On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Security
6.0.0-M5 is available now.
This release includes dependency upgrades, bug fixes, and minor enhancements as well as a fix for a bug where the
StrictHttpFirewall incorrectly rejects valid CJKV characters. The milestone contains a few noteworthy changes:
Authorization on Every Dispatch Type
Change the default of shouldFilterAllDispatchTypes to true
Default to SecurityContextHolderFilter instead of SecurityContextPersistenceFilter
Remove SAML Deprecations