Skip to content

Pull requests: spring-projects/spring-security

New pull request New
92 Open 5,159 Closed
92 Open 5,159 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Fix handling of missing access token during refresh token invalidation status: waiting-for-triage An issue we've not yet triaged
#18964 opened Mar 21, 2026 by itsmevichu Loading…
1
Add unless support to AdditionalRequiredFactorsBuilder status: waiting-for-triage An issue we've not yet triaged
#18939 opened Mar 19, 2026 by therepanic Loading…
1
1
Fix WebAuthn to publish authentication events gh-18113 status: waiting-for-triage An issue we've not yet triaged
#18938 opened Mar 19, 2026 by suuuuuuminnnnnn Loading…
1
Document risks of retaining credentials status: waiting-for-triage An issue we've not yet triaged
#18936 opened Mar 19, 2026 by soowanx Loading…
1
Fix #18863: Add extensible ClientSettings to ClientRegistration status: waiting-for-triage An issue we've not yet triaged
#18933 opened Mar 18, 2026 by pranavmanglik Loading…
3 of 4 tasks
Fix missing session fixation protection for WebAuthn status: waiting-for-triage An issue we've not yet triaged
#18932 opened Mar 18, 2026 by ziqin Loading…
1
Fix equals nullability annotations for jspecify compliance in: core An issue in spring-security-core status: feedback-provided Feedback has been provided type: bug A general bug
#18930 opened Mar 18, 2026 by therepanic Loading… 7.1.0-RC1
1
@jzheaux
5
Consider using RetryTemplate for resolving provider configuration in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#18898 opened Mar 15, 2026 by evgeniycheban Loading…
1
@jgrandja
Add a configurable ServerAuthenticationSuccessHandler to OAuth2Resour… in: config An issue in spring-security-config in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#18895 opened Mar 14, 2026 by iain-henderson Loading… 7.1.0-RC1
@jzheaux
3
Consider adding PrincipalResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#18888 opened Mar 13, 2026 by evgeniycheban Loading…
1
@jgrandja
Implement equals and hashCode in ImmutablePublicKeyCredentialUserEntity in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#18883 opened Mar 12, 2026 by aspan Loading… 7.1.0-RC1
@jzheaux
4
Polish Kotlin DSL addFilterBefore to use reified type parameter status: waiting-for-triage An issue we've not yet triaged
#18838 opened Mar 3, 2026 by jyx-07 Loading…
1
Add Reporting-Endpoints header support to ContentSecurityPolicyConfig status: waiting-for-triage An issue we've not yet triaged
#18833 opened Mar 2, 2026 by therepanic Loading…
1
2
Enable Enter key submission for One-Time Token login in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#18824 opened Feb 28, 2026 by AnanthaKrishnanJ2001 Loading…
1
@jzheaux
Add optional nested Active Directory group resolution status: waiting-for-triage An issue we've not yet triaged
#18823 opened Feb 28, 2026 by wonderfulrosemari Loading…
1
Make restOperations configurable in OidcBackChannelLogoutHandler status: waiting-for-triage An issue we've not yet triaged
#18821 opened Feb 28, 2026 by duoduobingbing Loading…
1
Remove compiler warnings in spring-security-web status: waiting-for-triage An issue we've not yet triaged
#18820 opened Feb 28, 2026 by jkuhel Loading…
1
Add WebTestClient request builders for form login/logout status: waiting-for-triage An issue we've not yet triaged
#18815 opened Feb 27, 2026 by wonderfulrosemari Loading…
1
Add authenticationSuccessHandler for OAuth2 auth code callback status: waiting-for-triage An issue we've not yet triaged
#18814 opened Feb 27, 2026 by wonderfulrosemari Loading…
1
Fallback defaultTargetUrl if refererHeader is empty status: waiting-for-triage An issue we've not yet triaged
#18806 opened Feb 26, 2026 by ngocnhan-tran1996 Loading…
1
Add PrincipalIdentifierStrategy to SessionRegistryImpl for custom principal matching status: waiting-for-triage An issue we've not yet triaged
#18794 opened Feb 24, 2026 by 98001yash Loading…
1
Add application-scoped access tokens for reactive OAuth2 client status: waiting-for-triage An issue we've not yet triaged
#18774 opened Feb 22, 2026 by jyx-07 Loading…
1
4
Warn when securityMatcher misses oauth2Login URLs status: waiting-for-triage An issue we've not yet triaged
#18759 opened Feb 18, 2026 by wonderfulrosemari Loading…
1
Fix session concurrency for OAuth2/OIDC authentication in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#18624 opened Jan 30, 2026 by Gautam-aman Loading…
3
Bump io.mockk:mockk from 1.14.7 to 1.14.9 type: dependency-upgrade A dependency upgrade
#18598 opened Jan 27, 2026 by dependabot bot Loading…
ProTip! Follow long discussions with comments:>50.