Hey All,
Just wanted to bring to your attention PRs for GeoServer ( https://github.com/geoserver/geoserver/pull/6515 ) and GWC ( https://github.com/GeoWebCache/geowebcache/pull/1111 ) that update Spring Core from 5.2.22 to 5.3.23 and Spring Security from 5.1.13 to 5.7.3.
These upgrades introduce changes and/or deprecations in a number of areas including:
Spring MVC Content Negotiation
ContentNegotiationConfigurer.favorPathExtension is deprecated (and no longer the default configuration) because Spring wants to discourage extensions in paths. Removing extensions would cause GeoServer REST API backwards compatibility issues that will have to be addressed in the future. For now, we are suppressing the deprecation warning and turning on this configuration option.Spring MVC returned Mimetypes now include the charset.
This change breaks many GeoServer tests. The solution is that we introduced a GeoServerSystemTestSupport method to parse the mimetype, returning only the base.Servlet API updated to 3.1
For ServletOutputStream and ServletInputStream implementations we had to add support for non-blocking IO calls.
SecurityContextPersistenceFilter is deprecated
Spring deprecated this because it is inflexible about the timing of when the context was saved. We replaced it with a OncePerRequestFilter that saves the context after GeoServer specific request attribute changes are made.
Serialized RMI invocation is deprecated
Geofence integration uses serialized RMI invocation. For now, we are suppressing the deprecation warning. This will have to be addressed in the future in the Geofence project and in the GeoServer extension.
Joe Miller