Spring Security OAuth
2.5.2.RELEASEDeprecation Notice
The Spring Security OAuth project is deprecated. The latest OAuth 2.0 support is provided by Spring Security. See the OAuth 2.0 Migration Guide for further details.
Spring Security OAuth provides support for using Spring Security with OAuth (1a) and OAuth2 using standard Spring and Spring Security programming models and configuration idioms.
Features
-
Support for OAuth providers and OAuth consumers
-
Oauth 1(a) (including two-legged OAuth, a.k.a. "Signed Fetch")
-
OAuth 2.0
Applying security to an application is not for the faint of heart, and OAuth is no exception. Before you get started, you’re going to want to make sure you understand OAuth and the problem it’s designed to address. There is good documentation at the OAuth site. You will also want to make sure you understand how Spring and Spring Security work.
You’re going to want to be quite familiar with both OAuth (and/or OAuth2) and Spring Security, to maximize the effectiveness of this developers guide. OAuth for Spring Security is tightly tied to both technologies, so the more familiar you are with them, the more likely you’ll be to recognize the terminology and patterns that are used.
Documentation
2.5.2.RELEASE CURRENT GA | Reference Doc. | API Doc. |
2.5.3.BUILD-SNAPSHOT SNAPSHOT | Reference Doc. | API Doc. |
Branch | Initial Release | End of Support | End Commercial Support * |
---|---|---|---|
2.5.x
|
2020-05-28 | 2022-05-28 | 2022-05-28 |
OSS support
Free security updates and bugfixes with support from the Spring community. See VMware Tanzu OSS support policy.
Commercial support
Business support from Spring experts during the OSS timeline, plus extended support after OSS End-Of-Life.
Publicly available releases for critical bugfixes and security issues when requested by customers.
Future release
Generation not yet released, timeline is subject to changes.