From 1d9b5e95242752ad25e270379da72635c28c0768 Mon Sep 17 00:00:00 2001
From: sephiroth-j <23166289+sephiroth-j@users.noreply.github.com>
Date: Thu, 24 Nov 2022 20:03:06 +0100
Subject: [PATCH] prepare release v2.0

---
 CHANGELOG.md |  7 ++++++-
 README.md    | 16 ++++++++++++----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index df75a7b..81507c8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,8 +2,13 @@
 
 ## Unreleased
 ### ⚠ Breaking
+### ⭐ New Features
+### 🐞 Bugs Fixed
+
+## v2.0.0 - 2022-??-??
+### ⚠ Breaking
 - requires Spring Security 6.0+
-- requires Jakarta Servlet™ 5.0 / Jakarta EE 9+ (`jakarta.*` Namespace)
+- requires Jakarta Servlet™ 6.0 / Jakarta EE 9+ (`jakarta.*` Namespace)
 - requires Java 17+
 
 ### ⭐ New Features
diff --git a/README.md b/README.md
index 020466d..1b65b2b 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,12 @@ curl -i -b "My-Auth-Cookie=<token-value>" http://localhost:8080/hello
 
 An absolute minimum requirement for configuration are the shared secret key needed for decrypting the token and, in order to verify its signature, the public key from the identity provider that created the token.
 
+## Version Compatibility Matrix
+Spring Security LTPA2 | Spring Security | Java
+--------------------- | --------------- | ----
+2.0.x (current) | 6.x | 17+
+1.1.x | 5.x | 8+
+
 ## Usage
 Checkout the [servlet sample project](https://github.com/sephiroth-j/spring-security-ltpa2-sample) or [reactive sample project](https://github.com/sephiroth-j/spring-security-ltpa2-reactive-sample) for a complete example.
 
@@ -40,7 +46,7 @@ Add the library as an dependency together with your Spring Security dependencies
 	<dependency>
 		<groupId>de.sephiroth-j</groupId>
 		<artifactId>spring-security-ltpa2</artifactId>
-		<version>[1.0.0,)</version>
+		<version>[2.0.0,)</version>
 	</dependency>
 </dependencies>
 
@@ -67,9 +73,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter
 	protected void configure(HttpSecurity http) throws Exception
 	{
 		http
-			.authorizeRequests()
-				.antMatchers("/", "/home").permitAll()
-				.antMatchers("/hello").hasRole("USER")
+			.authorizeHttpRequests()
+				.requestMatchers("/", "/home").permitAll()
+				.requestMatchers("/hello").hasRole("DEVELOPERS")
+				// all other require any authentication
+				.anyRequest().authenticated()
 				.and()
 			// configure LTPA2 Support
 			.apply(new Ltpa2Configurer())