Release Notes / Version 11.2310
Table Of ContentsHome Directories of inactive Users
When an external (LDAP) user was deactivated, his home folder remained
untouched. When a new user with the same name and domain appeared, he
took over the existing home folder by name match, including any
content of the deactivated user. This is not appropriate with respect
to data privacy. Moreover, it is awkward if system documents like
EditorPreferences are still checked-out by the
deactivated user and thus cannot be modified by the new user.
Follow Section, “Home Directories of inactive Users” for upgrade information.
(CMS-22471)
Replaced deprecated WebSecurityConfigurerAdapter
With the update to Spring Boot 2.7 and Spring Security 5.8, the
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
is now deprecated. Hence, the
com.coremedia.springframework.component.security.EditingRestSecurityAutoConfiguration
has been migrated regarding to the Spring Boot 2.7 migration
documentation. The migrated configuration now:
is a standard auto-configuration class that doesn't extend the
WebSecurityConfigurerAdapteranymore.creates the
AuthenticationManagerbean.creates the
SecurityFilterChainbean.
Follow Section, “Replaced deprecated WebSecurityConfigurerAdapter” for upgrade information.
(CMS-22460)
