14 Pull requests merged by 5 people

• Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16

  #16725 merged Mar 12, 2025

• Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16

  #16722 merged Mar 12, 2025

• Bump io.freefair.gradle:aspectj-plugin from 8.12.2.1 to 8.13

  #16723 merged Mar 12, 2025

• Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5

  #16716 merged Mar 11, 2025

• Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5

  #16715 merged Mar 11, 2025

• Bump org.hibernate.orm:hibernate-core from 6.6.9.Final to 6.6.10.Final

  #16712 merged Mar 10, 2025

• Bump org.hibernate.orm:hibernate-core from 6.6.9.Final to 6.6.10.Final

  #16711 merged Mar 10, 2025

• Polish AbstractAuthenticationTargetUrlRequestHandler

  #16557 merged Mar 7, 2025

• Fix ordering for security filter configuration

  #16558 merged Mar 7, 2025

• Fix Typos in OIDC Back-Channel Logout documentation

  #16613 merged Mar 7, 2025

• Fix JdbcUserCredentialRepository Save

  #16621 merged Mar 7, 2025

• Add SingleResultAuthorizationManager

  #16612 merged Mar 7, 2025

• Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17

  #16653 merged Mar 7, 2025

• Refactored Http403ForbiddenEntryPoint to use HttpStatus.FORBIDDEN.value

  #16616 merged Mar 7, 2025

12 Pull requests opened by 10 people

• Use determineTargetUrl() to retrieve redirect URL in `SavedRequestAwareAuthenticationSuccessHandler`

  #16704 opened Mar 7, 2025

• Customizable oauth response

  #16709 opened Mar 9, 2025

• Add not null validation for UserDetailsChecker in AbstractUserDetailsAuthenticationProvider

  #16710 opened Mar 10, 2025

• Fix the request matcher patterns in the documentation

  #16713 opened Mar 10, 2025

• Sets correct remote address in WebAuthenticationDetails

  #16714 opened Mar 10, 2025

• Fix typo and inline code formatting in documentation

  #16717 opened Mar 11, 2025

• Fix Spring Framework reference link

  #16718 opened Mar 11, 2025

• Fix WebFlux authentication reference link

  #16719 opened Mar 11, 2025

• Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16

  #16724 opened Mar 12, 2025

• Improve entity fetching from db

  #16727 opened Mar 12, 2025

• Fix typos Open SAML 5 Javadoc referencing Open SAML 4

  #16729 opened Mar 12, 2025

• Fix attribute name in `http.adoc`

  #16730 opened Mar 12, 2025

2 Issues closed by 2 people

• gateway端口缺少CSRF 令牌导致An expected CSRF token cannot be found

  #16728 closed Mar 13, 2025

• Add PermitAll and DenyAll AuthorizationManager instances

  #16590 closed Mar 7, 2025

9 Issues opened by 8 people

• Allow passing a "RestClient.Builder" as constructor argument for "RestClient*TokenResponseClient"

  #16731 opened Mar 13, 2025

• Improve entity fetching from db

  #16726 opened Mar 12, 2025

• Documentation: Login by REST API bypasses spring-security principles

  #16721 opened Mar 11, 2025

• Duplicate section in OAuth-2.0-Migration-Guide Wiki

  #16720 opened Mar 11, 2025

• Ambiguity in Spring Security OAuth2 Resource Server documentation

  #16708 opened Mar 9, 2025

• Method Security does not switch to Interface Proxies for final Classes

  #16707 opened Mar 8, 2025

• AuthorizationProxyFactory.proxy should return the same type that is passed into the method

  #16706 opened Mar 7, 2025

• Add a Null-Returning MethodAuthorizationDeniedHandler

  #16705 opened Mar 7, 2025

• filter is applied to paths that should be allowed in http security configuration with new SS 6.4.3

  #16703 opened Mar 6, 2025

11 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Ensure ID Token is updated after refresh token

  #16589 commented on Mar 11, 2025 • 5 new comments

• Add DestinationPathPatternMessageMatcher

  #16635 commented on Mar 13, 2025 • 5 new comments

• Simplify OIDC Back-Channel Logout DSL (Closes gh-15817)

  #16698 commented on Mar 7, 2025 • 3 new comments

• Add authRequest field to AuthenticationException

  #16505 commented on Mar 9, 2025 • 1 new comment

• AuthorizationDenied and Granted EventListeners Should Support Generics

  #16700 commented on Mar 7, 2025 • 0 new comments

• NimbusJwtEncoder should simplify constructing with javax.security Keys

  #16267 commented on Mar 10, 2025 • 0 new comments

• `Authentication` in the security context is not updated during the refresh token flow

  #15509 commented on Mar 12, 2025 • 0 new comments

• OidcIdTokenDecoderFactory caches JwtDecoders and ignores ClientRegistration updates

  #16655 commented on Mar 12, 2025 • 0 new comments

• Consider using a configured `WebClient` in the application context instead of creating a new one on each component

  #16549 commented on Mar 13, 2025 • 0 new comments

• Fix closing div tag in DefaultLoginPageGeneratingFilter.PASSKEY_FORM_TEMPLATE

  #16601 commented on Mar 7, 2025 • 0 new comments

• Bump Gradle Wrapper from 8.10.2 to 8.13

  #16648 commented on Mar 7, 2025 • 0 new comments