diff --git a/cas/src/main/java/org/springframework/security/cas/jackson2/CasJackson2Module.java b/cas/src/main/java/org/springframework/security/cas/jackson2/CasJackson2Module.java
index 2042e967fa..34f19ca10a 100644
--- a/cas/src/main/java/org/springframework/security/cas/jackson2/CasJackson2Module.java
+++ b/cas/src/main/java/org/springframework/security/cas/jackson2/CasJackson2Module.java
@@ -20,6 +20,7 @@ import com.fasterxml.jackson.core.Version;
 import com.fasterxml.jackson.databind.module.SimpleModule;
 import org.jasig.cas.client.authentication.AttributePrincipalImpl;
 import org.jasig.cas.client.validation.AssertionImpl;
+
 import org.springframework.security.cas.authentication.CasAuthenticationToken;
 import org.springframework.security.jackson2.SecurityJackson2Modules;
 
@@ -37,8 +38,8 @@ import org.springframework.security.jackson2.SecurityJackson2Modules;
  * of all security modules on the classpath.</b>
  *
  * @author Jitendra Singh.
- * @see org.springframework.security.jackson2.SecurityJackson2Modules
  * @since 4.2
+ * @see org.springframework.security.jackson2.SecurityJackson2Modules
  */
 public class CasJackson2Module extends SimpleModule {
 
diff --git a/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java b/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
index 674cd47f49..36532203ec 100644
--- a/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
+++ b/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
@@ -381,7 +381,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
 	/**
 	 * A wrapper for the AuthenticationFailureHandler that will flex the
 	 * {@link AuthenticationFailureHandler} that is used. The value
-	 * {@link CasAuthenticationFilter#setProxyAuthenticationFailureHandler(AuthenticationFailureHandler)
+	 * {@link CasAuthenticationFilter#setProxyAuthenticationFailureHandler(AuthenticationFailureHandler)}
 	 * will be used for proxy requests that fail. The value
 	 * {@link CasAuthenticationFilter#setAuthenticationFailureHandler(AuthenticationFailureHandler)}
 	 * will be used for service tickets that fail.
diff --git a/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
index 5e9b198ffc..a1e2e854fe 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
@@ -44,10 +44,10 @@ import org.springframework.web.filter.DelegatingFilterProxy;
  * filters necessary for session management, form based login, authorization, etc.
  * </p>
  *
- * @see WebSecurity
- * @author Rob Winch
  * @param <O> The object that this builder returns
  * @param <B> The type of this builder (that is returned by the base class)
+ * @author Rob Winch
+ * @see WebSecurity
  */
 public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBuilder<O>>
 		extends AbstractSecurityBuilder<O> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/SecurityBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/SecurityBuilder.java
index 3340250675..4106ece615 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/SecurityBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/SecurityBuilder.java
@@ -18,9 +18,9 @@ package org.springframework.security.config.annotation;
 /**
  * Interface for building an Object
  *
+ * @param <O> The type of the Object being built
  * @author Rob Winch
  * @since 3.2
- * @param <O> The type of the Object being built
  */
 public interface SecurityBuilder<O> {
 
diff --git a/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurer.java
index 13564216ea..cf6571362e 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurer.java
@@ -21,11 +21,11 @@ package org.springframework.security.config.annotation;
  * {@link #init(SecurityBuilder)} methods have been invoked, each
  * {@link #configure(SecurityBuilder)} method is invoked.
  *
- * @see AbstractConfiguredSecurityBuilder
- * @author Rob Winch
  * @param <O> The object being built by the {@link SecurityBuilder} B
  * @param <B> The {@link SecurityBuilder} that builds objects of type O. This is also the
  * {@link SecurityBuilder} that is being configured.
+ * @author Rob Winch
+ * @see AbstractConfiguredSecurityBuilder
  */
 public interface SecurityConfigurer<O, B extends SecurityBuilder<O>> {
 
diff --git a/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java b/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
index 87e0876002..ec8f0e290c 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
@@ -27,11 +27,11 @@ import org.springframework.core.annotation.AnnotationAwareOrderComparator;
  * {@link SecurityConfigurer} and when done gaining access to the {@link SecurityBuilder}
  * that is being configured.
