Issues

Unclear exception message from LocalIdProvider when credentials not found
AMDATUSEC-74
Make retainCacheOnErrorDuration configurable and/or give it a default value
AMDATUSEC-72
Make subjectRoles ENTITY_TYPE constant available in API
AMDATUSEC-71
Token remains invalid after renewal causing lots of renewals
AMDATUSEC-64
Copy request headers to the subjectAttributes provided by the AuthorizationRequestInterceptor
AMDATUSEC-62
Allow for a refresh of the authentication token cookie and custom attributes of the token
AMDATUSEC-61
Sliding expiration on authenticated web session
AMDATUSEC-55
LocalIdProvider#getTokenAttributesFromRequest could return empty Optional when accountId is null
AMDATUSEC-54
Password change fails with default web resources from org.amdatu.security.account.admin.rest.resource
AMDATUSEC-53
IdProviders return wrong error when there is a replay attack or state timeout
AMDATUSEC-52
Support authorization requests for third-party providers
AMDATUSEC-47
Provide easier access to attributes added to a token
AMDATUSEC-36
Support HTTP headers in AuthenticationResource#handleSecurity
AMDATUSEC-35
Allow for referrer URL's
AMDATUSEC-21
Allow for an administrator to set a one time password
AMDATUSEC-19
Improve the thread-safety of AccountAdmin
AMDATUSEC-13
TokenProviderImpl#updated throws NPE when properties null
AMDATUSEC-7
Move getTokenFromRequest() to new util class
AMDATUSEC-6
Set up CI build
AMDATUSEC-5
Create Wiki page
AMDATUSEC-3
Make the token available as request attribute after successful login
AMDATUSEC-73
Support for Same-site cookie attribute
AMDATUSEC-67
Roles provided by the SubjectRoleEntityProvider can be used for for another application
AMDATUSEC-70
AuthorizationService is unpredictable when there are multiple EntityProviders for the same entity
AMDATUSEC-69
Create multiple cookies when the token size becomes larger then 4k
AMDATUSEC-68
1-25 of 74