Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

892 Open 11,355 Closed
892 Open 11,355 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

OidcClientInitiated(Server)LogoutSuccessHandler might use an expired ID token status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15509 opened Aug 1, 2024 by ch4mpy
Reopen issue https://github.com/spring-projects/spring-security/issues/15475 status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15508 opened Aug 1, 2024 by svankamamidi
Method security annotation intercepts the ExceptionHandler method status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15507 opened Aug 1, 2024 by kse-music
Request for Webflux support for Auth Server status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15502 opened Jul 31, 2024 by dreamstar-enterprises
Endpoints with path variables match incorrectly with the MvcRequestMatcher status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15501 opened Jul 31, 2024 by npriebe
SubjectDnX509PrincipalExtractor doesn't match escaped comma "\," in the CN status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15499 opened Jul 30, 2024 by scscgit
Simplify adding AuthorizationAdvisors to AuthorizationAdvisorProxyFactory in: core An issue in spring-security-core type: enhancement A general enhancement
#15497 opened Jul 29, 2024 by jzheaux 6.4.0-M2
@jzheaux
Improve @DeniedHandler to not require an ApplicationContext to function in: core An issue in spring-security-core type: enhancement A general enhancement
#15496 opened Jul 29, 2024 by jzheaux 6.4.0-M2
@jzheaux
Allow for extending OAuth2AuthorizedClient with additional parameters in the code grant flow in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15470 opened Jul 24, 2024 by stackfull
@sjohnr
The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15468 opened Jul 24, 2024 by chenzhenjia
Support jwt in introspection response in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: blocked An issue that's blocked on an external project change type: enhancement A general enhancement
#15467 opened Jul 23, 2024 by CrazyParanoid
2
ReactiveOAuth2AuthorizedClientManagerRegistrar is not being autoconfigured status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#15461 opened Jul 23, 2024 by dreamstar-enterprises
1
Illegal group reference in: crypto An issue in spring-security-crypto status: feedback-provided Feedback has been provided
#15458 opened Jul 22, 2024 by itl-coder
3
Consider allowing to hide UserNotFoundException in PreAuthenticatedAuthenticationProvider in: core An issue in spring-security-core status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#15450 opened Jul 22, 2024 by b1ueskydragon
@jzheaux
3
Consider removing generics from AuthorizationRequestRepository in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15426 opened Jul 15, 2024 by sjohnr 7.0.x
1
2
Support doing a Token Exchange of access token from OIDC login in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#15408 opened Jul 12, 2024 by dalbani
@sjohnr
3
Introduce UserAuthorities in: core An issue in spring-security-core type: enhancement A general enhancement
#15406 opened Jul 12, 2024 by marcusdacoregio 6.4.0-M2
1
@marcusdacoregio
1
Improve documentation about CredentialsContainer in: docs An issue in Documentation or samples status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#15398 opened Jul 11, 2024 by marcusdacoregio
@marcusdacoregio
OAuth2AuthorizationCodeGrantFilter erroneously consumes POST request body with multipart/form-data in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: bug A general bug
#15397 opened Jul 11, 2024 by LaCoCa
@sjohnr
2
Add XML support for OIDC backchannel logout in: saml2 An issue in SAML2 modules type: enhancement A general enhancement
#15393 opened Jul 10, 2024 by pa-ro-dev
Horizontal Scaling Issue with XorCsrfTokenRequestAttributeHandler status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#15385 opened Jul 9, 2024 by jarekkar
Webservice returns invalid response containing Empty Headers (":") in: web An issue in web modules (web, webmvc) type: bug A general bug
#15384 opened Jul 9, 2024 by david0
@jzheaux
2
PreAuthorize not working on Services with an Interface, and also still not working on Kotlin Co-routines in: core An issue in spring-security-core status: feedback-provided Feedback has been provided type: bug A general bug
#15367 opened Jul 5, 2024 by dreamstar-enterprises
@jzheaux
3
Spring Webflex - reactor core exception - accessing endpoint with http: basic auth in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided
#15348 opened Jul 2, 2024 by dreamstar-enterprises
2
OIDC logout not working for JPA/JDBC OAuth2AuthorizationService because DefaultSaml2AuthenticatedPrincipal does not implement equality status: feedback-provided Feedback has been provided type: bug A general bug
#15346 opened Jul 2, 2024 by limburgie
2
ProTip! Find all open issues with in progress development work with linked:pr.