  *
- * @author Rob Winch
- * @author Wallace Wadge
  * @param <O> The Object being built by B
  * @param <B> The Builder that is building O and is configured by
  * {@link SecurityConfigurerAdapter}
+ * @author Rob Winch
+ * @author Wallace Wadge
  */
 public abstract class SecurityConfigurerAdapter<O, B extends SecurityBuilder<O>> implements SecurityConfigurer<O, B> {
 
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/ProviderManagerBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/ProviderManagerBuilder.java
index 6240d764c0..70bcb26c60 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/ProviderManagerBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/ProviderManagerBuilder.java
@@ -23,8 +23,8 @@ import org.springframework.security.config.annotation.SecurityBuilder;
 /**
  * Interface for operating on a SecurityBuilder that creates a {@link ProviderManager}
  *
- * @author Rob Winch
  * @param <B> the type of the {@link SecurityBuilder}
+ * @author Rob Winch
  */
 public interface ProviderManagerBuilder<B extends ProviderManagerBuilder<B>>
 		extends SecurityBuilder<AuthenticationManager> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
index ebc2fa8e36..7e6f8e705b 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
@@ -26,12 +26,11 @@ import org.springframework.security.core.userdetails.UserDetailsPasswordService;
 /**
  * Allows configuring a {@link DaoAuthenticationProvider}
  *
- * @author Rob Winch
- * @since 3.2
  * @param <B> the type of the {@link SecurityBuilder}
  * @param <C> the type of {@link AbstractDaoAuthenticationConfigurer} this is
  * @param <U> The type of {@link UserDetailsService} that is being used
- *
+ * @author Rob Winch
+ * @since 3.2
  */
 abstract class AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>, C extends AbstractDaoAuthenticationConfigurer<B, C, U>, U extends UserDetailsService>
 		extends UserDetailsAwareConfigurer<B, U> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/DaoAuthenticationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/DaoAuthenticationConfigurer.java
index 0a29a8b057..c83358c685 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/DaoAuthenticationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/DaoAuthenticationConfigurer.java
@@ -22,11 +22,10 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 /**
  * Allows configuring a {@link DaoAuthenticationProvider}
  *
- * @author Rob Winch
- * @since 3.2
  * @param <B> The type of {@link ProviderManagerBuilder} this is
  * @param <U> The type of {@link UserDetailsService} that is being used
- *
+ * @author Rob Winch
+ * @since 3.2
  */
 public class DaoAuthenticationConfigurer<B extends ProviderManagerBuilder<B>, U extends UserDetailsService>
 		extends AbstractDaoAuthenticationConfigurer<B, DaoAuthenticationConfigurer<B, U>, U> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsAwareConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsAwareConfigurer.java
index ee2dc6eac4..b5ff1099d5 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsAwareConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsAwareConfigurer.java
@@ -25,9 +25,9 @@ import org.springframework.security.core.userdetails.UserDetailsService;
  * Base class that allows access to the {@link UserDetailsService} for using as a default
  * value with {@link AuthenticationManagerBuilder}.
  *
- * @author Rob Winch
  * @param <B> the type of the {@link ProviderManagerBuilder}
  * @param <U> the type of {@link UserDetailsService}
+ * @author Rob Winch
  */
 public abstract class UserDetailsAwareConfigurer<B extends ProviderManagerBuilder<B>, U extends UserDetailsService>
 		extends SecurityConfigurerAdapter<AuthenticationManager, B> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsServiceConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsServiceConfigurer.java
index a5dbdd7a56..553a64fdd1 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsServiceConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsServiceConfigurer.java
@@ -23,12 +23,12 @@ import org.springframework.security.core.userdetails.UserDetailsService;
  * Allows configuring a {@link UserDetailsService} within a
  * {@link AuthenticationManagerBuilder}.
