玖涯软件开发|java/go/python

Spring Security Double URI encoding issue for OidcClientInitiatedLogoutSuccessHandler and OAuth2PasswordGrantRequestEntityConverter

Describe the bugWe have noticed that OidcClientInitiatedLogoutSuccessHandler does double encoding for logout uri. Simila...

Spring Security Update nimbus-jose-jwt because of CVE-2019-17195

There is a Security Vulnerability in com.nimbusds:nimbus-jose-jwt:7.8 and older see https://nvd.nist.gov/vuln/detail/CVE...

Spring Security Version 5.4.0.RELEASE missing poms during install

Describe the bugSpring 5.4.0 missing two pomsTo ReproduceUpdate to Spring 5.4.0mvn clean compile[WARNING] The POM for o...

Spring Security Problems using spring-security examples（soauth2resourceserver-static）

Describe the bug- import the ‘spring-security/samples/boot/oauth2resourceserver-static’ into my IDE and run OAuth2Resour...

Spring Security Disable parallel deployment build in GitHub Actions pipelines

We need to ensure that the deployArtifacts and finalizeDeployArtifacts DO NOT run in parallel.This can be achieved by ad...

Spring Security Expose methods to get configurer type in OAuth2ResourceServerConfigurer bean

Expected BehaviorI am using Springboot starter (2.3.3.RELEASE) and the class OAuth2ResourceServerConfigurer brought in b...

Spring Security Extend JwtIssuerReactiveAuthenticationManagerResolver

Expected BehaviorAllow to supply custom:* Converter<ServerWebExchange, Mono<String>> issuerConverter into Jw...

Spring Security Could not obtain the keys invalid certificates

I had an error when tried to execute some request using oauth2-resource-server, I added the certificate into java keytoo...

Spring Security Spring security update from 5.1.x to 5.2.x breaks security configuration

SummaryUpdated spring security to version 5.2.2-RELEASE (starting point 5.1.5-RELEASE) and the build started failing wi...

Spring Security Provide helper classes for working with PEM files

Theorg.springframework.security.crypto package provides helper classes for working with AES. It would be nice to add su...

Spring Security SpringSecurityCoreVersion.java getSpringVersion() method does not close stream.

Describe the bugThe following method in SpringSecurityCoreVersion.java does not close the stream it opens. This keeps ...

Spring Security Introduce a Security DSL to allow it nest in BeanDefinitionDSL

I have tried the Spring Security Kotlin DSL feature introduced in Spring Security 5.3. The example is here.Currently, I ...

Spring Security In Test @AuthenticationPrincipal is null because ServerWebExchange is not wrapped

SummaryUsing @WithMockUser or org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers#mockAu...

Spring Security SEC-1726: let 'logout' method in 'PersistentTokenBasedRememberMeServices' just remove the current login 'PersistentRememberMeToken'

Hippo spark (Migrated from SEC-1726) said:While uses 'PersistentTokenBasedRememberMeServices' as remember-me service, if...

Spring Security RelyingPartyRegistrations Fails to Read Keycloak Metadata

When loading metadata from a Keycloak endpoint, the application fails with a ClassCastException:java.lang.ClassCastExcep...

Spring Security Add HSM Support for Signing AuthnRequests

It would be nice to allow for a custom signer in OpenSamlAuthenticationRequestFactory. This would simplify delegating th...

Spring Security CookieServerCsrfTokenRepository#createNewToken should use Schedulers.boundedElastic

Backport of gh-9018Comment From: spring-projects-issuesFixed via 5bce912446eec508bb2c2fca1fb139b34809c86eComment From: j...

Spring Security CookieServerCsrfTokenRepository#createNewToken should use Schedulers.boundedElastic

Describe the bugCall UUID#randomUUID() in CookieServerCsrfTokenRepository#createNewToken() and UUID#randomUUID() is bloc...

Spring Security Add ability to auto detect jwt/opaque token oauth2 resource server configuration

Expected BehaviorIt would be nice if Spring framework can automatically configure OAuth2 resource server for either JWT ...

Spring Security JdbcOAuth2AuthorizedClientService is dependend on non-standard driver behaviour

Describe the bugI'm using the JdbcOAuth2AuthorizedClientService with the MariaDB java connector. Authorization fails wit...

上一页下一页

1
…
693
694
695
696
697
…
2246

.