spring-security
https://github.com/spring-projects/spring-security
Java
Spring Security
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Java not yet supported180 Subscribers
View all SubscribersAdd a CodeTriage badge to spring-security
Help out
- Issues
- SAML login fails in Chromium based browser even after adding hash in the CSP
- Do not validate parameters in `ServerBearerTokenAuthenticationConverter` and `DefaultBearerTokenResolver` if not enabled
- `ServerBearerTokenAuthenticationConverter` validates parameters when not enabled
- Further document adding types to the Jackson allowlist
- Encode clientId and clientSecret for `OpaqueTokenIntrospector` and `ReactiveOpaqueTokenIntrospector`
- ServerHeadersDsl doesn't allow addition of custom ServerHttpHeadersWriter
- 6.4.0-RC1 - BeanDefinitionOverrideException: Invalid bean definition with name 'webAuthorizationManagerPostProcessor'
- Add JdbcRelyingPartyRegistrationRepository
- Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent
- Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor
- Docs
- Java not yet supported