Bump spring.security.version from 4.1.1.RELEASE to 5.2.0.RELEASE

Bumps spring.security.version from 4.1.1.RELEASE to 5.2.0.RELEASE.

Updates spring-security-web from 4.1.1.RELEASE to 5.2.0.RELEASE

Release notes

*Sourced from [spring-security-web's releases](https://github.com/spring-projects/spring-security/releases).* > ## 5.2.0.RELEASE > ## :star: New Features > > - Add Hello RSocket Sample [#7504](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7504) > - Add RSocket Reference [#7502](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7502) > - CookieServerCsrfRepositoryTests should not start domain with a dot [#7500](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7500) > - Add OAuth2 Resource Server to Modules Section [#7498](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7498) > - Initial saml2 login docs [#7495](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7495) > - SAML 2 Assertion - Always require signature validation [#7490](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7490) > - Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver [#7488](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7488) > - CurrentSecurityContextArgumentResolver polishes [#7487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7487) > - Add ClientRegistration.withClientRegistration(ClientRegistration) [#7486](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7486) > - Add hasAuthority method to RSocketSecurity [#7478](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7478) > - Align Servlet ExchangeFilterFunction CoreSubscriber [#7476](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7476) > - WebFluxSecurityConfiguration does not configure oauth2Client [#7470](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7470) > - Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec [#7467](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7467) > - Add ability to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec [#7466](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7466) > - Document Clear-Site-Data Support [#7463](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7463) > - Document RFC 8414 Support [#7462](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7462) > - Document Bearer Token Propagation [#7461](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7461) > - Document Reactive Mock Jwt Testing [#7460](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7460) > - Fixed typo in comment [#7458](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7458) > - Use Schedulers.boundedElastic() [#7457](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7457) > - AbstractUserDetailsReactiveAuthenticationManager uses newParallel [#7456](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7456) > - Add hasAnyAuthority method in AuthorizePayloadsSpec.Access [#7455](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7455) > - Add denyAll method in AuthorizePayloadsSpec.Access [#7451](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7451) > - AuthenticationFilter's methods should be private [#7447](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7447) > - AuthenticationFilter should provide session fixation protection [#7446](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7446) > - Use Jwt.Builder [#7443](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7443) > - Add AuthorizePayloadsSpec.Access denyAll, hasAnyRole, hasAnyAuthority [#7437](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7437) > - Add AuthorizePayloadsSpec.Access hasAuthority [#7435](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7435) > - Document Resource Server User-Info Usage [#7431](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7431) > - Document Reactive Opaque Token Usage [#7430](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7430) > - Document NimbusReactiveJwtDecoder [#7425](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7425) > - Document Mock Jwt Testing [#7424](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7424) > - Servlet ExchangeFilterFunctions should align [#7422](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7422) > - Document Opaque Token Usage [#7420](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7420) > - ServletBearerExchangeFilterFunction should propagate Authentication [#7418](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7418) > - Document NimbusJwtDecoder [#7408](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7408) > - Document Jwt.Builder [#7407](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7407) > - Document OAuth2AuthenticatedPrincipal [#7406](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7406) > - DefaultReactiveOAuth2AuthorizedClientManager should default ServerWebExchange [#7390](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7390) > - Make OAuth2User extends OAuth2AuthenticatedPrincipal [#7383](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7383) > - OAuth2User should extend OAuth2AuthenticatedPrincipal [#7378](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7378) > - SamlAuthenticationProvider should propagate actual validation errors [#7375](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7375) > - Add Reactive Messaging AuthenticationPrincipalArgumentResolver [#7363](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7363) > - Allow Custom PayloadInterceptor to be Added [#7362](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7362) > - Default RSocketSecurity [#7361](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7361) > - Add nonce to OIDC Authentication Request [#7337](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7337) > - Introduce LogoutSuccessEvent [#7306](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7306) > ... (truncated)

