spring-projects/spring-security 5.8.0-M3

on GitHub

⭐ New Features

• @WithMockUser Supported as Merged Annotation #11782
• Add AspectJ support to @EnableMethodSecurity #11326
• Add CsrfFilter.csrfAttributeName #11699
• add information to README describing how to build the reference docs #11876
• Add new interfaces for CSRF request processing #11781
• Add remaining methods from ExpressionUrlAuthorizationConfigurer to Me… #11667
• Add Support for LazyCsrfTokenRepository to Defer Loading CsrfTokens #11700
• Configurable authentication converter for resource-servers with token introspection #11661
• CsrfFilter Accesses Session on Every Request #11456
• Document that Method Security Co-routine Support Skips Downstream Interceptors #10920
• HttpSecurityDsl should support apply method #11754
• Javadoc typo 'sue' -> 'use' #11794
• Mistake in Kotlin code representation is fixed #11753
• ReactiveAuthorizationManager + Reactive Method Security #9867
• Update javadoc of Kotlin DSL to reflect the deprecation of WebSecurityConfigurerAdapter #11646
• webflux logout not working when project defines a context path (spring.webflux.base-path) #11716

🪲 Bug Fixes

• AuthenticationEventPublisher bean is not picked up if no UserDetailsService bean #11726
• GitHubMilestoneApiTests due_on Should Use LocalDate #11706
• HttpSecurity Bean does not set DefaultAuthenticationEventPublisher #11449
• Modify words #11709
• SAML2 Login fails with CSP in chrome based browsers #11676

🔨 Dependency Upgrades

• Update aspectj-plugin to 6.5.1 #11839
• Update com.nimbusds to 9.43.1 #11838
• Update Gradle Enterprise plugin to 3.11.1 #11831
• Update hibernate-entitymanager to 5.6.11.Final #11846
• Update hsqldb to 2.7.0 #11847
• Update htmlunit to 2.64.0 #11844
• Update htmlunit-driver to 2.64.0 #11850
• Update io.projectreactor to 2020.0.23 #11841
• Update io.rsocket to 1.1.3 #11843
• Update jackson-bom to 2.13.4 #11835
• Update jackson-databind to 2.13.4 #11836
• Update jackson-datatype-jsr310 to 2.13.4 #11837
• Update junit-bom to 5.9.0 #11848
• Update logback-classic to 1.4.1 #11834
• Update mockk to 1.12.8 #11840
• Update org.eclipse.jetty to 9.4.49.v20220914 #11845
• Update org.mockito to 4.8.0 #11849
• Update org.springframework to 5.3.23 #11851
• Update reactor-netty to 1.1.0-M6 #11842
• Update to mockito 4.7.0 #11748

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

• @aSemy
• @jujunchen
• @MariuszCwikla
• @sjohnr
• @evgeniycheban
• @jzheaux
• @mojavelinux
• @he1ex-tG
• @ch4mpy