Expected BehaviorWe should be able to configure WebSecurity without needing WebSecurityConfigurerAdapter.The approach is...

Describe the bugWhen grabbing the email attribute (urn:oid:0.9.2342.19200300.100.1.3) from the SimpleSaml2AuthenticatedP...

Current BehaviorStandardInterceptUrlRegistry is defined in UrlAuthorizationConfigurer:public class StandardInterceptUrlR...

Describe the bugI am not sure whether this is an intended change or bug.To Reproducehttps://mvnrepository.com/artifact/o...

I've been working on deploying a webapp using Spring Boot in AWS Lambda using the aws-serverless-java-container, which r...

Describe the bugWhen using a max session configuration for concurrency control, it can result in a NullPointerException....

Describe the bug formLogin().failureHandler() method set FormLoginConfigurer field failureUrl null,so, I do not redire...

Is there any way to set default registration for openid connect when you have multiple registration/provider? There is o...

Hello,Why you don't add an enhancement that supports permission for class level based on roles with the annotation @PreA...

The snapshot tests are failing as a result of this commit. See spring-framework#23842.This fix should adapt to WebClient...

Describe the bugWebsocket traffic is not considered as session activity. If an application has active websocket traffic,...

Actual BehaviorHello ,I want to disable spring-security, in order to be able to skip login verification authority verifi...

SessionRegistryImpl can be used to track sessions. We can register new sessions with it. When the session expires it'll ...

Currently we use spring-security-saml in an open-source OIDC-SAML proxy. As the spring-security-saml project is in maint...

Expected BehaviorSAML IDP registration can be configured via either IDP metadata URL or file-based metadata instead of m...

Describe the bugin master branch, Schedulers.boundedElastic() is not used because the Mono chain is broken.https://githu...

Hi everyone,I have implemented spring security in a restful api.Now i want to access request parameters but i'm always g...

Describe the bugVersion 5.4.0 of Spring Security Core is named 5.4.0 whereas the versions before, like other Spring libr...

SummaryWith the current implementation - in Spring Security 5.2.1 - it works very well to map external roles / authoriti...

https://github.com/spring-io/spring-javaformat/ provides checkstyle and automatic source formatting for Spring Project. ...