Fix typo

acl/src/main/java/org/springframework/security/acls/model/AccessControlEntry.java

@@ -46,7 +46,7 @@ public interface AccessControlEntry extends Serializable {
 	Sid getSid();
 
 	/**
-	 * Indicates the a Permission is being granted to the relevant Sid. If false,
+	 * Indicates the permission is being granted to the relevant Sid. If false,
 	 * indicates the permission is being revoked/blocked.
 	 *
 	 * @return true if being granted, false otherwise

config/src/main/resources/org/springframework/security/config/spring-security-3.2.rnc

@@ -759,10 +759,10 @@ frame-options.attlist &=
     ## Specify the strategy to use when ALLOW-FROM is chosen.
     attribute strategy {"static","whitelist","regexp"}?
 frame-options.attlist &=
-    ## Specify the a reference to the custom AllowFromStrategy to use when ALLOW-FROM is chosen.
+    ## Specify a reference to the custom AllowFromStrategy to use when ALLOW-FROM is chosen.
     ref?
 frame-options.attlist &=
-    ## Specify the a value to use for the chosen strategy.
+    ## Specify a value to use for the chosen strategy.
     attribute value {xsd:string}?
 frame-options.attlist &=
     ## Specify the request parameter to use for the origin when using a 'whitelist' or 'regexp' based strategy. Default is 'from'.

config/src/main/resources/org/springframework/security/config/spring-security-3.2.xsd

@@ -2365,7 +2365,7 @@
       </xs:attribute>
       <xs:attribute name="value" type="xs:string">
          <xs:annotation>
-            <xs:documentation>Specify the a value to use for the chosen strategy.
+            <xs:documentation>Specify a value to use for the chosen strategy.
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>

config/src/main/resources/org/springframework/security/config/spring-security-4.0.rnc

@@ -785,10 +785,10 @@ frame-options.attlist &=
 	## Specify the strategy to use when ALLOW-FROM is chosen.
 	attribute strategy {"static","whitelist","regexp"}?
 frame-options.attlist &=
-	## Specify the a reference to the custom AllowFromStrategy to use when ALLOW-FROM is chosen.
+	## Specify a reference to the custom AllowFromStrategy to use when ALLOW-FROM is chosen.
 	ref?
 frame-options.attlist &=
-	## Specify the a value to use for the chosen strategy.
+	## Specify a value to use for the chosen strategy.
 	attribute value {xsd:string}?
 frame-options.attlist &=
 	## Specify the request parameter to use for the origin when using a 'whitelist' or 'regexp' based strategy. Default is 'from'.

config/src/main/resources/org/springframework/security/config/spring-security-4.0.xsd

@@ -2440,7 +2440,7 @@
       </xs:attribute>
       <xs:attribute name="value" type="xs:string">
          <xs:annotation>
-            <xs:documentation>Specify the a value to use for the chosen strategy.
+            <xs:documentation>Specify a value to use for the chosen strategy.
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>

config/src/main/resources/org/springframework/security/config/spring-security-4.1.rnc

@@ -839,10 +839,10 @@ frame-options.attlist &=
 	## Specify the strategy to use when ALLOW-FROM is chosen.
 	attribute strategy {"static","whitelist","regexp"}?
 frame-options.attlist &=
-	## Specify the a reference to the custom AllowFromStrategy to use when ALLOW-FROM is chosen.
+	## Specify a reference to the custom AllowFromStrategy to use when ALLOW-FROM is chosen.
 	ref?
 frame-options.attlist &=
-	## Specify the a value to use for the chosen strategy.
+	## Specify a value to use for the chosen strategy.
 	attribute value {xsd:string}?
 frame-options.attlist &=
 	## Specify the request parameter to use for the origin when using a 'whitelist' or 'regexp' based strategy. Default is 'from'.

config/src/main/resources/org/springframework/security/config/spring-security-4.1.xsd

@@ -2585,7 +2585,7 @@
       </xs:attribute>
       <xs:attribute name="value" type="xs:string">
          <xs:annotation>
-            <xs:documentation>Specify the a value to use for the chosen strategy.
+            <xs:documentation>Specify a value to use for the chosen strategy.
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>

core/src/test/java/org/springframework/security/task/ExplicitDelegatingSecurityContextTaskExecutorTests.java

@@ -24,7 +24,7 @@ import org.springframework.security.concurrent.DelegatingSecurityContextExecutor
 import org.springframework.security.concurrent.AbstractDelegatingSecurityContextExecutorTests;
 
 /**
- * Tests using the an explicit {@link SecurityContext} on
+ * Tests using an explicit {@link SecurityContext} on
  * {@link DelegatingSecurityContextExecutor}
  *
  * @author Rob Winch

docs/manual/src/docs/asciidoc/_includes/faq.adoc

@@ -193,7 +193,7 @@ This happens because sessions created under HTTPS, for which the session cookie
 
 ==== I'm not switching between HTTP and HTTPS but my session is still getting lost
 
-Sessions are maintained either by exchanging a session cookie or by adding the a `jsessionid` parameter to URLs (this happens automatically if you are using JSTL to output URLs, or if you call `HttpServletResponse.encodeUrl` on URLs (before a redirect, for example). If clients have cookies disabled, and you are not rewriting URLs to include the `jsessionid`, then the session will be lost. Note that the use of cookies is preferred for security reasons, as it does not expose the session information in the URL.
+Sessions are maintained either by exchanging a session cookie or by adding a `jsessionid` parameter to URLs (this happens automatically if you are using JSTL to output URLs, or if you call `HttpServletResponse.encodeUrl` on URLs (before a redirect, for example). If clients have cookies disabled, and you are not rewriting URLs to include the `jsessionid`, then the session will be lost. Note that the use of cookies is preferred for security reasons, as it does not expose the session information in the URL.
 
 [[appendix-faq-session-listener-missing]]
 ==== I'm trying to use the concurrent session-control support but it won't let me log back in, even if I'm sure I've logged out and haven't exceeded the allowed sessions.
@@ -240,7 +240,7 @@ Generally we would recommend applying method security at the service layer rathe
 If you have excluded the request from the security filter chain using the attribute `filters='none'` in the `<intercept-url>` element that matches the URL pattern, then the `SecurityContextHolder` will not be populated for that request. Check the debug log to see whether the request is passing through the filter chain. (You are reading the debug log, right?).
 
 [[appendix-faq-method-security-with-taglib]]
-==== The authorize JSP Tag doesn't respect my method security annotations when using a the URL attribute.
+==== The authorize JSP Tag doesn't respect my method security annotations when using the URL attribute.
 
 Method security will not hide links when using the `url` attribute in `<sec:authorize>` because we cannot readily reverse engineer what URL is mapped to what controller endpoint as controllers can rely on headers, current user, etc to determine what method to invoke.
 

docs/manual/src/docs/asciidoc/index.adoc

@@ -8865,7 +8865,7 @@ If set to true, the AuthenticationManager will attempt to clear any credentials
 
 [[nsa-authentication-manager-id]]
 * **id**
-This attribute allows you to define an id for the internal instance for use in your own configuration. It is the same a the alias element, but provides a more consistent experience with elements that use the id attribute.
+This attribute allows you to define an id for the internal instance for use in your own configuration. It is the same as the alias element, but provides a more consistent experience with elements that use the id attribute.
 
 
 [[nsa-authentication-manager-children]]