From 4ee46a5f58f44c7a2ecebf0b3bab82bc34966ccd Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@users.noreply.github.com>
Date: Wed, 20 Apr 2016 20:26:54 -0400
Subject: [PATCH] Add What's new in 4.1 RC2

Add What's new in 4.1 RC2

Fixes gh-3830
---
 docs/manual/src/docs/asciidoc/index.adoc | 34 +++++++++++++++++-------
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/docs/manual/src/docs/asciidoc/index.adoc b/docs/manual/src/docs/asciidoc/index.adoc
index 81bd679046..f488467223 100644
--- a/docs/manual/src/docs/asciidoc/index.adoc
+++ b/docs/manual/src/docs/asciidoc/index.adoc
@@ -372,25 +372,41 @@ This will give you access to the entire project history (including all releases
 [[new]]
 == What's New in Spring Security 4.1
 
-There were https://github.com/spring-projects/spring-security/milestones/4.1.0%20RC1[100+ issues] fixed in Spring Security 4.1.
-You can find the highlights below:
+There were https://github.com/spring-projects/spring-security/milestones/4.1.0%20RC1[100+ RC1 issues] and https://github.com/spring-projects/spring-security/milestones/4.1.0%20RC2[60+ RC2 issues] fixed in Spring Security 4.1.
 
-* <<el-access-web-path-variables,Path Variables in Web Security Expressions>>
+Here is the list of improvements:
+
+=== Java Configuration Improvements
+* <<jc-authentication-userdetailsservice,Simplified UserDetailsService Java Configuration>>
+* <<jc-authentication-authenticationprovider,Simplified AuthenticationProvider Java Configuration>>
+* Configurable Content Negotiating `LogoutSuccessHandler`(s) via `LogoutConfigurer`
+* Configurable `InvalidSessionStrategy` via `SessionManagementConfigurer`
+* Ability to add a `Filter` at a specific location in the chain using `HttpSecurity.addFilterAt`
+
+=== Web Application Security Improvements
 * <<headers-csp,Content Security Policy (CSP)>>
 * <<headers-hpkp,HTTP Public Key Pinning (HPKP)>>
 * <<csrf-cookie,CookieCsrfTokenRepository>> provides simple AngularJS & CSRF integration
 * Added `ForwardAuthenticationFailureHandler` & `ForwardAuthenticationSuccessHandler`
+
+=== Authorization Improvements
+* <<el-access-web-path-variables,Path Variables in Web Security Expressions>>
+* <<method-security-meta-annotations,Method Security Meta Annotations>>
+
+=== Crypto Module Improvements
 * SCrypt support with `SCryptPasswordEncoder`
 * PBKDF2 support with <<spring-security-crypto-passwordencoders,Pbkdf2PasswordEncoder>>
-* Meta Annotation Support
-** <<test-method-meta-annotations,Test Meta Annotations>>
-** <<method-security-meta-annotations,Method Security Meta Annotations>>
+* New `BytesEncryptor` implementation for BouncyCastle using _AES/CBC/PKCS5Padding_ and _AES/GCM/NoPadding_ algorithms
+
+=== Testing Improvements
 * <<test-method-withanonymoususer,@WithAnonymousUser>>
 * <<test-method-withuserdetails,@WithUserDetails>> allows specifying the `UserDetailsService` bean name
-* <<jc-authentication-userdetailsservice,Simplified UserDetailsService Java Configuration>>
-* <<jc-authentication-authenticationprovider,Simplified AuthenticationProvider Java Configuration>>
-* Moved to GitHub issues
+* <<test-method-meta-annotations,Test Meta Annotations>>
+* Ability to mock a list of `GrantedAuthority` using `SecurityMockMvcResultMatchers.withAuthorities`
 
+=== General Improvements
+* Re-organization of sample projects
+* Moved to GitHub issues
 
 [[jc]]
 == Java Configuration