Skip to content

6.0.4

Compare
Choose a tag to compare
@github-actions github-actions released this 19 Jun 16:22
· 1110 commits to 6.0.x since this release

⭐ New Features

  • Add initial Native section to reference docs #12029
  • Align Resource Server documentation with Boot's capabilities #13238
  • Convert to Asciidoctor Tabs #13406
  • Document How to Handle Method Security in Native Image #13226
  • Error On Unsupported Client Authentication Methods #13240
  • Make eclipse/vscode project import work #12930
  • Mention that authorizeHttpRequests does not support GrantedAuthorityDefaults #13228
  • mockOAuth2Login() does not work in collaboration with Spring Cloud Gateway and TokenRelayGatewayFilter #13253
  • Use Antora name of security #13330

🪲 Bug Fixes

  • Additional filters registered when using Custom DSL #13281
  • AffirmativeBased vs. AuthorizationManagers.anyOf(...) documentation #13086
  • AOT Fails to proxy #13368
  • AuthorizationAnnotationUtils.findUniqueAnnotation broken for synthetic methods #13153
  • Clarify that Kotlin DSL needs an import #13102
  • DefaultAuthorizationCodeTokenResponseClient.getTokenResponse(OAuth2AuthorizationCodeGrantRequest) can return null #13222
  • Delete duplicate line from oauth2/client/core.adoc #13233
  • Deprecated hint on BasicAuthenticationFilter #13278
  • Document missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository #13192
  • Fix Antora Warnings #13293
  • Fix code snippets in Authorize HttpServletRequest #13125
  • Fix constant value in XContentTypeOptionsServerHttpHeadersWriter #13220
  • Fix Documentation Title #13317
  • Fix legacy-websocket-configuration cross-reference #13205
  • http://www.springframework.org/schema/security/spring-security.xsd returns 404 #13208
  • java.lang.IllegalArgumentException: Context does not have an entry for key [class io.micrometer.core.instrument.Timer$Sample] #13133
  • Links between migration docs are out of date #13156
  • Migration to EnableMethodSecurity break Transactional on custom PermissionEvaluator #13217
  • No longer maintained net.sourceforge.nekohtml with known security issues #13286
  • Proxy Server section is not linked in nav #13323
  • RememberMeAuthenticationFilter does not use SecurityContextRepository configured in HttpSecurity #13127
  • rolePrefix with empty string returns HTTP 400 as of version 6.0.3 #13079
  • SAML login fails in Internet Explorer 11 #13141
  • SimpleAroundFilterObservation.wrap calls scope.close() duplicated #12787
  • Spring Boot 3.0 application failing to start with oauth2-resource-server and spring actuator #13084
  • Spring Security SAML signature validation issue #13182
  • The "http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)" does not work if x.509 authentication is added. #13008
  • Use consistent list of micrometer tags in web observation handler #13179
  • X-XSS-Protection is now disabled #13129

🔨 Dependency Upgrades

  • Update com.nimbusds to 9.43.3 #13352
  • Update hsqldb to 2.7.2 #13359
  • Update io.projectreactor to 2022.0.8 #13355
  • Update io.rsocket to 1.1.4 #13357
  • Update io.spring.javaformat to 0.0.39 #13358
  • Update jackson-bom to 2.14.3 #13349
  • Update jackson-databind to 2.14.3 #13350
  • Update jackson-datatype-jsr310 to 2.14.3 #13351
  • Update junit-bom to 5.9.3 #13360
  • Update junit-platform-launcher to 1.9.3 #13362
  • Update logback-classic to 1.4.8 #13348
  • Update micrometer-observation to 1.10.8 #13354
  • Update org.junit.jupiter to 5.9.3 #13361
  • Update org.springframework to 6.0.10 #13363
  • Update org.springframework.data to 2022.0.7 #13364
  • Update reactor-netty to 1.1.8 #13356
  • Update spring-ldap-core to 3.0.4 #13365
  • Update unboundid-ldapsdk to 6.0.9 #13353

❤️ Contributors

We'd like to thank all the contributors who worked on this release!