spring-security
spring-security copied to clipboard
spring-projects
Spring Security
Closes #11475
Spring Security [11510](https://github.com/spring-projects/spring-security/issues/11510) - Implemented isFullyAuthenticated function which is composition of isAnonymous & isRememberMe
Fixes BasicAuthenticationFilter skips re-authentication if username changes and Authentication object is not UsernamePasswordAuthenticationToken #10347
There is no whitespace between error message and IP address value `IpAddressMatcher#parseAddress()` If IP value is wrong, then error text looks like `Failed to parse addressi.am.ip`. There should be some...
fixes [gh-11716](https://github.com/spring-projects/spring-security/issues/11716)
**Describe the bug** GET request to http://localhost:8080/path/logout provides a confirmation page. After confirming the logout there is a post request to the root path resulting in a 404 error. **To...
### Summary For resources that are public (i.e. images, javascript, css, etc) Spring Security should in many cases be able to avoid accessing the HttpSession. This has a significant implication...
Annotation attributes are now visible without any additional hints. See: - https://github.com/spring-projects/spring-framework/issues/28967
**Describe the bug** If you are setting up a NimbusJwtDecoder using Spring Security, we have the possibility to provide a Cache that will be used for storing the JWK Set....
savedRequest is only used in conditional statements. Thus I moved the constructor for DefaultSavedRequest into the conditional statements. Then it will be only executed when conditions met. Accordingly, I expect...
