Spring Security @EnableReactiveMethodSecurity / Prometheus HTTP metrics missing on Spring Boot 3.0.3

  • 2025-01-18 08:06:27
  • 3633
Starting with Spring Boot 3.0.3 the annotation @EnableReactiveMethodSecurity causes problems on Prometheus metrics (http...

Spring Security Recent Spring Security release redirection issue in secured POST method

  • 2025-01-18 08:06:25
  • 3572
I have this single file in my sample Spring application//skipped imports@SpringBootApplication@Controllerpublic class Sp...

Spring Security @EnableReactiveMethodSecurity causes eager bean instantiation, breaking observations

  • 2025-01-18 08:06:22
  • 3972
Describe the bugScratched my head at this one for awhile. We have some reactive applications and upon upgrading to Sprin...

Spring Security Use a custom authentication type for CAS

  • 2025-01-18 08:06:19
  • 130
This is needed in order to re-add support for CAS.See https://github.com/spring-projects/spring-security/issues/10347 fo...

Spring Security With Spring Security 6 MockMvc does not work in combination with a CookieCsrfTokenRepository

  • 2025-01-18 08:06:17
  • 3374
If a SecurityFilterChain is configured with a CookieCsrfTokenRepository, a CsrfTokenRequestAttributeHandler and the setC...

Spring Security Got SerializationException when using OAuth 2.0 login and GenericJackson2JsonRedisSerializer

  • 2025-01-18 08:06:14
  • 28747
SummaryI am using spring oauth2 to authenticate&authorize,and using spring redis session. I am getting a Serializati...

Spring Security Since WebSecurityConfigurerAdapter is removed, any alternative solution for WebSecurityConfigurerAdapter.getHttp() method?

  • 2025-01-18 08:06:12
  • 618
Expected BehaviorCurrent BehaviorContextComment From: marcusdacoregioHi @JasmineXieCCD,can you describe your use case in...

Spring Security Enable forward request (like ForwardSuccessHandler) in OAuth2AuthorizationCodeGrantFilter

  • 2025-01-18 08:06:09
  • 14170
Expected BehaviorThe developer can override the redirect strategy in configuration to for OAuth2AuthorizationCodeGrantFi...

Spring Security Remove deprecated SecurityContextPersistenceFilter from docs

  • 2025-01-18 08:06:06
  • 745
Expected BehaviorThe Authentication is set on the SecurityContextHolder. Later, if you need to save SecurityContext , Se...

Spring Security Missing spring-security-oauth2 xsds after release

  • 2025-01-18 08:06:01
  • 491
Describe the bugThe following schema files are not deployed with each release:http://www.springframework.org/schema/secu...

Spring Security Spring-security-oauth2.xsd is not published to http://www.springframework.org/schema/security

  • 2025-01-18 08:05:58
  • 7544
SummarySpring-security-oauth2.xsd should be published under https://www.springframework.org/schema/security/Or was this ...

Spring Security Support updated Sagan API for Contentful

  • 2025-01-18 08:05:53
  • 1300
Expected BehaviorThe SaganPlugin needs to send the username parameter for the personal access token.Current BehaviorThe ...

Spring Security Document relationship between registrationId, EntityID, and resolving a relying party

  • 2025-01-18 08:05:50
  • 1697
Based on https://github.com/spring-projects/spring-security/issues/12664, the documentation around SAML 2.0 URIs could b...

Spring Security Saml2LogoutRequest constructor should check for null values

  • 2025-01-18 08:05:48
  • 722
Inspired by #12539 The constructor in Saml2LogoutRequest does not check if the parameters received are not nullExpected ...

Spring Security Use publish-docsearch-config-extension

  • 2025-01-18 08:05:45
  • 152
The logic has been extracted into @springio/antora-extensions/publish-docsearch-config-extension for reuse. We should le...

Spring Security Spring Security 6.0.1 ObservationFilterChainDecorator produce wrong instrument names

  • 2025-01-18 08:05:42
  • 4061
Describe the bugOpen Telemetry Java Agent version 1.21 don't like the Instrument names produces by Spring Security 6.0 (...

Spring Security @PreAuthorize does not work with coroutines when referencing parameter names

  • 2025-01-18 08:05:39
  • 2344
Describe the bugReferencing parameter names in a @PreAuthorize("#x...") fails when using kotlin coroutines.@PreAuthorize...

Spring Security Spring Web Application not working in Iframe inside Safari Browser

  • 2025-01-18 08:05:36
  • 618
Describe the bugSpring Web Application not working in Iframe inside Safari Browser and Chrome 80 Browser due to same sit...

Spring Security Incomplete documentation regarding Hierarchical roles.

  • 2025-01-18 08:05:34
  • 2570
On the current 6.0.2 official documentation we have this small sample code related to hierarchical roles:@BeanAccessDeci...

Spring Security Spring boot security 3.X.X : CsrfFilter doesn't behave as spring boot security 2.7.8 - token csrf is not generated for all request

  • 2025-01-18 08:05:31
  • 2868
Describe the bugClass CsrfFilter do not behave as spring boot security 2.7.8.Before spring boot security 3, token has be...
上一页 下一页
.