玖涯软件开发|java/go/python

Spring Security Encoded password does not look like BCrypt

SummaryI have a problem with authenticating users using spring boot API and JWTActual BehaviorI see this error in my con...

Spring Security Spring Security uses class from OAuth2 project which results into NoClassDefFoundError

SummarySpring Security uses class from OAuth2 project which results into NoClassDefFoundError.Actual BehaviorWhen includ...

Spring Security ResourceServer getting - Authentication request failed: error="invalid_token"

SummaryI'm trying to develop resource server that provides APIs that will be consumed by various applications. I'm using...

Spring Security WebClient proxy configuration not respected with Spring Security

While setting up my Spring Boot Webflux (2.1.7.RELEASE) app as a resource server using Spring Security (spring-security-...

Spring Security Spring Security configuration

I have a problem about Spring Security。it may not a bug。but i can‘t find answer。Spring Security provides a variety of o...

Spring Security Question about PersistentRememberMeServices series generation algorithm

SummarySeries relates to username, it should be unique.AFAIK,SecureRandom do not guarantee unique.How did Spring Securit...

Spring Security OAuth2 with spring-security failed to start

Stack Traceorg.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterC...

Spring Security Allow specify header in ServerBearerTokenAuthenticationConverter

SummaryI'd like to be able to use the current ServerBearerTokenAuthenticationConverter but want to use a different heade...

Spring Security Spring MVC - Integration Tests using MockMvc & HttpSecurity are flaky

SummaryThe Integration tests I'm trying to run to check if my HttpSecurity access definitions (https://github.com/jonasb...

Spring Security Saml2WebSsoAuthenticationRequestFilter should not use OpenSamlAuthenticationRequestFactory by default

If Saml2WebSsoAuthenticationRequestFilter uses OpenSamlAuthenticationRequestFactory by default, then Spring Security is ...

Spring Security HttpSecurityDsl does not support addFilterBefore and addFilterAfter

SummaryHttpSecurityBuilder allows adding a filter before or after a specific filter using the addFilterBefore and addFil...

Spring Security BCryptPasswordEncoder.encode() throws NPE

https://github.com/spring-projects/spring-security/blob/1de0cf5057d755bcf25ef0db60297d42e2852f45/crypto/src/main/java/or...

Spring Security Missing documentations about Concurrent Session Control and Webflux

From the current documentation its very hard to understand what is supported in Webflux and what is not. For example Con...

Spring Security java.lang.IllegalStateException: permitAll only works with HttpSecurity.authorizeRequests()

Hi, I am migrating from Spring Security OAuth to Keycloak but I have some issue that should not occured if we follow the...

Spring Security Cannot configure cache lifespan of RemoteJWKSet

SummaryModule: spring-security-oauth2-joseThere is no way to configure the RemoteJWKSet cache lifespan even it actually ...

Spring Security AbstractAuthenticationProcessingFilter produces error when registering a custom UsernamePasswordAuthenticationFilter Bean

SummaryRegistering a custom UsernamePasswordAuthenticationFilter Bean produces java.lang.IllegalArgumentException: authe...