Spring Security Support customization of JwtAuthenticationProvider and BearerTokenResolver in multi-tenant systems (related to JwtIssuerAuthenticationManagerResolver)

  • 2025-01-18 05:54:38
  • 4627
Expected BehaviorIt should be possible to override / customize BearerTokenResolver and JwtAuthenticationProvider inside ...

Spring Security authorization_code grant should use same ServerRequestCache

  • 2025-01-18 05:54:23
  • 1499
ServerHttpSecurity.OAuth2ClientSpec.configure() registers OAuth2AuthorizationRequestRedirectWebFilter and OAuth2Authoriz...

Spring Security JwtDecoder should use Nimbus multiple-algorithm support

  • 2025-01-18 05:54:16
  • 169
Nimbus 8.18 added support for multiple algorithms to JWSVerificationKeySelector. Upgrading to this will remove Spring Se...

Spring Security Build should use fixed versions for nimbusds

  • 2025-01-18 05:54:13
  • 4246
I'm trying to do a custom build of a Spring Cloud Dataflow which itself have dependencies to Spring Security Oauth2 pack...

Spring Security Maven enforcer plugin throws convergence error for version 5.3.2.RELEASE

  • 2025-01-18 05:54:11
  • 1819
Dependency convergence error for com.nimbusds:nimbus-jose-jwt:8.8 paths to dependency are:+-some.internal.package:our-se...

Spring Security Document NoOpPasswordEncoder will not be removed

  • 2025-01-18 05:54:08
  • 199
Backport of gh-8525Comment From: spring-projects-issuesFixed via 04453cec967b072920832fd32c2afa35446155caComment From: e...

Spring Security No way to customize client credentials token request in WebClientReactiveClientCredentialsTokenResponseClient

  • 2025-01-18 05:53:56
  • 3333
Expected BehaviorIt should be possible to add custom params to the oauth2 token request body when using WebClientReactiv...

Spring Security Spring Security BOM 4.2.14.RELEASE is missing

  • 2025-01-18 05:53:53
  • 7357
SummaryMaven build is failing to compile due to missing dependencies when using the spring-security-bom maven artifact. ...

Spring Security Using OAuth2 client with decentralized providers

  • 2025-01-18 05:53:51
  • 4322
Most OAuth2 client registrations use a centralized provider. For example, Facebook always has an authorization URI of ht...

Spring Security Old Jose Nimbus version

  • 2025-01-18 05:53:48
  • 148
Sorry problem was behind of the monitor :) 👍 Comment From: MelleDOk my mistake sorry :)Comment From: jzheauxGlad you wer...

Spring Security @PreAuthorize("isAnonymous()") needs more config to effect

  • 2025-01-18 05:53:45
  • 1515
First,thank you for design this great framework.Describe the bug@PreAuthorize("isAnonymous()") needs more config to effe...

Spring Security Configure two different authentication methods is not working / Multiple HTTP security

  • 2025-01-18 05:53:43
  • 5002
SummaryBased on that docs it's possible to configure two authentication methods at the same Spring Instance, but for som...

Spring Security anyExchange().authenticated() causes AuthenticationWebFilter and AuthenticationManager invoke twice

  • 2025-01-18 05:53:40
  • 8878
SummaryI'm trying to authenticate against specific header in request.My Security config is as follows:@Configuration@Ena...

Spring Security Delay AuthenticationPrincipalArgumentResolver Lookup

  • 2025-01-18 05:53:36
  • 192
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay lookup of AuthenticationPrincipalArgumentReso...

Spring Security PKCE code verifier code challenge generated by client

  • 2025-01-18 05:53:32
  • 1129
Hi,as i understand PKCE in this flow code verifier and code challenge should be created on a clients front-end side (for...

Spring Security Spring Security Reactive doesn't store scopedTarget.oauth2ClientContext into Redis

  • 2025-01-18 05:53:28
  • 5709
Hello Teams,I'm using spring security oauth2 for single sign-on, and would like to use spring session to store oAuth2 in...

Spring Security Improvement: Log RemoteKeySourceException on higher log level instead of swallowing it silently

  • 2025-01-18 05:53:25
  • 1655
SummaryCurrently, in spring-security-oauth2-resource-server / spring-security-oauth2-jose, when an exception occurs for ...

Spring Security Remove ClientRegistrationRepository Mock Beans from Samples

  • 2025-01-18 05:53:22
  • 139
As of Spring Boot 5.3.0, @SpringBootTest and @WebMvcTest prepare a ClientRegistrationRepository, so introducing a @MockB...

Spring Security oauth2Client Test Support should not require an HttpSessionOAuth2AuthorizedClientRepository

  • 2025-01-18 05:53:20
  • 429
Expected BehaviorNo extra OAuth2AuthorizedClientRepository should be required for oauth2Client test support to work with...

Spring Security Add tokenFromMultipartDataEnabled to server CSRF Kotlin DSL

  • 2025-01-18 05:53:17
  • 376
We should allow a user to set tokenFromMultipartDataEnabled in the Kotlin DSL, just as we do in the Java DSL.The configu...
上一页 下一页
.