Bump spring-security-version from 3.2.4.RELEASE to 5.2.1.RELEASE in /sco.percorsi-web

Bumps spring-security-version from 3.2.4.RELEASE to 5.2.1.RELEASE.

Updates spring-security-core from 3.2.4.RELEASE to 5.2.1.RELEASE

Release notes

*Sourced from [spring-security-core's releases](https://github.com/spring-projects/spring-security/releases).* > ## 5.2.1.RELEASE > ## :star: New Features > > - Fix variable reference in sample code [#7571](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7571) > - spring-security-saml2-service-provider impossible to use different format of assertionConsumerServiceUrlTemplate [#7565](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7565) > - Add Resource Server Multi-tenancy Documentation [#7532](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7532) > - Update SAML sample to use boot auto config [#7521](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7521) > - Add Reactive CSRF Documentation [#6487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/6487) > > ## :beetle: Bug Fixes > > - Restore Removed Throws Clauses [#7580](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7580) > - CsrfWebFilter should handle multipart/form-data [#7576](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7576) > - Make saveAuthorizedClient save the authorized client [#7551](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7551) > - DefaultReactiveOAuth2AuthorizedClientManager.saveAuthorizedClient does not save authorized client [#7546](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7546) > - `throws Exception` was removed from WebSecurityConfigurerAdapter#configure(WebSecurity) [#7541](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7541) > - SAML2 Provider SubjectConfirmation validation failure [#7514](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7514) > - SAML2 Provider AuthNRequest Hardcoded Protocol Binding [#7513](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7513) > - Clock skew to check access token expiration has wrong sign [#7511](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7511) > > ## :hammer: Dependency Upgrades > > - Upgrade to Spring Boot 2.2.0.RELEASE [#7566](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7566) > > ## :heart: Contributors > > We'd like to thank all the contributors who worked on this release! > > - [@fhanik](https://github.com/fhanik) > - [@mftruso](https://github.com/mftruso) > - [@jzheaux](https://github.com/jzheaux) > - [@philsttr](https://github.com/philsttr) > - [@rweisleder](https://github.com/rweisleder) > - [@ramonPires](https://github.com/ramonPires) > > ## 5.2.0.RELEASE > ## :star: New Features > > - Add Hello RSocket Sample [#7504](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7504) > - Add RSocket Reference [#7502](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7502) > - CookieServerCsrfRepositoryTests should not start domain with a dot [#7500](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7500) > - Add OAuth2 Resource Server to Modules Section [#7498](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7498) > - Initial saml2 login docs [#7495](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7495) > - SAML 2 Assertion - Always require signature validation [#7490](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7490) > - Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver [#7488](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7488) > - CurrentSecurityContextArgumentResolver polishes [#7487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7487) > - Add ClientRegistration.withClientRegistration(ClientRegistration) [#7486](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7486) > - Add hasAuthority method to RSocketSecurity [#7478](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7478) > - Align Servlet ExchangeFilterFunction CoreSubscriber [#7476](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7476) > - WebFluxSecurityConfiguration does not configure oauth2Client [#7470](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7470) > ... (truncated)

Commits

- [`8ce1ac3`](https://github.com/spring-projects/spring-security/commit/8ce1ac3ec51e38c8b67dfb54d3623a38d26e635c) Release 5.2.1.RELEASE - [`906a69b`](https://github.com/spring-projects/spring-security/commit/906a69b7cb552cee9aee5c94b57290a162df2534) Add Resource Server Multi-tenancy Docs - [`7b8dd79`](https://github.com/spring-projects/spring-security/commit/7b8dd79db2ce73e1c838b4e9c98e2763d133f959) Update to blockound 1.0.1.RELEASE - [`526e3fd`](https://github.com/spring-projects/spring-security/commit/526e3fd402996d6e57c614f0cf435c230e90f646) Update to hibernate-validator 6.1.0.Final - [`f340da8`](https://github.com/spring-projects/spring-security/commit/f340da88d4f902579967de6338cedb9c52b4b029) Update to hibernate-entitymanager 5.4.8.Final - [`7fdebf3`](https://github.com/spring-projects/spring-security/commit/7fdebf3f7ffe6575464bd12ff0cac13c8c3b4264) Update to Unbounded 4.0.12 - [`c091d6d`](https://github.com/spring-projects/spring-security/commit/c091d6ded44c2c6c947f25ea4dd8c833aa501e6b) Update to powermock 2.0.4 - [`036a3b9`](https://github.com/spring-projects/spring-security/commit/036a3b914b50e0b137a76aa932f2b4a2f87c26e9) Update to Bouncy Castle 1.64 - [`f7477b0`](https://github.com/spring-projects/spring-security/commit/f7477b02badd083af2bb858fdf25c667f906ed29) Update to Reactor Dysprosium-SR1 - [`4583cbc`](https://github.com/spring-projects/spring-security/commit/4583cbc3dd119134e524de65c1e68202f7cd4b15) Update to GAE 1.9.76 - Additional commits viewable in [compare view](https://github.com/spring-projects/spring-security/compare/3.2.4.RELEASE...5.2.1.RELEASE)

