Releases · spring-projects/spring-security

⭐ New Features

Update to spring-build-conventions 0.0.23.RELEASE #6440
customization support for StrictHttpFirewall #6439
Update to Spring Data Lovelace SR4 #6438
Update to Spring Framework 5.1.4 #6437
Update to Reactor Californium-SR4 #6436
Update to Spring Boot 2.1.2 #6435
Update to htmlunit-driver 2.33.3 #6434
Update to org.powermock 2.0.0 #6433
Update to hibernate-entitymanager 5.4.0.Final #6432
Update to ehcache 2.10.6 #6431
Update to com.squareup.okhttp3 3.12.1 #6430
Update to oauth2-oidc-sdk 6.5 #6429
Update to nimbus-jose-jwt 6.5.1 #6428
Update to jackson.core 2.9.8 #6427
Update to cglib-nodep 3.2.10 #6426
Update JwtTimestampValidator.java #6416
Extract the ID Token JwtDecoderFactory to enable user customization #6415
Expose ID Token JwtDecoderFactory #6379
ID Token validation supports clock skew #6375
Polish oauth2 client ExchangeFilterFunction's #6355
Improve error messages in OidcIdTokenValidator #6349
Polish tests #6346
Removed isServlet30 check #6331
Fixes typo in x,rnc files #6326
Typo in Spring Security spring-security-x.y.rnc Files #6325
Improve error messages in OidcIdTokenValidator #6323
Add hasAnyAuthority() and hasAnyRole() in AuthorizeExchangeSpec #6310
JdbcUserDetailsManager handles extra UserDetails attributes #6309
Add WebFlux support for spring security web jackson module. #6305
Add WebFlux support for spring security web jackson module #6303
authorization_uri Supports Query Parameters #6299
Extract OidcTokenValidator to an OAuth2TokenValidator #6298
Remove check for method HttpServletRequest#getHeader and related test #6290
Remove Servlet Spec 2.5 Support for HttpSessionSecurityContextRepository #6289
Validate Scopes in ClientRegistration.Builder #6285
Allow setting realm for Http Basic #6279
Add cookieDomain to CookieCsrfTokenRepository #6276
Add Anonymous Support to AuthenticatedReactiveAuthorizationManager #6267
Remove Servlet 3.0 Support in CacheControlHeadersWriter #6265
Remove Servlet 3.0 Support in AbstractRequestMatcherRegistry #6264
Remove Servlet 2.5 and 3.0 Support for Remember Me #6263
Remove Servlet Spec 2.5 and 3.0 Support for CSRF #6262
Remove Servlet Spec 2.5 Support for HttpSessionSecurityContextRepository #6261
Remove Servlet Spec 2.5 Support for SecurityContextHolderAwareRequestFilter #6260
Remove Servlet 2.5 Support for Session Fixation #6259
Add DelegatingSecurityContextTaskScheduler #6257
Validate ClientRegistration.scopes #6256
RoleVoter Configuration Defaults Prefix Using GrantedAuthorityDefauts #6241
Improve error message for Chinese #6240
Add WebClientReactiveAuthorizationCodeTokenResponseClient.setWebClient #6238
AuthenticatedReactiveAuthorizationManager support for AnonymousAuthenticationToken #6235
JwtDecodersTests and ClientRegistrationsTest should explicitly test for trailing slash #6234
Add Reactive Support for UserDetailsChecker #6229
SessionRegistryImpl uses computeIfAbsent #6221
Accept a case-insensitive "Bearer" keyword #6210
Restored Jacoco default task dependence #6200
Added support for Anonymous Authentication #6198
Update to Gradle 5.0 #6197
Make CachingUserDetailsService Public #6196
Bearer should be case-insensitive in ServerBearerTokenAuthenticationConverter #6195
Use SpringUtils to check scheme #6185
BasicAuthenticationFilter could check the scheme more efficiently #6183
ReactiveOAuth2AccessTokenResponseClients should support setting a custom WebClient #6182
According to RFC 2617 #1.2, the "Bearer" keyword should be case-insensitive #6150
Update to Gradle 5.0 #6148
Update com.squareup.okhttp3 deps to 3.12.0 #6142
Add GenericConversionService with support for UUID and Strings #6141
Remove unused dependency slf4j-api in javaconfig x509 sample application #6131
Remove unused compile dependency in javaconfig x509 sample #6130
Replace deprecated Gradle Task method in AspectJPlugin.groovy #6129
Replace deprecated Gradle Task.deleteAllActions() method in AspectJPlugin.groovy #6128
WebClient support should get new access token when expired and client_credentials #6127
AesBytesEncryptorTests should check available key strengths before running #6121
CookieClearingLogoutHandler enhancement #6116
Update to Gradle 4.10.2 #6114
Update to oauth2-oidc-sdk:6.2 #6101
Update webflux-form sample to use Built in CSRF Support #6097
Update to nimbus-jose-jwt:6.3 #6095
Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE #6084
Update to Spring Boot 2.1.0.RELEASE #6082
Make AesBytesEncryptor public #6079
CookieClearingLogoutHandler for differen...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⭐ New Features

Releases: spring-projects/spring-security

5.2.0.M1

⭐ New Features