spring-security
spring-security copied to clipboard
spring-projects
Spring Security
The deprecation note advises to use technology-specific interceptor (`web`, `messaging` or `method`), but `AbstractSecurityInterceptor` is **technology-agnostic**, which allows to implement spring security for other tech-stack, not covered by spring ecosystem,...
Related to gh-7550. This is an implementation of a UserDetailsManager that will keep passwords updated. @jzheaux I have tried to add support for configuring this stuff both in code and...
**Expected Behavior** Allow the use RestClient (to be introduced in Spring 6.1) for blocking calls in a non reactive application In Oauth2 Client. See https://spring.io/blog/2023/07/13/new-in-spring-6-1-restclient. **Current Behavior** Only WebClient is...
As a follow up to gh-13784, we should improve the OAuth2 docs page to include: Code examples: - [x] Kotlin examples - [ ] XML examples Testing examples: - [...
This issue is a theme for the Spring Security 6.2 release. Issues that relate to this will be added below. # SAML 2.0 - [ ] :star2: https://github.com/spring-projects/spring-security/issues/12136 - [...
This issue is a theme for the Spring Security 6.2 release. Issues that relate to this will be added below. # Configuration Improvements - [ ] :star2: #12985 - [...
As a [project wide initiative](https://github.com/spring-projects/spring-framework/issues/29921) the portfolio is looking into support for Project CRaC which allows JVM snapshots to be taken and then restored for faster startup times. We will...
When using the following configuration: ` OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder() .password() .refreshToken() .build();` in case a refresh token is expired, the call to some endpoint will result with a 401....
It would be nice if we supported throwing `AccessDeniedException` for Method Security SpEL. This would allow method security to easily convey more information to the framework on why authorization failed...
**Describe the bug** After checking out the repository I want to run the `./gradlew format check` to make sure everything is ok before starting a new PR like described in...
