Skip to content

Issues: spring-projects/spring-security

Beta
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1,027 Open 11,870 Closed
1,027 Open 11,870 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

SubjectDnX509PrincipalExtractor should update to getSubjectX500Principal in: web An issue in web modules (web, webmvc) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16980 opened Apr 22, 2025 by jzheaux 7.0.x
1
1
Consider Adding Deprecation Marker to x5t Usage status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16979 opened Apr 22, 2025 by jzheaux
With Spring Security mutation on StrictFirewallHttpRequest should return StrictFirewallHttpRequest while it returns DefaultServerHttpRequestBuilder$MutatedServerHttpRequest in WebFilter status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16978 opened Apr 22, 2025 by siddhivinayak-sk
Additional WWW-Authenticate Response Information status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16977 opened Apr 21, 2025 by danielshiplett
Update to io.spring.gradle:spring-security-release-plugin:1.0.5 type: dependency-upgrade A dependency upgrade
#16975 opened Apr 21, 2025 by rwinch 6.3.10
@rwinch
HttpsRedirectWebFilter can redirect to https:/ status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16968 opened Apr 18, 2025 by rwinch
Method security annotations, like PreAuthorize, not working on private methods after upgrade to 6.4 status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16967 opened Apr 18, 2025 by betalb
1
Duplicate pre-auth Session Id same as of already logged in user status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16961 opened Apr 18, 2025 by HavyakaX07
Support nested attributes for userNameAttributeName in OAuth2 UserInfo response status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16950 opened Apr 17, 2025 by Ryokki
X509PrincipalExtractor is missing FunctionalInterface annotation status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16949 opened Apr 16, 2025 by blake-bauman
1
1
IllegalArgumentException when trying to clear out all site data when logging out. status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16948 opened Apr 16, 2025 by ivopogace
Issue of private_key_jwt authentication type token issuance (JwtClientAssertionAuthenticationConverter) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16945 opened Apr 16, 2025 by dev-jsshin
OAuth2Login behaves differently in MVC and Reactive status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16941 opened Apr 15, 2025 by joaquinjsb
Add support dpop customization in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16940 opened Apr 15, 2025 by franticticktick 7.0.x
@franticticktick
4
Add support one-time token value customization status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16939 opened Apr 15, 2025 by franticticktick
1
4
Replace check calls with authorize status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16936 opened Apr 14, 2025 by franticticktick
1
Support custom CAs in oauth login status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16920 opened Apr 10, 2025 by gbaso
Reactive implementation for DPoPAuthenticationProvider & related classes in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16912 opened Apr 9, 2025 by RyanW02 7.0.x
@franticticktick
3
Remove deprecated implementations of OAuth2AccessTokenResponseClient in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16909 opened Apr 8, 2025 by sjohnr
4 tasks
7.0.0-M1
7
Support RFC 9493 ("sub_id" claim) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16907 opened Apr 8, 2025 by OrangeDog
Support for JWT claims from RFC 9068 status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16906 opened Apr 8, 2025 by OrangeDog
Align Metadata Annotation Support with Spring Framework 7 type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16890 opened Apr 4, 2025 by rwinch 7.0.x
Remove Usage of Spring Framework APIs marked Deprecated for Removal type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16889 opened Apr 4, 2025 by rwinch 6.5.x
Revise HttpHeaders Usage type: bug A general bug type: theme An issue that describes a theme for a release
#16888 opened Apr 4, 2025 by rwinch 6.5.x
We should remove usage of PathMatcher in web modules type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16887 opened Apr 4, 2025 by rwinch 7.0.x
ProTip! Exclude everything labeled bug with -label:bug.