Spring Security AuthenticationEventPublisher is not injected in AuthenticationManagerBuilder for the HttpSecurity prototype built in HttpSecurityConfiguration

  • 2025-01-18 07:48:20
  • 2626
When building a SecurityFilterChain from HttpSecurity, a prototype is built in HttpSecurityConfiguration. However, this ...

Spring Security Upgrade to Kotlin 1.6.10

  • 2025-01-18 07:48:17
  • 158
Related https://github.com/spring-projects/spring-framework/issues/27413Comment From: marcusdacoregioWaiting for https:/...

Spring Security XSS protection should be set to 0 by default per updated OWASP recommendation

  • 2025-01-18 07:48:14
  • 1077
Expected BehaviorBy default, Spring Security should send this HTTP header:X-XSS-Protection: 0Current BehaviorBy default,...

Spring Security SAML 2.0 filters should be in the web package

  • 2025-01-18 07:48:12
  • 575
Saml2WebSsoAuthenticationFilter and Saml2WebSsoAuthenticationRequestFilter are in a package called .servlet.filter.Howev...

Spring Security Authorization Header caching with spring-security basic auth in Spring Cloud Gateway

  • 2025-01-18 07:48:10
  • 7596
Hi Team,We are using Spring Cloud Gateway for basic authentication and routing with the below dependenciesspring-boot-st...

Spring Security SecurityMockMvcResultMatchers - Kotlin examples don't trigger assertions

  • 2025-01-18 07:48:07
  • 3574
Describe the bughttps://github.com/spring-projects/spring-security/blob/5.7.3/docs/modules/ROOT/pages/servlet/test/mockm...

Spring Security documentation for testing client credentials

  • 2025-01-18 07:48:04
  • 5959
checking https://docs.spring.io/spring-security/reference/servlet/test/mockmvc/oauth2.html I see no way to test client c...

Spring Security Authentication(Web)Filter should return a 500 on AuthenticationServiceExceptions

  • 2025-01-18 07:48:01
  • 783
When (Reactive)AuthenticationManager throws or resolves to an AuthenticationServiceException, Authentication(Web)Filter ...

Spring Security AnonymousAuthenticationFilter should cache its Supplier<SecurityContext>

  • 2025-01-18 07:47:58
  • 331
The Supplier&lt;SecurityContext&gt; in AnonymousAuthenticationFilter gets invoked several times on each request. Essenti...

Spring Security Consider XML and Java support to simplify migration to filter-based default deny

  • 2025-01-18 07:47:55
  • 7853
Given https://github.com/spring-projects/spring-security/issues/11958 and https://github.com/spring-projects/spring-secu...

Spring Security On Abstain Access Should be Denied

  • 2025-01-18 07:47:52
  • 306
We should look in every location and require that if an authorization manager abstained, then access should be denied. O...

Spring Security SAML2 customizable URLs

  • 2025-01-18 07:47:49
  • 5235
Expected BehaviorI want to be able to change all SAML2 URLs to be able to e.g. add a prefix.Current BehaviorSome URLs ar...

Spring Security Remove OAuth Deprecations

  • 2025-01-18 07:47:46
  • 190
[x] #11589[x] #11588[x] #11586 [x] #11587[x] #11584 [x] #11585 [x] #11565 [x] #11564 [x] #11519[x] #11518 [x] #11517[x]...

Spring Security Add NameIdFormat support to RelyingPartyRegistration

  • 2025-01-18 07:47:43
  • 6966
RelyingPartyRegistration contains SAML 2.0 Metadata for both the relying party and its associated asserting party.It wou...

Spring Security CookieCsrfTokenRepository Optionally allows to set the SameSite attribute.

  • 2025-01-18 07:47:40
  • 3050
Expected BehaviorCookieCsrfTokenRepository can be configured with a setSameSite method taking an enum as arg to allow to...

Spring Security CookieCsrfTokenRepository should use the SameSite attribute

  • 2025-01-18 07:47:37
  • 1670
Chrome 80 changed the way it handles cookies that do not set a SameSite attribute. More information: https://blog.chromi...

Spring Security Update reactor-netty to 1.0.24

  • 2025-01-18 07:47:34
  • 138
Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/655a1e345ee5ebf5e9e362...

Spring Security Update jackson-datatype-jsr310 to 2.13.4

  • 2025-01-18 07:47:32
  • 138
Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/0521bb1af59c820a6d7cec...

Spring Security Update jackson-databind to 2.13.4.1

  • 2025-01-18 07:47:29
  • 138
Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/0521bb1af59c820a6d7cec...

Spring Security Update reactor-netty to 1.0.24

  • 2025-01-18 07:47:26
  • 138
Comment From: marcusdacoregioClosed via https://github.com/spring-projects/spring-security/commit/2c2603ba0fe06631e1bcbf...
上一页 下一页
.