Spring Security v5.4.0 Release Notes

Release Date: 2020-09-09 // over 3 years ago
  • ๐Ÿฑ โญ New Features

    • โž• Add What's New in 5.4 #9002
    • โž• Add What's New in 5.4 Section to Docs #9001
    • โž• Add Resource Server Servlet Logging #9000
    • ๐Ÿ”’ Simplify saml2Login Samples #8990
    • โœ‚ Remove Framework Tests from saml2Login Sample #8989
    • โž• Add authenticationManagerResolver to resource server Kotlin DSL #8981
    • ๐Ÿ”’ Generalize SAML 2.0 Assertion Validation Support #8970
    • โšก๏ธ Update abstract-authentication-processing-filter.adoc #8965
    • โž• Add spring-javaformat checkstyle and formatting #8946
    • โž• Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL #8926
    • โž• Add hasAnyAuthority(String...) and hasAnyRole(String...) to authorizeRequests in Kotlin DSL #8892
    • ๐Ÿ”’ Resolve oauth2 client-id, client-secret placeholders #8880
    • ๐Ÿ“š Restructure SAML 2.0 documentation #8763
    • ๐Ÿ”’ security:client-registrations doesn't take propertyconfigurer properties #8453

    ๐Ÿฑ ๐Ÿž Bug Fixes

    • ๐Ÿ”’ Clickjacking demo in docs: YouTube link in X-Frame-Options section leads to private video #8986
    • ๐Ÿ“‡ NoClassDefFoundError: AuthMetadataFlyweight at o.s.s.r.m.SimpleAuthenticationEncoder #8948
    • ๐Ÿ”’ SAML attributes not parsed correctly with prefixed XML elements #8864
    • ๐Ÿ”’ Don't use oidc scopes_supported for scope as default in ClientRegistrations #8790
    • ๐Ÿ“‡ scopes_supported metadata should not be used as default in ClientRegistrations #8514

    โฌ†๏ธ ๐Ÿ”จ Dependency Upgrades

    • ๐Ÿ”’ Set springDataVersion to Neumann-SR+ #9007
    • ๐Ÿ”’ Set rsocketVersion to 1.0.+ #9006

    ๐Ÿฑ โค๏ธ Contributors

    ๐Ÿš€ We'd like to thank all the contributors who worked on this release!