SummarySecurityEvaluationContextExtension.getRootObject() should have a signature with a return type of SecurityExpressi...

> Task :spring-security-samples-boot-webflux-form:integrationTestsample.WebfluxFormApplicationTests > loginAndLogo...

SummaryConfigure an invalid response URL at the identity provider (using nonconfigured registration id) a NullPointerExc...

Because Bearer Token Error handling is based on a spec, there are only a few things that end up changing, depending on t...

Related to https://github.com/spring-projects/spring-security/issues/7793#issuecomment-573863533It'd be nice to have an ...

We should add test support for OAuth 2.0 Clients that stands independent from OAuth 2.0/OIDC Login test support.this.mv...

AuthenticationWebFilter uses the exchange object throughout its implementation. It uses it for its ServerWebExchangeMatc...

ava.lang.IllegalStateException: KeyStores with multiple certificates are not supported on the base class org.eclipse.jet...

SummaryWhen http basic auth is used and the request has an 'X-Requested-With: XMLHttpRequest' header set the server stil...

SummaryWhen using Annotation based method security, Spring Boot does not provide a way to whitelist controller methods b...

SummaryWhen specifying a custom requiresAuthenticationMatcher in formLogin for WebFlux security, it is not used unless a...

SummaryUse custom method when login fails, but authenticationFailureHandler method is invalidActual BehaviorUse the wron...

SummaryUsing scdf 2.3.0 on k8s, I am getting a org.springframework.security.oauth2.core.OAuth2AuthenticationException: P...

SummaryDefined a bean as:@Component(value="accessBean")public class AccessCheckBean { public String getPermision(){ ...

SummarySpring's WebClient allows specifying Basic Auth credentials quite simply:webClient.get() .uri(someEndpoint...

There are two issues here, one is directly related to Netty which is used by Spring Security - Connection rest by peer, ...

SummaryBasicAuthenticationConverter in BasicAuthenticationFilter ignores given credentials charset.Actual BehaviorWe try...

Task :spring-security-messaging:compileTestJava注: /Users/zhangxi/AndroidStudioProjects/MyApplication/spring-security/mes...

SummaryWhen using LDAP, if a file matching "*.ldif" exists on the classpath, then it should be used, if no other LDIF fi...

https://github.com/spring-projects/spring-security/pull/7260#discussion_r316789656We'd like to investigate if we can uti...