Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add What's new in 4.1 RC2 

Add What's new in 4.1 RC2

Fixes gh-3830
This commit is contained in:
Joe Grandja 2016-04-20 20:26:54 -04:00 committed by Rob Winch
parent 7fe0a135ec
commit 4ee46a5f58
1 changed files with 25 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
docs/manual/src/docs/asciidoc/index.adoc
View File

@ -372,25 +372,41 @@ This will give you access to the entire project history (including all releases
[[new]]
== What's New in Spring Security 4.1
There were https://github.com/spring-projects/spring-security/milestones/4.1.0%20RC1[100+ issues] fixed in Spring Security 4.1.
You can find the highlights below:
There were https://github.com/spring-projects/spring-security/milestones/4.1.0%20RC1[100+ RC1 issues] and https://github.com/spring-projects/spring-security/milestones/4.1.0%20RC2[60+ RC2 issues] fixed in Spring Security 4.1.
* <<el-access-web-path-variables,Path Variables in Web Security Expressions>>
Here is the list of improvements:
=== Java Configuration Improvements
* <<jc-authentication-userdetailsservice,Simplified UserDetailsService Java Configuration>>
* <<jc-authentication-authenticationprovider,Simplified AuthenticationProvider Java Configuration>>
* Configurable Content Negotiating `LogoutSuccessHandler`(s) via `LogoutConfigurer`
* Configurable `InvalidSessionStrategy` via `SessionManagementConfigurer`
* Ability to add a `Filter` at a specific location in the chain using `HttpSecurity.addFilterAt`
=== Web Application Security Improvements
* <<headers-csp,Content Security Policy (CSP)>>
* <<headers-hpkp,HTTP Public Key Pinning (HPKP)>>
* <<csrf-cookie,CookieCsrfTokenRepository>> provides simple AngularJS & CSRF integration
* Added `ForwardAuthenticationFailureHandler` & `ForwardAuthenticationSuccessHandler`
=== Authorization Improvements
* <<el-access-web-path-variables,Path Variables in Web Security Expressions>>
* <<method-security-meta-annotations,Method Security Meta Annotations>>
=== Crypto Module Improvements
* SCrypt support with `SCryptPasswordEncoder`
* PBKDF2 support with <<spring-security-crypto-passwordencoders,Pbkdf2PasswordEncoder>>
* Meta Annotation Support
** <<test-method-meta-annotations,Test Meta Annotations>>
** <<method-security-meta-annotations,Method Security Meta Annotations>>
* New `BytesEncryptor` implementation for BouncyCastle using _AES/CBC/PKCS5Padding_ and _AES/GCM/NoPadding_ algorithms
=== Testing Improvements
* <<test-method-withanonymoususer,@WithAnonymousUser>>
* <<test-method-withuserdetails,@WithUserDetails>> allows specifying the `UserDetailsService` bean name
* <<jc-authentication-userdetailsservice,Simplified UserDetailsService Java Configuration>>
* <<jc-authentication-authenticationprovider,Simplified AuthenticationProvider Java Configuration>>
* Moved to GitHub issues
* <<test-method-meta-annotations,Test Meta Annotations>>
* Ability to mock a list of `GrantedAuthority` using `SecurityMockMvcResultMatchers.withAuthorities`
=== General Improvements
* Re-organization of sample projects
* Moved to GitHub issues
[[jc]]
== Java Configuration