玖涯软件开发|java/go/python

Spring Security Ensure Serializable Security Components declare serialVersionUID

To ensure backward compatibility, Security components that implement Serializable should have a serialVersionUID.Based o...

Spring Security Prepare Request Matching for Spring Framework Changes

In future versions of Spring Security, we should move away from PathMatcher (used by AntPathRequestMatcher) and HandlerM...

Spring Security WebAuthn login fails when CredentialsRequestOptions.publicKey.allowCredentials is not empty

Describe the bugWhen the list of allowed credentials is not null in the /webauthn/authenticate/options response is not e...

Spring Security Make PublicKeyCredentialRequestOptions Serializable

We should make PublicKeyCredentialRequestOptions implement Serializable. This will ensure that it an be persisted in dis...

Spring Security Automatically apply Customizer Beans to the Security DSL

This would allow users to easily apply global changes to Spring Security (apply to multiple Security FilterChains). It a...

Spring Security OAuth2 client integration with WebSocketClient

In spring-security-oauth2-client 5.1, OAuth2 client is supported fairly well with webflux's WebClient via ServerOAuth2Au...

Spring Security ConcurrentsessionControlAuthenticationStrategy has a problem? SetMaximumSessions(1), how many logins are needed?

ConcurrentSessionControlAuthenticationStrategy 有问题？setMaximumSessions(1)，还需要两次登入？期望出现同一个账号，第二次登入时，可以直接将第一个 JSESSIONID 设置...

Spring Security Document how to custom MethodSecurityMetadataSource

import java.lang.reflect.Method;import java.util.Collection;import org.springframework.context.annotation.Configuration;...

Spring Security Support for WebAuthn Registration for anonymous user

I upgraded from Spring Security 6.3 to 6.4. I was using Yubico's WebAuthn, and I am in the process of trying to switch t...

Spring Security Implementations of OpaqueTokenIntrospector fail to URL encode client secret

Describe the bugBoth the SpringOpaqueTokenIntrospector and NimbusOpaqueTokenIntrospector use the clientId and clientSecr...

Spring Security PublicKeyCredentialUserEntityRepository saves anonymousUser

Asked in Stack Overflow a week ago.https://stackoverflow.com/questions/79322876/why-does-spring-security-webauthn-authen...

Spring Security Add serialize/deserialize PublicKeyCredentialCreationOptions support with ObjectMapper

Spring Security should add support for serialize/deserialize PublicKeyCredentialCreationOptions with ObjectMapper so it ...

Spring Security Add serialize/deserialize PublicKeyCredentialRequestOptions support with ObjectMapper

Spring Security should add support for serialize/deserialize PublicKeyCredentialRequestOptions with ObjectMapper so it i...

Spring Security WebAuthn + Redis doesn't work; Redis defaults to JdkSerializationRedisSerializer, WebAuthn classes lack Serializable interface, WebAuthn mixins missing for GenericJackson2JsonRedisSerializer

Describe the bugWebAuthn persistence only works using in-memory SessionRepository?1. PublicKeyCredentialCreationOptions2...

Spring Security Make PublicKeyCredentialCreationOptions Serializable

We should make PublicKeyCredentialCreationOptions implement Serializable. This will ensure that it an be persisted in di...

Spring Security [build] Settings.gradle's logic to handle different buildFile name could result in phantom subproject

Expected BehaviorRegardless of the buildFile names, no phantom subprojects should be created. If a subproject has a def...

Spring Security Mistake in FILTER_SECTION_NAME attribute

It seems mistake in FILTER_SECTION_NAMEOther keys starts from spring.security but FILTER_SECTION_NAME starts from secur...

Spring Security Simplify Specifying servletPath in the Java DSL

Currently, this is only possible by constructing an MvcRequestMatcher, which is MVC-specific and requires a HandlerMappi...

Spring Security Add PathPatternRequestMatcher

Spring Framework 5 introduced PathPattern and PathPatternParser, and these are components that we should be able to stan...

Spring Security Simplify CSRF Configuration for SPAs

For a SPA, the current recommendation for configuration CSRF is three-fold:set the CsrfTokenRepository to CsrfTokenRepos...

上一页下一页

1
…
509
510
511
512
513
…
2246

.