This header has been deprecated by modern browsers and its use can introduce additional security issues on the client si...

Hi Team,I have been looking for this for some days now. We have spring boot based application(s) using Okta as IDP, usin...

Recently, #6722 introduced a contract for resolving an AuthenticationManager via some context, like a request.A natural ...

Similar to OAuth2AuthenticationRequestResolver, Saml2AuthenticationRequestResolver would be a convenient way to customiz...

Describe the bugIf I define A class UserAuthenticationTokenBO extends AbstractAuthenticationToken, and do not override P...

Describe the bugIf I define A class UserAuthenticationTokenBO extends AbstractAuthenticationToken, and do not override P...

The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is su...

With the move to Antora as reference documentation tooling, the structure of URIs to the individual sections have change...

Describe the bugI'm using X509 login and trying to implement SessionCreationPolicy.ALWAYS for the /testMVCController/** ...

Expected BehaviorI should use setAuthenticationSuccessHandler(new ForwardAuthenticationSuccessHandler ()); in the filter...

Describe the bugSpring projects should use Spring Framework's spring-jcl module in place of commons-logging:commons-logg...

A few years ago, we had an initiative across the portfolio to move away from the javax.* spec jars to their jakarta.* re...

https://github.com/spring-projects/spring-security/blob/5.7.0-M1/docs/antora.ymlhttps://docs.spring.io/spring-security/r...

Describe the bugthe class org.springframework.security.web.savedrequest.DefaultSavedRequest and org.springframework.secu...

Spring Web Starter version: 2.4.12Spring Web Version: 5.3.12Issue:My application implements both a oauth2 resource serve...

Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/08a7a6375e444785a214707...

Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/08a7a6375e444785a214707...

Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/201f662057b58b7fae3a629...

Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/de72e01e03d71c438ac015a...

Our IdP returns the scope claim as JSON Array which is not converted properly by SpringOpaqueTokenIntrospector because o...