Skip to content

Pull requests: spring-projects/spring-security

New pull request New
42 Open 4,440 Closed
42 Open 4,440 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 type: dependency-upgrade A dependency upgrade
#17642 opened Jul 31, 2025 by dependabot bot Loading…
Add Referrer-Policy header to default security headers status: waiting-for-triage An issue we've not yet triaged
#17606 opened Jul 23, 2025 by therepanic Loading…
1
Remove PortResolver status: waiting-for-triage An issue we've not yet triaged
#17524 opened Jul 14, 2025 by kse-music Loading…
1
Add createdTime field to SessionInformation in: core An issue in spring-security-core type: enhancement A general enhancement
#17513 opened Jul 13, 2025 by therepanic Loading…
1
@jgrandja
3
PKCE configuration - enabled by default in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release
#17507 opened Jul 10, 2025 by rohan-naik07 Loading…
@jgrandja
3
Add lambda DSL method for featurePolicy status: waiting-for-triage An issue we've not yet triaged
#17492 opened Jul 7, 2025 by therepanic Loading…
1
2
Implement equals and hashCode in OidcIdToken status: waiting-for-triage An issue we've not yet triaged
#17485 opened Jul 4, 2025 by therepanic Loading…
1
2
Remove ACL access implementations in favor of AclPermissionEvaluator in: acl An issue in spring-security-acl status: blocked An issue that's blocked on an external project change type: breaks-passivity A change that breaks passivity with the previous release
#17475 opened Jul 3, 2025 by therepanic Loading…
1
@jzheaux
1
Add ExpressionTemplateValueProvider in: core An issue in spring-security-core status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#17448 opened Jul 2, 2025 by mheath Loading… 7.0.x
1
@jzheaux
11
Change FilterBasedLdapUserSearch to use LdapClient status: waiting-for-triage An issue we've not yet triaged
#17384 opened Jun 29, 2025 by therepanic Loading…
1
Allow specifying a ServerAuthenticationConverter for x509() status: waiting-for-triage An issue we've not yet triaged
#17382 opened Jun 27, 2025 by blake-bauman Loading…
Allow multiple ServerLogoutHandler instances in ServerHttpSecurity in: config An issue in spring-security-config type: enhancement A general enhancement
#17381 opened Jun 27, 2025 by blake-bauman Loading… 7.0.x
@jzheaux
10
Remove AllowFromStrategy in favor of ContentSecurityPolicy status: waiting-for-triage An issue we've not yet triaged
#17358 opened Jun 25, 2025 by therepanic Loading…
1
Convert to use LdapClient instead of SpringSecurityLdapTemplate in Pa… status: waiting-for-triage An issue we've not yet triaged
#17324 opened Jun 21, 2025 by minkukjo Loading…
1
1
Adjust log message to include guidance for XML users status: waiting-for-triage An issue we've not yet triaged
#17317 opened Jun 20, 2025 by x7Git Loading…
Improve authoritiesClaimName validation in JwtGrantedAuthoritiesConverter in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17247 opened Jun 14, 2025 by chanbinme Loading…
@jzheaux
10
Ensure ID Token is updated after refresh token (Reactive) in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17246 opened Jun 14, 2025 by evgeniycheban Draft 7.0.x
1
@jgrandja
Fix PublicKeyCredentialType.PUBLIC_KEY comparison with Spring Session in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#17223 opened Jun 10, 2025 by ltanguy Loading…
1
@rwinch
2
Add Support DPoP Customization in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17202 opened Jun 3, 2025 by franticticktick Draft 7.0.x
1
@jgrandja
1
Support custom OAuth2AuthenticatedPrincipal in Jwt-based authentication flow in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17191 opened Jun 1, 2025 by therepanic Loading…
1
@jzheaux
8
Make X509CertificateThumbprintValidator to be public and non-final class in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17178 opened May 28, 2025 by edmundham Loading…
Add support setting X509PrincipalExtractor as bean status: waiting-for-triage An issue we've not yet triaged
#17171 opened May 26, 2025 by franticticktick Loading…
1
Add option to disable anonymous authentication in RSocketSecurity in: rsocket type: enhancement A general enhancement
#17159 opened May 22, 2025 by therepanic Loading… 7.0.x
1
@jzheaux
5
Fix traceId discrepancy in case error in servlet web in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#17134 opened May 18, 2025 by nkonev Loading… 6.4.9
@jzheaux
9
Document Upgrading Password Encoding status: waiting-for-triage An issue we've not yet triaged
#17120 opened May 15, 2025 by m0rk4 Loading…
1
ProTip! Updated in the last three days: updated:>2025-07-28.