Skip to content
Pre-release

@jzheaux jzheaux released this Oct 1, 2019 · 439 commits to master since this release

⭐️ New Features

  • Move log statement in SessionRegistryImpl #6979
  • Fix RoleHierarchy Javadoc #6973
  • Disable bean proxying in configuration classes #6970
  • Make Spring web configuration classes use proxyBeanMethods=false by default #6967
  • Migrate JeeConfigurerTests groovy->java #6957
  • Update to nohttp 0.0.2.RELEASE #6955
  • RoleHierarchy Comments are misleading #6954
  • Migrate RememberMeConfigurerTests groovy->java #6951
  • Migrate CorsConfigurerTests groovy->java #6946
  • Migrate ChannelSecurityConfigurerTests groovy->java #6944
  • Add success handler modification of OAuth2LoginSpec #6938
  • Migrate SessionManagementConfigurerTests groovy->java #6937
  • JenkinsFile should always indicate the JDK in use #6928
  • Add @transient to OAuth2IntrospectionAuthenticationToken #6918
  • Added null checks and tests to constructors #6915
  • Updates OAuth2ResourceServer configuration tests #6904
  • Migrate LogoutConfigurerTests from groovy to java #6902
  • Finer variables for OAuth2 redirectUriTemplate expansion #6900
  • Add null checks to constructors #6892
  • Fix JavaDoc for defaultSuccessUrl #6878
  • Add constructor to JwtAuthenticationToken that takes a principal name #6865
  • Add OAuth2LoginSpec.authenticationSuccessHandler #6863
  • Add Multi-tenancy support for Reactive Resource Server #6861
  • Git ignore .attach_pid* files #6860
  • Translate messages.properties into Japanese #6855
  • Replace bean method calls with injection #6853
  • Make scheduler configurable on ReactiveAuthenticationManagerAdapter #6852
  • Introduce Jwt.Builder #6851
  • OpaqueToken DSL should accept an AuthenticationManager #6849
  • Jwt DSL Configuration should accept an AuthenticationManager #6832
  • OAuth2IntrospectionAuthenticationToken should be marked as @transient #6829
  • Reactive JwkSource Builder Parameter Type Changed the parameter type from JWT to SignedJWT Fixes: gh-6771 #6827
  • Fix javadoc typo #6825
  • Support JwtValidationException on JwtReactiveAuthenticationManager #6823
  • Switch to proxy-less configuration by leveraging @configuration(proxyBeanMethods = false) #6818
  • Opaque Token Support for Custom Parameters #6798
  • Fix no check if the parameter is null. #6775
  • Expose bean setters in @configuration used by @EnableWebFluxSecurity #6761
  • Multi-tenancy for Reactive Resource Server #6727
  • Introduce ReactiveAuthenticationManagerResolver #6723
  • Introduce JWT Flow API in Test Support #6634
  • Opaque Token Intermediate Type #6632
  • Make it possible to use Spring Security with functional bean registration #6624
  • OAuth2ResourceServer configuration tests use deprecated extractAuthorities #6516
  • X509 Reactive Support #6336
  • Improve ClaimAccessor and externalize coercion #6245
  • Add scheme/protocol variable for OAuth2 redirectUriTemplate #6239
  • AccountStatusUserDetailsChecker implements MessageSourceAware #6151
  • Support Path Variables in Message Expressions #6110
  • WebSocket matchers ignore parameters #4469

🐞 Bug Fixes

  • ID Token validation should use JwtTimestampValidator #6964
  • Fix HttpSecurity Javadoc for jee() method #6959
  • Fix HttpSecurity jee() Javadoc example for mappableRoles #6958
  • DefaultServerOAuth2AuthorizationRequestResolver should use fromUri #6952
  • WebClientReactiveClientCredentialsTokenResponseClient should not set Authorization header when ClientAuthenticationMethod.POST #6911
  • Documentation fixes #6889
  • java.lang.IllegalAccessError when resource server introspect token from oauth2 server #6843
  • oauth2Login does not auto-redirect for XHR request #6812

🔨 Dependency Upgrades

  • Update to Spring 5.2.0.M2 #6869

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Assets 2
You can’t perform that action at this time.