This version is still in development and is not considered stable yet. For the latest stable version, please use Spring Security 6.4.1! |
What’s New in Spring Security 5.7
Spring Security 5.7 provides a number of new features. Below are the highlights of the release.
Servlet
-
Web
-
Introduced
RequestAttributeSecurityContextRepository
-
Introduced
SecurityContextHolderFilter
- Ability to require explicit saving of theSecurityContext
-
Added DSL support for Cross Origin Policies headers
-
-
OAuth 2.0 Client
-
Allow configuring PKCE for confidential clients
-
Allow configuring a JWT assertion resolver in
JwtBearerOAuth2AuthorizedClientProvider
-
Allow customizing claims on JWT client assertions
-
-
SAML 2.0
WebFlux
-
Web
-
Allow customizing charset in
ServerHttpBasicAuthenticationConverter
-
Added DSL support for Cross Origin Policies headers
-
-
OAuth 2.0 Client
-
Allow configuring PKCE for confidential clients
-
Allow configuring a JWT assertion resolver in
JwtBearerReactiveOAuth2AuthorizedClientProvider
-