Address Antora Warnings

This commit is contained in:
Josh Cummings 2023-05-10 15:51:49 -06:00
parent b4083f1b9e
commit 3469bcb822
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
3 changed files with 12 additions and 9 deletions

View File

@ -207,7 +207,7 @@ The Redirection Endpoint is used by the Authorization Server for returning the A
OAuth 2.0 Login leverages the Authorization Code Grant.
Therefore, the authorization credential is the authorization code.
The default Authorization Response redirection endpoint is `/login/oauth2/code/{registrationId}`.
The default Authorization Response redirection endpoint is `+/login/oauth2/code/{registrationId}+`.
If you would like to customize the Authorization Response redirection endpoint, configure it as shown in the following example:
@ -739,5 +739,5 @@ class OAuth2LoginSecurityConfig {
----
====
NOTE: `OidcClientInitiatedServerLogoutSuccessHandler` supports the `{baseUrl}` placeholder.
NOTE: `OidcClientInitiatedServerLogoutSuccessHandler` supports the `+{baseUrl}+` placeholder.
If used, the application's base URL, like `https://app.example.org`, will replace it at request time.

View File

@ -122,9 +122,11 @@ The {security-api-url}org/springframework/security/web/context/SecurityContextPe
image::{figures}/securitycontextpersistencefilter.png[]
<1> Before running the rest of the application, `SecurityContextPersistenceFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
<2> Next, the application is ran.
<3> Finally, if the `SecurityContext` has changed, we save the `SecurityContext` using the `SecurityContextPersistenceRepository`.
image:{icondir}/number_1.png[] Before running the rest of the application, `SecurityContextPersistenceFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
image:{icondir}/number_2.png[] Next, the application is ran.
image:{icondir}/number_3.png[] Finally, if the `SecurityContext` has changed, we save the `SecurityContext` using the `SecurityContextPersistenceRepository`.
This means that when using `SecurityContextPersistenceFilter`, just setting the `SecurityContextHolder` will ensure that the `SecurityContext` is persisted using `SecurityContextRepository`.
In some cases a response is committed and written to the client before the `SecurityContextPersisteneFilter` method completes.
@ -141,8 +143,9 @@ The {security-api-url}org/springframework/security/web/context/SecurityContextHo
image::{figures}/securitycontextholderfilter.png[]
<1> Before running the rest of the application, `SecurityContextHolderFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
<2> Next, the application is ran.
image:{icondir}/number_1.png[] Before running the rest of the application, `SecurityContextHolderFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
image:{icondir}/number_2.png[] Next, the application is ran.
Unlike, xref:servlet/authentication/persistence.adoc#securitycontextpersistencefilter[`SecurityContextPersisteneFilter`], `SecurityContextHolderFilter` only loads the `SecurityContext` it does not save the `SecurityContext`.
This means that when using `SecurityContextHolderFilter`, it is required that the `SecurityContext` is explicitly saved.
@ -169,4 +172,4 @@ public SecurityFilterChain filterChain(HttpSecurity http) {
<!-- ... -->
</http>
----
====
====

View File

@ -958,5 +958,5 @@ class OAuth2LoginSecurityConfig {
----
====
NOTE: `OidcClientInitiatedLogoutSuccessHandler` supports the `{baseUrl}` placeholder.
NOTE: `OidcClientInitiatedLogoutSuccessHandler` supports the `+{baseUrl}+` placeholder.
If used, the application's base URL, like `https://app.example.org`, will replace it at request time.