Spring Security OAuth 2.0.6.RELEASE 发布,此版本是个 bug 修复,建议 2.0.5 用户尽快升级。此版本仅包括一个关键的 bug 修复:JWT 用户刷新 tokens 的问题。同时还修复了一些用户发现的重定向 URLs 双重解码的问题。值得关注的特性如下:
(Much requested) ability to have non-expiring refresh tokens with no customizations (just set the validity period to zero or less)
The /token endpoint only accepts POST requests by default
Resource servers do not accept cookie based authentication by default (you have to switch it on)
Resource server configuration has a few new options including the ability to inject custom error handlers
更多内容请看发行说明。
Spring Security的OAuth插件,同时提供了OAuth客户端(consumer)和服务器端(provider)的实现,支持OAuth1(a)和OAuth2。
软件详情:http://spring.io/blog/2015/02/02/spring-security-oauth-2-0-6-release-available-now
下载地址:https://github.com/spring-projects/spring-security-oauth/wiki
来自:开源中国社区
