Merge branch '6.4.x'

config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java

@@ -116,8 +116,11 @@ import org.springframework.security.oauth2.server.resource.authentication.Bearer
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal;
+import org.springframework.security.saml2.Saml2Exception;
+import org.springframework.security.saml2.core.Saml2Error;
 import org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal;
 import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
+import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException;
 import org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest;
 import org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest;
 import org.springframework.security.saml2.provider.service.authentication.TestSaml2Authentications;
@@ -301,6 +304,10 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new LdapAuthority("USER", "username", Map.of("attribute", List.of("value1", "value2"))));
 
 		// saml2-service-provider
+		generatorByClassName.put(Saml2AuthenticationException.class,
+				(r) -> new Saml2AuthenticationException(new Saml2Error("code", "descirption"), "message",
+						new IOException("fail")));
+		generatorByClassName.put(Saml2Exception.class, (r) -> new Saml2Exception("message", new IOException("fail")));
 		generatorByClassName.put(DefaultSaml2AuthenticatedPrincipal.class,
 				(r) -> TestSaml2Authentications.authentication().getPrincipal());
 		generatorByClassName.put(Saml2Authentication.class,

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/Saml2Exception.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,11 +16,16 @@
 
 package org.springframework.security.saml2;
 
+import java.io.Serial;
+
 /**
  * @since 5.2
  */
 public class Saml2Exception extends RuntimeException {
 
+	@Serial
+	private static final long serialVersionUID = 6076252564189633016L;
+
 	public Saml2Exception(String message) {
 		super(message);
 	}

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationException.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.saml2.provider.service.authentication;
 
+import java.io.Serial;
+
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.saml2.core.Saml2Error;
@@ -40,6 +42,9 @@ import org.springframework.util.Assert;
  */
 public class Saml2AuthenticationException extends AuthenticationException {
 
+	@Serial
+	private static final long serialVersionUID = -2996886630890949105L;
+
 	private final Saml2Error error;
 
 	/**