Releases: spring-projects/spring-security
Releases · spring-projects/spring-security
5.2.0.M1
⭐ New Features
- Update to spring-build-conventions 0.0.23.RELEASE #6440
- customization support for StrictHttpFirewall #6439
- Update to Spring Data Lovelace SR4 #6438
- Update to Spring Framework 5.1.4 #6437
- Update to Reactor Californium-SR4 #6436
- Update to Spring Boot 2.1.2 #6435
- Update to htmlunit-driver 2.33.3 #6434
- Update to org.powermock 2.0.0 #6433
- Update to hibernate-entitymanager 5.4.0.Final #6432
- Update to ehcache 2.10.6 #6431
- Update to com.squareup.okhttp3 3.12.1 #6430
- Update to oauth2-oidc-sdk 6.5 #6429
- Update to nimbus-jose-jwt 6.5.1 #6428
- Update to jackson.core 2.9.8 #6427
- Update to cglib-nodep 3.2.10 #6426
- Update JwtTimestampValidator.java #6416
- Extract the ID Token JwtDecoderFactory to enable user customization #6415
- Expose ID Token JwtDecoderFactory #6379
- ID Token validation supports clock skew #6375
- Polish oauth2 client ExchangeFilterFunction's #6355
- Improve error messages in OidcIdTokenValidator #6349
- Polish tests #6346
- Removed isServlet30 check #6331
- Fixes typo in x,rnc files #6326
- Typo in Spring Security spring-security-x.y.rnc Files #6325
- Improve error messages in OidcIdTokenValidator #6323
- Add hasAnyAuthority() and hasAnyRole() in AuthorizeExchangeSpec #6310
- JdbcUserDetailsManager handles extra UserDetails attributes #6309
- Add WebFlux support for spring security web jackson module. #6305
- Add WebFlux support for spring security web jackson module #6303
- authorization_uri Supports Query Parameters #6299
- Extract OidcTokenValidator to an OAuth2TokenValidator #6298
- Remove check for method HttpServletRequest#getHeader and related test #6290
- Remove Servlet Spec 2.5 Support for HttpSessionSecurityContextRepository #6289
- Validate Scopes in ClientRegistration.Builder #6285
- Allow setting realm for Http Basic #6279
- Add cookieDomain to CookieCsrfTokenRepository #6276
- Add Anonymous Support to AuthenticatedReactiveAuthorizationManager #6267
- Remove Servlet 3.0 Support in CacheControlHeadersWriter #6265
- Remove Servlet 3.0 Support in AbstractRequestMatcherRegistry #6264
- Remove Servlet 2.5 and 3.0 Support for Remember Me #6263
- Remove Servlet Spec 2.5 and 3.0 Support for CSRF #6262
- Remove Servlet Spec 2.5 Support for HttpSessionSecurityContextRepository #6261
- Remove Servlet Spec 2.5 Support for SecurityContextHolderAwareRequestFilter #6260
- Remove Servlet 2.5 Support for Session Fixation #6259
- Add DelegatingSecurityContextTaskScheduler #6257
- Validate ClientRegistration.scopes #6256
- RoleVoter Configuration Defaults Prefix Using GrantedAuthorityDefauts #6241
- Improve error message for Chinese #6240
- Add WebClientReactiveAuthorizationCodeTokenResponseClient.setWebClient #6238
- AuthenticatedReactiveAuthorizationManager support for AnonymousAuthenticationToken #6235
- JwtDecodersTests and ClientRegistrationsTest should explicitly test for trailing slash #6234
- Add Reactive Support for UserDetailsChecker #6229
- SessionRegistryImpl uses computeIfAbsent #6221
- Accept a case-insensitive "Bearer" keyword #6210
- Restored Jacoco default task dependence #6200
- Added support for Anonymous Authentication #6198
- Update to Gradle 5.0 #6197
- Make CachingUserDetailsService Public #6196
- Bearer should be case-insensitive in ServerBearerTokenAuthenticationConverter #6195
- Use SpringUtils to check scheme #6185
- BasicAuthenticationFilter could check the scheme more efficiently #6183
- ReactiveOAuth2AccessTokenResponseClients should support setting a custom WebClient #6182
- According to RFC 2617 #1.2, the "Bearer" keyword should be case-insensitive #6150
- Update to Gradle 5.0 #6148
- Update com.squareup.okhttp3 deps to 3.12.0 #6142
- Add GenericConversionService with support for UUID and Strings #6141
- Remove unused dependency slf4j-api in javaconfig x509 sample application #6131
- Remove unused compile dependency in javaconfig x509 sample #6130
- Replace deprecated Gradle Task method in AspectJPlugin.groovy #6129
- Replace deprecated Gradle Task.deleteAllActions() method in AspectJPlugin.groovy #6128
- WebClient support should get new access token when expired and client_credentials #6127
- AesBytesEncryptorTests should check available key strengths before running #6121
- CookieClearingLogoutHandler enhancement #6116
- Update to Gradle 4.10.2 #6114
- Update to oauth2-oidc-sdk:6.2 #6101
- Update webflux-form sample to use Built in CSRF Support #6097
- Update to nimbus-jose-jwt:6.3 #6095
- Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE #6084
- Update to Spring Boot 2.1.0.RELEASE #6082
- Make AesBytesEncryptor public #6079
- CookieClearingLogoutHandler for differen...