Spring Security v5.2.3.RELEASE Release Notes
Release Date: 2020-04-01 // about 4 years ago-
๐ฑ โญ๏ธ New Features
- ๐ SpringTestContext returns ConfigurableWebApplicationContext #8240
- ๐ OAuth2LoginAuthenticationProvider uses OAuth2AuthorizationCodeAuthenticationProvider #8235
- ๐ SwitchUserFilter vulnerable to CSRF #8223
- ๐ Update Encryptors documentation for standard and stronger #8212
- ๐ Getting OAuth2AuthenticationException when Bearer token is empty #8207
- ๐ Document AuthorizedClientServiceOAuth2AuthorizedClientManager #8159
- ๐ Basic auth header without user results in exception #8123
- ๐ Typo 'properites' -> 'properties' in documentation #8099
๐ฑ ๐ Bug Fixes
- โก๏ธ Update tests to use absolute paths #8260
- ๐ HttpServletRequest.logout() not functioning #8241
- ๐ OAuth2 ClientRegistrations NPE when UserInfo endpoint missing #8210
- ๐ oauth2Login WebFlux should not auto-redirect for XHR request #8202
- ๐ Make OAuth2ErrorHttpMessageConverter more resilient #8180
- ๐ RSocket test should throw AccessDeniedException #8155
- ๐ Fix typo in Javadoc of HttpSecurity#csrf() #8137
- ๐ Empty RelayState causes errors with ADFS #8070
- ๐ Fix typo in AntPathRequestMatcher contructor comment #8045
- ๐ An AuthenticationManager is required. Oauth2ResourceServer + anonymous disable #8040
- ๐ OAuth2 access token response parsing fails with nested JSON object #8021
- ๐ Fix typo in snippet code 'jwtAuthenticationConveter' -> 'jwtAuthenticationConverter' #7969
- ๐ OAuth2AuthorizationCodeGrantWebFilter should also match on query parameters #7967
- ๐ OAuth2AuthorizationCodeGrantFilter should also match on query parameters #7964
- ๐ Query parameters in authorization-url are double-encoded #7960
- ๐ Don't force downcasting of RequestAttributes to ServletRequestAttributes #7959
- ๐ ClassCastException for ServletRequestAttributes #7958
โฌ๏ธ ๐จ Dependency Upgrades
- โก๏ธ Update RSocket to 1.0.0-RC6 #8280
- โก๏ธ Update to reactive-streams 1.0.3 #8279
- โก๏ธ Update to OpenSAML 3.4.5 #8278
- โก๏ธ Update to hibernate-entitymanager 5.4.13.Final #8277
- โก๏ธ Update to hibernate-core 5.2.18.Final #8276
- ๐ Update blockhound to 1.0.3.RELEASE #8275
- โก๏ธ Update to unboundid-ldapsdk 4.0.14 #8274
- โก๏ธ Update to okhttp 3.14.7 #8259
- โก๏ธ Update to Jackson 2.10.3 #8258
- โก๏ธ Update to mockwebserver 3.14.7 #8257
- โก๏ธ Update to org.powermock 2.0.6 #8255
- ๐ Upgrade to embedded Apache Tomcat 9.0.33 #8254
- โก๏ธ Update to httpclient 4.5.12 #8253
- ๐ Update to Spring Boot 2.2.6.RELEASE #8252
- โก๏ธ Update to GAE 1.9.79 #8251
- โก๏ธ Update to Reactor Dysprosium-SR6 #8250
- โก๏ธ Update to Spring Framework 5.2.5 #8249
- โก๏ธ Update to Spring Data Moore-SR6 #8248
- โก๏ธ Update to Jetty 9.4.22.v20191022 #7507