Spring Security v5.1.7.RELEASE Release Notes

Release Date: 2019-11-04 // over 4 years ago
  • ๐Ÿฑ โญ๏ธ New Features

    • ๐Ÿ”’ CookieServerCsrfRepositoryTests should not start domain with a dot #7501
    • ๐Ÿ›  Fix docs typo WebSecurityConfigurationAdapter->WebSecurityConfigurerAdapter #7225

    ๐Ÿฑ ๐Ÿž Bug Fixes

    • ๐Ÿ”’ OAuth2AuthorizationCodeGrantWebFilter should not restrict redirect-uri #7469
    • ๐Ÿ”’ RequestContextSubscriber could put null value in Reactor Context #7410
    • ๐Ÿ”’ OAuth2AuthorizationRequest not removed from session #7369
    • ๐Ÿ”’ InMemoryReactiveClientRegistrationRepository should not use ConcurrentReferenceHashMap #7359
    • ๐Ÿ”’ NimbusJwtDecoderJwkSupport only sets 'application/json' Accept header #7340
    • ๐Ÿ”’ SEC-2971: Footnotes are messed up in online docs #7326
    • ๐Ÿ”’ Confusing example - WebMvcConfigurer vs WebSecurityConfigurerAdapter #7303
    • ๐Ÿ”’ OnCommittedResponseWrapper fails on static resources served by Tomcat 8.5 #7297
    • ๐Ÿ›  Fix WebClient Memory Leaks #7294
    • ๐Ÿ”’ Ensure filter order is maintained when using springSecurity() along with other filters #7267
    • ๐Ÿ”’ SessionAuthenticationStrategy make HttpSecurity.sessionManagement().maximumSessions(1) unavailability #7262
    • ๐Ÿ”’ SEC-2980: Possible race condition in SessionRegistryImpl #7226