Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1,014 Open 11,860 Closed
1,014 Open 11,860 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Improve documentation of WebFlux Username/Password login, WebSession persistence. status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16926 opened Apr 12, 2025 by BLCK-B
Support custom CAs in oauth login status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16920 opened Apr 10, 2025 by gbaso
Reactive implementation for DPoPAuthenticationProvider & related classes in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16912 opened Apr 9, 2025 by RyanW02 7.0.x
2
Remove deprecated implementations of OAuth2AccessTokenResponseClient in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16909 opened Apr 8, 2025 by sjohnr
4 tasks
7.0.0-M1
6
Support RFC 9493 ("sub_id" claim) status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16907 opened Apr 8, 2025 by OrangeDog
Support for JWT claims from RFC 9068 status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16906 opened Apr 8, 2025 by OrangeDog
Align Metadata Annotation Support with Spring Framework 7 type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16890 opened Apr 4, 2025 by rwinch 7.0.x
Remove Usage of Spring Framework APIs marked Deprecated for Removal type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16889 opened Apr 4, 2025 by rwinch 6.5.x
Revise HttpHeaders Usage type: bug A general bug type: theme An issue that describes a theme for a release
#16888 opened Apr 4, 2025 by rwinch 6.5.x
We should remove usage of PathMatcher in web modules type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16887 opened Apr 4, 2025 by rwinch 7.0.x
Remove HandlerMappingIntrospector Usage type: breaks-passivity A change that breaks passivity with the previous release type: task A general task type: theme An issue that describes a theme for a release
#16886 opened Apr 4, 2025 by rwinch 7.0.x
Declare Spring modules with JDK 9 module metadata type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16885 opened Apr 4, 2025 by rwinch 7.0.x
Kotlin 2.2 Upgrade type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16884 opened Apr 4, 2025 by rwinch 7.0.x
Update to Jakarta 11 type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16883 opened Apr 4, 2025 by rwinch
Null safety via JSpecify type: enhancement A general enhancement type: theme An issue that describes a theme for a release
#16882 opened Apr 4, 2025 by rwinch 7.0.x
Consider using Bouncy Castle BCrypt implementation type: enhancement A general enhancement
#16880 opened Apr 4, 2025 by jgrandja 7.0.x
2
Consider changing default encoder in PasswordEncoderFactories type: enhancement A general enhancement
#16879 opened Apr 4, 2025 by jgrandja 7.0.x
Change of default securityContextRepository in filters causes SessionRegistryImpl to be empty status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16878 opened Apr 4, 2025 by gcorsaro
proxy with spring security oauth2 status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16875 opened Apr 3, 2025 by f1-outsourcing
Allow Custom PublicKeyCredentialRequestOptionsRepository in WebAuthnConfigurer status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16874 opened Apr 3, 2025 by BenEfrati
1
DenyAllPermissionEvaluator Used As Silent Backup When Two PermissionEvaluator Beans Exist status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16872 opened Apr 3, 2025 by dcarrol3
1
ServerCsrfTokenRequestHandler should return reactive types in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16869 opened Apr 2, 2025 by jzheaux 7.0.x
Depecate org.springframework.security.crypto.codec.Hex status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
#16867 opened Apr 2, 2025 by OrangeDog
Example for customising AuthenticationEventPublisher does not work status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16866 opened Apr 2, 2025 by OrangeDog
JdbcUserDetailsManager.setEnableUpdatePassword in: core An issue in spring-security-core status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16863 opened Apr 1, 2025 by rwinch
@rwinch
3
ProTip! Follow long discussions with comments:>50.