rg "xref:\S+?#\S+\[\]" docs/modules -l -g "*.adoc" | while read adoc_file_to_replace; do

echo "Replacing $adoc_file_to_replace"
  for id_file in build/ids/*.id; do
    id=$(basename $id_file | sed 's/\.id$//')
    xref_page=$(cat $id_file)
    if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
    then
      echo "  - Skipping same page refid $id "
    else
      text_file=$(echo $id_file | sed 's/\.id$/.text/')
      default_text=$(cat $text_file)
      sed -i -E "s%xref:${xref_page}#${id}\[\]%xref:${xref_page}#${id}[$default_text]%g" $adoc_file_to_replace
    fi
  done
done

docs/modules/ROOT/pages/overview/getting-spring-security.adoc

@@ -2,7 +2,7 @@
 = Getting Spring Security
 
 This section discusses all you need to know about getting the Spring Security binaries.
-See xref:overview/community.adoc#community-source[] for how to obtain the source code.
+See xref:overview/community.adoc#community-source[Source Code] for how to obtain the source code.
 
 == Release Numbering
 
@@ -72,7 +72,7 @@ You can do so by adding a Maven property, as the following example shows:
 ----
 ====
 
-If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[].
+If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[Project Modules and Dependencies].
 
 [[getting-maven-no-boot]]
 === Maven Without Spring Boot
@@ -118,7 +118,7 @@ A minimal Spring Security Maven set of dependencies typically looks like the fol
 ----
 ====
 
-If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[].
+If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[Project Modules and Dependencies].
 
 Spring Security builds against Spring Framework {spring-core-version} but should generally work with any newer version of Spring Framework 5.x.
 Many users are likely to run afoul of the fact that Spring Security's transitive dependencies resolve Spring Framework {spring-core-version}, which can cause strange classpath problems.
@@ -236,7 +236,7 @@ ext['spring.version']='{spring-core-version}'
 ----
 ====
 
-If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[].
+If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[Project Modules and Dependencies].
 
 === Gradle Without Spring Boot
 
@@ -274,7 +274,7 @@ dependencies {
 ----
 ====
 
-If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[].
+If you use additional features (such as LDAP, OpenID, and others), you need to also include the appropriate xref:overview/modules.adoc#modules[Project Modules and Dependencies].
 
 Spring Security builds against Spring Framework {spring-core-version} but should generally work with any newer version of Spring Framework 5.x.
 Many users are likely to run afoul of the fact that Spring Security's transitive dependencies resolve Spring Framework {spring-core-version}, which can cause strange classpath problems.

docs/modules/ROOT/pages/reactive/exploits/csrf.adoc

@@ -272,7 +272,7 @@ An example of doing this with Thymeleaf is shown below:
 == CSRF Considerations
 There are a few special considerations to consider when implementing protection against CSRF attacks.
 This section discusses those considerations as it pertains to WebFlux environments.
-Refer to xref:overview/features/exploits/csrf.adoc#csrf-considerations[] for a more general discussion.
+Refer to xref:overview/features/exploits/csrf.adoc#csrf-considerations[CSRF Considerations] for a more general discussion.
 
 
 [[webflux-considerations-csrf-login]]

docs/modules/ROOT/pages/reactive/index.adoc

@@ -1,4 +1,4 @@
 = Reactive Applications
 
-Reactive applications work very differently than xref:servlet/index.adoc#servlet-applications[].
+Reactive applications work very differently than xref:servlet/index.adoc#servlet-applications[Servlet Applications].
 This section discusses how Spring Security works with reactive applications which are typically written using Spring's WebFlux.

docs/modules/ROOT/pages/reactive/method.adoc

@@ -162,7 +162,7 @@ It is important to note that any of the expressions in standard method security
 However, at this time we only support return type of `Boolean` or `boolean` of the expression.
 This means that the expression must not block.
 
