Spring Security 3.2.0.RC1（Release Candidate 1）是 Spring Security 框架在 2013 年底发布的候选版本

Spring Security 3.2.0.RC1Release Candidate 1是 Spring Security 框架在 2013 年底发布的候选版本标志着 3.2.x 系列的初步稳定。该版本引入了多项重要改进与新特性包括Java Config 支持增强进一步完善基于 Java 的安全配置EnableWebSecurity、WebSecurityConfigurerAdapter减少对 XML 配置的依赖CSRF 防护默认启用在基于表单的 Web 安全配置中默认开启 CSRF 保护需前端配合提交_csrftokenOAuth2 支持雏形初步集成 OAuth2 资源服务器和客户端支持后续在 3.2.0.RELEASE 及更高版本中逐步完善Servlet 3.0 特性深度整合如异步请求安全上下文传播、HttpServletRequest#login()/logout()支持方法级安全增强PreAuthorize、PostAuthorize等注解支持 SpEL 表达式更灵活的权限判断Bug 修复与稳定性提升修复了 3.1.x 中若干并发安全上下文传播、Remember-Me 和 ACL 相关问题。⚠️ 注意RC1 属于预发布版本不建议用于生产环境正式版 Spring Security 3.2.0.RELEASE 发布于 2014 年 2 月。!-- Maven 依赖示例仅作历史参考当前已严重过时 --dependencygroupIdorg.springframework.security/groupIdartifactIdspring-security-web/artifactIdversion3.2.0.RC1/version/dependencySpring Security 3.2.0.RC1 ReleasedSpring Security 3.2.0.RC1 is now available from the SpringSource repository at http://repo.springsource.org. See here for a quick tutorial on resolving these artifacts via Maven.This release includes tons of updates and fixes. The highlights include:Polishing of Spring Security Java ConfigurationUses content negotiation to determine how to prompt user for authentication when multiple authentication mechanisms (i.e. HTTP Basic and Form login) enabledAbstractSecurityWebApplicationInitializer allows registering Java Configuration directlyA number of bugs fixedCSRF protection and automatic integration with Spring Web MVC jsp tagsAutomatic cache control supportDefence against Clickjacking attacksHTTP Strict Transport Security support to reduce Man in the Middle attacksSamples include pom.xml so they can be imported as Maven projectsMediaTypeRequestMatcher for matching on requests with content negotiationOver ten java configuration samples have been integrated into the samples directoryThree new guides that walk users through samples and provide detailed instructions on how to do specific tasks. More of these guides will follow in coming releasesRefer to Spring Security 3.2.0.RC1 preview for more details about this release.SpringOne2GXTo learn about all the new features within Spring Security 3.2 attend my Getting Started with Spring Security 3.2 presentation at SpringOne2GX September 9-12, 2013. If you haven’t already gotten your tickets, do so now before its too late!