Skip to content

Pull requests: spring-projects/spring-security

New pull request New
51 Open 4,234 Closed
51 Open 4,234 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Allow specifying a ServerAuthenticationConverter for x509() status: waiting-for-triage An issue we've not yet triaged
#17382 opened Jun 27, 2025 by blake-bauman Loading…
Allow multiple ServerLogoutHandler instances in WebFlux status: waiting-for-triage An issue we've not yet triaged
#17381 opened Jun 27, 2025 by blake-bauman Loading…
Remove AllowFromStrategy in favor of ContentSecurityPolicy status: waiting-for-triage An issue we've not yet triaged
#17358 opened Jun 25, 2025 by therepanic Loading…
1
Fix equals and hashCode in PathPatternRequestMatcher to include HTTP method status: waiting-for-triage An issue we've not yet triaged
#17337 opened Jun 23, 2025 by therepanic Loading…
1
Remove deprecated classes moved to other packages in: core An issue in spring-security-core type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#17330 opened Jun 22, 2025 by ronodhirSoumik Loading…
1 task
7.0.x
1
@jzheaux
2
Remove RelyingPartyRegistration deprecations in: saml2 An issue in SAML2 modules type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#17329 opened Jun 22, 2025 by ngocnhan-tran1996 Loading… 7.0.x
1
@jzheaux
6
Remove Nimbus(Reactive)OpaqueTokenIntrospector in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#17326 opened Jun 21, 2025 by ngocnhan-tran1996 Loading… 7.0.x
1
@jzheaux
3
Use LdapName instead of DistinguishedName in: ldap An issue in spring-security-ldap type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#17325 opened Jun 21, 2025 by therepanic Loading… 7.0.x
1
@jzheaux
5
Convert to use LdapClient instead of SpringSecurityLdapTemplate in Pa… status: waiting-for-triage An issue we've not yet triaged
#17324 opened Jun 21, 2025 by minkukjo Loading…
1
1
Default to XorCsrfChannelInterceptor in XML configuration status: waiting-for-triage An issue we've not yet triaged
#17323 opened Jun 20, 2025 by msqr Loading…
Remove deprecated elements using AuthorizationDecision status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17322 opened Jun 20, 2025 by ngocnhan-tran1996 Loading…
1
Remove RequestVariablesExtractor in favor of RequestMatcher#matcher status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17320 opened Jun 20, 2025 by therepanic Loading…
1
Fixed link to CSRF checks on rubyonrails.org site status: waiting-for-triage An issue we've not yet triaged
#17319 opened Jun 20, 2025 by fa11enangel Loading…
Adjust log message to include guidance for XML users status: waiting-for-triage An issue we've not yet triaged
#17317 opened Jun 20, 2025 by x7Git Loading…
Remove deprecated elements from DaoAuthenticationProvider status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17315 opened Jun 19, 2025 by ngocnhan-tran1996 Loading…
1
Removed deprecated Base64 of crypto package status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17314 opened Jun 19, 2025 by ronodhirSoumik Loading…
1
Remove deprecated elements of RoleHierarchyImpl status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17313 opened Jun 19, 2025 by ngocnhan-tran1996 Loading…
1
Remove PrePostTemplateDefaults status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17312 opened Jun 19, 2025 by ngocnhan-tran1996 Loading…
1
Remove EnableWebMvcSecurity status: waiting-for-triage An issue we've not yet triaged type: breaks-passivity A change that breaks passivity with the previous release
#17311 opened Jun 19, 2025 by ngocnhan-tran1996 Loading…
1
Polish status: waiting-for-triage An issue we've not yet triaged
#17310 opened Jun 18, 2025 by ngocnhan-tran1996 Loading…
Improve authoritiesClaimName validation in JwtGrantedAuthoritiesConverter status: waiting-for-triage An issue we've not yet triaged
#17247 opened Jun 14, 2025 by chanbinme Loading…
9
Ensure ID Token is updated after refresh token (Reactive) in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17246 opened Jun 14, 2025 by evgeniycheban Draft 7.0.x
1
@jgrandja
Fix PublicKeyCredentialType.PUBLIC_KEY comparison with Spring Session in: web An issue in web modules (web, webmvc) status: waiting-for-feedback We need additional information before we can continue type: bug A general bug
#17223 opened Jun 10, 2025 by ltanguy Loading…
1
@rwinch
1
Add Support DPoP Customization in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17202 opened Jun 3, 2025 by franticticktick Draft 7.0.x
1
@jgrandja
1
Support custom OAuth2AuthenticatedPrincipal in Jwt-based authentication flow in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17191 opened Jun 1, 2025 by therepanic Loading…
1
@jzheaux
1
ProTip! Add no:assignee to see everything that’s not assigned.