This release fixes a problem with the release of 5.4.3

New Features

  • Migrate SAML 2.0 Samples to Use PCFOne #9369
  • Resolve artifacts from Maven Central first #9367
  • Use constant time comparisons for CSRF tokens #9357
  • Improve HttpSessionSecurityContextSessionRepository Performance #9388

🐞 Bug Fixes

  • OAuth2ResourceServerSpecTests and OAuth2WebClientControllerTests fail #9426
  • Fix custom marshaller example #9409
  • Fix beanResolver missing in CurrentSecurityContextArgumentResolver. #9403
  • CurrentSecurityContextArgumentResolver should configure BeanResolver #9402
  • Consider downgrading to Nimbus 8 #9399
  • Remove notEmpty check for authorities in DefaultOAuth2User #9396
  • Wrong example name in Spring Security documentation #9383
  • Make user info response status check error only #9376
  • Malformed WWW-Authenticate Causes NPE #9364
  • CsrfWebFilter creates CsrfException with incorrect message when no token is found #9338
  • Exception when declaring multiple AuthenticationManager beans #9332
  • webflux-x509 sample cert needs renewal #9322
  • OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray #9258

🔨 Dependency Upgrades

  • Update to GAE 1.9.86 #9448
  • Update to Spring Boot 2.4.2 #9447
  • Update to Kotlin 1.4.30 #9446

项目简介

🚀 Github 镜像仓库 🚀

源项目地址

https://github.com/spring-projects/spring-security

发行版本 68

5.3.10.RELEASE

全部发行版

贡献者 303

全部贡献者

开发语言

  • Java 94.7 %
  • Kotlin 4.7 %
  • Groovy 0.5 %
  • PLSQL 0.0 %
  • AspectJ 0.0 %