2. What’s new in Spring Security 3.2

2. What’s new in Spring Security 3.2
Prev	Part II. Getting Started	Next

There are 150+ tickets resolved with the Spring Security 3.2 release. Below are the highlights of the new features found in Spring Security 3.2.

Java Configuration Support
Cross Site Request Forgery (CSRF) Protection
Click Jacking Protection
Chapter 15, Security HTTP Response Headers
Optional Spring MVC Integration
- Automatic Resolving Authentication.getPrincipal() with Section 31.2, “@AuthenticationPrincipal”
- Automatic Spring MVC Async integration
- Section 31.4, “Spring MVC and CSRF Integration”
Chapter 30, Concurrency Support
Section 11.2, “Servlet 3+ Integration” and Section 11.3, “Servlet 3.1+ Integration”
Extended ability to resolve method parameter names to assist with Method based security
- Support for standard JDK 8 reflection
- Support for annotation based resolution
- Enables resolving parameter names on interfaces
- Automatic integration with Spring Data’s @Param tag
Additional RequestMatcher implementations
- MediaTypeRequestMatcher - allows matching requests using content negotiation.
- OrRequestMatcher - allows passing in multiple RequestMatcher instances into the contructor. If a single one returns true, then the result is true.
- AndRequestMatcher - allows passing in multiple RequestMatcher instances into the contructor. If a all of them return true, then the result is true.
- NegatedRequestMatcher - allows padding in a RequestMatcher instance. If the result of the delegate is false, the result is true.
DebugFilter now outputs request headers
Documentation
- Started creating task focussed guides
- 10+ Spring Security Samples added
- Converted all documentation to Asciidoctor
Sonar integration for the build

Prev	Up	Next
1. Introduction	Home	3. Java Configuration