ErrorAn error is triggered when trying to validate an Assertion that contains a ProxyRestriction as one of its condition...

Describe the bugHi.First of all, a little disclaimer. Is the first time I open an issue in Github, so please be patient ...

Describe the bugThe MethodAuthorizationDeniedPostProcessor described on the setApplicationContext method does not exist

ContextBy default HttpSecurityConfiguration wires an AuthenticationManager with either:- a DaoAuthenticationProvider whe...

Hi, I am trying to configure a OAuth 2.0 aware WebClient using ServerOAuth2AuthorizedClientExchangeFilterFunction and ha...

Expected BehaviorAuthorizedClientServiceOAuth2AuthorizedClientManager/DefaultOAuth2AuthorizedClientManager should genera...

Describe the bug OAuth2AuthorizationConsentAuthenticationProvider.authenticate Execute to this line of code O...

Our application supports federation. So we will have to generate token from authentication server located in multiple re...

When using the following configuration:OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientP...

SummaryI'm migrating an MVC application to web-flux. Spring security supports the annotations of JSR250 (RolesAllowed, ....

Describe the bugLinks for reference documentation version 6.2, such as https://docs.spring.io/spring-security/reference/...

Describe the bugArrayIndexOutOfBoundsException thrown when validating csrf token using CookieCsrfTokenRepositoryA clear ...

It seems like you're encountering an issue with Spring Security version 6.2.4. You mentioned that you're able to registe...

I am using CAS proxy tickets in my applications, the proxy ticket receiving application (from which I am expecting resou...

Describe the bugCan't create a UsernamePasswordAuthenticationToken with CAS authentication, there's no CasAuthentication...

Right now it isn't possible to get the original status code for an error dispatch in certain cases without opening up th...

The client should have the ability to authenticate with the Authorization Server using X.509 certificate.See RFC 8705 OA...

We should consider how we want to ensure docs are up to date going forward.One way is to add a status: needs-documentati...

The contribution doc needs updating to reflect changes in our process as well as be more assistive to those formulating ...

I want to set the RelayState parameter so that I can pass a redirectUrl received at runtime from a different request. Th...