Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
626 Open 5,187 Closed
626 Open 5,187 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

When updating to 6.5, BeanDefinitionParsingException is referring to old versions status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#17153 opened May 20, 2025 by evandongen
Ability to disable anonymous authentication in RSocketSecurity status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#17132 opened May 18, 2025 by Aaur1s
Make X509CertificateThumbprintValidator configurable through JwtValidators create APIs status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#17131 opened May 17, 2025 by edmundham
Document Application-Scoped Access Tokens for Reactive OAuth2 Client Applications status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#17129 opened May 16, 2025 by FryingHellfish
org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers assertion issue status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#17127 opened May 16, 2025 by OlehPalamarchuk21
Spring Webflux + Spring Security Interaction - Why does the WebFilter run twice? status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#17119 opened May 15, 2025 by dreamstar-enterprises
Document Upgrading Password Encoding in: docs An issue in Documentation or samples status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#17112 opened May 14, 2025 by rwinch
1
1
Jackson 3 Support status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#17109 opened May 14, 2025 by rwinch 7.0.x
Remove GET request support from Saml2AuthenticationTokenConverter in: saml2 An issue in SAML2 modules status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#17099 opened May 13, 2025 by jzheaux
2 tasks
Update Contribution Guidelines regarding Stream usage in: docs An issue in Documentation or samples type: enhancement A general enhancement
#17097 opened May 13, 2025 by jzheaux
@jzheaux
Exceptions for Authorized Objects should propagate when returned from a Controller in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#17074 opened May 8, 2025 by evgeniycheban Loading… 7.0.x
1
@jzheaux
6
Check for null Principal#getName in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#17068 opened May 7, 2025 by piotrmacha Loading…
@jzheaux
1
Fix the problem of not deserializing SwitchUserGrantedAuthority in Webflux in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#17064 opened May 7, 2025 by JohnNiang Loading… 7.0.x
1
@jzheaux
3
There is no way to know if a custom logout success handler has been set in: config An issue in spring-security-config type: enhancement A general enhancement
#17043 opened May 6, 2025 by heruan
@jzheaux
3
NimbusJwtEncoder should simplify constructing with javax.security Keys in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17033 opened May 2, 2025 by surajbh123 Loading… 7.0.x
@jzheaux
47
JwtTimestampsValidator can require exp and nbf claims in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17030 opened May 2, 2025 by FerencKemeny Loading… 7.0.0-M1
@jzheaux
14
Deprecate SpringSecurityLdapTemplate in: ldap An issue in spring-security-ldap type: enhancement A general enhancement
#17028 opened May 1, 2025 by jzheaux
5 tasks
7.0.x
1
Add Support Credentialless COEP Header in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#17027 opened May 1, 2025 by franticticktick Loading… 7.0.0-M1
1
@jzheaux
2
Make AuthorizationProxyFactory.proxy generic in: core An issue in spring-security-core type: enhancement A general enhancement
#16996 opened Apr 25, 2025 by big-cir Loading… 7.0.0-M1
@jzheaux
6
Authorization + MCP Support type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16992 opened Apr 24, 2025 by rwinch 7.0.x
@jgrandja
Add Support Extracting DN From X500Principal in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#16984 opened Apr 23, 2025 by franticticktick Loading… 7.0.x
1
@rwinch
8
Consider Adding Deprecation Marker to x5t Usage status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16979 opened Apr 22, 2025 by jzheaux
1
1
Create CsrfCustomizer for SPA configuration (#14149) in: config An issue in spring-security-config type: enhancement A general enhancement
#16966 opened Apr 18, 2025 by felhag Loading… 7.0.x
@jzheaux
7
Replace deprecated #check calls with #authorize in: core An issue in spring-security-core type: enhancement A general enhancement
#16965 opened Apr 18, 2025 by evgeniycheban Loading…
1
@jzheaux
13
Replace deprecated NimbusReactiveOpaqueTokenIntrospector with SpringReactiveOpaqueTokenIntrospector in: config An issue in spring-security-config type: enhancement A general enhancement
#16964 opened Apr 18, 2025 by quaff Loading… 7.0.x
@jzheaux
ProTip! Exclude everything labeled bug with -label:bug.