玖涯软件开发|java/go/python

Spring Security how to use one project access token in another project in spring boot

Hi,I need some assist in authentication. let me explain my query.user registration and login and some other stuffs are i...

Spring Security Disable/Enable SSL self-signed certification validation

Expected BehaviorDisable / Enable the internal request SSL certification validation by configuration.Current BehaviorI c...

Spring Security Use var for Java when same documentation page uses val for Kotlin

Documentation uses old java 8 style and for code samples and at same time uses Kotlin val style.Here is an example Java...

Spring Security When using OIDC, issuer is taken from issuer-uri instead of .well-known/openid-configuration

Steps to reproduceEnter a correct issuer-uri in application.properties. Spring is able to connect to the .well-known/ope...

Spring Security Fix custom marshaller example

Backport of https://github.com/spring-projects/spring-security/pull/9408Comment From: jzheauxClosed via 27e6743fd6c675bf...

Spring Security Spring Webflux : Avoid reauthentication in Basic

When using spring security with spring webflux, the authenticationmanager is called everytime.I am expecting spring secu...

Spring Security Constrain Nimbus dependencies to compatible majors

Currently, Spring Security selects the latest oauth2-oidc-sdk and nimbus-jose-jwt dependencies. This can create issues w...

Spring Security Support multiple authentication steps for MFA

Hello,I want to implement multi factor authentication in my web application using spring security, so I need to make the...

Spring Security Remove notEmpty check for authorities in DefaultOAuth2User

Describe the bugCurrently, DefaultOAuth2User constructor has a check to make sure that authorities parameter is not empt...

Spring Security Authentication is not ignored for csrf protection. Makes csrf security impossible for protected resources.

Describe the bugWe have an issue with our current setup: We migrated our spring oauth 2 security configuration to the la...

Spring Security ConcurrentSessionControlAuthenticationStrategy.allowableSessionsExceeded set the latest session to invalid, is this a bug?

Describe the bugIn Spring security 5.1.11.RELEASE, the allowableSessionsExceeded int maximumSessionsExceededBy = ses...

Spring Security Explain more about .headers().frameOptions().disable() and its impact

Expected BehaviorGet a detailed information about when use and how works and the impact of other security settings when ...

Spring Security Doc - why is the password in User non null

cleaning up our custom implementation of UserDetails based on the User implementation, I noticed that User throws an err...

Spring Security Wrong example name in Spring Security documentation

I have found that there's a wrong example name in the current documentation of Spring Security. I think it has been copy...

Spring Security Is not possible build Spring Security: java.lang.IllegalStateException: Could not load file 'etc/nohttp/allowlist.lines'

Describe the bug [Problem]Is not possible Build Spring SecurityTo ReproduceIn MacOS and Windows I have the following sit...