…
1
@sjohnr
Allow comma-delimited scopes in OAuth2 access token response in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15878 opened Oct 5, 2024 by bfanyuk
@sjohnr
Add OAuth2AuthorizedClientManager autoconfiguration without spring-boot-starter-web dependency in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#15877 opened Oct 4, 2024 by yvasyliev
@sjohnr
2
Remove unnecessary parentheses and add static final field MockPortResolver#getServerPort in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15875 opened Oct 4, 2024 by nomoreFt Loading…
@sjohnr
Make it easier to determine where a filter chain has been defined for: team-attention This ticket should be discussed as a team before proceeding in: config An issue in spring-security-config type: enhancement A general enhancement
#15874 opened Oct 4, 2024 by wilkinsona
4
Provide AbstractOneTimeTokenService status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15873 opened Oct 3, 2024 by CrazyParanoid
Update document in: docs An issue in Documentation or samples type: enhancement A general enhancement
#15862 opened Sep 28, 2024 by ngocnhan-tran1996 Loading… 6.4.0-RC1
@jzheaux
1
Leave Filter Chain Observations Off By Default in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15858 opened Sep 26, 2024 by jzheaux 7.0.x
@jzheaux
Consider adding ClientRegistrationIdResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15825 opened Sep 18, 2024 by sjohnr 6.4.x
@sjohnr
Consider favoring ObjectProvider#getIfAvailable in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15821 opened Sep 17, 2024 by jzheaux 7.0.x
Add support for requesting protected resources with RestClient via a ServletBearerExchangeFilterFunction or equivalent in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15820 opened Sep 17, 2024 by azizabah
@sjohnr
Add support for access token in body parameter as per rfc 6750 Sec. 2.2 in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15819 opened Sep 17, 2024 by jonah1und1 Loading…
@sjohnr
2
ServerBearerTokenAuthenticationConverter does not support form encoded body parameter in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15818 opened Sep 17, 2024 by jonah1und1
@sjohnr
3
Consider removing one level of the OIDC Backchannel Logout DSL in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15817 opened Sep 16, 2024 by jzheaux General Backlog
1
Use SessionAuthenticationStrategy for Remember-Me authentication in: config An issue in spring-security-config status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#15748 opened Sep 6, 2024 by xhaggi Loading…
@jzheaux
2
Improve Integration between Authorized Objects and Spring Data in: core An issue in spring-security-core type: enhancement A general enhancement
#15746 opened Sep 5, 2024 by jzheaux 6.4.x
@jzheaux
2
Include Compromised Password Information in UserDetails in: core An issue in spring-security-core type: enhancement A general enhancement
#15745 opened Sep 5, 2024 by marcusdacoregio
@jgrandja
2
Consider allowing oneTimeTokenLogin() to authenticate different devices in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15744 opened Sep 5, 2024 by marcusdacoregio
1
Consider deprecating Global Authentication status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15722 opened Sep 2, 2024 by Kehrlann
Provide a way to customize the default RequestCache without replacing the entire implementation in: config An issue in spring-security-config type: enhancement A general enhancement
#15707 opened Aug 28, 2024 by eric-creekside
5
Support Global Observation Convention Configuration in: core An issue in spring-security-core type: enhancement A general enhancement
#15679 opened Aug 22, 2024 by jzheaux
CI should not publish SNAPSHOT artifacts to OSS after the last supported release in: build An issue in the build type: enhancement A general enhancement
#15656 opened Aug 20, 2024 by jzheaux
Consider a OneTimeToken integration with Spring MVC in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15623 opened Aug 16, 2024 by marcusdacoregio
3
ProTip! Mix and match filters to narrow down what you’re looking for.