Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

OAuth2LoginAuthenticationFilter acts as an uber AuthenticationManager status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16142 opened Nov 21, 2024 by jarek-jpa
Consider using @Fallback instead of BeanDefinitionRegistryPostProcessor for OAuth2AuthorizedClientManager in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16137 opened Nov 20, 2024 by sjohnr 6.5.x
Improve startup validation of request matchers in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16135 opened Nov 20, 2024 by jzheaux 6.5.x
[OAuth2] Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2 login and OAuth2 client configuration in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16105 opened Nov 15, 2024 by BWohlbrecht 6.2.9
Should return www-authenticate even for "X-Requested-With: XMLHttpRequest" requests in: web An issue in web modules (web, webmvc) type: bug A general bug
#16103 opened Nov 15, 2024 by MartinEmrich
Bump version com.nimbusds:oauth2-oidc-sdk status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16089 opened Nov 14, 2024 by bostandyksoft
Consider making the constructor of OAuth2AccessToken.TokenType public in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16086 opened Nov 13, 2024 by sjohnr 6.5.x
Verification Options do not Return Saved Transports for Credentials in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16084 opened Nov 13, 2024 by Jyosua
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16073 opened Nov 12, 2024 by katya-tis
OidcBackChannelLogoutWebFilter error response is not a correct JSON in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16072 opened Nov 12, 2024 by katya-tis
Passkey Endpoints do not Honor .permitAll() in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16070 opened Nov 12, 2024 by Jyosua
Improve Integration between Authorized Objects and Spring MVC in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16057 opened Nov 11, 2024 by jzheaux
2 tasks
6.5.x
ServerBearerTokenAuthenticationConverter validates parameters when not enabled in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#16038 opened Nov 4, 2024 by sjohnr 6.2.x
Further document adding types to the Jackson allowlist status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16015 opened Oct 30, 2024 by jzheaux
Add JdbcRelyingPartyRegistrationRepository status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16012 opened Oct 30, 2024 by sasirekha98
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter in: config An issue in spring-security-config type: enhancement A general enhancement
#16009 opened Oct 29, 2024 by vonZeppelin
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16001 opened Oct 25, 2024 by sjohnr 6.5.x
ProTip! Exclude everything labeled bug with -label:bug.