Skip to content

5.7.0-M1

Pre-release
Pre-release
Compare
Choose a tag to compare
@sjohnr sjohnr released this 14 Jan 20:19
· 1680 commits to 5.7.x since this release
5.7.0-M1
a8457b5

⏪ Breaking Changes

  • Saml2 metadata includes SingleLogoutService even if saml2 logout is disabled / not configured #10607

⭐ New Features

  • Add Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy security headers #9385
  • Add Cross-Origin-Resource-Policy security header #10118
  • Add Cross Origin Policies headers DSL support #10141
  • Add hasIpAddress to Reactive Kotlin DSL #10571
  • Add ObjectIdentityGenerator customization to JdbcAclService #10081
  • Add RedirectStrategy customization to ChannelSecurityConfigurer for R… #10161
  • Allow custom OAuth2ErrorHttpMessageConverter with OAuth2ErrorResponseErrorHandler #10425
  • Allow custom OAuth2ErrorHttpMessageConverter with OAuth2ErrorResponse… #10432
  • Avoid using SpEL to change the meaning of the injection point #10075
  • BasicLookupStrategy for ACL defines the ObjectIdentity as not interchangable #10079
  • Clarify behaviour of enableSessionUrlRewriting #7644
  • Client JwtBearer grant type should support non Jwt principal #9812
  • Fix CsrfConfigurer default AccessDeniedHandler consistency #10154
  • Fix Gradle Deprecation Warnings #10446
  • Fix typo in Expression matcher Javadocs #10688
  • HttpServlet3RequestFactory should set 'details' when creating the authentication token. #9579
  • Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator #10590
  • Prevent using both authorizeRequests and authorizeHttpRequests #10574
  • Prevent using both authorizeRequests and authorizeHttpRequests #10573
  • Provide Jackson serialization support for LDAP classes #9263
  • Set 'details' on authentication token created by HttpServlet3RequestFactory #9597
  • Spring Security WebFlux IP Whitelist #7765
  • Structure101 plugin should retrive most recent binary #10696
  • Support for changing prefix and suffix in DelegatingPasswordEncoder #10278
  • Support IP whitelist for Spring Security Webflux #10007
  • Update Spring Security to 5.7 #10509

🪲 Bug Fixes

  • #10505 Fixed jwtDecoder example code #10510
  • AuthorityAuthorizationManager incorrectly compares GrantedAuthority #10566
  • WebInvocationPrivilegeEvaluator Bean should support multiple SecurityFilterChains #10554
  • A null SingleLogoutServiceLocation should not cause a NullPointerException #10674
  • clockSkew Javadoc is not consistent with implementation #10174
  • Configure WebInvocationPrivilegeEvaluator for multiple SecurityFilterChains #10575
  • Fix case sensitive headers comparison #10578
  • Fix Reactive OAuth2 Kotlin DSL examples #10586
  • Fix the bug that the custom GrantedAuthority comparison fails #10588
  • Kotlin DSL examples in reactive oauth2 docs call build twice #10580
  • Make source code compatible with JDK 8 #10695
  • Multi-tenancy Documentation - JwtDecoder sample has multiple errors #10505
  • Prevent Save @Transient Authentication with existing HttpSession #9993
  • StaticServerHttpHeadersWriter should work with case-insensitive header names #10557
  • Update clockSkew javadoc according to implementation #10358

🔨 Dependency Upgrades

  • Update aspectj-plugin to 6.3.0 #10514
  • Update aspectj-plugin to 6.3.0 #10492
  • Update assertj-core to 3.22.0 #10720
  • Update cas-client-core to 3.6.4 #10723
  • Update com.nimbusds to 9.22 #10713
  • Update hibernate-entitymanager to 5.6.3.Final #10722
  • Update htmlunit to 2.56.0 #10718
  • Update htmlunit-driver to 2.56.0 #10728
  • Update io.projectreactor to 2020.0.15 #10715
  • Update io.r2dbc to 0.9.0.RELEASE #10717
  • Update jackson-bom to 2.13.1 #10710
  • Update jackson-databind to 2.13.1 #10711
  • Update jackson-datatype-jsr310 to 2.13.1 #10712
  • Update junit-bom to 5.8.2 #10726
  • Update logback-classic to 1.2.10 #10709
  • Update mockk to 1.12.2 #10714
  • Update org.aspectj to 1.9.8.RC3 #10719
  • Update org.bouncycastle to 1.70 #10721
  • Update org.jetbrains.kotlin to 1.6.10 #10724
  • Update org.jetbrains.kotlinx to 1.6.0 #10725
  • Update org.junit.jupiter to 5.8.2 #10727
  • Update org.slf4j to 1.7.33 #10729
  • Update org.springframework to 5.3.15 #10730
  • Update org.springframework.data to 2021.2.0-M1 #10731
  • Update reactor-netty to 1.0.15 #10716
  • Update spring-ldap-core to 2.4.0-M1 #10732

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Assets 2
Loading