⭐ New Features
- Explain the rational about deprecating .and() and non-lambda DSL methods #13094
- Revisit CSRF Documentation #13089
🪲 Bug Fixes
- AffirmativeBased vs. AuthorizationManagers.anyOf(...) documentation #13087
- AuthorizationAnnotationUtils.findUniqueAnnotation broken for synthetic methods #13154
- Clarify that Kotlin DSL needs an import #13103
- CookieCsrfTokenRepository overwrites previous Set-Cookie response headers #13075
- Fix code snippets in Authorize HttpServletRequest #13126
- Fix invalid link in ref doc #12573
- fix javadoc typo #12884
- Fix typo cas.adoc #13116
- Links between migration docs are out of date #13157
- RememberMeAuthenticationFilter does not use SecurityContextRepository configured in HttpSecurity #13128
- rolePrefix with empty string returns HTTP 400 as of version 6.0.3 #13083
- SAML login fails in Internet Explorer 11 #13142
- SimpleAroundFilterObservation.wrap calls scope.close() duplicated #13150
- Spring Boot 3.0 application failing to start with oauth2-resource-server and spring actuator #13122
- Update acls.adoc #13078
- Update architecture.adoc #13077
- Web Security Expression section of Documentation is obsolete or it does not work #12974
🔨 Dependency Upgrades
- Update com.nimbusds to 9.43.2 #13165
- Update io.projectreactor to 2022.0.7 #13167
- Update jackson-bom to 2.14.3 #13162
- Update jackson-databind to 2.14.3 #13163
- Update jackson-datatype-jsr310 to 2.14.3 #13164
- Update junit-bom to 5.9.3 #13170
- Update junit-platform-launcher to 1.9.3 #13172
- Update logback-classic to 1.4.7 #13161
- Update micrometer-observation to 1.10.7 #13166
- Update org.jetbrains.kotlin to 1.8.21 #13169
- Update org.junit.jupiter to 5.9.3 #13171
- Update org.springframework to 6.0.9 #13173
- Update org.springframework.data to 2022.0.6 #13174
- Update reactor-netty to 1.1.7 #13168
- Update Spring Boot to 3.0.6 #13177
- Update spring-ldap-core to 3.0.3 #13175
❤️ Contributors
We'd like to thank all the contributors who worked on this release!