spring-security
spring-security copied to clipboard
spring-projects
Spring Security
An `InMemoryOidcSessionRegistry` is limited to storing things only on a single instance. A JDBC-based implementation will make so that OIDC Backchannel Logout will work in a clustered environment.
## Describe the bug I'm trying to configure Back-Channel Logout on an [OAuth2 BFF](https://www.baeldung.com/spring-cloud-gateway-bff-oauth2): a reactive Spring Cloud Gateway instance configured with `oauth2Login` and the `TokenRelay=` filter. As this BFF...
Please see here >> https://stackoverflow.com/questions/78698990/spring-webflux-preauthorize-not-working-work-using-kotlin **Describe the bug** A clear and concise description of what the bug is. **To Reproduce** Steps to reproduce the behavior. **Expected behavior** A clear and...
Hello, We are encountering an issue with the `sec:authorize` expression in JSPX files after upgrading to Spring Security 6. We've created a simple Spring Boot application to reproduce the exception:...
We should consider adding support for [OAuth 2.0 Device Authorization Grant](https://tools.ietf.org/html/rfc8628). Related gh-12852
Prefer usage of the Lambda DSL. The `OAuth2ResourceServerConfigurer::opaqueToken` and `OAuth2ResourceServerConfigurer::jwt` methods are deprecated since Spring Security 6.1. With Spring Security 6.3, it looks like both methods are not working.
Closes gh-15352
OAuth2AuthorizationRequest should not be final class [the issue link](https://github.com/spring-projects/spring-security/issues/15354)
**New Behavior** I'd like the ability to attach additional attributes/properties to `ClientRegistration`s and `ProviderDetails`, so that it can be utilized by `ReactiveOAuth2AccessTokenResponseClient`s and `OAuth2AccessTokenResponseClient`s when requesting tokens. For example, when...
**Describe the bug** I don't know the exact spring security patch version where this behavior changed, but in 6.2.4 I had a setup like this: ```java @RestController @PreAuthorize("hasAdminRole()") // expression...
