Expected BehaviorThe integration tests in spring-security-ldap use a random port to prevent collisionsCurrent BehaviorTh...

SummaryCan we please allow for configuring the desired value of the "secure" flag for the XSRF-TOKEN cookie created by C...

Describe the bugI have a spring security application that configures a ConcurrencyControlConfigurer with maximum session...

SummaryWhen using JUnit 5 it seems that setting the setupBefore parameter of @WithUserDetails to TestExecutionEvent.TEST...

Expected Behaviorin the configuraion ymlregistration: classlink: ...Current BehaviorDefault support for goo...

Describe the bugSpring Web MVC @RequestMapping handler method receives null as Authentication argument when forwarded fr...

@jgrandja The code (authorization_code) is a temporary credential that can be used one-time only, hence, the AUTHORIZATI...

SummaryI was asked to open this issue here after Spring REST Docs team investigated my issue why REST Docs did not get c...

Expected BehaviorOne of the protocols support by OAuth is Client Assertion as authenticationA client uses an assertion t...

The Javadoc for setExitUserMatcher mentions thatThis is a shortcut for setExitUserMatcher(RequestMatcher)This is incorre...

SummaryWhile some prefer the readability of using the Optional API, the GC overhead of creating additional objects (incl...

SummaryI recently upgraded to Spring Security 5.2.0.RC1 because Webclient is not 'renewing' tokens for Oauth2 Client_cre...

Expected BehaviorFrom spring-security-oauth2-client:5.3.2.RELEASE, my project transitively gets+--- org.springframework....

Describe the bugWhen use java.util.List.of(), ProviderManager#checkState() throws NullPointerException.checkState() uses...

As requested, I am splitting the long and unclear #8560 into several issues. This issue is about (thinking about) chang...

As requested, I am splitting the long and unclear #8560 into several issues. This issue is about (thinking about) chang...

As requested, I am splitting the long and unclear #8560 into several issues. This issue is about documenting how one te...

As requested, I am splitting the long and unclear #8560 into several issues. This issue is about documenting how BindAut...

This is really long, but you can stop after the "what I want you to do" section if you want; I figured after doing the w...

Expected Behaviorsimilar to @WithMockUser: @Test @WithMockOidcUser(name = "Any@unknown.org" ) public ...