Release Notes / Version 12.2404
Table Of Contents
Updated Spring Security to a version higher than 6.3.1 or 6.2.5 (see
dependency updates for the concrete version). In that course the beans
'unauthenticatedRequestMatcher' and 'csrfIgnoringRequestMatcher' of
type
org.springframework.security.web.util.matcher.RequestMatcher
have been replaced by beans of type
List<RequestMatcher>
named
'unauthenticatedRequestMatchers' and 'csrfIgnoringRequestMatchers'
respectively. This change is only breaking for projects which have
customized one of these two matcher beans. These projects must now
customize the new list beans instead.
(CMS-25278)