Hello Spring Security team,ProblemWhen using the UsernamePasswordAuthenticationFilter we are setting custom authenticati...

Expected BehaviorOAuth2ClientPropertiesRegistrationAdapter.getBuilderFromIssuerIfPossible should validate that issuer is...

Expected BehaviorThe framework should provide with relevant exception information in case of javax.net.ssl.trustStore an...

ContextFront end app with PKCE accessing a resource server with both local and remote token validation enabled in the Se...

Expected BehaviorFor a JWT based resource server it is possible to configure a custom jwt authentication converter like ...

SummaryI am trying to authenticate my spring boot application through google. I do not see any option to set access_type...

SummaryProvide a way to customize the token response being extracted by OAuth2BodyExtractors before parsing it.Current B...

Describe the bugWhen enabling method security with the new @EnableMethodSecurity, the DefaultMethodSecurityExpressionHan...

Related to #9991 JwtDecoders and ReactiveJwtDecoders instantiate a RemoteJWKSet in order to discover reasonable defaults...

We use spring spring-security-oauth2-client dependency for OIDC (openID connect Authorization Grant) type login flow .In...

Describe the bugsee: org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector#iss...

Hope to use PasswordEncoderFactories create DelegatingPasswordEncoder, can extend the default encodersMap. For example,...

Describe the bugHello，SpringSecurity. Today, when I use SpringBoot:2.5.4 and SpringSecurity:5.5.2 to build SpringBootAd...

Expected BehaviorAfter calling MockMvc, I want to be able to make assertions that depend on the SecurityContext defined ...

Related to #10243To customize how a RelyingPartyRegistration is resolved from a login request, an application needs to c...

The LDIF file used in the LDAP integration tests has 2 entries for dn: uid=bcrypt,ou=people,dc=springframework,dc=org.Th...

Like OAuth2ParameterNames, it would be nice to have a class where the following standard parameters were defined:SAMLReq...

Backport of gh-10254Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/1ca...

I'm looking through the documentation for testing Spring Security with WebFlux and it shows a static method being used m...

Backport of gh-10254Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/761...