diff --git a/docs/manual/src/docbook/authorization-common.xml b/docs/manual/src/docbook/authorization-common.xml index eecc4d0f52..98c140d724 100644 --- a/docs/manual/src/docbook/authorization-common.xml +++ b/docs/manual/src/docbook/authorization-common.xml @@ -177,14 +177,14 @@ boolean supports(Class clazz); Custom Voters Obviously, you can also implement a custom AccessDecisionVoter and you can - put just about any access-control logic you want in it. It might - be specific to your application (business-logic related) or it - might implement some security administration logic. For example, you'll find - a - blog article on the SpringSource web site which describes how to - use a voter to deny access in real-time to users whose accounts have - been suspended. - + put just about any access-control logic you want in it. It might + be specific to your application (business-logic related) or it + might implement some security administration logic. For example, you'll find + a + blog article on the SpringSource web site which describes how to + use a voter to deny access in real-time to users whose accounts have + been suspended. + diff --git a/docs/manual/src/docbook/cas-auth-provider.xml b/docs/manual/src/docbook/cas-auth-provider.xml index e9067857cd..4ac2652a89 100644 --- a/docs/manual/src/docbook/cas-auth-provider.xml +++ b/docs/manual/src/docbook/cas-auth-provider.xml @@ -291,7 +291,7 @@ ]]> The CasAuthenticationEntryPoint should be selected to drive - authentication using entry-point-ref. The CasAuthenticationFilter has very similar properties to the UsernamePasswordAuthenticationFilter (used for form-based diff --git a/docs/manual/src/docbook/core-services.xml b/docs/manual/src/docbook/core-services.xml index e4f081595d..cbced7ff10 100644 --- a/docs/manual/src/docbook/core-services.xml +++ b/docs/manual/src/docbook/core-services.xml @@ -117,7 +117,7 @@ SaltSource enables the passwords to be populated with a "salt", which enhances the security of the passwords in the authentication repository. These will be discussed in more detail below. + xlink:href="#core-services-password-encoding">below.
diff --git a/docs/manual/src/docbook/namespace-config.xml b/docs/manual/src/docbook/namespace-config.xml index abf128c91a..137b6086db 100644 --- a/docs/manual/src/docbook/namespace-config.xml +++ b/docs/manual/src/docbook/namespace-config.xml @@ -599,7 +599,7 @@ List<OpenIDAttribute> attributes = token.getAttributes();The retrieved value (or values in the case of multi-valued attributes). We'll see more about how the SecurityContextHolder class is used when we look at core Spring Security components in the technical overview chapter. Multiple + xlink:href="#core-components">technical overview chapter. Multiple attribute exchange configurations are also be supported, if you wish to use multiple identity providers. You can supply multiple attribute-exchange elements, using an @@ -786,7 +786,7 @@ List<OpenIDAttribute> attributes = token.getAttributes();The From version 2.0 onwards Spring Security has improved support substantially for adding security to your service layer methods. It provides support for JSR-250 annotation security as well as the framework's original @Secured annotation. - From 3.0 you can also make use of new expression-based + From 3.0 you can also make use of new expression-based annotations. You can apply security to a single bean, using the intercept-methods element to decorate the bean declaration, or you can secure multiple beans across the entire service layer using the AspectJ style @@ -887,7 +887,7 @@ List<OpenIDAttribute> attributes = token.getAttributes();The The default strategy is to use an AffirmativeBased AccessDecisionManager with a RoleVoter and an AuthenticatedVoter. - You can find out more about these in the chapter on authorization.
Customizing the AccessDecisionManager diff --git a/docs/manual/src/docbook/preauth.xml b/docs/manual/src/docbook/preauth.xml index 7b320a79f0..b4fde44ccc 100644 --- a/docs/manual/src/docbook/preauth.xml +++ b/docs/manual/src/docbook/preauth.xml @@ -178,7 +178,7 @@ class="org.springframework.security.web.authentication.preauth.PreAuthenticatedA (hence the user of the custom-filter, authentication-manager and custom-authentication-provider elements (you can read more - about them in the namespace chapter). You + about them in the namespace chapter). You would leave these out of a traditional bean configuration. It's also assumed that you have added a UserDetailsService (called userDetailsService) to your configuration to load the user's diff --git a/docs/manual/src/docbook/samples.xml b/docs/manual/src/docbook/samples.xml index 1503de9bf1..d753bb0967 100644 --- a/docs/manual/src/docbook/samples.xml +++ b/docs/manual/src/docbook/samples.xml @@ -17,7 +17,7 @@ The tutorial sample is a nice basic example to get you started. It uses simple namespace configuration throughout. The compiled application is included in the distribution zip file, ready to be deployed into your web container - (spring-security-samples-tutorial-3.0.x.war). The spring-security-samples-tutorial-3.1.x.war). The form-based authentication mechanism is used in combination with the commonly-used remember-me authentication provider to automatically remember the login using cookies. @@ -123,7 +123,7 @@ Success! Your web filters appear to be properly configured! CAS Sample The CAS sample requires that you run both a CAS server and CAS client. It isn't included in the distribution so you should check out the project code as described in - the introduction. You'll find the relevant files + the introduction. You'll find the relevant files under the sample/cas directory. There's also a Readme.txt file in there which explains how to run both the server and the client directly from the source tree, complete with SSL support. You have to diff --git a/docs/manual/src/docbook/taglibs.xml b/docs/manual/src/docbook/taglibs.xml index c21a7bc44b..d629b96c87 100644 --- a/docs/manual/src/docbook/taglibs.xml +++ b/docs/manual/src/docbook/taglibs.xml @@ -16,7 +16,7 @@ Spring Security 3.0, it can be used in two ways The legacy options from Spring Security 2.0 are also supported, but discouraged. - . The first approach uses a web-security + . The first approach uses a web-security expression, specified in the access attribute of the tag. The expression evaluation will be delegated to the WebSecurityExpressionHandler defined in the application diff --git a/docs/manual/src/docbook/technical-overview.xml b/docs/manual/src/docbook/technical-overview.xml index deff9b0ea3..56de34db51 100644 --- a/docs/manual/src/docbook/technical-overview.xml +++ b/docs/manual/src/docbook/technical-overview.xml @@ -582,7 +582,7 @@ Successfully authenticated. Security context contains: \ RoleVoter. This is only relevant when a voter-based AccessDecisionManager is in use. We'll see how the AccessDecisionManager is implemented in the - authorization chapter. + authorization chapter.
RunAsManager