-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Logout Responses not getting generated in case of AP initiated logout
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16129
opened Nov 18, 2024 by
sasirekha98
[OAuth2] Misconfigured OAuth2LoginAuthenticationFilter when combining OAuth2 login and OAuth2 client configuration
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16105
opened Nov 15, 2024 by
BWohlbrecht
Should return www-authenticate even for "X-Requested-With: XMLHttpRequest" requests
in: web
An issue in web modules (web, webmvc)
status: feedback-provided
Feedback has been provided
type: bug
A general bug
#16103
opened Nov 15, 2024 by
MartinEmrich
Add OpenTelemetry Span Creation for Spring Security Filters and Expose as Configurable Property
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16092
opened Nov 14, 2024 by
Seifenn
Getting error as The response contained an InResponseTo attribute [] but no saved authentication request was found in saml2
in: saml2
An issue in SAML2 modules
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16091
opened Nov 14, 2024 by
sasirekha98
Bump version com.nimbusds:oauth2-oidc-sdk
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16089
opened Nov 14, 2024 by
bostandyksoft
Consider making the constructor of An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
OAuth2AccessToken.TokenType
public
in: oauth2
#16086
opened Nov 13, 2024 by
sjohnr
Verification Options do not Return Saved Transports for Credentials
in: web
An issue in web modules (web, webmvc)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16084
opened Nov 13, 2024 by
Jyosua
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16073
opened Nov 12, 2024 by
katya-tis
OidcBackChannelLogoutWebFilter error response is not a correct JSON
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16072
opened Nov 12, 2024 by
katya-tis
Passkey Endpoints do not Honor .permitAll()
in: web
An issue in web modules (web, webmvc)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16070
opened Nov 12, 2024 by
Jyosua
Mutate breaks functionality of StrictFirewallHttpHeaders with recently modified HttpHeaders#writabeHttpHeaders
in: web
An issue in web modules (web, webmvc)
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16069
opened Nov 12, 2024 by
MichalStehlikCz
AuthorizeReturnObject should target the authorized object within MVC return values
#16059
opened Nov 11, 2024 by
jzheaux
Exceptions for Authorized Objects should propagate when returned from a Controller
#16058
opened Nov 11, 2024 by
jzheaux
Improve Integration between Authorized Objects and Spring MVC
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
SAML login fails in Chromium based browser even after adding hash in the CSP
in: web
An issue in web modules (web, webmvc)
status: feedback-reminder
We've sent a reminder that we need additional information before we can continue
status: waiting-for-feedback
We need additional information before we can continue
#16045
opened Nov 7, 2024 by
snpt62
ServerBearerTokenAuthenticationConverter
validates parameters when not enabled
in: oauth2
Further document adding types to the Jackson allowlist
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#16015
opened Oct 30, 2024 by
jzheaux
Add JdbcRelyingPartyRegistrationRepository
status: ideal-for-contribution
An issue that we actively are looking for someone to help us with
type: enhancement
A general enhancement
#16012
opened Oct 30, 2024 by
sasirekha98
6.4.0-RC1 - BeanDefinitionOverrideException: Invalid bean definition with name 'webAuthorizationManagerPostProcessor'
status: waiting-for-triage
An issue we've not yet triaged
type: bug
A general bug
#16011
opened Oct 30, 2024 by
zyro23
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter
in: config
An issue in spring-security-config
type: enhancement
A general enhancement
#16009
opened Oct 29, 2024 by
vonZeppelin
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent
in: saml2
An issue in SAML2 modules
type: enhancement
A general enhancement
Implementations of OpaqueTokenIntrospector fail to URL encode client secret
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: bug
A general bug
Previous Next
ProTip!
Find all open issues with in progress development work with linked:pr.