spring-security
spring-security copied to clipboard
spring-projects
Spring Security
Changing URL from https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ to https://docs.spring.io/spring-security/reference/ since the first one doesn't exist anymore.
I'm sure this shouldn't happen, but when I try to access an endpoint requiring basic http authentication, from postman, but in postman set authetication to none, instead of getting not...
Closes gh-11298
**Context** Using Spring Boot 3.3.0 with: - spring-boot-starter-oauth2-authorization-server - spring-boot-starter-oauth2-client - spring-boot-starter-security - spring-boot-starter-web - spring-security-saml2-service-provider 6.3.0 **Bug description** We have set up Spring Authorization Server with an implementation of...
We should consider merging `AuthenticationManager` and `AuthenticationProvider` into a single interface, since both APIs are almost identical. We should also consider introducing a more generalized API, for example, `Authenticator`, and...
*When a refresh token grant exchange occurs with a ClientAuthentication Method set to `NONE`* On a servlet appliction, the `client_id` field will be missing because it is only added if...
**Describe the bug** Building the documentation using Antora with `./gradlew :spring-security-docs:antora` fails on Windows: ``` ./gradlew :spring-security-docs:antora > Task :spring-security-docs:antora FAILED [02:11:39.247] FATAL (antora): (@antora/collector-extension): Command failed with exit code...
A common question is "why do my public endpoints fail with a 401 when they are given invalid credentials?" The answer I usually give is: > This is by design....
**To Do:** - [x] Add unit tests - [ ] Add integration tests - [ ] Add reference documentation This PR adds implementations of `OAuth2AccessTokenResponseClient` that use `RestClient` as the...
@marcusdacoregio here is my take on https://github.com/spring-projects/spring-security/issues/15264 This is 3 changes (hence 3 commits): - The proposed way of being able to add the mapping from any authority into 1...
