ContextWe are currently in the process of upgrading the library https://github.com/oxctl/spring-security-lti13 from Spri...

Expected BehaviorI think we should mention all the required dependencies in this documentation so it will be more helpfu...

Describe the bugSpring Security is unable to complete SLO successfully if the asserting party (IdP) does not sign the SA...

Describe the bugA clear and concise description of what the bug is.https://github.com/spring-projects/spring-security/bl...

Describe the bugUser is not redirected to initially requested page in IE11.To Reproduce1. Run application with WebFlux a...

Describe the bugWhile following upgrade of spring security in preparation for move to Spring Boot 3 (Spring 6) from Spri...

Describe the bugwhen claims contains a value of java.lang.Long, java.lang.Character, java.lang.Short, java.lang.Float, j...

An InMemoryOidcSessionRegistry is limited to storing things only on a single instance. A JDBC-based implementation will ...

When switching to version 5.x I see that you now inject SecurityContextHolderStrategy into AbstractSecurityInterceptor:h...

Describe the bugI'm facing an issue regarding the spring-authorization-server that depends on this bug fix.When an acces...

Recently, a wrong merge happened from main into 6.2.x, since the merge was a fast-forward it went unnoticed until a cont...

Describe the bugGiven I have:- a Spring OAuth2 client configured with Back-Channel Logout- an authorization server with ...

SummaryI am using spring security 5.0.7 with spring boot 2.0.4.RELEASE for login with Google and Login with Microsoft fe...

Hello, Spring Security Team.I have encountered an issue when configuring security with Kotlin DSL and RoleHierarchy. The...

Greg Adams (Migrated from SEC-2708) said:I'm using a custom RequestCache, specified in JavaConfig thus:@Order(Ordered.LO...

Describe the bugIf I use @PreAuthorize, the validation for @RequestParam does not work.To Reproduce//-------------------...

Describe the bugIn a Spring Boot application with multiple servlets registered to the context (DispatcherServlet and at ...

Describe the bugremoveAuthorizationRequest method of HttpSessionOAuth2AuthorizationRequestRepository always return null ...

This is related to https://github.com/spring-projects/spring-security/issues/12783#issuecomment-1888798267. This issue i...

authorityHttpRequests picks up a RoleHierarchy bean. If method security does the same thing, then it will simplify secur...