A common SAML use case is where authentication is federated by an identity provider of more than one issuer.It would be ...

Describe the bugWhen an EntitiesDescriptor, EntityDescriptor, or IDPSSODescriptor is being parsed, any included Signatur...

We should open a ticket on Connect2id's issue tracker requesting a creation of a BOM containing all compatible versions ...

Describe the bug* When logging out using backchannel-logout, the OidcBackChannelLogoutHandler handles this by generating...

When OAuth2 login is enabled, remember-me parameter (ie when it's not set to always remember) will not be honored, becau...

https://github.com/spring-projects/spring-security/blame/746ee27dffb6dd101d094deb42cd7a3d04f1f0a9/core/src/main/java/org...

Summary:Apple now forces app developers to provide Sign in with Apple if they want to submit apps that currently use oat...

Consider creating a new Build Updates (or any other name that makes sense) section to group build related dependency upd...

does any body know how to fix authentication issue Token token = SpringSecurityContext.getToken(); when called in async ...

It will be very useful to be able to save values ​​to current session based on annotations, for example: @SaveSession(...

HI, in our application based on spring security 5 we used PostInvocationAdviceProvider with AfterInvocationProviderManag...

When i am using webflux , how can i achieve a similar effect ,get all login user session ,like as : http.sessionManag...

Expected Behavior1. Configure spring oauth2 registration with authorization grant type set to "client credentials"2. Use...

I was looking through some reactive code and found a minor docs error introduced during some docs refactoring. * @param ...

We should ensure that PRs have the Antora docs attached to them. This allows us to download the docs that were built to ...

This issue is a theme for the Spring Security 6.2 release. Issues that relate to this will be added below.[x] :star2: #6...

I have set up SAML authentication for MyApp using Okta as the Identity Provider (IDP). The expected behavior is that whe...

Describe the bugWhen adding the websocket or any requestMatcher as an exception (white listing) in the SecurityFilterCha...

please add jpms support, at least automatic modules for now. However, this issue or another issue should be added for fu...

Describe the bugI tried to build spring security source code from the main branch of github. An error was then generated...