Commits

- [`b7d97ca`](https://github.com/spring-projects/spring-security/commit/b7d97ca077ef92a2eb750b56f7b2415e1e02ea01) Release 5.2.0.RELEASE - [`0d088b5`](https://github.com/spring-projects/spring-security/commit/0d088b581b1ac983c8f7700f619e779a40cdfc72) Allow milestone for Boot version - [`4113e79`](https://github.com/spring-projects/spring-security/commit/4113e79aa3e369602d9091130cf9a01c955a7507) Upgrade Spring Boot to 2.2.0.M6 - [`8c42526`](https://github.com/spring-projects/spring-security/commit/8c4252681e6190d84eb1b4acf87c9df1e225bb86) Upgrade rsocket to 1.0.0-RC5 without BOM - [`cdeeb27`](https://github.com/spring-projects/spring-security/commit/cdeeb27b51c38ae2607b51b946e05487bfa2bc46) Upgrade Spring Data to Lovelace-SR11 - [`9393017`](https://github.com/spring-projects/spring-security/commit/9393017e3f226da469fcbab23bee7a4b03b3612b) Upgrade Project Reactor to Dysprosium-RELEASE - [`09c29d2`](https://github.com/spring-projects/spring-security/commit/09c29d286a2e4a871749143afd2eafe082678c99) Upgrade Spring Framework to 5.2.0.RELEASE - [`b29106e`](https://github.com/spring-projects/spring-security/commit/b29106ea3116355fc121abd8fd57172177bb76e8) Use deamon thread for Schedulers.newParallel - [`1bf0e70`](https://github.com/spring-projects/spring-security/commit/1bf0e70bd0ee60adf81a56ccdfd957eb3fa7fc15) Revert "Dispose default Scheduler" - [`8bc3ad1`](https://github.com/spring-projects/spring-security/commit/8bc3ad16ef452760c8ff516e535471b08b786893) SAML 2 Login - Documentation - Additional commits viewable in [compare view](https://github.com/spring-projects/spring-security/compare/4.1.1.RELEASE...5.2.0.RELEASE)

Updates spring-security-core from 4.1.1.RELEASE to 5.2.0.RELEASE

Release notes

*Sourced from [spring-security-core's releases](https://github.com/spring-projects/spring-security/releases).* > ## 5.2.0.RELEASE > ## :star: New Features > > - Add Hello RSocket Sample [#7504](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7504) > - Add RSocket Reference [#7502](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7502) > - CookieServerCsrfRepositoryTests should not start domain with a dot [#7500](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7500) > - Add OAuth2 Resource Server to Modules Section [#7498](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7498) > - Initial saml2 login docs [#7495](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7495) > - SAML 2 Assertion - Always require signature validation [#7490](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7490) > - Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver [#7488](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7488) > - CurrentSecurityContextArgumentResolver polishes [#7487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7487) > - Add ClientRegistration.withClientRegistration(ClientRegistration) [#7486](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7486) > - Add hasAuthority method to RSocketSecurity [#7478](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7478) > - Align Servlet ExchangeFilterFunction CoreSubscriber [#7476](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7476) > - WebFluxSecurityConfiguration does not configure oauth2Client [#7470](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7470) > - Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec [#7467](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7467) > - Add ability to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec [#7466](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7466) > - Document Clear-Site-Data Support [#7463](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7463) > - Document RFC 8414 Support [#7462](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7462) > - Document Bearer Token Propagation [#7461](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7461) > - Document Reactive Mock Jwt Testing [#7460](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7460) > - Fixed typo in comment [#7458](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7458) > - Use Schedulers.boundedElastic() [#7457](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7457) > - AbstractUserDetailsReactiveAuthenticationManager uses newParallel [#7456](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7456) > - Add hasAnyAuthority method in AuthorizePayloadsSpec.Access [#7455](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7455) > - Add denyAll method in AuthorizePayloadsSpec.Access [#7451](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7451) > - AuthenticationFilter's methods should be private [#7447](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7447) > - AuthenticationFilter should provide session fixation protection [#7446](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7446) > - Use Jwt.Builder [#7443](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7443) > - Add AuthorizePayloadsSpec.Access denyAll, hasAnyRole, hasAnyAuthority [#7437](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7437) > - Add AuthorizePayloadsSpec.Access hasAuthority [#7435](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7435) > - Document Resource Server User-Info Usage [#7431](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7431) > - Document Reactive Opaque Token Usage [#7430](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7430) > - Document NimbusReactiveJwtDecoder [#7425](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7425) > - Document Mock Jwt Testing [#7424](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7424) > - Servlet ExchangeFilterFunctions should align [#7422](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7422) > - Document Opaque Token Usage [#7420](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7420) > - ServletBearerExchangeFilterFunction should propagate Authentication [#7418](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7418) > - Document NimbusJwtDecoder [#7408](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7408) > - Document Jwt.Builder [#7407](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7407) > - Document OAuth2AuthenticatedPrincipal [#7406](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7406) > - DefaultReactiveOAuth2AuthorizedClientManager should default ServerWebExchange [#7390](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7390) > - Make OAuth2User extends OAuth2AuthenticatedPrincipal [#7383](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7383) > - OAuth2User should extend OAuth2AuthenticatedPrincipal [#7378](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7378) > - SamlAuthenticationProvider should propagate actual validation errors [#7375](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7375) > - Add Reactive Messaging AuthenticationPrincipalArgumentResolver [#7363](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7363) > - Allow Custom PayloadInterceptor to be Added [#7362](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7362) > - Default RSocketSecurity [#7361](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7361) > - Add nonce to OIDC Authentication Request [#7337](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7337) > - Introduce LogoutSuccessEvent [#7306](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7306) > ... (truncated)

