Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

Should return www-authenticate even for "X-Requested-With: XMLHttpRequest" requests in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#16103 opened Nov 15, 2024 by MartinEmrich
Bump version com.nimbusds:oauth2-oidc-sdk status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16089 opened Nov 14, 2024 by bostandyksoft
Consider making the constructor of OAuth2AccessToken.TokenType public in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16086 opened Nov 13, 2024 by sjohnr
Verification Options do not Return Saved Transports for Credentials in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16084 opened Nov 13, 2024 by Jyosua
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16073 opened Nov 12, 2024 by katya-tis
OidcBackChannelLogoutWebFilter error response is not a correct JSON in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16072 opened Nov 12, 2024 by katya-tis
Passkey Endpoints do not Honor .permitAll() in: web An issue in web modules (web, webmvc) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16070 opened Nov 12, 2024 by Jyosua
Improve Integration between Authorized Objects and Spring MVC in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16057 opened Nov 11, 2024 by jzheaux
2 tasks
6.5.x
SAML login fails in Chromium based browser even after adding hash in the CSP in: web An issue in web modules (web, webmvc) status: feedback-reminder We've sent a reminder that we need additional information before we can continue status: waiting-for-feedback We need additional information before we can continue
#16045 opened Nov 7, 2024 by snpt62
ServerBearerTokenAuthenticationConverter validates parameters when not enabled in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#16038 opened Nov 4, 2024 by sjohnr 6.2.x
Further document adding types to the Jackson allowlist status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16015 opened Oct 30, 2024 by jzheaux
Add JdbcRelyingPartyRegistrationRepository status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16012 opened Oct 30, 2024 by sasirekha98
ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter in: config An issue in spring-security-config type: enhancement A general enhancement
#16009 opened Oct 29, 2024 by vonZeppelin
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16001 opened Oct 25, 2024 by sjohnr 6.5.x
Implementations of OpaqueTokenIntrospector fail to URL encode client secret in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#15988 opened Oct 24, 2024 by joelossher 6.5.x
ProTip! Find all open issues with in progress development work with linked:pr.