Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

939 Open 11,662 Closed
939 Open 11,662 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Sorting RememberMeAuthenticationFilter status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16346 opened Dec 26, 2024 by daromnik
Fix Rendering of SpEL expression example Tabs in method security Documentation status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16342 opened Dec 25, 2024 by Meehdi
[Azure Oauth2] IllegalArgumentException: Attribute value for "xxx" is null status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16340 opened Dec 24, 2024 by jloisel
Incorrect kotlin webauthn configuration status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16338 opened Dec 23, 2024 by franticticktick
1
Spring Security IPv6 issue - is there a global config setting? status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16337 opened Dec 23, 2024 by dreamstar-enterprises
5
Multiple /authorize requests in the same session are not supported. Why? status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16336 opened Dec 23, 2024 by pujachowdhary27
WebAuthn + Redis doesn't work; Redis defaults to JdkSerializationRedisSerializer, WebAuthn classes lack Serializable interface, WebAuthn mixins missing for GenericJackson2JsonRedisSerializer status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16328 opened Dec 23, 2024 by justincranford
2
Inconsistent constructor declaration on bean with name '_reactiveMethodSecurityConfiguration' status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16325 opened Dec 22, 2024 by eugeniudedin
1
[build] Settings.gradle's logic to handle different buildFile name could result in phantom subproject in: build An issue in the build status: waiting-for-feedback We need additional information before we can continue type: enhancement A general enhancement
#16322 opened Dec 20, 2024 by guesshe
@sjohnr
1
OIDC Back-Channel Logout Support for Clustered Servers status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16321 opened Dec 20, 2024 by SnapPetal
2
relying-party-registration doesn't resolve placeholders in xml status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16308 opened Dec 19, 2024 by rvervaek
3
RoleHierarchy not automatically inject in overwritten MethodSecurityExpressionHandler bean in: config An issue in spring-security-config status: waiting-for-feedback We need additional information before we can continue
#16307 opened Dec 19, 2024 by plumarr
3
Pass Http Request to OAuth2AuthorizationRequestResolver#authorizationRequestCustomizer in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16306 opened Dec 19, 2024 by ZIRAKrezovic
1
@sjohnr
Favor Relative Redirects by Default in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16300 opened Dec 18, 2024 by jzheaux 7.0.0-M1
Bean Conflict Between webSocketAuthorizationManagerPostProcessor and objectPostProcessor in Spring Security Configuration status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16299 opened Dec 18, 2024 by waileong
2
Add copyright modifier task in: build An issue in the build type: enhancement A general enhancement
#16298 opened Dec 17, 2024 by jzheaux
UniqueSecurityAnnotationScanner should consider annotation on target class level as fallback status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16295 opened Dec 17, 2024 by quaff
1
Customize OneTimeToken expire time in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16291 opened Dec 16, 2024 by R4N
1
5
Make Saml2AuthenticationToken Serializable in: saml2 An issue in SAML2 modules type: bug A general bug
#16286 opened Dec 13, 2024 by jzheaux 6.4.x
1
Consider adding PrincipalResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16284 opened Dec 13, 2024 by sjohnr 6.5.x
@sjohnr
Improve the BasicAuthenticationFilter to allow callbacks for both successful and failed authentication events. in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#16281 opened Dec 13, 2024 by pongdangx2
@jzheaux
2
Ensure Serializable Security Components declare serialVersionUID in: core An issue in spring-security-core type: bug A general bug
#16276 opened Dec 13, 2024 by jzheaux 100+ 6.4.x
@jzheaux
1
Make WebAuthnAuthentication Serializable in: web An issue in web modules (web, webmvc) type: bug A general bug
#16273 opened Dec 12, 2024 by jzheaux 6.4.x
1
1
NimbusJwtEncoder should simplify constructing with javax.security Keys status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16267 opened Dec 12, 2024 by jzheaux
Request for exception approval for CVE-2024-38819 [Spring Framework Path Traversal Vulnerability status: feedback-provided Feedback has been provided type: bug A general bug
#16265 opened Dec 12, 2024 by AshishJogiAcc
3
ProTip! Find all open issues with in progress development work with linked:pr.