back to home

spring-projects / spring-security

Spring Security

9,458 stars
6,251 forks
1,280 issues
JavaKotlinJavaScript
Chat with CodebaseArchitecture ScanSecurity AuditExplain Codebase

AI Architecture Analysis

This repository is indexed by RepoMind. By analyzing spring-projects/spring-security in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.

Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.

Source files are only loaded when you start an analysis to optimize performance.
Click here to launch the interactive analysis workspace

Embed this Badge

Showcase RepoMind's analysis directly in your repository's README.

[![Analyzed by RepoMind](https://img.shields.io/badge/Analyzed%20by-RepoMind-4F46E5?style=for-the-badge)](https://repomind.in/repo/spring-projects/spring-security)
Preview:Analyzed by RepoMind

Repository Summary (README)

Preview

image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]

image:https://github.com/spring-projects/spring-security/actions/workflows/continuous-integration-workflow.yml/badge.svg?branch=main["Build Status", link="https://github.com/spring-projects/spring-security/actions/workflows/continuous-integration-workflow.yml"]

image:https://img.shields.io/badge/Revved%20up%20by-Develocity-06A0CE?logo=Gradle&labelColor=02303A["Revved up by Develocity", link="https://ge.spring.io/scans?search.rootProjectNames=spring-security"]

= Spring Security

Spring Security provides security services for the https://docs.spring.io[Spring IO Platform]. Spring Security 6.0 requires Spring 6.0 as a minimum and also requires Java 17.

For a detailed list of features and access to the latest release, please visit https://spring.io/projects[Spring projects].

== Code of Conduct Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct]

== Downloading Artifacts See https://docs.spring.io/spring-security/reference/getting-spring-security.html[Getting Spring Security] for how to obtain Spring Security.

== Documentation Be sure to read the https://docs.spring.io/spring-security/reference/[Spring Security Reference]. Extensive JavaDoc for the Spring Security code is also available in the https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API Documentation].

You may also want to check out https://docs.spring.io/spring-security/reference/whats-new.html[what's new in the latest release].

== Quick Start See https://docs.spring.io/spring-security/reference/servlet/getting-started.html[Hello Spring Security] to get started with a "Hello, World" application.

== Building from Source Spring Security uses a https://gradle.org[Gradle]-based build system. In the instructions below, https://vimeo.com/34436402[`./gradlew`] is invoked from the root of the source tree and serves as a cross-platform, self-contained bootstrap mechanism for the build.

=== Prerequisites https://docs.github.com/en/get-started/quickstart/set-up-git[Git] and the https://www.oracle.com/java/technologies/downloads/#java17[JDK17 build].

Be sure that your JAVA_HOME environment variable points to the jdk-17 folder extracted from the JDK download.

=== Check out sources [indent=0]

git clone git@github.com:spring-projects/spring-security.git

=== Install all spring-*.jar into your local Maven repository.

[indent=0]

./gradlew publishToMavenLocal

=== Compile and test; build all JARs, distribution zips, and docs

[indent=0]

./gradlew build

The reference docs are not currently included in the distribution zip. You can build the reference docs for this branch by running the following command:

./gradlew :spring-security-docs:antora

That command publishes the docs site to the _docs/build/site_ directory. The https://github.com/spring-projects/spring-security/tree/docs-build[playbook branch] describes how to build the reference docs in detail.

Discover more commands with ./gradlew tasks.

=== IDE setup (IntelliJ)

No special steps are needed to open Spring Security in IntelliJ.

=== IDE setup (Eclipse and VS Code)

To work in Eclipse or VS Code, first generate Eclipse metadata so you can import the project into Eclipse or VS Code:

[indent=0]

./gradlew cleanEclipse eclipse

If you have not built the project yet, run ./gradlew publishToMavenLocal first so dependencies are resolved.

VS Code: Open the repository root as a folder. The repository includes .vscode/settings.json which disables automatic Gradle import so that the generated Eclipse metadata (.classpath, .project) is used. Do not use the Gradle for Java extension to import the project.

Eclipse: File → Import → General → Existing Projects into Workspace, then select the repository root.

The build uses a custom Eclipse plugin to work around Gradle dependency cycles that confuse IDE metadata generation. You may see Eclipse warnings about xml-apis from some test dependencies; those are excluded in the build and can be ignored.

== Getting Support Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow]. https://spring.io/support[Commercial support] is available too.

== Contributing https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/main/CONTRIBUTING.adoc[contributor guidelines] for details.

== License Spring Security is Open Source software released under the https://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].