close

Spring Security 3.2.0.RC1 Released

Spring Security 3.2.0.RC1 is now available from the SpringSource repository at http://repo.springsource.org. See here for a quick tutorial on resolving these artifacts via Maven.


This release includes tons of updates and fixes. The highlights include:


  • Polishing of Spring Security Java Configuration

    • Uses content negotiation to determine how to prompt user for authentication when multiple authentication mechanisms (i.e. HTTP Basic and Form login) enabled

    • AbstractSecurityWebApplicationInitializer allows registering Java Configuration directly

    • A number of bugs fixed



  • CSRF protection and automatic integration with Spring Web MVC jsp tags

  • Automatic cache control support

  • Defence against Clickjacking attacks

  • HTTP Strict Transport Security support to reduce Man in the Middle attacks

  • Samples include pom.xml so they can be imported as Maven projects

  • MediaTypeRequestMatcher for matching on requests with content negotiation

  • Over ten java configuration samples have been integrated into the samples directory

  • Three new guides that walk users through samples and provide detailed instructions on how to do specific tasks. More of these guides will follow in coming releases
  • Refer to Spring Security 3.2.0.RC1 preview for more details about this release.

    SpringOne2GX

    To learn about all the new features within Spring Security 3.2 attend my Getting Started with Spring Security 3.2 presentation at SpringOne2GX September 9-12, 2013. If you haven't already gotten your tickets, do so now before its too late!

    Changelog | Download | Reference Manual | Guides | FAQ

    comments powered by Disqus