@Bean public SecurityWebFilterChain securityWebFilterChain( ServerHttpSecurity http, ReactiveAu...

I could not able to connect to OAuth2 Resource behind proxy if I use the latest spring-security-oauth2-client-5.3.4.RELE...

In line 326 of docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc#L326 there is a reference to a ...

If an HttpSession already exists, then HttpSecurityContextRepository will save @Transient Authentication but should not....

SummaryIs it by design that:CsrfConfigurer does not reuse accessDeniedHandler logic from ExceptionHandlingConfigurer?Act...

Hello good people,Https is broadly used in nowadays and most of sites redirecting their http urls to https. But it is so...

Expected BehaviorI can change prefix and suffix.Current BehaviorI can not change prefix and suffix.See https://github.co...

Comment From: rwinchThis fails the build due to changes made in the plugin. We can try for this release, but may need to...

ServerBearerTokenAuthenticationConverter does not offer too many options for customization:- All its methods are private...

See https://github.com/spring-projects/spring-security/releasesIt should probably be the other way round.Comment From: j...

Much like the RsaKeyConverters there is a need to be able to convert an X509Certificate from a string in a propertyFrom ...

SummaryWhen running the test suite for spring-security-config, tests that exercise AspectJ are not seeing relevant advic...

Create new schema files.Update SpringSecurityCoreVersion, taglib version, and base version.Update error messages.Comment...

Describe the bugI am using postgres database to store sessions. I am trying to store the session attributes in json.My S...

I have added to my Spring Boot MVC Web Application Social login feature. It allows users to login to my application with...

The OAuth 2.0 Login and OAuth 2.0 Client reference documentation for Reactive Applications is completely out-of-date com...

SummaryCurrently I cannot find a way to trigger a global logout via the spring-security-saml2-service-provider module. I...

Describe the bugI have an oauth2 server running on keycloak http://localhost:8080/keycloak-service/ and configured mult...

Describe the bugWhen OAuth 2.0 Resource Server support is configured, in combination with disabling anonymous authentica...

The following shows documentation that is currently missing on main:?> git diff --diff-filter=D --summary 5.5.x:docs/...