Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

972 Open 11,730 Closed
972 Open 11,730 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Spring Security and Error Handling in: web An issue in web modules (web, webmvc) type: bug A general bug
#16554 opened Feb 7, 2025 by rwinch 6.4.x
AuthenticationWebFilter executes filter chain twice per request status: waiting-for-triage An issue we've not yet triaged
#16553 opened Feb 7, 2025 by jdolan-chwy
Consider using a configured WebClient in the application context instead of creating a new one on each component status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16549 opened Feb 7, 2025 by dlemoing
Adding a new securityFilterChain using java config in an xml configured application doesn't work status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16547 opened Feb 6, 2025 by hellokkiyer
1
Option to provide custom logoutTokenDecoderFactory for OIDC logout status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16545 opened Feb 6, 2025 by ErwinSteffens
Replace WebInvocationPrivilegeEvaluator in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16543 opened Feb 5, 2025 by jzheaux
3 tasks
Support POST method for ServerRedirectStrategy in: web An issue in web modules (web, webmvc) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16542 opened Feb 5, 2025 by sjohnr
1
@franticticktick
5
mapToUser/mapToGrantedAuthority in JdbcUserDetailsManager to become protected status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16540 opened Feb 5, 2025 by flozano
One time token authentication filter should be its own class status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16539 opened Feb 5, 2025 by Kehrlann
Threads blocked at RemoteJWKSet.java:433 status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16538 opened Feb 5, 2025 by giuliodema
Update HandlerMappingIntrospector Usage in Cache filter support
#16536 opened Feb 4, 2025 by jzheaux
Clarify in JSP documentation where method attribute is required in: docs An issue in Documentation or samples type: bug A general bug
#16530 opened Feb 3, 2025 by jzheaux 6.3.7
Clarify WebInvocationPrivilegeEvaluator JavaDoc in: docs An issue in Documentation or samples type: bug A general bug
#16529 opened Feb 3, 2025 by jzheaux 6.3.7
1
Send a static message from HttpStatusServerAccessDeniedHandler in: web An issue in web modules (web, webmvc) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16514 opened Jan 31, 2025 by sjohnr 6.5.x
1
@kwondh5217
1
Declare authorization rules one at a time in: config An issue in spring-security-config type: enhancement A general enhancement
#16509 opened Jan 30, 2025 by jzheaux 6.5.x
@jzheaux
Update HandlerMappingIntrospector Usage in CORS support in: config An issue in spring-security-config type: enhancement A general enhancement
#16501 opened Jan 29, 2025 by jzheaux 6.5.x
@jzheaux
2
Deprecate usages of PathMatcher in Web Socket support in: messaging An issue in spring-security-messaging type: enhancement A general enhancement
#16500 opened Jan 29, 2025 by jzheaux
3 tasks
6.5.x
Method Security Templates Do Not Use Deep Non-Aliased Attributes in: core An issue in spring-security-core type: bug A general bug
#16498 opened Jan 28, 2025 by rwinch
1
@jzheaux
AbstractUserDetailsAuthenticationProvider should not swallow UsernameNotFoundException in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16496 opened Jan 28, 2025 by jzheaux
@kiruthiga1793
6
AntPathRequestMatcher and MvcRequestMatcher have inconsistent behaviour against requests with null method in: web An issue in web modules (web, webmvc) type: bug A general bug
#16491 opened Jan 27, 2025 by symposion
@jzheaux
3
Default Log In Page should always be generic message in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16484 opened Jan 24, 2025 by rwinch 6.5.x
@Tejas-Teju
3
One Time Token should not be created if user does not exist in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16483 opened Jan 24, 2025 by rwinch
5 of 6 tasks
@rwinch
1
Make WebAuthnAuthenticationTokenRequest Serializable in: web An issue in web modules (web, webmvc) type: bug A general bug
#16481 opened Jan 24, 2025 by jzheaux 6.4.3
@franticticktick
5
One Time Token Error Message in: web An issue in web modules (web, webmvc) type: bug A general bug
#16473 opened Jan 23, 2025 by danvega 6.4.3
@rwinch
2
In the UsernamePasswordAuthenticationFilter, the authRequest is added as an attribute to the HttpServletRequest. in: core An issue in spring-security-core status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#16444 opened Jan 19, 2025 by amm0124
@rwinch
2
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.