Commits

Updates spring-security-config from 4.1.1.RELEASE to 5.2.0.RELEASE

Release notes

*Sourced from [spring-security-config's releases](https://github.com/spring-projects/spring-security/releases).* > ## 5.2.0.RELEASE > ## :star: New Features > > - Add Hello RSocket Sample [#7504](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7504) > - Add RSocket Reference [#7502](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7502) > - CookieServerCsrfRepositoryTests should not start domain with a dot [#7500](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7500) > - Add OAuth2 Resource Server to Modules Section [#7498](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7498) > - Initial saml2 login docs [#7495](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7495) > - SAML 2 Assertion - Always require signature validation [#7490](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7490) > - Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver [#7488](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7488) > - CurrentSecurityContextArgumentResolver polishes [#7487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7487) > - Add ClientRegistration.withClientRegistration(ClientRegistration) [#7486](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7486) > - Add hasAuthority method to RSocketSecurity [#7478](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7478) > - Align Servlet ExchangeFilterFunction CoreSubscriber [#7476](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7476) > - WebFluxSecurityConfiguration does not configure oauth2Client [#7470](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7470) > - Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec [#7467](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7467) > - Add ability to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec [#7466](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7466) > - Document Clear-Site-Data Support [#7463](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7463) > - Document RFC 8414 Support [#7462](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7462) > - Document Bearer Token Propagation [#7461](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7461) > - Document Reactive Mock Jwt Testing [#7460](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7460) > - Fixed typo in comment [#7458](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7458) > - Use Schedulers.boundedElastic() [#7457](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7457) > - AbstractUserDetailsReactiveAuthenticationManager uses newParallel [#7456](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7456) > - Add hasAnyAuthority method in AuthorizePayloadsSpec.Access [#7455](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7455) > - Add denyAll method in AuthorizePayloadsSpec.Access [#7451](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7451) > - AuthenticationFilter's methods should be private [#7447](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7447) > - AuthenticationFilter should provide session fixation protection [#7446](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7446) > - Use Jwt.Builder [#7443](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7443) > - Add AuthorizePayloadsSpec.Access denyAll, hasAnyRole, hasAnyAuthority [#7437](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7437) > - Add AuthorizePayloadsSpec.Access hasAuthority [#7435](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7435) > - Document Resource Server User-Info Usage [#7431](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7431) > - Document Reactive Opaque Token Usage [#7430](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7430) > - Document NimbusReactiveJwtDecoder [#7425](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7425) > - Document Mock Jwt Testing [#7424](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7424) > - Servlet ExchangeFilterFunctions should align [#7422](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7422) > - Document Opaque Token Usage [#7420](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7420) > - ServletBearerExchangeFilterFunction should propagate Authentication [#7418](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7418) > - Document NimbusJwtDecoder [#7408](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7408) > - Document Jwt.Builder [#7407](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7407) > - Document OAuth2AuthenticatedPrincipal [#7406](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7406) > - DefaultReactiveOAuth2AuthorizedClientManager should default ServerWebExchange [#7390](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7390) > - Make OAuth2User extends OAuth2AuthenticatedPrincipal [#7383](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7383) > - OAuth2User should extend OAuth2AuthenticatedPrincipal [#7378](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7378) > - SamlAuthenticationProvider should propagate actual validation errors [#7375](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7375) > - Add Reactive Messaging AuthenticationPrincipalArgumentResolver [#7363](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7363) > - Allow Custom PayloadInterceptor to be Added [#7362](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7362) > - Default RSocketSecurity [#7361](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7361) > - Add nonce to OIDC Authentication Request [#7337](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7337) > - Introduce LogoutSuccessEvent [#7306](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7306) > ... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Scout24/yum-repo-server/network/alerts).

Scout24 / yum-repo-server

Bump spring.security.version from 4.1.1.RELEASE to 5.2.0.RELEASE #73