⭐ New Features
- Add XML Based shouldWriteHeadersEagerly tests #19018
- Merge Add CredentialRecordOwnerAuthorizationManager #19005
🪲 Bug Fixes
- Add equals and hashcode to HttpMethodRequestMatcher #18963
- auth_time claim doesn't show the time of the original authentication #18282
- auth_time validation fails when SSO session is renewed #18978
- Fallback defaultTargetUrl if refererHeader is empty #18981
- Fix HttpSessionRequestCache#getMatchingRequest query string parsing #18972
- Merge Handle null value in OnCommittedResponseWrapper header methods #18990
- OAuth2 client sessionManagement ineffective with DefaultOidcUser #19022
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.10 to 1.14.11 in /docs #19054 - Bump
@springio/antora-extensions from 1.14.7 to 1.14.9 in /docs #18953 - Bump
@springio/antora-extensions from 1.14.9 to 1.14.10 in /docs #19029 - Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.17 to 1.0.0-alpha.18 in /docs #18957 - Bump actions/upload-artifact from 7.0.0 to 7.0.1 #19096
- Bump com.webauthn4j:webauthn4j-core from 0.31.1.RELEASE to 0.31.2.RELEASE #19021
- Bump com.webauthn4j:webauthn4j-core from 0.31.2.RELEASE to 0.31.3.RELEASE #19114
- Bump io.projectreactor:reactor-bom from 2025.0.4 to 2025.0.5 #19080
- Bump org.apache.maven:maven-resolver-provider from 3.9.14 to 3.9.15 #19111
- Bump org.springframework.data:spring-data-bom from 2025.1.4 to 2025.1.5 #19113
- Bump org.springframework.ldap:spring-ldap-core from 4.0.2 to 4.0.3 #19098
- Bump org.springframework:spring-framework-bom from 7.0.6 to 7.0.7 #19112
- Bump spring-io/spring-gradle-build-action from 2.0.5 to 2.0.6 #18996
- Bump spring-io/spring-release-actions from 0.0.3 to 0.0.4 #19095
- Bump spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml from 1.0.14 to 1.0.15 #18948
❤️ Contributors
Thank you to all the contributors who worked on this release: