Fix Javadoc warnings in spring-security-web

* Use <code> tags for external references in DelegatingMissingAuthorityAccessDeniedHandler and SwitchUserWebFilter * Fix typo in SessionAuthenticationException * Apply javadoc-warnings-error plugin Closes gh-18468 Signed-off-by: rigu1 <dlsrbtla@gmail.com>
2026-01-17 11:56:48 +00:00 · 2026-01-10 16:02:05 +09:00 · 2026-01-10 16:02:05 +09:00 · 0a6883c586
commit 0a6883c586
parent c07a2e57bd
4 changed files with 6 additions and 6 deletions
--- a/web/spring-security-web.gradle
+++ b/web/spring-security-web.gradle
@ -1,5 +1,6 @@
 plugins {
 	id 'security-nullability'
+	id 'javadoc-warnings-error'
 }

 apply plugin: 'io.spring.convention.spring-module'
--- a/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java
+++ b/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java
@ -78,7 +78,7 @@ import org.springframework.util.Assert;
 * @since 7.0
 * @see AuthorizationDeniedException
 * @see AuthorityAuthorizationDecision
- * @see org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
+ * <code>org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer</code>
 */
 public final class DelegatingMissingAuthorityAccessDeniedHandler implements AccessDeniedHandler {

--- a/web/src/main/java/org/springframework/security/web/authentication/session/SessionAuthenticationException.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/session/SessionAuthenticationException.java
@ -22,14 +22,13 @@ import org.springframework.security.core.AuthenticationException;

 /**
 * Thrown by an {@link SessionAuthenticationStrategy} or
- * {@link ServerSessionAuthenticationStrategy} to indicate that an authentication object
- * is not valid for the current session, typically because the same user has exceeded the
- * number of sessions they are allowed to have concurrently.
+ * {@link SessionAuthenticationStrategy} to indicate that an authentication object is not
+ * valid for the current session, typically because the same user has exceeded the number
+ * of sessions they are allowed to have concurrently.
 *
 * @author Luke Taylor
 * @since 3.0
 * @see SessionAuthenticationStrategy
- * @see ServerSessionAuthenticationStrategy
 */
 public class SessionAuthenticationException extends AuthenticationException {

--- a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
@ -80,7 +80,7 @@ import org.springframework.web.server.WebFilterChain;
 * To configure the Switch User Processing Filter, create a bean definition for the Switch
 * User processing filter and add to the filterChainProxy. Note that the filter must come
 * <b>after</b> the
- * {@link org.springframework.security.config.web.server.SecurityWebFiltersOrder#AUTHORIZATION}
+ * <code>org.springframework.security.config.web.server.SecurityWebFiltersOrder#AUTHORIZATION</code>
 * in the chain, in order to apply the correct constraints to the <tt>switchUserUrl</tt>.
 * Example: <pre>
 * SwitchUserWebFilter filter = new SwitchUserWebFilter(userDetailsService, loginSuccessHandler, failureHandler);