Home Verkennen Help
Registreren Inloggen
github
/
spring-security
spiegel van https://github.com/spring-projects/spring-security
2
0
Vork 0
Bestanden Issues 0 Wiki
Boom: 6.5.0-M3
Aftakkingen Labels
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
whats-new.adoc

whats-new.adoc 2.0 KB
Permalink Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930 
  1. [[new]]
    2. 

  2. = What's New in Spring Security 6.5
    3. 

  3. 

  4. Spring Security 6.5 provides a number of new features.
    5. 

  5. Below are the highlights of the release, or you can view https://github.com/spring-projects/spring-security/releases[the release notes] for a detailed listing of each feature and bug fix.
    6. 

  6. 

  7. == New Features
    8. 

  8. 

  9. * Support for automatic context-propagation with Micrometer (https://github.com/spring-projects/spring-security/issues/16665[gh-16665])
    10. 

  10. 

  11. == Breaking Changes
    12. 

  12. 

  13. === Observability
    14. 

  14. 

  15. The `security.security.reached.filter.section` key name was corrected to `spring.security.reached.filter.section`.
    16. 

  16. Note that this may affect reports that operate on this key name.
    17. 

  17. 

  18. == OAuth
    19. 

  19. 

  20. * https://github.com/spring-projects/spring-security/pull/16386[gh-16386] - Enable PKCE for confidential clients using `ClientRegistration.clientSettings.requireProofKey=true` for xref:servlet/oauth2/client/core.adoc#oauth2Client-client-registration-requireProofKey[servlet] and xref:reactive/oauth2/client/core.adoc#oauth2Client-client-registration-requireProofKey[reactive] applications
    21. 

  21. 

  22. == WebAuthn
    23. 

  23. 

  24. * https://github.com/spring-projects/spring-security/pull/16282[gh-16282] - xref:servlet/authentication/passkeys.adoc#passkeys-configuration-persistence[JDBC Persistence] for WebAuthn/Passkeys
    25. 

  25. * https://github.com/spring-projects/spring-security/pull/16397[gh-16397] - Added the ability to configure a custom `HttpMessageConverter` for Passkeys using the optional xref:servlet/authentication/passkeys.adoc#passkeys-configuration[`messageConverter` property] on the `webAuthn` DSL.
    26. 

  26. * https://github.com/spring-projects/spring-security/pull/16396[gh-16396] - Added the ability to configure a custom xref:servlet/authentication/passkeys.adoc#passkeys-configuration-pkccor[`PublicKeyCredentialCreationOptionsRepository`]
    27. 

  27. 

  28. == One-Time Token Login
    29. 

  29. 

  30. * https://github.com/spring-projects/spring-security/issues/16291[gh-16291] - `oneTimeTokenLogin()` now supports customizing GenerateOneTimeTokenRequest xref:servlet/authentication/onetimetoken.adoc#customize-generate-token-request[via GenerateOneTimeTokenRequestResolver]
    31.