On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Session 3.2.2 and 3.1.5 are available now. These releases are mostly composed of bug fixes, dependency upgrades and documentation improvements.
To learn more, please visit the releases page for 3.2.2 and 3.1.5.
On behalf of the team and everyone who has contributed, it is my pleasure to announce the release of Spring Session 3.3.0-M3! The milestone release of Spring Session contains a few noteworthy new features:
ReactiveSessionRegistry #2824PlatformTransactionManager to be specified using @SpringSessionTransactionManager #2821See the 3.3.0-M3 release notes for complete details.
On behalf of the team and everyone who has contributed, I am pleased to announce that the third milestone of Spring Security 6.3 is released. This release brings several new features that you can check on the release page or on the What's New section of the 6.3 documentation.
In addition to that, Spring Security 6.2.3, 6.1.8, 6.0.10, 5.8.11 and 5.7.12 have been released as well! These releases are mostly composed of bug fixes, dependency upgrades and documentation improvements.
The releases address CVE-2024-22257 for Possible Broken Access Control in Spring Security With Direct Use of…
In the early versions of Spring Security, a deliberate decision was made to avoid providing any guarantee of compatibility for serialized classes (via JDK serialization) between different versions of the project. This decision primarily took into account the context of RMI, with the recommendation being that both the server and client should use the same version of Spring Security.
As more apps depend on persistent sessions and technologies like Spring Session, the problem with inconsistent serialization becomes a bigger deal. Persistent sessions mean saving user sessions by turning them into…
On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Session 3.3.0-M1 is now available.
This milestone brings a Reactive Redis Indexed implementation of ReactiveSessionRepository with support for session events and find sessions by principal name.
This new implementation takes a slightly different approach on how to store and retrieve the secondary indexes information, as well as the session expiration strategy. Check out the documentation and give it a try, we are looking forward to receiving your feedback.
Project Page | GitHub | Issues | Documentation | …
On behalf of the Spring Security team, it is my pleasure to announce that Spring Session 3.2.0 is generally available from Maven Central now! The 3.2 generation comes with some key improvements:
SessionIdGenerator to allow custom session id generationYou can check the related documentation on the What's New section of the reference docs.
This release will be included in the upcoming Spring Boot 3.2 GA release. We are looking forward to hearing your feedback.
On behalf of the Spring Security team, it is my pleasure to announce that Spring Security 6.2.0 is generally available from Maven Central now! The 6.2 generation comes with improvements that you can check on the What's New section of the documentation.
Spring Security 6.2 has upgraded its Spring Framework baseline to 6.1 along with Project Reactor 2023.0.0 and Micrometer 1.12.0 while requiring Java 17 as minimum platform version and supporting up to Java 21 for Virtual Threads support.
This release will be included in the upcoming Spring Boot 3.2 GA release. We'd like to hear from you, so keep…
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Session 3.2.0-M1 is available now. This release comes with the support for using different strategies to generate session identifiers. Make sure to check it out and give your feedback.
To learn more about that release, please visit the releases page.
On behalf of the team and everyone who has contributed, I am pleased to announce that the Spring Security 6.1.0-RC1, 6.0.3, 5.8.3 and 5.7.8 versions are available now.
Please refer to the releases page for more detail on what is included in each release.
Those versions fix the following CVE:
The 6.0.3 and 5.7.8 versions will be shipped with Spring Boot 3.0.6 and 2.7.11, to be released next Thursday. In the meantime, you can update your existing Spring Boot application to pick up the latest Spring Security version.
For Gradle builds in build.gradle…
On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Security 6.0.1, 5.8.1, 5.7.6 and 5.6.10 are available now. In all cases, the releases are mostly composed of bug fixes and documentation improvements.
To learn more, please visit the 6.0.1, 5.8.1, 5.7.6 and 5.6.10 release summaries.
VMware offers training and certification to turbo-charge your progress.
Learn moreTanzu Spring Runtime offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreCheck out all the upcoming events in the Spring community.
View all