-When integrating with xref:reactive/webflux.adoc#jc-webflux[], the Reactor Context is automatically established by Spring Security according to the authenticated user.
+When integrating with xref:reactive/webflux.adoc#jc-webflux[WebFlux Security], the Reactor Context is automatically established by Spring Security according to the authenticated user.
 
 ====
 .Java

docs/modules/ROOT/pages/reactive/test.adoc

@@ -4,7 +4,7 @@
 [[test-erms]]
 == Testing Reactive Method Security
 
-For example, we can test our example from xref:reactive/method.adoc#jc-erms[] using the same setup and annotations we did in xref:servlet/test/method.adoc#test-method[].
+For example, we can test our example from xref:reactive/method.adoc#jc-erms[EnableReactiveMethodSecurity] using the same setup and annotations we did in xref:servlet/test/method.adoc#test-method[Testing Method Security].
 Here is a minimal sample of what we can do:
 
 ====

docs/modules/ROOT/pages/servlet/appendix/namespace.adoc

@@ -1616,7 +1616,7 @@ By default, an instance of `PortMapperImpl` will be added to the configuration f
 This element can optionally be used to override the default mappings which that class defines.
 Each child `<port-mapping>` element defines a pair of HTTP:HTTPS ports.
 The default mappings are 80:443 and 8080:8443.
-An example of overriding these can be found in xref:servlet/exploits/http.adoc#servlet-http-redirect[].
+An example of overriding these can be found in xref:servlet/exploits/http.adoc#servlet-http-redirect[Redirect to HTTPS].
 
 
 [[nsa-port-mappings-parents]]
@@ -2278,7 +2278,7 @@ select username, password, enabled from users where username = ?
 
 [[nsa-password-encoder]]
 === <password-encoder>
-Authentication providers can optionally be configured to use a password encoder as described in the xref:overview/features/authentication/password-storage.adoc#authentication-password-storage[].
+Authentication providers can optionally be configured to use a password encoder as described in the xref:overview/features/authentication/password-storage.adoc#authentication-password-storage[Password Storage].
 This will result in the bean being injected with the appropriate `PasswordEncoder` instance.
 
 

docs/modules/ROOT/pages/servlet/architecture/index.adoc

@@ -3,7 +3,7 @@
 :figures: servlet/architecture
 
 This section discusses Spring Security's high level architecture within Servlet based applications.
-We build on this high level understanding within xref:servlet/authentication/index.adoc#servlet-authentication[], xref:servlet/authorization/index.adoc#servlet-authorization[], xref:servlet/exploits/index.adoc#servlet-exploits[] sections of the reference.
+We build on this high level understanding within xref:servlet/authentication/index.adoc#servlet-authentication[Authentication], xref:servlet/authorization/index.adoc#servlet-authorization[Authorization], xref:servlet/exploits/index.adoc#servlet-exploits[Protection Against Exploits] sections of the reference.
 // FIXME: Add links to other sections of architecture
 
 [[servlet-filters-review]]
@@ -211,7 +211,7 @@ image::{figures}/exceptiontranslationfilter.png[]
 
 * image:{icondir}/number_1.png[] First, the `ExceptionTranslationFilter` invokes `FilterChain.doFilter(request, response)` to invoke the rest of the application.
 * image:{icondir}/number_2.png[] If the user is not authenticated or it is an `AuthenticationException`, then __Start Authentication__.
-** The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[] is cleared out.
+** The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder] is cleared out.
 ** The `HttpServletRequest` is saved in the {security-api-url}org/springframework/security/web/savedrequest/RequestCache.html[`RequestCache`].
 When the user successfully authenticates, the `RequestCache` is used to replay the original request.
 // FIXME: add link to authentication success

docs/modules/ROOT/pages/servlet/authentication/architecture/index.adoc

@@ -2,7 +2,7 @@
 = Servlet Authentication Architecture
 :figures: servlet/authentication/architecture
 
-This discussion expands on xref:servlet/architecture/index.adoc#servlet-architecture[] to describe the main architectural components of Spring Security's used in Servlet authentication.
+This discussion expands on xref:servlet/architecture/index.adoc#servlet-architecture[Servlet Security: The Big Picture] to describe the main architectural components of Spring Security's used in Servlet authentication.
 If you need concrete flows that explain how these pieces fit together, look at the xref:servlet/authentication/index.adoc#servlet-authentication-mechanisms[Authentication Mechanism] specific sections.
 
