Update to Spring Security 4.2.0

Fixes gh-662

samples/httpsession-redis-json/build.gradle

@@ -19,15 +19,15 @@ ext {
     assertjVersion = "2.4.0"
 }
 
+ext['spring-security.version'] = springSecurityVersion
+
 dependencies {
     compile project(':spring-session'),
             "org.springframework.boot:spring-boot-starter-redis",
             "org.springframework.boot:spring-boot-starter-web",
             "org.springframework.boot:spring-boot-starter-thymeleaf",
+            "org.springframework.boot:spring-boot-starter-security",
             "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect",
-            "org.springframework.security:spring-security-web:$springSecurityVersion",
-            "org.springframework.security:spring-security-core:$springSecurityVersion",
-            "org.springframework.security:spring-security-config:$springSecurityVersion",
             "org.apache.httpcomponents:httpclient"
 
     testCompile "org.springframework.boot:spring-boot-starter-test",

samples/httpsession-redis-json/src/main/java/sample/config/SessionConfig.java

@@ -22,7 +22,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
 import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
 import org.springframework.data.redis.serializer.RedisSerializer;
-import org.springframework.security.jackson2.SecurityJacksonModules;
+import org.springframework.security.jackson2.SecurityJackson2Modules;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 
 /**
@@ -51,7 +51,7 @@ public class SessionConfig implements BeanClassLoaderAware {
 	 */
 	ObjectMapper objectMapper() {
 		ObjectMapper mapper = new ObjectMapper();
-		mapper.registerModules(SecurityJacksonModules.getModules(this.loader));
+		mapper.registerModules(SecurityJackson2Modules.getModules(this.loader));
 		return mapper;
 	}