Skip to content

Version 2.11.3
Compare
Choose a tag to compare
@liga-oz liga-oz released this 25 Nov 18:19
· 787 commits to main since this release
2.11.3
c6119e2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
  • [java-api]
    • SecurityContext has been extended to provide thread-wide X.509 certificate storage
  • [java-security]
    • Introduces X.509 certificate thumbprint validator JwtX5tValidator as described here
    • IasTokenAuthenticator and XsuaaTokenAuthenticator store the forwarded X.509 certificate for incoming requests in SecurityContext
    • XsuaaDefaultEndpoints provides a new constructor(url, certUrl) (issue 707)
  • [spring-xsuaa]
    • XsuaaServiceConfiguration interface default method getClientIdentity() needs to be overridden to be used
    • ❗ Incompatible change XsuaaCredentials getPrivateKey() setPrivateKey() has changed to getKey() setKey() to reflect the attribute name from configuration
  • [token-client] Adds X-CorrelationID header to outgoing requests. In case MDC provides "correlation_id" this one is taken (issue 691)

Dependency upgrades

  • io.projectreactor:reactor-test 3.4.11 --> 3.4.12
  • io.projectreactor:reactor-core 3.4.11 --> 3.4.12
  • dependency-check-maven-plugin 6.4.1 --> 6.5.0
  • org.springframework:spring.core.version 5.3.12 --> 5.3.13
  • org.springframework:spring.security.version 5.5.3 --> 5.6.0
  • org.springframework.boot:spring-boot 2.5.6 to 2.6.0
  • logcaptor 2.7.0 --> 2.7.2
Assets 2
Loading