The documentation has a section for Proxy Servers in the Appendix but it is not showing up in the navigation sidebar.

When a server is behind a reverse proxy, the first part of path in URL could be used to represent the server,For example...

Add an interface to be called after successful authentication to enhance userdetailBecause there are some userdetails at...

If an invalid client-authentication-method is configured (eg "basic"), then the authorization code request is made with ...

Describe the bug@RestControllerAdvice annotation does not intercept AuthenticationException.To ReproduceSteps to reprodu...

Currently the Antora build reports warnings. The warnings should be resolved and the playbook should be updated to fail ...

With the removal of X-XSS-Protection, it would be nice to simplify adding Content-Security-Policy.One way to do this is ...

Describe the bugCause a recursive call on a method getCurrentAuditor, then cause a stack overflow and internal 500 error...

SummaryWhen an OAuth2 Authorization request encounters a ClientRegistration request that does not exist, it is respondin...

Describe the bugWe are using CSRF with the CookieCsrfTokenRepository. It is setup via CsrfConfigurer#csrfTokenRepository...

[x] Request Authorization (Servlet)[x] Method Authorization (Servlet)[ ] Request Authorization (Reactive)[ ] Method Auth...

Describe the bugThe spring-security-config modules defines an optional dependency on spring-security-web. However, in We...

Expected BehaviorIt would be ideal if we could migrate to the updated fork of the library https://github.com/sparklemoti...

Forward port of #12930 Comment From: jzheauxClosed in https://github.com/spring-projects/spring-security/commit/c053f6f0...

I'm using Spring Boot 2.7.12Spring Security 5.8.3(I did test with Spring Boot 3.1.0, and I am facing the same issue)Desc...

Hi Spring Security Team,first of all: Thanks for your effort and your amazing work!I recently read through the JavaDoc o...

Describe the bugorg.springframework.security.cas.web.CasAuthenticationFilter.successfulAuthentication seems to be missin...

Describe the bugWith permitall() configuration, request still go into filter.Spring Security 6.1.0To Reproduce@Configura...

Some users related that they are confused about the replacement for the deprecated methods. We should make that easier b...

Mission: To simplify Spring Security.This ticket will list all the tasks in our mission to simplify the usage of Spring ...