Updates spring-security-web from 3.2.4.RELEASE to 5.2.1.RELEASE

Release notes

*Sourced from [spring-security-web's releases](https://github.com/spring-projects/spring-security/releases).* > ## 5.2.1.RELEASE > ## :star: New Features > > - Fix variable reference in sample code [#7571](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7571) > - spring-security-saml2-service-provider impossible to use different format of assertionConsumerServiceUrlTemplate [#7565](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7565) > - Add Resource Server Multi-tenancy Documentation [#7532](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7532) > - Update SAML sample to use boot auto config [#7521](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7521) > - Add Reactive CSRF Documentation [#6487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/6487) > > ## :beetle: Bug Fixes > > - Restore Removed Throws Clauses [#7580](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7580) > - CsrfWebFilter should handle multipart/form-data [#7576](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7576) > - Make saveAuthorizedClient save the authorized client [#7551](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7551) > - DefaultReactiveOAuth2AuthorizedClientManager.saveAuthorizedClient does not save authorized client [#7546](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7546) > - `throws Exception` was removed from WebSecurityConfigurerAdapter#configure(WebSecurity) [#7541](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7541) > - SAML2 Provider SubjectConfirmation validation failure [#7514](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7514) > - SAML2 Provider AuthNRequest Hardcoded Protocol Binding [#7513](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7513) > - Clock skew to check access token expiration has wrong sign [#7511](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7511) > > ## :hammer: Dependency Upgrades > > - Upgrade to Spring Boot 2.2.0.RELEASE [#7566](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7566) > > ## :heart: Contributors > > We'd like to thank all the contributors who worked on this release! > > - [@fhanik](https://github.com/fhanik) > - [@mftruso](https://github.com/mftruso) > - [@jzheaux](https://github.com/jzheaux) > - [@philsttr](https://github.com/philsttr) > - [@rweisleder](https://github.com/rweisleder) > - [@ramonPires](https://github.com/ramonPires) > > ## 5.2.0.RELEASE > ## :star: New Features > > - Add Hello RSocket Sample [#7504](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7504) > - Add RSocket Reference [#7502](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7502) > - CookieServerCsrfRepositoryTests should not start domain with a dot [#7500](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7500) > - Add OAuth2 Resource Server to Modules Section [#7498](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7498) > - Initial saml2 login docs [#7495](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7495) > - SAML 2 Assertion - Always require signature validation [#7490](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7490) > - Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver [#7488](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7488) > - CurrentSecurityContextArgumentResolver polishes [#7487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7487) > - Add ClientRegistration.withClientRegistration(ClientRegistration) [#7486](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7486) > - Add hasAuthority method to RSocketSecurity [#7478](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7478) > - Align Servlet ExchangeFilterFunction CoreSubscriber [#7476](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7476) > - WebFluxSecurityConfiguration does not configure oauth2Client [#7470](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7470) > ... (truncated)

Commits

Updates spring-security-config from 3.2.4.RELEASE to 5.2.1.RELEASE

Release notes

*Sourced from [spring-security-config's releases](https://github.com/spring-projects/spring-security/releases).* > ## 5.2.1.RELEASE > ## :star: New Features > > - Fix variable reference in sample code [#7571](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7571) > - spring-security-saml2-service-provider impossible to use different format of assertionConsumerServiceUrlTemplate [#7565](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7565) > - Add Resource Server Multi-tenancy Documentation [#7532](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7532) > - Update SAML sample to use boot auto config [#7521](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7521) > - Add Reactive CSRF Documentation [#6487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/6487) > > ## :beetle: Bug Fixes > > - Restore Removed Throws Clauses [#7580](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7580) > - CsrfWebFilter should handle multipart/form-data [#7576](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7576) > - Make saveAuthorizedClient save the authorized client [#7551](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7551) > - DefaultReactiveOAuth2AuthorizedClientManager.saveAuthorizedClient does not save authorized client [#7546](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7546) > - `throws Exception` was removed from WebSecurityConfigurerAdapter#configure(WebSecurity) [#7541](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7541) > - SAML2 Provider SubjectConfirmation validation failure [#7514](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7514) > - SAML2 Provider AuthNRequest Hardcoded Protocol Binding [#7513](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7513) > - Clock skew to check access token expiration has wrong sign [#7511](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7511) > > ## :hammer: Dependency Upgrades > > - Upgrade to Spring Boot 2.2.0.RELEASE [#7566](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7566) > > ## :heart: Contributors > > We'd like to thank all the contributors who worked on this release! > > - [@fhanik](https://github.com/fhanik) > - [@mftruso](https://github.com/mftruso) > - [@jzheaux](https://github.com/jzheaux) > - [@philsttr](https://github.com/philsttr) > - [@rweisleder](https://github.com/rweisleder) > - [@ramonPires](https://github.com/ramonPires) > > ## 5.2.0.RELEASE > ## :star: New Features > > - Add Hello RSocket Sample [#7504](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7504) > - Add RSocket Reference [#7502](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7502) > - CookieServerCsrfRepositoryTests should not start domain with a dot [#7500](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7500) > - Add OAuth2 Resource Server to Modules Section [#7498](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7498) > - Initial saml2 login docs [#7495](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7495) > - SAML 2 Assertion - Always require signature validation [#7490](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7490) > - Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver [#7488](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7488) > - CurrentSecurityContextArgumentResolver polishes [#7487](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7487) > - Add ClientRegistration.withClientRegistration(ClientRegistration) [#7486](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7486) > - Add hasAuthority method to RSocketSecurity [#7478](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7478) > - Align Servlet ExchangeFilterFunction CoreSubscriber [#7476](https://github-redirect.dependabot.com/spring-projects/spring-security/pull/7476) > - WebFluxSecurityConfiguration does not configure oauth2Client [#7470](https://github-redirect.dependabot.com/spring-projects/spring-security/issues/7470) > ... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/smartcommunitylab/sco.percorsi/network/alerts).

smartcommunitylab / sco.percorsi

Bump spring-security-version from 3.2.4.RELEASE to 5.2.1.RELEASE in /sco.percorsi-web #67