 * <<servlet-authentication-securitycontextholder>> - The `SecurityContextHolder` is where Spring Security stores the details of who is xref:overview/features/authentication/index.adoc#authentication[authenticated].

docs/modules/ROOT/pages/servlet/authentication/index.adoc

@@ -1,7 +1,7 @@
 [[servlet-authentication]]
 = Authentication
 
-Spring Security provides comprehensive support for xref:overview/features/authentication/index.adoc#authentication[].
+Spring Security provides comprehensive support for xref:overview/features/authentication/index.adoc#authentication[Authentication].
 We start by discussing the overall xref:servlet/architecture/index.adoc#servlet-architecture[Servlet Authentication Architecture].
 As you might expect, this section is more abstract describing the architecture without much discussion on how it applies to concrete flows.
 
@@ -20,5 +20,5 @@ These sections focus on specific ways you may want to authenticate and point bac
 * xref:servlet/authentication/rememberme.adoc#servlet-rememberme[Remember Me] - how to remember a user past session expiration
 * xref:servlet/authentication/jaas.adoc#servlet-jaas[JAAS Authentication] - authenticate with JAAS
 * xref:servlet/authentication/openid.adoc#servlet-openid[OpenID] - OpenID Authentication (not to be confused with OpenID Connect)
-* xref:servlet/authentication/preauth.adoc#servlet-preauth[] - authenticate with an external mechanism such as https://www.siteminder.com/[SiteMinder] or Java EE security but still use Spring Security for authorization and protection against common exploits.
+* xref:servlet/authentication/preauth.adoc#servlet-preauth[Pre-Authentication Scenarios] - authenticate with an external mechanism such as https://www.siteminder.com/[SiteMinder] or Java EE security but still use Spring Security for authorization and protection against common exploits.
 * xref:servlet/authentication/x509.adoc#servlet-x509[X509 Authentication] - X509 Authentication

docs/modules/ROOT/pages/servlet/authentication/logout.adoc

@@ -108,7 +108,7 @@ Various implementations are provided:
 - {security-api-url}org/springframework/security/web/authentication/logout/SecurityContextLogoutHandler.html[SecurityContextLogoutHandler]
 - {security-api-url}org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandler.html[HeaderWriterLogoutHandler]
 
-Please see xref:servlet/authentication/rememberme.adoc#remember-me-impls[] for details.
+Please see xref:servlet/authentication/rememberme.adoc#remember-me-impls[Remember-Me Interfaces and Implementations] for details.
 
 Instead of providing `LogoutHandler` implementations directly, the fluent API also provides shortcuts that provide the respective `LogoutHandler` implementations under the covers.
 E.g. `deleteCookies()` allows specifying the names of one or more cookies to be removed on logout success.
@@ -142,7 +142,7 @@ If not configured a status code 200 will be returned by default.
 - <<ns-logout, Logout Handling>>
 - xref:servlet/test/mockmvc.adoc#test-logout[ Testing Logout]
 - xref:servlet/integrations/servlet-api.adoc#servletapi-logout[ HttpServletRequest.logout()]
-- xref:servlet/authentication/rememberme.adoc#remember-me-impls[]
+- xref:servlet/authentication/rememberme.adoc#remember-me-impls[Remember-Me Interfaces and Implementations]
 - xref:servlet/exploits/csrf.adoc#servlet-considerations-csrf-logout[ Logging Out] in section CSRF Caveats
 - Section xref:servlet/authentication/cas.adoc#cas-singlelogout[ Single Logout] (CAS protocol)
 - Documentation for the xref:servlet/appendix/namespace.adoc#nsa-logout[ logout element] in the Spring Security XML Namespace section

docs/modules/ROOT/pages/servlet/authentication/openid.adoc

@@ -53,7 +53,7 @@ OpenIDAuthenticationToken token =
 List<OpenIDAttribute> attributes = token.getAttributes();
 ----
 
