What’s New in Spring Security 6.3

Spring Security 6.3 提供了许多新功能。以下是该版本的要点。

Spring Security 6.3 provides a number of new features. Below are the highlights of the release.

General

  • blog post - 添加被动 JDK 序列化/反序列化,实现无缝升级

  • blog post - Added Passive JDK Serialization/Deserialization for Seamless Upgrades

Authorization

  • gh-14596 - docs - 为方法安全性添加程序代理支持

  • gh-14596 - docs - Add Programmatic Proxy Support for Method Security

Configuration

CAS

  • gh-14193 - 添加对 CAS Gateway 身份验证的支持

  • gh-14193 - Added support for CAS Gateway Authentication

Crypto

  • gh-14202 - 将 spring-security-rsa 迁移到 spring-security-crypto

  • gh-14202 - Migrated spring-security-rsa into spring-security-crypto

OAuth2

  • gh-13259 - 自定义调用 UserInfo 的时间

  • gh-13259 - Customize when UserInfo is called

  • gh-14168 - 在 OAuth2AuthorizationRequestRedirectFilter 中引入可自定义的 AuthorizationFailureHandler

  • gh-14168 - Introduce Customizable AuthorizationFailureHandler in OAuth2AuthorizationRequestRedirectFilter

  • gh-5199gh-14701 - 添加对 OAuth 2.0 令牌交换授权的支持

  • gh-5199, gh-14701 - Add support for OAuth 2.0 Token Exchange Grant

  • gh-14672 - 自定义 OidcUserRequest 和 OidcUserInfo 中的 OidcUser 映射

  • gh-14672 - Customize mapping the OidcUser from OidcUserRequest and OidcUserInfo

Documentation