⏪ Breaking Changes
- Saml2 metadata includes SingleLogoutService even if saml2 logout is disabled / not configured #10734
⭐ New Features
- Document Authorize HTTP Requests for Reactive Security #10801
- Introduce
AuthorizationManagerWebInvocationPrivilegeEvaluator
#10682
🪲 Bug Fixes
- add Kotlin examples for Spring Data Integration of servlet application #10848
- commons-logging:commons-logging is a transitive dependency of some modules #10772
- Do not rely on javax. group ids #10770
- Fix broken link to SAML2 login example #10806
- Getting Spring Security Reference Docs have a error #10796
- Make source code compatible with JDK 8 #10699
- Replace StringUtils class of oauth2-oidc-sdk completely #10824
- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext #10792
- WebInvocationPrivilegeEvaluator Bean should support multiple
SecurityFilterChain
s #10680
🔨 Dependency Upgrades
- Update hibernate-entitymanager to 5.6.5.Final #10873
- Update io.projectreactor to 2020.0.16 #10867
- Update io.spring.javaformat to 0.0.31 #10870
- Update logback-classic to 1.2.10 #10865
- Update mockk to 1.12.2 #10866
- Update org.aspectj to 1.9.8 #10871
- Update org.eclipse.jetty to 9.4.45.v20220203 #10872
- Update org.slf4j to 1.7.36 #10874
- Update org.springframework to 5.3.16 #10875
- Update org.springframework.data to 2021.1.2 #10876
- Update r2dbc-h2 to 0.8.5.RELEASE #10869
- Update reactor-netty to 1.0.16 #10868
- Update spring-ldap-core to 2.3.6.RELEASE #10877