SummaryCannot integrate Spring Cloud Gateway (which uses Spring Security 5.2) with OAuth2 Authorization Server using Res...

The SAML 2.0 Login sample could be improved by:Looking more like the OAuth 2.0 Login sample, for easy comparisonUsing th...

I have configured spring security using:@Import(SecurityProblemSupport.class)@EnableWebSecurity@Configuration@EnableGlob...

When reaching out for support regarding spring security I get refered to stackoverflow.com. However once I ask a questio...

SummaryIt would be useful to have release notes for Spring Security, summarizing the bug fixes and enhancements made in ...

If I want to access to the permitAll web api with bearer token ,but my token is invalid, I cant't access the web api. I...

It would be better if OpenSamlImplementation didn't use reflection.OpenSamlImplementation#buildSAMLObject(Class<?>...

The test retrieveFluxWhenDataFluxAndSecureThenDenied throws a MessageDeliveryException because it makes a request to a r...

The OAuth2AuthorizedClientManager implementations should be assigned a sensible default for the associated OAuth2Authori...

Add OAuth2AuthorizeRequest.Builder.principal(String) as a convenience method for OAuth2AuthorizeRequest.Builder.principa...

SummaryI want to manually set Authentication to SecurityContext in a Spring Cloud Gateway application, but ReactiveSecur...

It can be handy when testing to state that your ldap server should use port 0, that is, indicate that any available port...

As a result of #8091 !?Comment From: MikeN123This seems to break startup of all our applications. That is something we n...

SummaryI can't find if there is a way to prevent bearer validation on each request for a short period. I would hope ther...

SummaryWebFlux OAuth2 WebClient Authentication in grant_type client_credentials uses the same token from HTTP Server Req...

where is the spring-security-openid sample? It can be instead of spring-social?Comment From: rwinchAll of the samples a...

SummaryIn my app,I want do more granular authentication In AccessDecisionManager By HttpServletRequest Body data.But Htt...

SummaryToday, it isn't clear how to best configure Spring Security to support a multi-tenant OAuth2 client.Here is an ex...

SummaryWhen providing a basic auth header without any user/password combination an java.lang.StringIndexOutOfBoundsExcep...

SummaryI have to process a token response containing a null value for the scope key, which fails with a NullPointerExcep...