玖涯软件开发|java/go/python

Spring Security Add order offset to @EnableMethodSecurity

Since @EnableMethodSecurity defines multiple method interceptors, an order attribute may be misleading. That said, it wo...

Spring Security Add <saml2-login> support in xml configuration

Expected BehaviorSimilarly to oauth2-login, it should be possible to configure saml2-login in xml.We would need somethin...

Spring Security ReactiveMethodSecurityConfiguration is initialized prematurely when the context contains a BeanPostProcessor

Describe the bugReactiveMethodSecurityConfiguration is initialized prematurely when the context contains a BeanPostProce...

Spring Security X-Xss-Protection header "1; mode=block" differs in Servlet and Reactive

X-Xss-Protection header, when set to mode=block, is different in Servlet and Reactive stacks:- X-Xss-Protection: 1; mode...

Spring Security Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing

The phrasing in the section Adding SecuritySocketAcceptorInterceptor of the Spring Security documentation is confusing. ...

Spring Security Unable to Find 'filterProcessingUrl' Method in Spring Security 6.1.1 Saml2LoginConfigurer Configuration

I am using version 6.1.1 of Spring Security and I need to configure a single response processing endpoint for a federate...

Spring Security XML namespace with saml2-login configuration fails using Java 8 and spring-security 5.8

Describe the bugXML namespace with saml2-login configuration fails using Java 8 and spring-security 5.8.1:"java.lang.Uns...

Spring Security How to execute a filter or handler only once after successful SAML2 login?

I am using Spring Security with SAML2 service provider and have a requirement to set custom tokens as part of cookies in...

Spring Security Add hasIpAddress to Kotlin DSL

This issue adds support for hasIpAddress in the Kotlin DSL.Related #10571Comment From: atrifyllis10571 is closed, why is...

Spring Security Consider turning off the automatic injection of 'WebSecurity' and 'MethodSecurity' in the configuration file

Hello, how can I disable the functionality of @EnableWebSecurity and @EnableMethodSecurity in the configuration file whe...

Spring Security Integrate HandlerMappingIntrospector Caching

HandlerMappingIntrospector lookups may be performed multiple times per request. This is not good for performance and can...

Spring Security Allowing back-channel communication with the Identity provider to fetch the issuer's setting.

Hi,Let me start by thanking you for your service to the Java community. I have been using Spring + Spring security for m...

Spring Security Oauth2 resource server always failing for google opaque token validation because of hard coded "token" and not "access_token"

SpringOpaqueTokenIntrospector.java at method requestBody is hardcoding the "token" as parameter key for passing access t...

Spring Security Adding CorsFilter in filterchain by calling addFilterAfter is not working

I am migrating to spring security 5.4.6 to 5.4.8. Cors filter is not having expected order now.Steps to reproduce the be...

Spring Security when use deprecated EnableGlobalMethodSecurity: almost all beans output WAN BeanPostProcessorChecker message

Expected BehaviorWAN BeanPostProcessorChecker message may not out put.Current Behavioralmost all beans out put warn me...