|
|
@@ -11,6 +11,7 @@ Below are the highlights of the release.
|
|
|
|
|
|
** Introduced xref:servlet/authentication/persistence.adoc#requestattributesecuritycontextrepository[`RequestAttributeSecurityContextRepository`]
|
|
|
** Introduced xref:servlet/authentication/persistence.adoc#securitycontextholderfilter[`SecurityContextHolderFilter`] - Ability to require explicit saving of the `SecurityContext`
|
|
|
+** Added DSL support for xref:servlet/exploits/headers.adoc#servlet-headers-cross-origin-policies[Cross Origin Policies headers]
|
|
|
|
|
|
* OAuth 2.0 Client
|
|
|
|
|
|
@@ -18,12 +19,17 @@ Below are the highlights of the release.
|
|
|
** Allow configuring a https://github.com/spring-projects/spring-security/issues/9812[JWT assertion resolver] in `JwtBearerOAuth2AuthorizedClientProvider`
|
|
|
** Allow customizing claims on https://github.com/spring-projects/spring-security/issues/9855[JWT client assertions]
|
|
|
|
|
|
+* SAML 2.0
|
|
|
+
|
|
|
+** Added xref:servlet/appendix/namespace/http.adoc#nsa-saml2-login[SAML 2.0 Login & Single Logout XML support]
|
|
|
+
|
|
|
[[whats-new-webflux]]
|
|
|
== WebFlux
|
|
|
|
|
|
* Web
|
|
|
|
|
|
** Allow customizing https://github.com/spring-projects/spring-security/issues/10903[charset] in `ServerHttpBasicAuthenticationConverter`
|
|
|
+** Added DSL support for xref:reactive/exploits/headers.adoc#webflux-headers-cross-origin-policies[Cross Origin Policies headers]
|
|
|
|
|
|
* OAuth 2.0 Client
|
|
|
|
Marcus Da Coregio