Describe the bugIn the spring security documentation (https://docs.spring.io/spring-security/site/docs/current/reference...

Describe the bugOn our systems we see a NullPointerException for cached static resources with spring-security-web-5.3.3:...

SummaryError "invalid_token_response" don't emit a corresponding ApplicationEvent.In my specific case, the application f...

Describe the bugI inherit AbstractAuthenticationFilterConfigurer and call super method in configure method will cause ja...

Describe the bugWhen i have spring-boot-starter-security as a dependency in my SpringBoot Webflux project, HTTP Request ...

Describe the bugOur application provides ability to configure authentication with OpenID Connect(following documentation...

I'am using Spring Boot 2.1.5.RELEASE with preconfigured spring-security 5.1.5.RELEASEIt seem that transitive dependency ...

SummaryIt would appear that when supplying a custom AuthenticationFailureHandler to formLogin().failureHandler(), the re...

SummarySee https://github.com/spring-projects/spring-security/blob/master/web/src/main/java/org/springframework/security...

SummaryUpdate to org.aspectj 1.9.4Currently, this version of aspectj causes build failures on Java 9+.The error is:java....

SummaryThe themes for Spring Security 5.2 are:OAuth2Opaque token supportExpanding supported grant typesSupporting other ...

Whenever I run my application I am shown an error " Can't configure antMatchers after anyRequest"Even though My configur...

SummaryCustom CorsFilter is not being called if credential not matched on spring basic authentication.Actual BehaviorI h...

Rob Winch (Migrated from SEC-2562) said:Password storage has come a long ways and is a very important aspect of security...

Currently the format for XsdDocumentedTests parsing is very strict. There is a pr gh-9668 to clean up the format which n...

Currently the error message for countLinksWhenReviewingDocumentationThenParentsAndChildrenAreCorrectlyLinked is difficul...

The OidcClientInitiatedLogoutSuccessHandler url-encodes the PostLogoutRedirectUri twice. This leads to corrupted URLs.My...

I'm opening this issue for discussion on this older issue from a few years back: https://github.com/spring-projects/spri...

With the project (updated in 10 Feb 2021) in Windows 10 and then:git remote add upstream URLgit fetch upstreamgit merge ...

By default, NimbusJwtDecoderJwkSupport uses MappedJwtClaimSetConverter.withDefaults() to create the Converter used to no...