Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
131 Open 1,657 Closed
131 Open 1,657 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

ServerCsrfTokenRequestHandler should return reactive types in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16869 opened Apr 2, 2025 by jzheaux 7.0.x
Spring Security and Error Handling in: web An issue in web modules (web, webmvc) type: bug A general bug
#16554 opened Feb 7, 2025 by rwinch 6.4.x
Replace WebInvocationPrivilegeEvaluator in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16543 opened Feb 5, 2025 by jzheaux
3 tasks
1
AbstractUserDetailsAuthenticationProvider should not swallow UsernameNotFoundException in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16496 opened Jan 28, 2025 by jzheaux
@kiruthiga1793
6
AntPathRequestMatcher and MvcRequestMatcher have inconsistent behaviour against requests with null method in: web An issue in web modules (web, webmvc) type: bug A general bug
#16491 opened Jan 27, 2025 by symposion
@jzheaux
3
One Time Token should not be created if user does not exist in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16483 opened Jan 24, 2025 by rwinch
5 of 6 tasks
@rwinch
1
One Time Token Error Message in: web An issue in web modules (web, webmvc) type: bug A general bug
#16473 opened Jan 23, 2025 by danvega 6.4.x
@rwinch
2
Support for WebAuthn Registration for anonymous user in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#16351 opened Dec 30, 2024 by justincranford
@rwinch
4
Favor Relative Redirects by Default in: web An issue in web modules (web, webmvc) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16300 opened Dec 18, 2024 by jzheaux 7.0.0-M1
Improve the BasicAuthenticationFilter to allow callbacks for both successful and failed authentication events. in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#16281 opened Dec 13, 2024 by pongdangx2
@jzheaux
2
Add @AuthorizeRequestMapping annotation in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16250 opened Dec 9, 2024 by rwinch 7.0.x
@rwinch
7
Add "Best Match" based Web Authorization Rules in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16249 opened Dec 9, 2024 by rwinch 7.0.x
@rwinch
1
Simplify Custom Handling for Compromised Passwords in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16223 opened Dec 5, 2024 by rwinch 6.5.x
@jzheaux
Spring Security's Filters and WebFilters Automatically Registered by Spring Boot in: web An issue in web modules (web, webmvc) type: bug A general bug
#16222 opened Dec 5, 2024 by rwinch 7.0.x
@rwinch
5
Passkey Endpoints do not Honor .permitAll() in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#16070 opened Nov 12, 2024 by Jyosua
@rwinch
5
Improve Integration between Authorized Objects and Spring MVC in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#16057 opened Nov 11, 2024 by jzheaux
1 of 2 tasks
6.5.x
@jzheaux
Remove PortResolver in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15971 opened Oct 22, 2024 by rwinch 7.0.0-M1
@rwinch
Support Reactive One-Time Tokens in a Clustered Environment in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15901 opened Oct 11, 2024 by franticticktick 7.0.x
@franticticktick
3
Consider allowing oneTimeTokenLogin() to authenticate different devices in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15744 opened Sep 5, 2024 by marcusdacoregio
1
Consider a OneTimeToken integration with Spring MVC in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#15623 opened Aug 16, 2024 by marcusdacoregio
3
Spring Webflex - reactor core exception - accessing endpoint with http: basic auth in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided
#15348 opened Jul 2, 2024 by dreamstar-enterprises
2
@EnableReactiveMethodSecurity does not support ResponseEntity<Publisher<T>> as return type in: web An issue in web modules (web, webmvc) status: blocked An issue that's blocked on an external project change type: enhancement A general enhancement
#14731 opened Mar 13, 2024 by elkhart
1
4
Consider a ReactiveMaximumSessionExceededHandler that performs POST /logout in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14510 opened Jan 30, 2024 by marcusdacoregio
Improve Single-Sign-On Redirect for SameSite=Lax and SameSite=Strict in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14297 opened Dec 13, 2023 by jzheaux
3
Simplify CSRF Configuration for SPAs in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#14149 opened Nov 15, 2023 by jzheaux
8
ProTip! Updated in the last three days: updated:>2025-04-15.