玖涯软件开发|java/go/python

Spring Security CVE-2018-1258 spring-security-core-5.6.1.jar spring-security-saml2-service-provider-5.6.1.jar

Hello Spring Security SAML Team,Hope this message finds you well, finger crossed everything is fine on your side.I am cu...

Spring Security Cannot create OrRequestMatcher with List.of(...)

Describe the bugThe constructor for OrRequestMatcher fails with NullPointerException if the argument is a list created w...

Spring Security OpenSamlLogoutRequestValidator invalidates correct SAML2 Logout Request

Describe the bugIDP sends logout request to SP (implemented with spring security 5.6.1). That request correctly does not...

Spring Security Add OrAuthorizationManager and AndAuthorizationManager

hi, spring security team:I'm developing authorization part of my project by implementing AuthorizationManager，Sometime i...

Spring Security Add HSM Support for Decrypting Assertions

It would be nice to allow for a custom decryption strategy in OpenSamlAuthenticationProvider. This would simplify delega...

Spring Security Change Kotlin tests that are using mockkObject with a lambda interface implementation

When upgrading Kotlin to 1.6.10 and increasing the language level to > 1.5, several tests start to fail with WARNING:...

Spring Security Make source code compatible with JDK 8

See:- https://github.com/spring-projects/spring-security/issues/10695Comment From: marcusdacoregioFixed via https://gith...

Spring Security Make source code compatible with JDK 8

See:- https://github.com/spring-projects/spring-security/issues/10695Comment From: marcusdacoregioFixed via https://gith...

Spring Security Structure101 plugin should retrive most recent binary

Structure101's repository makes several versions of its binary available. The plugin should pick the highest-versioned o...

Spring Security 405 Method Not Allowed is blocked by authentication

Describe the bugOS: macOS Big Sur 11.6JDK: corretto-1.8 Spring boot: 2.6.1Consider an API with a single mapping POST /fo...

Spring Security Client JwtBearer grant type should support non Jwt principal

Expected BehaviorGiven a client registration with authorization-grant-type: urn:ietf:params:oauth:grant-type:jwt-bearer ...

Spring Security Saml2.0 <Signature> with <EncryptedAssertion>

Describe the bugIn the new version 5.6.1, the OpenSamlAuthenticationProvider class has been changed. I see that you adde...

Spring Security StrictHttpFirewall.setAllowSemicolon(true) doesn't work in 5.6.1

Describe the bugStrictHttpFirewall.setAllowSemicolon(true) doesn't work in 5.6.1it used to work, however after upgrading...

Spring Security OidcReactiveOAuth2UserService should not retrieve user info when access token does not contain specific scopes.

Current implementationCurrent OidcReactiveOAuth2UserService will retrieve user info even if access token does not contai...

Spring Security Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator

In 5.5 the new AuthorizationManager API was introduced. One place that this API is being used is in the SecurityFilterCh...

Spring Security Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator

Related to https://github.com/spring-projects/spring-security/issues/10590Comment From: marcusdacoregioFixed via https:/...

Spring Security Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator

Related to https://github.com/spring-projects/spring-security/issues/10590Comment From: marcusdacoregioFixed via https:/...

Spring Security WebInvocationPrivilegeEvaluator Bean should support multiple SecurityFilterChains

Related to https://github.com/spring-projects/spring-security/issues/10554Comment From: marcusdacoregioFixed via https:/...

Spring Security WebInvocationPrivilegeEvaluator Bean should support multiple SecurityFilterChains

BackgroundHaving multiple WebSecurityConfigurerAdapter's which are ordered and each processes a limited set of paths is ...

Spring Security redirect-uri setting for webflux does not work

IssueI try to set the property spring.security.oauth2.client.registration.[registrationId].redirect-uri (did not want to...

上一页下一页

1
…
649
650
651
652
653
…
2246

.