Skip to content

5.4.4
Compare
Choose a tag to compare
@jzheaux jzheaux released this 12 Feb 01:40
5.4.4
abc523c
This commit was signed with the committer’s verified signature.
jzheaux Josh Cummings
GPG key ID: 49EF60DD7FF83443
Learn about vigilant mode.

This release fixes a problem with the release of 5.4.3

⭐ New Features

  • Migrate SAML 2.0 Samples to Use PCFOne #9369
  • Resolve artifacts from Maven Central first #9367
  • Use constant time comparisons for CSRF tokens #9357
  • Improve HttpSessionSecurityContextSessionRepository Performance #9388

🪲 Bug Fixes

  • OAuth2ResourceServerSpecTests and OAuth2WebClientControllerTests fail #9426
  • Fix custom marshaller example #9409
  • Fix beanResolver missing in CurrentSecurityContextArgumentResolver. #9403
  • CurrentSecurityContextArgumentResolver should configure BeanResolver #9402
  • Consider downgrading to Nimbus 8 #9399
  • Remove notEmpty check for authorities in DefaultOAuth2User #9396
  • Wrong example name in Spring Security documentation #9383
  • Make user info response status check error only #9376
  • Malformed WWW-Authenticate Causes NPE #9364
  • CsrfWebFilter creates CsrfException with incorrect message when no token is found #9338
  • Exception when declaring multiple AuthenticationManager beans #9332
  • webflux-x509 sample cert needs renewal #9322
  • OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray #9258

🔨 Dependency Upgrades

  • Update to GAE 1.9.86 #9448
  • Update to Spring Boot 2.4.2 #9447
  • Update to Kotlin 1.4.30 #9446
Assets 2
Loading