Spring Security AccessDeniedException after migration to Spring Boot 3.0.x . In continuation to https://github.com/spring-projects/spring-security/issues/12758

  • 2025-01-18 09:41:21
  • 15491
I am using java with spring boot 3.0.Here is my SecurityFilterChain:@Bean public SecurityFilterChain filterChain(Http...

Spring Security Code example in documentation is incorrect

  • 2025-01-18 09:41:18
  • 713
The code example for creating a OAuth2ClientHttpRequestInterceptor is incorrect in Access Protected Resources for the Cu...

Spring Security samesite set by Tomcat CookieProcessor ignored when creating XSRF-TOKEN cookie in CsrfTokenRepository

  • 2025-01-18 09:41:15
  • 4683
Describe the bugPrior to Spring Security 6, the CsrfTokenRepository used the response.addCookie in the saveToken method ...

Spring Security SecurityContext is empty for ASYNC dispatches with session management disabled

  • 2025-01-18 09:41:12
  • 7814
Describe the bugWhen disabling session management (or using SessionCreationPolicy.STATELESS I believe) the SecurityConte...

Spring Security Resolve ObjectPostProcessor collisions between RSocket and WebFlux security configuration

  • 2025-01-18 09:41:09
  • 4289
While migrating to the new Spring Boot 3.4 version I am facing the following error in a project with RSocket, Spring Sec...

Spring Security Horizontal Scaling Issue with XorCsrfTokenRequestAttributeHandler

  • 2025-01-18 09:41:07
  • 2111
Current BehaviorI am developing an application consisting of a Single Page Application (JavaScript) and a backend writte...

Spring Security contribute graalvm native image hints for resources needed in spring security 3.4

  • 2025-01-18 09:41:04
  • 1621
small regression in that the following Resources don't seem to exist when compiling to a graalvm native image public sta...

Spring Security Saml response verfication inside Controller

  • 2025-01-18 09:41:01
  • 757
I am integrating our exsisting application with spring security. Our exsisting application triggers saml request and val...

Spring Security saml2 samllogout is expecting the singleLogoutServiceLocation to be in the form "logout/saml2/slo"

  • 2025-01-18 09:40:59
  • 526
Currently the logout filters of the saml expects the singleLogoutServiceLocation to be in the form logout/saml2/slo or l...

Spring Security Not able to connect Spring OAuth2 Authorization Server with Client

  • 2025-01-18 09:40:56
  • 48703
Hello,I use Spring Boot 2.1.0.M4I have Authorization Server on port 9090 with next configuration :AuthorizationServerCon...

Spring Security Discrepancy in Documentation Regarding UsernamePasswordAuthenticationToken Creation Flow

  • 2025-01-18 09:40:52
  • 1361
The documentation for Spring Security seems to have a discrepancy regarding how the UsernamePasswordAuthenticationToken ...

Spring Security Delay initialization AuthenticationProvider in Global Authentication

  • 2025-01-18 09:40:48
  • 147
Forward port of https://github.com/spring-projects/spring-security/pull/16050Comment From: jzheauxClose in 315aafd464958...

Spring Security SEC-2811: portResolver's portMapper is not updated in AbstractRetryEntryPoint, LoginUrlAuthenticationEntryPoint, and HttpSessionRequestCache

  • 2025-01-18 09:40:45
  • 960
Alex Pogrebnyak (Migrated from SEC-2811) said:I checked the bug exists in the latest revision on GitHub.These classes:- ...

Spring Security SAML login fails in Chromium based browser even after adding hash in the CSP

  • 2025-01-18 09:40:43
  • 1276
SAML login fails in Chromium based browser even after adding hash in the CSPTo ReproduceSetup a system with SAML along w...

Spring Security Update to OpenSAML 5

  • 2025-01-18 09:40:37
  • 8969
By removing OpenSAML3 support in Spring Security 6 we need to make sure that the OpenSAML dependency versions are update...

Spring Security OAuth2 Authorization Code redirect not working when using webflux.base-path

  • 2025-01-18 09:40:34
  • 7098
Describe the bugI am running spring-boot 2.3.1 with spring-boot-starter-oauth2-client, after adding a context-path, ever...

Spring Security AuthorizeReturnObject should target the authorized object within MVC return values

  • 2025-01-18 09:40:29
  • 455
Placing @AuthorizeReturnObject on a method that returns ResponseEntity is limiting since the user doesn't have access to...

Spring Security Support customizing the redirect URL in OidcClientInitiatedServerLogoutSuccessHandler

  • 2025-01-18 09:40:27
  • 9235
Expected BehaviorIn order to be able to work with some restrictive SSO implementations sometimes additional parameters a...

Spring Security Endpoints with path variables match incorrectly with the MvcRequestMatcher

  • 2025-01-18 09:40:24
  • 3869
Describe the bugI have two endpoints with path variables. One endpoint is specified with two path variables and the othe...

Spring Security Spring security version 6.0.1 jump to a wrong url after login success

  • 2025-01-18 09:40:21
  • 14974
Describe the bugWhen trying to log in, if the log in successful, then it will redirect to the wrong URL: http:localhost:...
上一页 下一页
.