Prepare for Spring Security 5.8
This commit is contained in:
Josh Cummings
@@ -6,4 +6,4 @@ This appendix provides a reference to the elements available in the security nam
|
||||
If you haven't used the namespace before, please read the xref:servlet/configuration/xml-namespace.adoc#ns-config[introductory chapter] on namespace configuration, as this is intended as a supplement to the information there.
|
||||
Using a good quality XML editor while editing a configuration based on the schema is recommended as this will provide contextual information on which elements and attributes are available as well as comments explaining their purpose.
|
||||
The namespace is written in https://relaxng.org/[RELAX NG] Compact format and later converted into an XSD schema.
|
||||
If you are familiar with this format, you may wish to examine the https://raw.githubusercontent.com/spring-projects/spring-security/main/config/src/main/resources/org/springframework/security/config/spring-security-5.7.rnc[schema file] directly.
|
||||
If you are familiar with this format, you may wish to examine the https://raw.githubusercontent.com/spring-projects/spring-security/main/config/src/main/resources/org/springframework/security/config/spring-security-5.8.rnc[schema file] directly.
|
||||
|
||||
@@ -1,37 +1,7 @@
|
||||
[[new]]
|
||||
= What's New in Spring Security 5.7
|
||||
= What's New in Spring Security 5.8
|
||||
|
||||
Spring Security 5.7 provides a number of new features.
|
||||
Spring Security 5.8 provides a number of new features.
|
||||
Below are the highlights of the release.
|
||||
|
||||
[[whats-new-servlet]]
|
||||
== Servlet
|
||||
|
||||
* Web
|
||||
|
||||
** Introduced xref:servlet/authentication/persistence.adoc#requestattributesecuritycontextrepository[`RequestAttributeSecurityContextRepository`]
|
||||
** Introduced xref:servlet/authentication/persistence.adoc#securitycontextholderfilter[`SecurityContextHolderFilter`] - Ability to require explicit saving of the `SecurityContext`
|
||||
** Added DSL support for xref:servlet/exploits/headers.adoc#servlet-headers-cross-origin-policies[Cross Origin Policies headers]
|
||||
|
||||
* OAuth 2.0 Client
|
||||
|
||||
** Allow configuring https://github.com/spring-projects/spring-security/issues/6548[PKCE for confidential clients]
|
||||
** Allow configuring a https://github.com/spring-projects/spring-security/issues/9812[JWT assertion resolver] in `JwtBearerOAuth2AuthorizedClientProvider`
|
||||
** Allow customizing claims on https://github.com/spring-projects/spring-security/issues/9855[JWT client assertions]
|
||||
|
||||
* SAML 2.0
|
||||
|
||||
** Added xref:servlet/appendix/namespace/http.adoc#nsa-saml2-login[SAML 2.0 Login & Single Logout XML support]
|
||||
|
||||
[[whats-new-webflux]]
|
||||
== WebFlux
|
||||
|
||||
* Web
|
||||
|
||||
** Allow customizing https://github.com/spring-projects/spring-security/issues/10903[charset] in `ServerHttpBasicAuthenticationConverter`
|
||||
** Added DSL support for xref:reactive/exploits/headers.adoc#webflux-headers-cross-origin-policies[Cross Origin Policies headers]
|
||||
|
||||
* OAuth 2.0 Client
|
||||
|
||||
** Allow configuring https://github.com/spring-projects/spring-security/issues/6548[PKCE for confidential clients]
|
||||
** Allow configuring a https://github.com/spring-projects/spring-security/issues/9812[JWT assertion resolver] in `JwtBearerReactiveOAuth2AuthorizedClientProvider`
|
||||
|
||||
Reference in New Issue
Block a user