-We can obtain the `OpenIDAuthenticationToken` from the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[].
+We can obtain the `OpenIDAuthenticationToken` from the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder].
 The `OpenIDAttribute` contains the attribute type and the retrieved value (or values in the case of multi-valued attributes).
 You can supply multiple `attribute-exchange` elements, using an `identifier-matcher` attribute on each.
 This contains a regular expression which will be matched against the OpenID identifier supplied by the user.

docs/modules/ROOT/pages/servlet/authentication/unpwd/basic.adoc

@@ -38,7 +38,7 @@ The details of what `AuthenticationManager` looks like depend on how the xref:se
 
 image:{icondir}/number_3.png[] If authentication fails, then __Failure__
 
-* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[] is cleared out.
+* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder] is cleared out.
 * `RememberMeServices.loginFail` is invoked.
 If remember me is not configured, this is a no-op.
 // FIXME: link to rememberme
@@ -46,7 +46,7 @@ If remember me is not configured, this is a no-op.
 
 image:{icondir}/number_4.png[] If authentication is successful, then __Success__.
 
-* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[] is set on the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[].
+* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[Authentication] is set on the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder].
 * `RememberMeServices.loginSuccess` is invoked.
 If remember me is not configured, this is a no-op.
 // FIXME: link to rememberme

docs/modules/ROOT/pages/servlet/authentication/unpwd/dao-authentication-provider.adoc

@@ -12,7 +12,7 @@ image::{figures}/daoauthenticationprovider.png[]
 
 image:{icondir}/number_1.png[] The authentication `Filter` from xref:servlet/authentication/unpwd/index.adoc#servlet-authentication-unpwd-input[Reading the Username & Password] passes a `UsernamePasswordAuthenticationToken` to the `AuthenticationManager` which is implemented by xref:servlet/authentication/architecture/index.adoc#servlet-authentication-providermanager[`ProviderManager`].
 
-image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authenticationprovider[] of type `DaoAuthenticationProvider`.
+image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authenticationprovider[AuthenticationProvider] of type `DaoAuthenticationProvider`.
 
 image:{icondir}/number_3.png[] `DaoAuthenticationProvider` looks up the `UserDetails` from the `UserDetailsService`.
 

docs/modules/ROOT/pages/servlet/authentication/unpwd/form.adoc

@@ -27,7 +27,7 @@ image:{icondir}/number_5.png[] Something within the application, must <<servlet-
 
 [[servlet-authentication-usernamepasswordauthenticationfilter]]
 When the username and password are submitted, the `UsernamePasswordAuthenticationFilter` authenticates the username and password.
-The `UsernamePasswordAuthenticationFilter` extends xref:servlet/authentication/architecture/index.adoc#servlet-authentication-abstractprocessingfilter[], so this diagram should look pretty similar.
+The `UsernamePasswordAuthenticationFilter` extends xref:servlet/authentication/architecture/index.adoc#servlet-authentication-abstractprocessingfilter[AbstractAuthenticationProcessingFilter], so this diagram should look pretty similar.
 
