On behalf of the community, I’m pleased to announce the release of Spring Security 4.1.0.RC2. This release resolved over 60 tickets.

What’s New in 4.1

You can find a good summary of What’s New in Spring Security 4.1 in the reference documentation.

Contributions

Without the community we couldn’t be the successful project we are today. I’d like to thank everyone that created issues & provided feedback. A special thanks to the following people who provided pull requests for this release:

• #51 - SEC-1932 Add Pbkdf2PasswordEncoder Thanks Rob Worsnop
• #180 - Allow setting alwaysRemember from RememberMeConfigurer Thanks Leon Radley
• #183 - Remove duplicate test. Thanks Johnny Lim
• #193 - Fix corrupted character and add formatting per the duplicated text block Thanks Art O Cathain
• #196 - SEC-2978: fix typos in documentation Thanks Soeun Park
• #197 - Update HttpSecurity.java logout() sample code Thanks Jeffrey Walraven
• #228 - Fix typos Thanks Johnny Lim
• #3764 - Authentication Success and Failure Handlers in AbstractPreAuthenticatedProcessingFilter Thanks Shazin Sadakath
• #3777 - Content Negotiating Logout Success Handler #3282 Thanks Shazin Sadakath
• #3779 - BouncyCastle implementation of “AES/CBC/PKCS5Padding” and “AES/GCM/NoPadding” Thanks Will Tran
• #3782 - SpEL variables can be referenced in the expression using the syntax #… Thanks Kamill Sokol
• #3785 - Fix typo in xsd Thanks Quinten De Swaef
• #3793 - SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>) Thanks Eddú Meléndez Gonzales
• #3800 - Add GitHub Pull Request template Thanks Vedran Pavić
• #3803 - Fix typo in setMessageExpessionHandler Thanks Nicolai Ehemann
• #3807 - Update ExpressionUrlAuthorizationConfigurer.java Thanks Matthias Merdes
• #3811 - Update TestNG Thanks Marten Deinum
• #3813 - HeaderWriterFilter: Fix Javadoc. Thanks Simon Olofsson
• #3816 - Skip tests when AesBytesEncryptor can’t be created in CBC or GCM mode. Thanks Will Tran
• #3817 - Refactor test assumptions about JCE to common class. Thanks Will Tran
• #3819 - Fix HpkpHeaderWriter Javadoc formatting Thanks Andrew NS Yeow
• #3822 - Only use methods present in Bouncy Castle 1.47. Thanks Will Tran
• #3826 - Remove duplicate words Thanks Johnny Lim

Feedback Please

If you have feedback on this release, I encourage you to reach out via StackOverflow, GitHub Issues, or via the comments section. You can also ping me @rob_winch or Joe (our latest full time Spring Security team member) @joe_grandja on Twitter.

Of course the best feedback comes in the form of contributions.

Project Site | Reference | Guides | Help