Spring Security 3.2.0.RC1 Released

Releases | Rob Winch | August 31, 2013 | ...

Spring Security 3.2.0.RC1 is now available from the SpringSource repository at http://repo.springsource.org. See here for a quick tutorial on resolving these artifacts via Maven.

This release includes tons of updates and fixes. The highlights include:

Polishing of Spring Security Java Configuration

Uses content negotiation to determine how to prompt user for authentication when multiple authentication mechanisms (i.e. HTTP Basic and Form login) enabled
AbstractSecurityWebApplicationInitializer allows registering Java Configuration directly
A number of bugs fixed

CSRF protection and automatic integration with Spring Web MVC jsp tags

Automatic cache control support

Defence against Clickjacking attacks

HTTP Strict Transport Security support to reduce Man in the Middle attacks

Samples include pom.xml so they can be imported as Maven projects

MediaTypeRequestMatcher for matching on requests with content negotiation

Over ten java configuration samples have been integrated into the samples directory

Three new guides that walk users through samples and provide detailed instructions on how to do specific tasks. More of these guides will follow in coming releases

Refer to Spring Security 3.2.0.RC1 preview for more details about this release.

SpringOne2GX

To learn about all the new features within Spring Security 3.2 attend my Getting Started with Spring Security 3.2 presentation at SpringOne2GX September 9-12, 2013. If you haven't already gotten your tickets, do so now before its too late!

Changelog | Download | Reference Manual | Guides | FAQ

Spring blog

Spring Security 3.2.0.RC1 Released

Get the Spring newsletter

Get ahead

Get support

Upcoming events