玖涯软件开发|java/go/python

Expected BehaviorAccording to the OIDC spec, the RP-initiated global logout request method could be POST or GET. But cur...

Describe the bugThe "http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)" does not work if x...

SummaryOut of the box with Spring Security 6.0.2, and after adding a basic REST controller with a @PreAuthorize annotati...

Describe the bugUsed dependencies:- org.springframework.boot:spring-boot-starter-security:3.0.5- org.springframework.boo...

Comment From: lasselindqvistHi. Not sure if this is the right place to mention this, but I believe as the fix for https:...

Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/b727f24c955686a00e05c6...

Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/609d5a71c66b880c1f0308...

Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/95f2b822a7c9e571c0b9e8...

SummaryCsrfFilter sets the request attribute "javax.servlet.http.HttpServletResponse", which is later used by LazyCsrfTo...

I am trying to migrate from the old SAML extension project to the new. on Spring 5.8.x (not boot).It would be good if i ...

Forward port of #12664 Comment From: jzheauxClosed in https://github.com/spring-projects/spring-security/commit/6c770378...

Forward port of #12664 Comment From: jzheauxClosed in https://github.com/spring-projects/spring-security/commit/6c770378...

Hi, I'm trying to use the RelayState to pass through a redirect URL after successful SAML authentication. We were still ...

Describe the bugDefaultMethodSecurityExpressionHandler for v5.8.0 adds a new signature for createSecurityExpressionRoot ...

spring security version: 6.0.1class name: org.springframework.security.authentication.AbstractUserDetailsReactiveAuthent...

Summaryi am having a problem with a circular dependency error. it is thrown when i define a UserDetailsService bean in m...

The shouldFilterAllDispatcherTypes property was added to configure the AuthorizationFilter to apply to every dispatcher ...

Related #8885, https://github.com/spring-projects/spring-security/issues/9904#issuecomment-863439948It would be nice to ...

The ConfigurableJWTProcessor.setJWSKeySelector(JWSKeySelector) is unable to update the reference used by NimbusReactiveJ...

The main reference documentation has a servlet section https://docs.spring.io/spring-security/reference/servlet/index.ht...