Skip to content

Commit 4ba8f8b

Browse files
jzheauxjzheaux
committed
Update What's New
Closes gh-12024
1 parent f4cc27c commit 4ba8f8b

File tree

1 file changed

+20
-1
lines changed

1 file changed

+20
-1
lines changed

docs/modules/ROOT/pages/whats-new.adoc

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@
44
Spring Security 6.0 provides a number of new features.
55
Below are the highlights of the release.
66

7+
== Baseline Changes
8+
9+
* Spring Security 6 requires JDK 17
10+
711
== Breaking Changes
812

913
* https://github.com/spring-projects/spring-security/issues/10556[gh-10556] - Remove EOL OpenSaml 3 Support.
@@ -33,8 +37,23 @@ Instead, use `requestMatchers` or `HttpSecurity#securityMatchers`.
3337
* https://github.com/spring-projects/spring-security/issues/12019[gh-12019] - Remove deprecated method `setTokenFromMultipartDataEnabled` from `CsrfWebFilter`
3438
* https://github.com/spring-projects/spring-security/issues/12020[gh-12020] - Remove deprecated method `tokenFromMultipartDataEnabled` from Java Configuration
3539
* https://github.com/spring-projects/spring-security/issues/9429[gh-9429] - `Authentication(Web)Filter` rethrows `AuthenticationServiceException`s
40+
* https://github.com/spring-projects/spring-security/issues/11027[gh-11027], https://github.com/spring-projects/spring-security/issues/11466[gh-11466] - Authorization on every dispatcher type
41+
* https://github.com/spring-projects/spring-security/issues/11110[gh-11110] - Require explicit session saves by default
42+
* https://github.com/spring-projects/spring-security/issues/11057[gh-11057] - Remove `MessageSourceAware` from `ExceptionTranslationWebFilter`
43+
* https://github.com/spring-projects/spring-security/issues/12022[gh-12202] - Remove OAuth deprecations
44+
* Remove SAML deprecations
3645

37-
== Observability
46+
== Core
3847

48+
* https://github.com/spring-projects/spring-security/issues/11446[gh-11446] - Add native image support for `@PreAuthorize`
49+
* https://github.com/spring-projects/spring-security/issues/11737[gh-11737] - Add native image support for `@PostAuthorize`
3950
* xref:servlet/integrations/observability.adoc[Instrumentation] of `AuthenticationManager`, `AuthorizationManager`, and `FilterChainProxy`
4051
* xref:reactive/integrations/observability.adoc[Instrumentation] of `ReactiveAuthenticationManager`, `ReactiveAuthorizationManager`, and `WebFilterChainProxy`
52+
53+
== LDAP
54+
55+
* https://github.com/spring-projects/spring-security/pull/9276[gh-9276] - LdapAuthoritiesPopulator is post-processed
56+
57+
== Web
58+
59+
* https://github.com/spring-projects/spring-security/issues/11432[gh-11432] - `CookieServerCsrfTokenRepository` supports maxage

0 commit comments

Comments
 (0)