spring-projects/spring-security 5.8.3 on GitHub

⭐ New Features

Clarify documentation code snippet(s) (unclear where static imported methods come from) #12991
Document 5.8 Migration for DefaultMethodSecurityExpressionHandler #12356
Documentation should mention that an empty SecurityContext should also be saved #12906
Expression-Based Access Control do not working as explain in spring security document for 6.0.2 also tried 6.0.5 the issue persist #12928
Fixed test in DefaultLoginPageGeneratingFilterTests #12694

Bug in documentation of Storing the Authentication manually #12850
DaoAuthenticationProvider is not usable on RHEL 8.7 with enforced FIPS mode #12873
EntityId ignored in xml relying-party-registration #12776
Fix .access(...) parameter #12676
Fix a javadoc typo in ReactiveAuthorizationManager #12999
Fix a javadoc typo in ReactiveAuthorizationManager #12982
Fix ID of WebSocket Authorization section #12872
HttpSessionSecurityContextRepository fails to create a session because of the deferred security context support #12314
JdkSerializationRedisSerializer is not able to serialize Saml2LogoutRequest because of a lambda encoder #12472
Missing spring-security-oauth2 xsds after release #12805
NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder holds a reference to JWSVerificationKeySelector before ConfigurableJWTProcessor.setJWSKeySelector is executed #13004
RelyingPartyRegistrations should not fail when SPSSODescriptor elements are present #13054
Saml2 RelyingPartyRegistration.nameIdFormat is ignored and not set in AuthnRequest from OpenSamlAuthenticationRequestResolver #12935
SecurityWebApplicationInitializer.getSecurityDispatcherTypes example is wrong in migration guide #12939
SwitchUserFilter should use HttpSessionSecurityContextRepository by default #12835

We'd like to thank all the contributors who worked on this release!