diff --git a/web/spring-security-web.gradle b/web/spring-security-web.gradle
index 40604b1a30..887966e47f 100644
--- a/web/spring-security-web.gradle
+++ b/web/spring-security-web.gradle
@@ -1,5 +1,6 @@
plugins {
id 'security-nullability'
+ id 'javadoc-warnings-error'
}
apply plugin: 'io.spring.convention.spring-module'
diff --git a/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java b/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java
index 5c110affc8..bfeac8c992 100644
--- a/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java
+++ b/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java
@@ -78,7 +78,7 @@ import org.springframework.util.Assert;
* @since 7.0
* @see AuthorizationDeniedException
* @see AuthorityAuthorizationDecision
- * @see org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
+ * org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
*/
public final class DelegatingMissingAuthorityAccessDeniedHandler implements AccessDeniedHandler {
diff --git a/web/src/main/java/org/springframework/security/web/authentication/session/SessionAuthenticationException.java b/web/src/main/java/org/springframework/security/web/authentication/session/SessionAuthenticationException.java
index ca78e2f8d3..eeb70ff370 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/session/SessionAuthenticationException.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/session/SessionAuthenticationException.java
@@ -22,14 +22,13 @@ import org.springframework.security.core.AuthenticationException;
/**
* Thrown by an {@link SessionAuthenticationStrategy} or
- * {@link ServerSessionAuthenticationStrategy} to indicate that an authentication object
- * is not valid for the current session, typically because the same user has exceeded the
- * number of sessions they are allowed to have concurrently.
+ * {@link SessionAuthenticationStrategy} to indicate that an authentication object is not
+ * valid for the current session, typically because the same user has exceeded the number
+ * of sessions they are allowed to have concurrently.
*
* @author Luke Taylor
* @since 3.0
* @see SessionAuthenticationStrategy
- * @see ServerSessionAuthenticationStrategy
*/
public class SessionAuthenticationException extends AuthenticationException {
diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
index 8a9554d083..62195b8b16 100644
--- a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
@@ -80,7 +80,7 @@ import org.springframework.web.server.WebFilterChain;
* To configure the Switch User Processing Filter, create a bean definition for the Switch
* User processing filter and add to the filterChainProxy. Note that the filter must come
* after the
- * {@link org.springframework.security.config.web.server.SecurityWebFiltersOrder#AUTHORIZATION}
+ * org.springframework.security.config.web.server.SecurityWebFiltersOrder#AUTHORIZATION
* in the chain, in order to apply the correct constraints to the switchUserUrl.
* Example:
* SwitchUserWebFilter filter = new SwitchUserWebFilter(userDetailsService, loginSuccessHandler, failureHandler);