diff --git a/docs/manual/src/docbook/appendix-namespace.xml b/docs/manual/src/docbook/appendix-namespace.xml
index 938cb7c5b9..8584b8ad66 100644
--- a/docs/manual/src/docbook/appendix-namespace.xml
+++ b/docs/manual/src/docbook/appendix-namespace.xml
@@ -456,15 +456,14 @@
element somewhere. It is responsible for registering the
AuthenticationManager which provides authentication
services to the application. It also allows you to define an alias name for the internal
- instance for use in your own configuration. Its use is described in the namespace introduction. All elements which create
+ instance for use in your own configuration. Its use is described in the
+ namespace introduction. All elements which create
AuthenticationProvider instances should be children of this
element.
The <literal><authentication-provider></literal> Element
- This element is basically a shorthand syntax for configuring a DaoAuthenticationProvider.
+ Unless used with a ref attribute, this element is shorthand for configuring a
+ DaoAuthenticationProvider.
DaoAuthenticationProvider loads user information from a
UserDetailsService and compares the username/password
combination with the values supplied at login. The
diff --git a/docs/manual/src/docbook/channel-security.xml b/docs/manual/src/docbook/channel-security.xml
index 02f5756aff..7adeac9e55 100644
--- a/docs/manual/src/docbook/channel-security.xml
+++ b/docs/manual/src/docbook/channel-security.xml
@@ -56,7 +56,7 @@
+ class="org.springframework.security.web.access.channel.ChannelDecisionManagerImpl">
@@ -66,9 +66,9 @@
+ class="org.springframework.security.web.access.channel.SecureChannelProcessor"/>
]]>
+ class="org.springframework.security.web.access.channel.InsecureChannelProcessor"/>]]>
Like FilterSecurityInterceptor, Apache Ant style paths are also
supported by the ChannelProcessingFilter.
diff --git a/docs/manual/src/docbook/core-filters.xml b/docs/manual/src/docbook/core-filters.xml
index 0b3b0c57ef..2047d9be24 100644
--- a/docs/manual/src/docbook/core-filters.xml
+++ b/docs/manual/src/docbook/core-filters.xml
@@ -16,7 +16,7 @@
ExceptionTranslationFilter. A typical configuration example
is shown below:
+ class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
@@ -54,8 +54,9 @@
interface which subclasses SecurityMetadataSource. It
simply denotes the SecurityMetadataSource understands
FilterInvocations. In the interests of simplicity we'll
- continue to refer to the FilterInvocationSecurityMetadataSource
- as a SecurityMetadataSource, as the distinction is of
+ continue to refer to the
+ FilterInvocationSecurityMetadataSource as a
+ SecurityMetadataSource, as the distinction is of
little relevance to most users.The SecurityMetadataSource created by the namespace
syntax obtains the configuration attributes for a particular
@@ -69,7 +70,7 @@
be written as follows:
+ class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
@@ -246,8 +247,9 @@ class="org.springframework.security.web.context.SecurityContextPersistenceFilter
was called AuthenticationProcessingFilterEntryPoint.
Since the framework now supports many different forms of authentication, they
have both been given more specific names in 3.0.
- . It also provides the implementation used by the <form-login> element
- from the namespace. There are three stages required to configure it.
+ . It also provides the implementation used by the
+ <form-login> element from the namespace. There are three
+ stages required to configure it. Configure a LoginUrlAuthenticationEntryPoint with
the URL of the login page, just as we did above, and set it on the
@@ -298,8 +300,8 @@ class="org.springframework.security.web.context.SecurityContextPersistenceFilter
If authentication is successful, the resulting
Authentication object will be placed into the
SecurityContextHolder. The configured
- AuthenticationSuccessHandler will then be called to either redirect or forward the
- user to the appropriate destination. By default a
+ AuthenticationSuccessHandler will then be called
+ to either redirect or forward the user to the appropriate destination. By default a
SavedRequestAwareAuthenticationSuccessHandler is used,
which means that the user will be redirected to the original destination they
requested before they were asked to login.
diff --git a/docs/manual/src/docbook/secured-objects.xml b/docs/manual/src/docbook/secured-objects.xml
index dd2fe56183..eca66bc55f 100644
--- a/docs/manual/src/docbook/secured-objects.xml
+++ b/docs/manual/src/docbook/secured-objects.xml
@@ -86,8 +86,8 @@
package org.springframework.security.samples.aspectj;
-import org.springframework.security.intercept.aspectj.AspectJSecurityInterceptor;
-import org.springframework.security.intercept.aspectj.AspectJCallback;
+import org.springframework.security.access.intercept.aspectj.AspectJSecurityInterceptor;
+import org.springframework.security.access.intercept.aspectj.AspectJCallback;
import org.springframework.beans.factory.InitializingBean;
public aspect DomainObjectInstanceSecurityAspect implements InitializingBean {
@@ -138,7 +138,7 @@ public aspect DomainObjectInstanceSecurityAspect implements InitializingBean {
shown below:
]]>
diff --git a/docs/manual/src/docbook/session-mgmt.xml b/docs/manual/src/docbook/session-mgmt.xml
index d73c3453e3..0344a5f8a4 100644
--- a/docs/manual/src/docbook/session-mgmt.xml
+++ b/docs/manual/src/docbook/session-mgmt.xml
@@ -44,13 +44,13 @@
+ class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
...
+ class="org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy">