Spring Security 3.2.3 has been released and is now available from Maven Central. This release brings a number of bug fixes including:
- A fix to Java Configuration to work with Spring Boot. See SEC-2531
- A fix to Java Configuration that when CSRF protection is disabled allows remembering the last page prior to authenticating when it is a POST to work with JSF. See SEC-2498
You can find additional details within the changelog .