This issue is a theme for the Spring Security 6.1 release. Issues that relate to this will be added below.[x] gh-12629

Bug descriptionThe bug is related to session management in the SecurityFilter chain. Setting max session in session mana...

I have configured Spring Security to disable CSRF as follows:@Configuration@EnableWebSecurity@EnableMethodSecuritypublic...

Describe the bugWe implemented a Spring Cloud Gateway which is secured using an OAuth2 Login. It also relays the OAuth2 ...

SummaryWhen an entity repository is under ACL based security, it suffers from a huge issue of being unable to handle pag...

The following links in the HttpSecurity javadoc are broken, pointing to "3.2.x" instead of "current", link below takes y...

Currently, we are able to set standard LDAP provider via:@Configurationpublic class WebSecurityConfig extends WebSecurit...

I'm usingSpring Boot 2.7.12Spring Security 5.8.3(I did test with Spring Boot 3.1.0, and I am facing the same issue)Descr...

Describe the bugA clear and concise description of what the bug is.AbstractUserDetailsAuthenticationProvider class defin...

Expected Behaviorspring security version:5.7.6custom UsernamePasswordAuthenticationFilter unable obtain HttpSecurity con...

https://github.com/spring-projects/spring-security/actions/runs/5120176165/jobs/9206368017https://spring.io/blog/2022/12...

Expected BehaviorWhen using spring-security-oauth2-client in combination with spring-session-data-redis and enabling JSO...

In version 6.x, customizing AbstractAuthenticationProcessingFilter, AuthenticationProvider, and AbstractAuthenticationTo...

Forward port of issue #12029 to 6.1.x.Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-...

Since 2.7.0 (https://github.com/spring-projects/spring-boot/pull/29084), Boot's had support for auto-configuring a valid...

Expected BehaviorSecurity SPEL (such as @PreAuthozied) needs custom native-image hints (such as @RegisterReflectionForBi...

To make it easier to communicate what is supported in Spring Security and what are the limitations when working with nat...

Describe the bugCannot build \spring-security\samples\boot\saml2login project from source.To ReproduceClone repository (...

SummaryReactive method security requires the SpEL expression to return Boolean which does not work of the logic to deter...

I have configured OAuth2 client in Spring Security as belowIt works well with Internet connection. When I run the app wi...