  *
- * @author Rob Winch
- * @since 3.2
  * @param <B> the type of the {@link ProviderManagerBuilder}
  * @param <C> the {@link UserDetailsServiceConfigurer} (or this)
  * @param <U> the type of UserDetailsService being used to allow for returning the
  * concrete UserDetailsService.
+ * @author Rob Winch
+ * @since 3.2
  */
 public class UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>, C extends UserDetailsServiceConfigurer<B, C, U>, U extends UserDetailsService>
 		extends AbstractDaoAuthenticationConfigurer<B, C, U> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
index 1428f0015a..8513649230 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
@@ -195,7 +195,7 @@ public class RSocketSecurity {
 	/**
 	 * Adds authentication with BasicAuthenticationPayloadExchangeConverter.
 	 * @param basic
-	 * @return
+	 * @return this instance
 	 * @deprecated Use {@link #simpleAuthentication(Customizer)}
 	 */
 	@Deprecated
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/HttpSecurityBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/web/HttpSecurityBuilder.java
index 61d69ad820..239a73b898 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/HttpSecurityBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/HttpSecurityBuilder.java
@@ -44,8 +44,8 @@ import org.springframework.security.web.session.ConcurrentSessionFilter;
 import org.springframework.security.web.session.SessionManagementFilter;
 
 /**
- * @author Rob Winch
  * @param <H>
+ * @author Rob Winch
  */
 public interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>
 		extends SecurityBuilder<DefaultSecurityFilterChain> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
index 68da8c63e9..0ca9ed31f4 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
@@ -32,10 +32,10 @@ import org.springframework.security.web.SecurityFilterChain;
  * will automatically be applied to the {@link WebSecurity} by the
  * {@link EnableWebSecurity} annotation.
  *
- * @see WebSecurityConfigurerAdapter
- * @see SecurityFilterChain
  * @author Rob Winch
  * @since 3.2
+ * @see WebSecurityConfigurerAdapter
+ * @see SecurityFilterChain
  */
 public interface WebSecurityConfigurer<T extends SecurityBuilder<Filter>> extends SecurityConfigurer<Filter, T> {
 
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
index e082f1fb57..97e34b6fed 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
@@ -231,11 +231,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * }
 	 * </pre>
 	 * @return the {@link OpenIDLoginConfigurer} for further customizations.
+	 * @throws Exception
 	 * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
 	 * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
 	 * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
 	 * supported by <code>spring-security-oauth2</code>.
-	 * @throws Exception
 	 * @see OpenIDLoginConfigurer
 	 */
 	public OpenIDLoginConfigurer<HttpSecurity> openidLogin() throws Exception {
@@ -351,16 +351,15 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * 	}
 	 * }
 	 * </pre>
-	 *
-	 * @see OpenIDLoginConfigurer
 	 * @param openidLoginCustomizer the {@link Customizer} to provide more options for the
 	 * {@link OpenIDLoginConfigurer}
+	 * @return the {@link HttpSecurity} for further customizations
+	 * @throws Exception
 	 * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
 	 * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
 	 * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
 	 * supported by <code>spring-security-oauth2</code>.