 .Authenticating Username and Password
 image::{figures}/usernamepasswordauthenticationfilter.png[]
@@ -42,7 +42,7 @@ The details of what `AuthenticationManager` looks like depend on how the xref:se
 
 image:{icondir}/number_3.png[] If authentication fails, then __Failure__
 
-* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[] is cleared out.
+* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder] is cleared out.
 * `RememberMeServices.loginFail` is invoked.
 If remember me is not configured, this is a no-op.
 // FIXME: link to rememberme
@@ -53,7 +53,7 @@ image:{icondir}/number_4.png[] If authentication is successful, then __Success__
 
 * `SessionAuthenticationStrategy` is notified of a new log in.
 // FIXME: Add link to SessionAuthenticationStrategy
-* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[] is set on the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[].
+* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[Authentication] is set on the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder].
 // FIXME: link securitycontextpersistencefilter
 * `RememberMeServices.loginSuccess` is invoked.
 If remember me is not configured, this is a no-op.

docs/modules/ROOT/pages/servlet/authentication/unpwd/index.adoc

@@ -20,8 +20,8 @@ Spring Security provides the following built in mechanisms for reading a usernam
 
 Each of the supported mechanisms for reading a username and password can leverage any of the supported storage mechanisms:
 
-* Simple Storage with xref:servlet/authentication/unpwd/in-memory.adoc#servlet-authentication-inmemory[]
-* Relational Databases with xref:servlet/authentication/unpwd/jdbc.adoc#servlet-authentication-jdbc[]
-* Custom data stores with xref:servlet/authentication/unpwd/user-details-service.adoc#servlet-authentication-userdetailsservice[]
-* LDAP storage with xref:servlet/authentication/unpwd/ldap.adoc#servlet-authentication-ldap[]
+* Simple Storage with xref:servlet/authentication/unpwd/in-memory.adoc#servlet-authentication-inmemory[In-Memory Authentication]
+* Relational Databases with xref:servlet/authentication/unpwd/jdbc.adoc#servlet-authentication-jdbc[JDBC Authentication]
+* Custom data stores with xref:servlet/authentication/unpwd/user-details-service.adoc#servlet-authentication-userdetailsservice[UserDetailsService]
+* LDAP storage with xref:servlet/authentication/unpwd/ldap.adoc#servlet-authentication-ldap[LDAP Authentication]
 

docs/modules/ROOT/pages/servlet/authentication/unpwd/ldap.adoc

@@ -258,7 +258,7 @@ fun contextSource(container: UnboundIdContainer): ContextSource {
 [[servlet-authentication-ldap-authentication]]
 == Authentication
 
-Spring Security's LDAP support does not use the xref:servlet/authentication/unpwd/user-details-service.adoc#servlet-authentication-userdetailsservice[] because LDAP bind authentication does not allow clients to read the password or even a hashed version of the password.
+Spring Security's LDAP support does not use the xref:servlet/authentication/unpwd/user-details-service.adoc#servlet-authentication-userdetailsservice[UserDetailsService] because LDAP bind authentication does not allow clients to read the password or even a hashed version of the password.
 This means there is no way a password to be read and then authenticated by Spring Security.
 
 For this reason, LDAP support is implemented using the `LdapAuthenticator` interface.

docs/modules/ROOT/pages/servlet/authorization/authorize-requests.adoc

@@ -5,12 +5,12 @@
 This section builds on xref:servlet/architecture/index.adoc#servlet-architecture[Servlet Architecture and Implementation] by digging deeper into how xref:servlet/authorization/index.adoc#servlet-authorization[authorization] works within Servlet based applications.
 
 The {security-api-url}org/springframework/security/web/access/intercept/FilterSecurityInterceptor.html[`FilterSecurityInterceptor`] provides xref:servlet/authorization/index.adoc#servlet-authorization[authorization] for ``HttpServletRequest``s.
-It is inserted into the xref:servlet/architecture/index.adoc#servlet-filterchainproxy[] as one of the xref:servlet/architecture/index.adoc#servlet-security-filters[].
+It is inserted into the xref:servlet/architecture/index.adoc#servlet-filterchainproxy[FilterChainProxy] as one of the xref:servlet/architecture/index.adoc#servlet-security-filters[Security Filters].
 
