spring-security
spring-security copied to clipboard
spring-projects
Spring Security
In order to highlight the configuration improvements of gh-13763, we need a place in the docs to add some reactive code examples for OAuth2 Client. We should create a landing...
Need to add `BearerTokenAuthenticationConverter` that implements `AuthenticationConverter`. Perhaps, it is worth extract some of the functionality from `ServerBearerTokenAuthenticationConverter` into `AbstractBearerTokenAuthenticationConverter` for example. This will be a template method pattern.
**Expected Behavior** In `DefaultRelyingPartyRegistrationResolver` class, there is a private static method `resolve()` method that is used to resolve URL strings defined in the relying party registration information containing variables, such...
### Summary I need to customize the behavior of the reactive method security expression handler. In the non reactive version this could be done extending `GlobalMethodSecurityConfiguration` as stated in the...
Fixes #11725 Please let me know if i have implemented something incorrectly. First time submitting a PR for bug fix :)
**Describe the bug** DefaultLdapAuthoritiesPopulator does not provide a way to fetch all authorities belonging to the user if pagination is enforced on the LDAP Server. We have a use-case where,...
The workflow has been disabled to run on a scheduled basis in https://github.com/spring-projects/spring-security/issues/14732. That happened because we might have different needs for different branches, for example, we might want to...
Need to add https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html support.
There are times that users cannot add annotations to objects or APIs that they want to secure. For example, consider if an _team external_ provides a `PersonService` and _team internal_...
**Describe the bug** In a Spring Boot application with multiple servlets registered to the context (DispatcherServlet and at least one other), an `IllegalArgumentException` with message `Failed to find servlet []...