-	 * @return the {@link HttpSecurity} for further customizations
-	 * @throws Exception
+	 * @see OpenIDLoginConfigurer
 	 */
 	public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>> openidLoginCustomizer)
 			throws Exception {
@@ -797,12 +796,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * 	}
 	 * }
 	 * </pre>
-	 *
-	 * @see #requiresChannel()
 	 * @param portMapperCustomizer the {@link Customizer} to provide more options for the
 	 * {@link PortMapperConfigurer}
 	 * @return the {@link HttpSecurity} for further customizations
 	 * @throws Exception
+	 * @see #requiresChannel()
 	 */
 	public HttpSecurity portMapper(Customizer<PortMapperConfigurer<HttpSecurity>> portMapperCustomizer)
 			throws Exception {
@@ -1158,10 +1156,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).antMatchers(&quot;/admin/**&quot;)
 	 * 		.hasRole(&quot;ADMIN&quot;)
 	 * </pre>
-	 *
-	 * @see #requestMatcher(RequestMatcher)
 	 * @return the {@link ExpressionUrlAuthorizationConfigurer} for further customizations
 	 * @throws Exception
+	 * @see #requestMatcher(RequestMatcher)
 	 */
 	public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests()
 			throws Exception {
@@ -1238,12 +1235,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * 	}
 	 * }
 	 * </pre>
-	 *
-	 * @see #requestMatcher(RequestMatcher)
 	 * @param authorizeRequestsCustomizer the {@link Customizer} to provide more options
 	 * for the {@link ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry}
 	 * @return the {@link HttpSecurity} for further customizations
 	 * @throws Exception
+	 * @see #requestMatcher(RequestMatcher)
 	 */
 	public HttpSecurity authorizeRequests(
 			Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer)
@@ -1779,10 +1775,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * 	}
 	 * }
 	 * </pre>
-	 *
-	 * @see FormLoginConfigurer#loginPage(String)
 	 * @return the {@link FormLoginConfigurer} for further customizations
 	 * @throws Exception
+	 * @see FormLoginConfigurer#loginPage(String)
 	 */
 	public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
 		return getOrApply(new FormLoginConfigurer<>());
@@ -1842,12 +1837,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * 	}
 	 * }
 	 * </pre>
-	 *
-	 * @see FormLoginConfigurer#loginPage(String)
 	 * @param formLoginCustomizer the {@link Customizer} to provide more options for the
 	 * {@link FormLoginConfigurer}
 	 * @return the {@link HttpSecurity} for further customizations
 	 * @throws Exception
+	 * @see FormLoginConfigurer#loginPage(String)
 	 */
 	public HttpSecurity formLogin(Customizer<FormLoginConfigurer<HttpSecurity>> formLoginCustomizer) throws Exception {
 		formLoginCustomizer.customize(getOrApply(new FormLoginConfigurer<>()));
@@ -1935,10 +1929,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * </pre>
 	 *
 	 * <p>
-	 *
-	 * @since 5.2
 	 * @return the {@link Saml2LoginConfigurer} for further customizations
 	 * @throws Exception
+	 * @since 5.2
 	 */
 	public Saml2LoginConfigurer<HttpSecurity> saml2Login() throws Exception {
 		return getOrApply(new Saml2LoginConfigurer<>());
@@ -2025,12 +2018,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * </pre>
 	 *
 	 * <p>
-	 *
-	 * @since 5.2
 	 * @param saml2LoginCustomizer the {@link Customizer} to provide more options for the
 	 * {@link Saml2LoginConfigurer}
 	 * @return the {@link HttpSecurity} for further customizations
 	 * @throws Exception
+	 * @since 5.2
 	 */
 	public HttpSecurity saml2Login(Customizer<Saml2LoginConfigurer<HttpSecurity>> saml2LoginCustomizer)
 			throws Exception {
@@ -2122,7 +2114,8 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * <p>
 	 * For more advanced configuration, see {@link OAuth2LoginConfigurer} for available
 	 * options to customize the defaults.
-	 *
+	 * @return the {@link OAuth2LoginConfigurer} for further customizations
+	 * @throws Exception
 	 * @since 5.0
 	 * @see <a target="_blank" href=
 	 * "https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code
@@ -2132,8 +2125,6 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * Authorization Code Flow</a>
 	 * @see org.springframework.security.oauth2.client.registration.ClientRegistration
 	 * @see org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
-	 * @return the {@link OAuth2LoginConfigurer} for further customizations
-	 * @throws Exception
 	 */
 	public OAuth2LoginConfigurer<HttpSecurity> oauth2Login() throws Exception {
 		return getOrApply(new OAuth2LoginConfigurer<>());
@@ -2224,7 +2215,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * <p>
 	 * For more advanced configuration, see {@link OAuth2LoginConfigurer} for available
 	 * options to customize the defaults.