 .Authorize HttpServletRequest
 image::{figures}/filtersecurityinterceptor.png[]
 
-* image:{icondir}/number_1.png[] First, the `FilterSecurityInterceptor` obtains an  xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[] from the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[].
+* image:{icondir}/number_1.png[] First, the `FilterSecurityInterceptor` obtains an  xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[Authentication] from the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder].
 * image:{icondir}/number_2.png[] Second, `FilterSecurityInterceptor` creates a {security-api-url}org/springframework/security/web/FilterInvocation.html[`FilterInvocation`] from the `HttpServletRequest`, `HttpServletResponse`, and `FilterChain` that are passed into the `FilterSecurityInterceptor`.
 // FIXME: link to FilterInvocation
 * image:{icondir}/number_3.png[] Next, it passes the `FilterInvocation` to `SecurityMetadataSource` to get the ``ConfigAttribute``s.

docs/modules/ROOT/pages/servlet/exploits/csrf.adoc

@@ -301,7 +301,7 @@ An example of doing this with a JSP is shown below:
 == CSRF Considerations
 There are a few special considerations to consider when implementing protection against CSRF attacks.
 This section discusses those considerations as it pertains to servlet environments.
-Refer to xref:overview/features/exploits/csrf.adoc#csrf-considerations[] for a more general discussion.
+Refer to xref:overview/features/exploits/csrf.adoc#csrf-considerations[CSRF Considerations] for a more general discussion.
 
 
 [[servlet-considerations-csrf-login]]

docs/modules/ROOT/pages/servlet/integrations/concurrency.adoc

@@ -5,7 +5,7 @@ In most environments, Security is stored on a per `Thread` basis.
 This means that when work is done on a new `Thread`, the `SecurityContext` is lost.
 Spring Security provides some infrastructure to help make this much easier for users.
 Spring Security provides low level abstractions for working with Spring Security in multi-threaded environments.
-In fact, this is what Spring Security builds on to integration with xref:servlet/integrations/servlet-api.adoc#servletapi-start-runnable[] and xref:servlet/integrations/mvc.adoc#mvc-async[].
+In fact, this is what Spring Security builds on to integration with xref:servlet/integrations/servlet-api.adoc#servletapi-start-runnable[AsyncContext.start(Runnable)] and xref:servlet/integrations/mvc.adoc#mvc-async[Spring MVC Async Integration].
 
 == DelegatingSecurityContextRunnable
 
@@ -44,7 +44,7 @@ fun run() {
 
 While very simple, it makes it seamless to transfer the SecurityContext from one Thread to another.
 This is important since, in most cases, the SecurityContextHolder acts on a per Thread basis.
-For example, you might have used Spring Security's xref:servlet/appendix/namespace.adoc#nsa-global-method-security[] support to secure one of your services.
+For example, you might have used Spring Security's xref:servlet/appendix/namespace.adoc#nsa-global-method-security[<global-method-security>] support to secure one of your services.
 You can now easily transfer the `SecurityContext` of the current `Thread` to the `Thread` that invokes the secured service.
 An example of how you might do this can be found below:
 

docs/modules/ROOT/pages/servlet/java-configuration/index.adoc

@@ -5,7 +5,7 @@
 General support for https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html#beans-java[Java Configuration] was added to Spring Framework in Spring 3.1.
 Since Spring Security 3.2 there has been Spring Security Java Configuration support which enables users to easily configure Spring Security without the use of any XML.
 
-If you are familiar with the xref:servlet/namespace/index.adoc#ns-config[] then you should find quite a few similarities between it and the Security Java Configuration support.
+If you are familiar with the xref:servlet/namespace/index.adoc#ns-config[Security Namespace Configuration] then you should find quite a few similarities between it and the Security Java Configuration support.
 
