Release Notes - Spring Security - Version 3.1.4 - HTML format

Bug

  • [SEC-2069] - Reference - FilterSecurityMetadataSource instead of FilterInvocationSecurityMetadataSource
  • [SEC-2072] - <security:anonymous> no longer supports multiple authories
  • [SEC-2074] - Injection of MethodSecurityMetadataSource through XML
  • [SEC-2084] - NullPointerException for intercept-url without specified method
  • [SEC-2133] - intercept-url@requires-channel ChannelAuthenticationFilter
  • [SEC-2138] - RoleHierarchyVoter sample incorrectly ends with </class>
  • [SEC-2161] - <ldap-server> should select unique directory if one is not provided
  • [SEC-2162] - ApacheDSContainer should throw RuntimeException on failure to start

Defect

  • [SEC-2087] - GlobalMethodSecurityBeanDefinitionParser.AuthenticationManagerDelegator attempts to get a bean using the concrete implementation

Improvement

  • [SEC-2118] - Update Spring Security 3.1.x to work with Spring Framework 3.2.0 in a OSGI container

Task

  • [SEC-2147] - Deprecate .encoding.PasswordEncoder

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.