-	 *
+	 * @param oauth2LoginCustomizer the {@link Customizer} to provide more options for the
+	 * {@link OAuth2LoginConfigurer}
+	 * @return the {@link HttpSecurity} for further customizations
+	 * @throws Exception
 	 * @see <a target="_blank" href=
 	 * "https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code
 	 * Grant</a>
@@ -2233,10 +2227,6 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * Authorization Code Flow</a>
 	 * @see org.springframework.security.oauth2.client.registration.ClientRegistration
 	 * @see org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
-	 * @param oauth2LoginCustomizer the {@link Customizer} to provide more options for the
-	 * {@link OAuth2LoginConfigurer}
-	 * @return the {@link HttpSecurity} for further customizations
-	 * @throws Exception
 	 */
 	public HttpSecurity oauth2Login(Customizer<OAuth2LoginConfigurer<HttpSecurity>> oauth2LoginCustomizer)
 			throws Exception {
@@ -2246,13 +2236,12 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 
 	/**
 	 * Configures OAuth 2.0 Client support.
-	 *
+	 * @return the {@link OAuth2ClientConfigurer} for further customizations
+	 * @throws Exception
 	 * @since 5.1
 	 * @see <a target="_blank" href=
 	 * "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization
 	 * Framework</a>
-	 * @return the {@link OAuth2ClientConfigurer} for further customizations
-	 * @throws Exception
 	 */
 	public OAuth2ClientConfigurer<HttpSecurity> oauth2Client() throws Exception {
 		OAuth2ClientConfigurer<HttpSecurity> configurer = getOrApply(new OAuth2ClientConfigurer<>());
@@ -2283,14 +2272,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 *	}
 	 * }
 	 * </pre>
-	 *
-	 * @see <a target="_blank" href=
-	 * "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization
-	 * Framework</a>
 	 * @param oauth2ClientCustomizer the {@link Customizer} to provide more options for
 	 * the {@link OAuth2ClientConfigurer}
 	 * @return the {@link HttpSecurity} for further customizations
 	 * @throws Exception
+	 * @see <a target="_blank" href=
+	 * "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization
+	 * Framework</a>
 	 */
 	public HttpSecurity oauth2Client(Customizer<OAuth2ClientConfigurer<HttpSecurity>> oauth2ClientCustomizer)
 			throws Exception {
@@ -2300,13 +2288,12 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 
 	/**
 	 * Configures OAuth 2.0 Resource Server support.
-	 *
+	 * @return the {@link OAuth2ResourceServerConfigurer} for further customizations
+	 * @throws Exception
 	 * @since 5.1
 	 * @see <a target="_blank" href=
 	 * "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization
 	 * Framework</a>
-	 * @return the {@link OAuth2ResourceServerConfigurer} for further customizations
-	 * @throws Exception
 	 */
 	public OAuth2ResourceServerConfigurer<HttpSecurity> oauth2ResourceServer() throws Exception {
 		OAuth2ResourceServerConfigurer<HttpSecurity> configurer = getOrApply(
@@ -2353,14 +2340,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 	 * 	}
 	 * }
 	 * </pre>
-	 *
-	 * @see <a target="_blank" href=
-	 * "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization
-	 * Framework</a>
 	 * @param oauth2ResourceServerCustomizer the {@link Customizer} to provide more
 	 * options for the {@link OAuth2ResourceServerConfigurer}
 	 * @return the {@link HttpSecurity} for further customizations
 	 * @throws Exception
+	 * @see <a target="_blank" href=
+	 * "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization
+	 * Framework</a>
 	 */
 	public HttpSecurity oauth2ResourceServer(
 			Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> oauth2ResourceServerCustomizer) throws Exception {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
index 1adc9465ec..7d8ef3304c 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
@@ -72,11 +72,11 @@ import org.springframework.web.filter.DelegatingFilterProxy;
  * {@link WebSecurityConfigurerAdapter}.
