Backport of gh-10254Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/165...

There are are number of higher-level SAML 2.0 components that derive the registration id from the request. Examples incl...

SAML SLO is complex to setup. The DSL may be a route to simplify it.Related to https://github.com/spring-projects/spring...

Like OAuth2AuthenticationToken, SAML 2.0's authentication instance should have a reference to the corresponding RelyingP...

To me SecurityContextChangedEvent.getCurrentContext() is not clear which context it is without seeing getPreviousContext...

Since listening for security context changes happens at the strategy level, SecurityContextHolder#addListener leaks that...

Backport of gh-10245Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/2bd...

Describe the bugA call to saml2Login().relyingPartyRegistrationRepository(...).and() does not return a type that can be ...

Backport of gh-10245Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/9a1...

Backport of gh-10245Comment From: marcusdacoregioFixed via https://github.com/spring-projects/spring-security/commit/c55...

Describe the bugHi, I'm trying to set up a resource server that validates ID and Access Tokens from my SPA with Azure Ac...

Describe the bugWhen calling /oauth2/authorization/not-existed-registration, this returns 500. Should it return 404? To ...

SummaryI need OAuth2AuthorizationRequestRedirectFilter redirect to support Ajax requestBackgroundI before using spring-s...

A RelyingPartyRegistration that was initialized by using a metadata url should periodically poll the metadata url to ret...

SummarySince 4.2, we can control the default role prefix(default is ROLE_) at the single point of definition (gh-3701).H...

Compiled code should contain parameter names to avoid the need for class resources to be included in native image builds...

The ACL docs say:You’ll also need to populate the database with the four ACL-specific tables listed in the last section ...

Related https://github.com/spring-projects/spring-security-samples/issues/30It's not clear in the multitenancy snippets ...

In 5.5, gh-samples-url points to https://github.com/spring-projects/spring-security/tree/5.5.0/samples, but the samples ...

When Nimbus throws a ParseException, NimbusJwtDecoder will simplify the error message in the wrapped exception. It shoul...