 NOTE: Spring Security provides https://github.com/spring-projects/spring-security-samples/tree/main/servlet/java-configuration[lots of sample applications] which demonstrate the use of Spring Security Java Configuration.
 

docs/modules/ROOT/pages/servlet/namespace/index.adoc

@@ -18,7 +18,7 @@ For example, adding the following element from the security namespace to an appl
 
 This is much simpler than wiring up the equivalent Apache Directory Server beans.
 The most common alternative configuration requirements are supported by attributes on the `ldap-server` element and the user is isolated from worrying about which beans they need to create and what the bean property names are.
-footnote:[You can find out more about the use of the `ldap-server` element in the chapter on pass:specialcharacters,macros[xref:servlet/authentication/unpwd/ldap.adoc#servlet-authentication-ldap[]].].
+footnote:[You can find out more about the use of the `ldap-server` element in the chapter on pass:specialcharacters,macros[xref:servlet/authentication/unpwd/ldap.adoc#servlet-authentication-ldap[LDAP Authentication]].].
 Use of a good XML editor while editing the application context file should provide information on the attributes and elements that are available.
 We would recommend that you try out the https://spring.io/tools[Eclipse IDE with Spring Tools] as it has special features for working with standard Spring namespaces.
 

docs/modules/ROOT/pages/servlet/oauth2/oauth2-resourceserver.adoc

@@ -49,12 +49,12 @@ The details of what `AuthenticationManager` looks like depends on whether you're
 
 image:{icondir}/number_3.png[] If authentication fails, then __Failure__
 
-* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[] is cleared out.
+* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder] is cleared out.
 * The `AuthenticationEntryPoint` is invoked to trigger the WWW-Authenticate header to be sent again.
 
 image:{icondir}/number_4.png[] If authentication is successful, then __Success__.
 
-* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[] is set on the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[].
+* The xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authentication[Authentication] is set on the xref:servlet/authentication/architecture/index.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder].
 * The `BearerTokenAuthenticationFilter` invokes `FilterChain.doFilter(request,response)` to continue with the rest of the application logic.
 
 [[oauth2resourceserver-jwt-minimaldependencies]]
@@ -152,7 +152,7 @@ image::{figures}/jwtauthenticationprovider.png[]
 
 image:{icondir}/number_1.png[] The authentication `Filter` from <<oauth2resourceserver-authentication-bearertokenauthenticationfilter,Reading the Bearer Token>> passes a `BearerTokenAuthenticationToken` to the `AuthenticationManager` which is implemented by xref:servlet/authentication/architecture/index.adoc#servlet-authentication-providermanager[`ProviderManager`].
 
-image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authenticationprovider[] of type `JwtAuthenticationProvider`.
+image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authenticationprovider[AuthenticationProvider] of type `JwtAuthenticationProvider`.
 
 [[oauth2resourceserver-jwt-architecture-jwtdecoder]]
 image:{icondir}/number_3.png[] `JwtAuthenticationProvider` decodes, verifies, and validates the `Jwt` using a <<oauth2resourceserver-jwt-decoder,`JwtDecoder`>>.
@@ -1523,7 +1523,7 @@ image::{figures}/opaquetokenauthenticationprovider.png[]
 
 image:{icondir}/number_1.png[] The authentication `Filter` from <<oauth2resourceserver-authentication-bearertokenauthenticationfilter,Reading the Bearer Token>> passes a `BearerTokenAuthenticationToken` to the `AuthenticationManager` which is implemented by xref:servlet/authentication/architecture/index.adoc#servlet-authentication-providermanager[`ProviderManager`].
 
-image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authenticationprovider[] of type `OpaqueTokenAuthenticationProvider`.
+image:{icondir}/number_2.png[] The `ProviderManager` is configured to use an xref:servlet/authentication/architecture/index.adoc#servlet-authentication-authenticationprovider[AuthenticationProvider] of type `OpaqueTokenAuthenticationProvider`.
 
 [[oauth2resourceserver-opaque-architecture-introspector]]
 image:{icondir}/number_3.png[] `OpaqueTokenAuthenticationProvider` introspects the opaque token and adds granted authorities using an <<oauth2resourceserver-opaque-introspector,`OpaqueTokenIntrospector`>>.