Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
68 Open 1,017 Closed
68 Open 1,017 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Automatically apply Customizer Beans to the Security DSL in: config An issue in spring-security-config type: enhancement A general enhancement
#16258 opened Dec 11, 2024 by rwinch 6.5.x
@rwinch
1
Add support fullyAuthenticated to Kotlin DSL in: config An issue in spring-security-config type: enhancement A general enhancement
#16190 opened Nov 29, 2024 by franticticktick Loading… 6.5.x
1
@jzheaux
9
Leave Filter Chain Observations Off By Default in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15858 opened Sep 26, 2024 by jzheaux 7.0.x
@jzheaux
Consider favoring ObjectProvider#getIfAvailable in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15821 opened Sep 17, 2024 by jzheaux 7.0.x
Provide a way to customize the default RequestCache without replacing the entire implementation in: config An issue in spring-security-config type: enhancement A general enhancement
#15707 opened Aug 28, 2024 by eric-creekside
5
Remove authorizeRequests from Kotlin DSL in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#15174 opened May 27, 2024 by marcusdacoregio 7.0.0-M1
LogoutConfigurer forces POST even if CSRF is disabled for /logout in: config An issue in spring-security-config status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#14913 opened Apr 15, 2024 by erizzo
@sjohnr
3
AnonymousConfigurer.authorities only accepts GrantedAuthorities but no subtypes of GrantedAuthorities in: config An issue in spring-security-config type: enhancement A general enhancement
#14435 opened Jan 10, 2024 by tobias-lippert 7.0.x
@sjohnr
3
Fix Customizer.withDefaults() for authorizeHttpRequests for: team-attention This ticket should be discussed as a team before proceeding in: config An issue in spring-security-config type: enhancement A general enhancement
#14344 opened Dec 18, 2023 by manueljordan
3
Endpoint filters should be reachable when using spring.mvc.servlet.path in: config An issue in spring-security-config type: enhancement A general enhancement
#14230 opened Dec 1, 2023 by ldcsaa
@jzheaux
5
Consider warning users if securityMatchers do not match some filter in the chain in: config An issue in spring-security-config status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#14096 opened Nov 4, 2023 by Haarolean
3
Improve CVE-2023-34035 detection in: config An issue in spring-security-config type: bug A general bug
#13568 opened Jul 20, 2023 by dreis2211
5 of 6 tasks
@jzheaux
63
Default Servlet Headers Should Include Referrer-Policy in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13567 opened Jul 20, 2023 by marcusdacoregio 7.0.0-M1
Simplify MvcRequestMatcher construction in: config An issue in spring-security-config type: enhancement A general enhancement
#13562 opened Jul 18, 2023 by jzheaux
2
@jzheaux
1
Updating to mockito 4.11.0 causes OAuth2LoginBeanDefinitionParserTests and OAuth2ClientBeanDefinitionParserTests to fail in: config An issue in spring-security-config type: bug A general bug
#13546 opened Jul 15, 2023 by jzheaux
Remove AbstractConfiguredSecurityBuilder#apply in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13441 opened Jun 30, 2023 by marcusdacoregio 7.0.0-M1
Customizable set of JwtClaimValidators for OAuth Resource Server in: config An issue in spring-security-config type: enhancement A general enhancement
#13249 opened May 31, 2023 by romangr
7
Align Return Types of no-arg and Customizer arg Configuration Methods in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13093 opened Apr 25, 2023 by marcusdacoregio
2
Remove .and() and non lambda methods from DSL in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#13067 opened Apr 18, 2023 by marcusdacoregio 7.0.0-M1
Add remaining lambda methods to configuration in: config An issue in spring-security-config type: enhancement A general enhancement
#13003 opened Apr 12, 2023 by marcusdacoregio
6 tasks
1
Consider erroring when client authentication method is basic in: config An issue in spring-security-config type: bug A general bug
#12585 opened Jan 25, 2023 by jzheaux
Remove shouldFilterAllDispatcherTypes in: config An issue in spring-security-config type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#12139 opened Nov 3, 2022 by marcusdacoregio 7.0.0-M1
Resolve ContentNegotiationStrategy from ApplicationContext in: config An issue in spring-security-config type: enhancement A general enhancement
#12028 opened Oct 17, 2022 by marcusdacoregio
SecurityContextHolderStrategy bean should be copied to SecurityContextHolder by default in: config An issue in spring-security-config type: enhancement A general enhancement
#11886 opened Sep 20, 2022 by jzheaux General Backlog
2
HttpSecurity bean has no option to disable defaults in: config An issue in spring-security-config type: enhancement A general enhancement
#11633 opened Jul 27, 2022 by filiphr
12
ProTip! Exclude everything labeled bug with -label:bug.