Related to #8731, configurers can benefit from knowing the CsrfTokenRepository that has been configured. For example, th...

Context: Credential rolloverA SAML 2.0 configuration uses anywhere between 1 to 4 different types of certificates. All o...

Please remove final keyword from getAuthentication() signature so that SecurityExpressionRoot descendents can override ...

Describe the bugBeanDefinitionParsingException when using spring-security-5.6.xsd with Spring Security 5.7Caused by: org...

Carles Figuera (Migrated from SEC-2465) said:OS: Windows 7 (64 bits)JDK: 1.6.0_45WebLogic's Version: 12.1.1.0.6Spring Se...

If the Supplier<SecurityContext> returned from SecurityContextRepository.loadContext(HttpServletRequest) is invoke...

I do believe Spring Security Team performed a great work to allow us, application developers, configure sophisticated se...

When IDP uses other URL-encoding than Spring, signature verification for a LogoutRequest coming from the IDP fails, beca...

An error is reported when Chinese attributes are set in the request header.In the StrictHttpFirewall class, when the val...

Spring Security should use Feature Variants instead of custom optional plugin. This will allow for publishing optional d...

Expected BehaviorA single-tenant resource server with default configuration uses ProviderManager for authentication, whi...

Describe the bugA null pointer exception is thrown from BouncyCastle when trying to use the Argon2Encoder class in the c...

Add additional step to continuous-integration-workflow.yml to announce the release on the #spring-release slack channel....

SummaryWhen using a Form Login, a single OAuth2 provider and the auto-generated login page, the auto-configured Authenti...

Expected Behavior**spring-security-main\web\src\main\java\org\springframework\security\web\util\OnCommittedResponseWrapp...

Expected BehaviorAbstractPreAuthenticatedProcessingFilter should provide template method or something similar for token ...

Originally reported via @wilkinsona On https://docs.spring.io/spring-security/site/docs/5.7.0-SNAPSHOT/api/org/springfra...

Expected BehaviorPlease add license information like the license.txt and notice.txt files to all the spring-security jar...

Chapter 7 Samples is quite lite on content, it just links to the samples directory on git repo. I propose adding the fol...

Add automation that can generate a list of samples and insert it into the documentation automatically. see Issue spring-...