On behalf of the team and everyone who has contributed, we are very excited to announce the general availability of Spring Security 6.0! In addition, we are pleased to announce the general availability of Spring Security 5.8, which is provided to simplify upgrading to 6.0.
The 5.8 release brings numerous enhancements, such as session handling improvements, expanded support for the
AuthorizationManager API, and additional defense in-depth with support for CSRF BREACH. Check out What’s New in Spring Security 5.8 for a list of new features available in the release.
The 6.0 release adds integration with Spring Observability and works with support for AOT processing provided by Spring Framework 6. Check out What’s New in Spring Security 6.0 for a list of new features available in the release.
Spring Security 6.0 is based on Spring Framework 6.0 and will require a minimum of JDK 17 at runtime. In order to prepare your application for this major release, you are recommended to follow the steps outlined in the migration guide for the 5.8 release and the subsequent steps in the migration guide for the 6.0 release.
As always, we look forward to hearing your feedback!