玖涯软件开发|java/go/python

Spring Security PrePostTemplateDefaults pick up the ConversionService bean

Expected BehaviorWhen a ConversionService bean is defined, it should be picked up by the AuthorizationAnnotationUtilsCur...

Spring Security Allow usage of reactive WebClient for NimbusJwtDecoder to retrieve JwkSet

Expected BehaviorShould it be possible to use reactive WebClient to create non-reactive JwtDecoder?NimbusJwtDecoder.with...

Spring Security AbstractRequestMatcherRegistry#computeErrorMessage is invoked unnecessarily (can cause performance issues)

Describe the bugFollowing the change made inhttps://github.com/spring-projects/spring-security/commit/dab48d25b0e235fc7b...

Spring Security Support @AuthorizedReturnObject for Java Records

Comment From: jzheauxI'm not yet sure how we will do this since records are final and thus cannot be proxied by CGLib. I...

Spring Security When using @EnableReactiveMethodSecurity there doesn't seem to be a way to mechanism to override or replace the PermissionEvaluator

DescriptionWhen using @EnableReactiveMethodSecurity the "ReactiveAuthorizationManagerMethodSecurityConfiguration" is loa...

Spring Security CookieRequestCache should set SameSite on the REDIRECT_URI cookie

Describe the bugWhen using CookieRequestCache, Firefox complains:Cookie “REDIRECT_URI” does not have a proper “SameSite”...

Spring Security BCryptPasswordEncoder NOT working as intended

Bug-DescriptionWhen using BCryptPasswordEncoder in kotlin I have encountered a bug where two obviously different strings...

Spring Security Spring Security 6.2 defaults to InMemoryOidcSessionRegistry causing memory leaks in distributed systems with external session storage

Describe the bugDefault configuration of InMemoryOidcSessionRegistry causes memory leak in cloud environments using exte...

Spring Security Consider a better default for OTT's GeneratedOneTimeTokenHandler

See https://github.com/spring-projects/spring-security/pull/15492#discussion_r1729166058Comment From: marcusdacoregioClo...

Spring Security Improve usability for Spring Security

This issue is a major theme for next generation of Spring Security. Issues that relate to this will be added below.[ ] #...

Spring Security Consider deprecating Global Authentication

In the extreme majority of Spring Boot applications, @EnableGlobalAuthentication is turned on, either through explicit u...

Spring Security MethodAuthorizationDeniedHandler should allow access to the returnObject on PostAuthorize

I think this could be done by ensuring that the AuthorizationResult for PostAuthorize has the returnObject on it. We sho...

Spring Security Investigate how to reduce the need for @JsonSerialize

To JSON serialize the proxied objects that are the result of using @AuthorizeReturnObject, it's necessary to annotate th...

Spring Security mockJwt() WebTestClientConfigurer with MockMvcWebTestClient throws a NullPointerException.

Describe the bugmockJwt() WebTestClientConfigurer does not seem to work with MockMvcWebTestClient that was introduced in...

Spring Security loginProcessingUrl not working help me!

Even though I set loginProcessingUrl in Spring Security settings, I only get redirected with 302 when submitting the for...

Spring Security Spring Auth Server - Data doesn't persist to (Azure) Redis

Hi there,I don't know why, but I keep getting this error when my Spring Auth Server boots up.Bootup Error2024-08-03T20:1...

Spring Security Dynamic Configuration of SecurityWebFilterChain with ServerHttpSecurity and Potential for Improvement

Description:Hi Spring Security Team,I'm working on a project where I'm using Spring Security with Spring Cloud Config an...

Spring Security Find Roles for Authority using the RoleHierarchy?

My current understanding (and please correct me if this incorrect) is that - an Authority is essentially an externally m...

Spring Security Include FilterChain on SessionInformationExpiredEvent to allow continuing the request

I expect to always be able to invoke endpoints marked with permitAll. However, ConcurrentSessionFilter early aborts such...

Spring Security @PreAuthorize should not apply method security to inherited concrete methods

Describe the bugI don't know the exact spring security patch version where this behavior changed, but in 6.2.4 I had a s...

上一页下一页

1
…
529
530
531
532
533
…
2246

.