Hello,The current configuration for spring-boot-starter-oauth2-client does not allow to configure credentials by configu...

SummaryI'm trying to set my WebClient to use OAuth 2.0 authentication with the password grant type, but can't find how t...

Describe the bugWhen using saml2Login and @EnableAspectJAutoProxy the project refuses to start and gives this errorCause...

Describe the bugWhen accessing a saml2 relying party's metadata via the Saml2MetadataFilter endpoint, the downloaded met...

See https://github.com/spring-projects/spring-security/issues/10607.Since not every tenant in a given application will u...

SummaryloginProcessingUrl() in Java config does not work the same way that the loginProcessingUrl attribute of the form-...

Describe the bugI am trying to build spring-security on ppc64le architecture host but its failing with an error "Task :c...

Describe the bugWhen setting up HttpSecurity it is possible to end up with the wrong order for filters by calling addFil...

SummaryOAuth2AuthorizationGrantRequestEntityUtils.getTokenRequestHeaders does not work properly if client credentials co...

We already added Basic checkstyle, but we should add more advanced checkstyle of Spring Session / Spring BootComment Fro...

SummaryThere are many of us migrating away form the spring-security-saml as it is no longer maintained, and I would real...

SummaryRight now samples need to be imported with Spring Security. We should allow the samples to be ran independently. ...

Without explicitly referencing the logback.xml file gretty will create a default logback configuration in Groovy.This is...

Tests in SecurityMockServerConfigurerOpaqueTokenTests, SecurityMockServerConfigurersJwtTests and SecurityMockServerConfi...

Expected BehaviorShould have the ability to integrate with Azure B2C for Webflux resource servers.Current BehaviorDoesn'...

Expected BehaviorIt is possible to define multiple issuer URIs at spring.security.oauth2.resourceserver.issuer-uris. Spr...

SummaryWe use spring-security csrf token mechanism to generate csrf token , but occurs some error in concurrent environm...

Expected BehaviorI want to be able to configure the timeout in the RemoteJWKSet used in JwtDecoders.Current BehaviorThe ...

Expected BehaviorIt should be possible to set end_session_endpoint used by OidcClientInitiatedLogoutSuccessHandler via o...

Expected BehaviorOidcIdTokenDecoderFactory should provide a setter method to configure "jwtProcessorCustomizer" for appl...