You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Support the Reactive Stack with Ltpa2AuthConverter and Ltpa2AuthManager
check the README for the details
Emit a warning when allowExpiredToken is enabled.
Breaking
Spring Security 5.1 is at least required
Ltpa2Filter will now return FORBIDDEN instead of UNAUTHORIZED when there was a problem with the token or the user was not found.
This corresponds more to the HTTP specification and matches the default behavior when no token was given at all.
The dependencies on Spring Security and slf4j-api are no longer optional - only reactor-core is optional as it is only required for the reactive stack.
