-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Add An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
OAuth2AuthorizedClientManager
autoconfiguration without spring-boot-starter-web
dependency
in: oauth2
#15877
opened Oct 4, 2024 by
yvasyliev
Make it easier to determine where a filter chain has been defined
for: team-attention
This ticket should be discussed as a team before proceeding
in: config
An issue in spring-security-config
type: enhancement
A general enhancement
#15874
opened Oct 4, 2024 by
wilkinsona
Provide AbstractOneTimeTokenService
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15873
opened Oct 3, 2024 by
CrazyParanoid
carrier thread be suspended by synchronized in RemoteJWKSet
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15866
opened Sep 30, 2024 by
me0106
Leave Filter Chain Observations Off By Default
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Cache miss for REQUEST dispatch to 'url' (previous null). Performing MatchableHandlerMapping lookup. This is logged once only at WARN level, and every time at TRACE.
in: web
An issue in web modules (web, webmvc)
status: feedback-provided
Feedback has been provided
#15855
opened Sep 26, 2024 by
shahar-d-ali
JwtDecoderProviderConfigurationUtils incorrectly handles issuer URI
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15852
opened Sep 25, 2024 by
bodograumann
2
Make it possible to specify the refresh token expiration in the OAuth2AccessTokenResponse
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-feedback
We need additional information before we can continue
type: enhancement
A general enhancement
#15851
opened Sep 25, 2024 by
Seregy
Inconsistent ReactiveOAuth2UserService in OAuth2LoginSpec
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15846
opened Sep 24, 2024 by
blacelle
Oauth2 jwt not work if no Authorization attribute in http header or Authorization not start with 'Bearer '
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15844
opened Sep 24, 2024 by
tongshushan
OpenID Connect 1.0 UserService customization doesn't work
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15840
opened Sep 23, 2024 by
NZhuravlev
Consider adding An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
ClientRegistrationIdResolver
to ExchangeFilterFunction
s
in: oauth2
Consider favoring ObjectProvider#getIfAvailable
in: config
An issue in spring-security-config
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Add support for requesting protected resources with RestClient via a ServletBearerExchangeFilterFunction or equivalent
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15820
opened Sep 17, 2024 by
azizabah
ServerBearerTokenAuthenticationConverter does not support form encoded body parameter
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15818
opened Sep 17, 2024 by
jonah1und1
Consider removing one level of the OIDC Backchannel Logout DSL
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
InitializeUserDetailsBeanManagerConfigurer does configure a DaoAuthenticationProvider without Encoder although there are encoders found
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#15751
opened Sep 6, 2024 by
tkrah
Improve Integration between Authorized Objects and Spring Data
in: core
An issue in spring-security-core
type: enhancement
A general enhancement
Include Compromised Password Information in An issue in spring-security-core
type: enhancement
A general enhancement
UserDetails
in: core
#15745
opened Sep 5, 2024 by
marcusdacoregio
Consider allowing An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
oneTimeTokenLogin()
to authenticate different devices
in: web
#15744
opened Sep 5, 2024 by
marcusdacoregio
Consider deprecating Global Authentication
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15722
opened Sep 2, 2024 by
Kehrlann
Provide a way to customize the default RequestCache without replacing the entire implementation
in: config
An issue in spring-security-config
type: enhancement
A general enhancement
#15707
opened Aug 28, 2024 by
eric-creekside
Add Reactive One-Time Token Login support
in: config
An issue in spring-security-config
type: enhancement
A general enhancement
#15699
opened Aug 27, 2024 by
marcusdacoregio
Previous Next
ProTip!
Type g i on any issue or pull request to go back to the issue listing page.