玖涯软件开发|java/go/python

Spring Security BearerTokenAuthenticationEntryPoint not adding 'Access-Control-Allow-Origin' header in response

Describe the bugI have configured JWT authentication using spring boot with 'BearerTokenAuthenticationEntryPoint' to han...

Spring Security Get an 401 Status with HTTP POST to RESTful API with basic authentication and csrf enabled instead of 403

SummaryWhy do I get an HTTP status code 401 with a RESTful API with basic authentication by executing an HTTP POST (csrf...

Spring Security 403 on all requests with Keycloak and SecurityFilterChain

Describe the bugSpring security always gives 403 when SecurytyFilterChain is used with Keycloak authorization server.Wit...

Spring Security SessionManagementConfigurer ignores custom SecurityContextRepository for SessionManagementFilter

Describe the bugA custom SecurityContextRepository that is configured for a SecurityFilterChain will be ignored by Sessi...

Spring Security Move classpath checks to class member variable

This commit https://github.com/spring-projects/spring-framework/commit/22a750f378fcdf9d4baab721ec92952280afa207 which is...

Spring Security Unable to get access_token, Refresh token using client_assertion in Spring oauth2 Server

@jgrandja I also tried to generate client_assertion like below using PKCS12, still I get invalid client error. Need your...

Spring Security Unable to override DefaultMethodSecurityExpressionHandler.createSecurityExpressionRoot(Authentication, MethodInvocation)

Describe the bugFor spring-security 5.8.1 (and also for latest master):I'm unable to properly override DefaultMethodSecu...

Spring Security Unable to get access_token, Refresh token using client_assertion in Spring oauth2 Server

unable to get access_token, Refresh token using client_assertion_type(urn:ietf:params:oauth:client-assertion-type:jwt-be...

Spring Security Revisit Authentication Configuration Documentation

We should go through the Authentication documentation and ensure that we explain that UserDetailsService can be publishe...

Spring Security Document what happens when DSL is invoked twice

We should document in Javadoc and the reference what happens if the DSL is invoked twice. For example, what happens if t...

Spring Security No provider found for OAuth2AuthorizationCodeAuthenticationToken when running Spring Native Reactive app using OAuth2

Describe the bugLogging in using reactive OAuth2 built with native throws after redirect from OAuth2 server(Google in my...

Spring Security Allow configuring SecurityContextRepository for BasicAuthenticationFilter

We should allow configuring SecurityContextRepository on BasicAuthenticationFilter so that users do not need to rely on ...

Spring Security gradlew nativeTest fails with Failed to instantiate [org.springframework.security.test.context.support.WithUserDetailsSecurityContextFactory]: No default constructor found

Describe the bugSpring Boot 3.0.2 + web + security + graalvm 22.3.0Test with annotation @WithUserDetails fails with exce...

Spring Security javax.json.bind.Jsonb to jakarta.json.bind.Jsonb

Version: 6.0.xClassLoader classLoader = HttpMessageConverters.class.getClassLoader();jackson2Present = ClassUtils.isPres...

Spring Security Multiple traces are generated for failing requests

Describe the bugWhen a REST request fails, duplicate traces are generated. This behavior exists for authentication error...

Spring Security Cookie no support for field 'version' and 'comment'

Expected Behaviorjakarta.servlet.http.Cookie now support RFC 6265.and getComment, setComment, getVersion, setVersion Wit...

Spring Security Different response for Spring Boot 2.7.5 and 3.0.2 without CSRF token on authentication

Describe the bugIn project with spring security and thymeleaf on servlet stack there is different behaviour in case of m...

Spring Security Tags with collector config fail to build docs

Certain tags fail to build docs. Specifically, 6.0.0-RC1 contains an antora.yml with a collector config. Similar to gh-1...

Spring Security Add support for saml default signing key

Expected BehaviorWould be nice in the case of where we have multiple signing keys to explicitly set which one should be ...

Spring Security Allow UserBuilder to easily build a user without any authorities

Expected BehaviorWhen using the org.springframework.security.core.userdetails.User.builder() it should be easy to create...

上一页下一页

1
…
598
599
600
601
602
…
2246

.