Release Notes - Spring Security - Version 3.2.3 - HTML format

Bug

  • [SEC-2518] - UserDetailsService javadoc repeats "insensitive"
  • [SEC-2531] - IllegalAccessError: $Proxy95 cannot access its superinterface AuthenticationConfiguration$LazyBean
  • [SEC-2533] - Global AuthenticationManagerBuilder#eraseCredentials=false does not work

Improvement

  • [SEC-2498] - The last accessed page (before the login form) is not saved when CSRF is disabled
  • [SEC-2519] - RememberMeAuthenticationException supports root cause

Defect

  • [SEC-2177] - DefaultRedirectStrategy could be less vulnerable to open redirect phishing attacks

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.