From 56482e25deb6e11c7a98f6d92dd202f7ffe29f17 Mon Sep 17 00:00:00 2001
From: Josh Cummings <josh.cummings@gmail.com>
Date: Fri, 28 Oct 2022 09:51:02 -0600
Subject: [PATCH] Polish Method Security Migration Steps

- Revert steps removed since implicitly included in preparation guide

Issue gh-11337
---
 docs/modules/ROOT/pages/migration.adoc | 134 -------------------------
 1 file changed, 134 deletions(-)

diff --git a/docs/modules/ROOT/pages/migration.adoc b/docs/modules/ROOT/pages/migration.adoc
index a815d44438..9fbd410922 100644
--- a/docs/modules/ROOT/pages/migration.adoc
+++ b/docs/modules/ROOT/pages/migration.adoc
@@ -47,7 +47,6 @@ include::partial$servlet/architecture/request-cache-continue.adoc[]
 === Use `AuthorizationManager` for Method Security
 
 There are no further migration steps for this feature.
-However, if you run into trouble with this enhancement, you can instead <<servlet-replace-methodsecurity-with-globalmethodsecurity,revert the behavior>>.
 
 === Use `AuthorizationManager` for Message Security
 
@@ -80,8 +79,6 @@ There are no further migrations steps for Java or Kotlin for this feature.
 
 === Use `AuthorizationManager` for Method Security
 
-If you run into trouble with this enhancement, you can instead <<reactive-change-to-useauthorizationmanager-false,revert the behavior>>.
-
 In 6.0, `@EnableReactiveMethodSecurity` defaults `useAuthorizationManager` to `true`.
 So, to complete migration, {security-api-url}org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.html[`@EnableReactiveMethodSecurity`] remove the `useAuthorizationManager` attribute:
 
@@ -123,135 +120,4 @@ It's more important to stay on 6.0 and get the security improvements.
 
 == Revert Servlet
 
-[[servlet-replace-methodsecurity-with-globalmethodsecurity]]
-=== Don't Use `AuthorizationManager` in Method Security
-
-To opt out of `AuthorizationManager` for Method Security, replace xref:servlet/authorization/method-security.adoc#jc-enable-method-security[method security] with xref:servlet/authorization/method-security.adoc#jc-enable-global-method-security[global method security]
-
-For applications using xref:servlet/authorization/method-security.adoc#jc-enable-method-security[pre-post annotations], make sure to turn it on to reactivate the behavior.
-
-For example, change:
-
-====
-.Java
-[source,java,role="primary"]
-----
-@EnableMethodSecurity
-----
-
-.Kotlin
-[source,kotlin,role="secondary"]
-----
-@EnableMethodSecurity
-----
-
-.Xml
-[source,xml,role="secondary"]
-----
-<method-security/>
-----
-====
-
-to:
-
-====
-.Java
-[source,java,role="primary"]
-----
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-----
-
-.Kotlin
-[source,kotlin,role="secondary"]
-----
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-----
-
-.Xml
-[source,xml,role="secondary"]
-----
-<global-method-security pre-post-enabled="true"/>
-----
-====
-
-Other usages can simply change {security-api-url}org/springframework/security/config/annotation/method/configuration/EnableMethodSecurity.html[`@EnableMethodSecurity`] and xref:servlet/appendix/namespace/method-security.adoc#nsa-method-security[`<method-security>`] to {security-api-url}org/springframework/security/config/annotation/method/configuration/EnableGlobalMethodSecurity.html[`@EnableGlobalMethodSecurity`] and xref:servlet/appendix/namespace/method-security.adoc#nsa-global-method-security[`<global-method-security>`], like so:
-
-====
-.Java
-[source,java,role="primary"]
-----
-@EnableMethodSecurity(securedEnabled = true, prePostEnabled = false)
-----
-
-.Kotlin
-[source,kotlin,role="secondary"]
-----
-@EnableMethodSecurity(securedEnabled = true, prePostEnabled = false)
-----
-
-.Xml
-[source,xml,role="secondary"]
-----
-<method-security secured-enabled="true" pre-post-enabled="false"/>
-----
-====
-
-should change to:
-
-====
-.Java
-[source,java,role="primary"]
-----
-@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = false)
-----
-
-.Kotlin
-[source,kotlin,role="secondary"]
-----
-@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = false)
-----
-
-.Xml
-[source,xml,role="secondary"]
-----
-<global-method-security secured-enabled="true" pre-post-enabled="false"/>
-----
-====
-
 == Revert Reactive
-
-[[reactive-change-to-useauthorizationmanager-false]]
-=== Don't Use `AuthorizationManager` in Method Security
-
-To opt-out of {security-api-url}org/springframework/security/authorization/AuthorizationManager.html[`AuthorizationManager`] for reactive method security, add `useAuthorizationManager = false`:
-
-====
-.Java
-[source,java,role="primary"]
-----
-@EnableReactiveMethodSecurity
-----
-
-.Kotlin
-[source,kotlin,role="secondary"]
-----
-@EnableReactiveMethodSecurity
-----
-====
-
-changes to:
-
-====
-.Java
-[source,java,role="primary"]
-----
-@EnableReactiveMethodSecurity(useAuthorizationManager = false)
-----
-
-.Kotlin
-[source,kotlin,role="secondary"]
-----
-@EnableReactiveMethodSecurity(useAuthorizationManager = false)
-----
-====
-