Rob Winch
Rob Winch
It would be nice to support [PublicKeyCredentialCreationOptions.attestationFormats](https://www.w3.org/TR/webauthn-3/#dom-publickeycredentialcreationoptions-attestationformats). NOTE: This was originally mentioned on gh-889 but is on hold for now. I'm creating this ticket to ensure this is tracked.
Forward port of issue #15974 to 5.8.x.
Forward port of issue #15975 to 5.8.x.
Spring Security does not use the `ServerExchangeRejectedHandler` Bean when exposed. We should fix this, but in the meantime users can leverage a `BeanPostProcessor` approach. ```java @Bean BeanPostProcessor beanPostProcessor() { return...
Spring Security does not use the `ServerWebExchangeFirewall` Bean when exposed. We should fix this, but in the meantime users can leverage a `BeanPostProcessor` approach. ```java @Bean BeanPostProcessor beanPostProcessor() { return...
`PortResolver` was created to work around an old IE bug where `ServerRequest.getServerPort()` could return the incorrect port at times. We should: - [ ] #7273 - [ ] Construct Absolute...
We should consider removing PortResolver as it leads to confusion is likely no longer necessary. See gh-8140 gh-12971
### Summary https://www.w3.org/TR/webauthn Work on this was started in gh-6842 but [stalled](https://github.com/spring-projects/spring-security/pull/6842#issuecomment-630373926). The work is still in https://github.com/rwinch/spring-security-webauthn
Running a build I'm seeing that the s101 configuration takes over 30 seconds. Configuration should defer all work until a task is executed so that the work is only done...