Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
196 Open 4,210 Closed
196 Open 4,210 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

JwtIssuerValidator default ports not match status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17187 opened May 30, 2025 by ashraf-revo
Override OncePerRequestFilter#getAlreadyFilteredAttributeName in AuthenticationFilter in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#17186 opened May 29, 2025 by therepanic Loading…
1
@jgrandja
3
Publishing a default TargetVisitor should not override Spring MVC support in: config An issue in spring-security-config type: bug A general bug
#17185 opened May 29, 2025 by jzheaux 6.5.1
1
@evgeniycheban
2
PathPatternRequestMatcher equals() only considers pattern instead of pattern, method, ... status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17180 opened May 28, 2025 by bartvr
2
6.4 -> 6.5 cannot be cast to class status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17175 opened May 27, 2025 by fkowal
1
Kotlin security configuration examples call AuthorizeHttpRequestsDsl::authorize with an array of patterns, but this signature doesn't exist status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17174 opened May 27, 2025 by sh-at-cs
DPoP filter is ignored when another AuthenticationFilter is present in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#17173 opened May 27, 2025 by gbaso 6.5.1
1
@jgrandja
3
OAuth2ResourceServer using authenticationManagerResolver results in tokenAuthenticationManager cannot be null while startup status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17172 opened May 26, 2025 by aykborstelmann
1
Reactive WebClient OAuth2 SSO authentication performs too many /oauth2/token request when token expires status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17167 opened May 25, 2025 by System25
WebAuthn: credential registration fails with an unknown credential type error status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17164 opened May 23, 2025 by ltanguy
3
WebSecurity.ignoring().anyRequest() no longer works status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17155 opened May 21, 2025 by crmky
8
Graalvm Could not resolve matching constructor on bean class [org.springframework.security.authentication.AuthenticationManager] status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17123 opened May 16, 2025 by yyyyyyyysssss
NimbusJwtEncoder does not support Edwards Curve signature (EdDSA) family algorithms. status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17098 opened May 13, 2025 by TRUSTMEIMJEDI
Oauth2: Lookup from oauth2 well-known endpoint fails, if lookup of the oidc well-known endpoint errors status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17036 opened May 4, 2025 by lbueker
Oauth2: docs refer to deprecated classes status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17022 opened Apr 30, 2025 by lbruun
Cannot add security configurers during builder initialization status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#17011 opened Apr 29, 2025 by heruan
1
1
HttpsRedirectWebFilter can redirect to https:/ status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16968 opened Apr 18, 2025 by rwinch
Duplicate pre-auth Session Id same as of already logged in user status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16961 opened Apr 18, 2025 by HavyakaX07
Issue of private_key_jwt authentication type token issuance (JwtClientAssertionAuthenticationConverter) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16945 opened Apr 16, 2025 by dev-jsshin
Fix HttpSessionRequestCache#getMatchingRequest query string parsing in: web An issue in web modules (web, webmvc) type: bug A general bug
#16914 opened Apr 9, 2025 by Kehrlann Loading… 6.4.x
Revise HttpHeaders Usage type: bug A general bug type: theme An issue that describes a theme for a release
#16888 opened Apr 4, 2025 by rwinch 6.5.x
1
Change of default securityContextRepository in filters causes SessionRegistryImpl to be empty status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16878 opened Apr 4, 2025 by gcorsaro
proxy with spring security oauth2 status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16875 opened Apr 3, 2025 by f1-outsourcing
DenyAllPermissionEvaluator Used As Silent Backup When Two PermissionEvaluator Beans Exist status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16872 opened Apr 3, 2025 by dcarrol3
1
Example for customising AuthenticationEventPublisher does not work status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16866 opened Apr 2, 2025 by OrangeDog
ProTip! Find all open issues with in progress development work with linked:pr.