On behalf of the community, it is my pleasure to announce the general availability of Spring Security 5.1. This release closes off 50+ tickets. Please check out the What’s New in Spring Security 5.1. As always, we look forward to hearing your feedback! Project Site | Reference | Help
I’m pleased to announce the releases of Spring Security OAuth 2.3.3, 2.2.2, 2.1.2 and 2.0.15. These maintenance releases primarily deliver bug fixes. For a complete list of changes, please refer to: 2.3.3 changelog 2.2.2 changelog 2.1.2 changelog 2.0.15 changelog 2018-05-09 Update: The releases address a vulnerability. Please see this blog post published after the associated Spring Boot 1.5.13 release. Project Page | GitHub | Documentation | Help
On behalf of the community, I’m pleased to announce the release of Spring Security OAuth 2.3.2.RELEASE. This release resolves a runtime incompatibility issue with RedisTokenStore and Spring Data Redis 2.0.x. See #1319 and #1335. This release also includes a few minor enhancements and bug fixes. Project Page | GitHub | Documentation | Help
I’m pleased to announce the releases of Spring Security 5.0.4 and 4.2.5. Both releases primarily deliver bug fixes and dependency version updates along with some minor improvements. For a complete list of changes, please refer to the 5.0.4 changelog and 4.2.5 changelog. Project Site | Reference | Help
On behalf of the community, I’m pleased to announce the release of Spring Security OAuth 2.3.0.RELEASE. The 2.3.0 release adds new support for Elliptic Curve signature verification in JwkTokenStore. Thank you Michael Duergner for this contribution! This release also includes a few minor enhancements and bug fixes. Project Page | GitHub | Documentation | Help
I’m pleased to announce the release of Spring Security OAuth Boot 2 Auto-config 2.0.0. This project is intended to be used to help users transition between the old Spring Security OAuth 2.x support and the Next Generation OAuth 2.0 Support in Spring Security 5. It provides users of Spring Security OAuth 2.x the same auto-configuration capabilities in a Spring Boot 2.0 based application that is currently available in Spring Boot 1.5.x. For more details please refer to the documentation. GitHub | Reference | Help
On behalf of the community, I’m pleased to announce the release of Spring Security OAuth 2.3.0.RC1. The 2.3.0.RC1 release adds new support for Elliptic Curve signature verification in JwkTokenStore. This release also includes a few minor enhancements and bug fixes. Project Page | GitHub | Documentation | Help
Note See the latest announcements on Announcing the Spring Authorization Server and Spring Security OAuth 2.0 Roadmap Update Current State The current state of OAuth 2.0 Support, within the Spring projects portfolio, is spread out between Spring Security OAuth, Spring Cloud Security, Spring Boot 1.5.x, and the new support introduced in Spring Security 5. As a user of OAuth, you may be asking, "Which project(s) do I use? And why has Spring Security 5 introduced new support into the mix?" To put it simply, there was a need to unify the OAuth 2.0 support into one project in order to provide a…
On behalf of the community, I’m pleased to announce the release of Spring Security OAuth 2.2.1.RELEASE. The 2.2.1.RELEASE is a maintenance release that includes bug fixes and minor improvements. Project Page | GitHub | Documentation | Help
On behalf of the community, I’m pleased to announce the release of Spring Security OAuth 2.2.0.RELEASE. The 2.2.0.RELEASE includes the following new features: JwtClaimsSetVerifier that provides the capability of verifying the claim(s) contained in a JWT Claims Set. IssuerClaimVerifier that verifies the Issuer (iss) claim contained in the JWT Claims Set. DelegatingJwtClaimsSetVerifier that simply delegates claims verification to it’s internal list of JwtClaimsSetVerifier(s). ProviderDiscoveryClient that is capable of discovering provider configuration information as defined by the OpenID…