  * </p>
  *
- * @see EnableWebSecurity
- * @see WebSecurityConfiguration
  * @author Rob Winch
  * @author Evgeniy Cheban
  * @since 3.2
+ * @see EnableWebSecurity
+ * @see WebSecurityConfiguration
  */
 public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter, WebSecurity>
 		implements SecurityBuilder<Filter>, ApplicationContextAware {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
index d9180e5c86..48c49598cb 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
@@ -49,13 +49,13 @@ import java.util.Collections;
  * Base class for configuring {@link AbstractAuthenticationFilterConfigurer}. This is
  * intended for internal use only.
  *
- * @see FormLoginConfigurer
- * @see OpenIDLoginConfigurer
  * @param T refers to "this" for returning the current configurer
  * @param F refers to the {@link AbstractAuthenticationProcessingFilter} that is being
  * built
  * @author Rob Winch
  * @since 3.2
+ * @see FormLoginConfigurer
+ * @see OpenIDLoginConfigurer
  */
 public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>, T extends AbstractAuthenticationFilterConfigurer<B, T, F>, F extends AbstractAuthenticationProcessingFilter>
 		extends AbstractHttpConfigurer<T, B> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractConfigAttributeRequestMatcherRegistry.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractConfigAttributeRequestMatcherRegistry.java
index 758558e8a4..092681c195 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractConfigAttributeRequestMatcherRegistry.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractConfigAttributeRequestMatcherRegistry.java
@@ -28,9 +28,9 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
  * A base class for registering {@link RequestMatcher}'s. For example, it might allow for
  * specifying which {@link RequestMatcher} require a certain level of authorization.
  *
+ * @param <C> The object that is returned or Chained after creating the RequestMatcher
  * @author Rob Winch
  * @since 3.2
- * @param <C> The object that is returned or Chained after creating the RequestMatcher
  * @see ChannelSecurityConfigurer
  * @see UrlAuthorizationConfigurer
  * @see ExpressionUrlAuthorizationConfigurer
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java
index 5c2e4be582..672c17f4fa 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java
@@ -74,6 +74,7 @@ import org.springframework.util.Assert;
  * </ul>
  *
  * @author Rob Winch
+ * @author Michael Vitz
  * @since 3.2
  */
 public final class CsrfConfigurer<H extends HttpSecurityBuilder<H>>
@@ -184,12 +185,10 @@ public final class CsrfConfigurer<H extends HttpSecurityBuilder<H>>
 	 * Specify the {@link SessionAuthenticationStrategy} to use. The default is a
 	 * {@link CsrfAuthenticationStrategy}.
 	 * </p>
-	 *
-	 * @author Michael Vitz
-	 * @since 5.2
 	 * @param sessionAuthenticationStrategy the {@link SessionAuthenticationStrategy} to
 	 * use
 	 * @return the {@link CsrfConfigurer} for further customizations
+	 * @since 5.2
 	 */
 	public CsrfConfigurer<H> sessionAuthenticationStrategy(
 			SessionAuthenticationStrategy sessionAuthenticationStrategy) {
@@ -300,10 +299,8 @@ public final class CsrfConfigurer<H extends HttpSecurityBuilder<H>>
 	/**
 	 * Gets the {@link SessionAuthenticationStrategy} to use. If none was set by the user
 	 * a {@link CsrfAuthenticationStrategy} is created.
-	 *
-	 * @author Michael Vitz
-	 * @since 5.2
 	 * @return the {@link SessionAuthenticationStrategy}
+	 * @since 5.2
 	 */
 	private SessionAuthenticationStrategy getSessionAuthenticationStrategy() {
 		if (sessionAuthenticationStrategy != null) {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
index 92c09d6192..c7bd680c15 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
@@ -61,9 +61,9 @@ import java.util.function.Function;
  * {@link DefaultLoginPageConfigurer} should be added and how to configure it.</li>
  * </ul>
  *
- * @see WebSecurityConfigurerAdapter
  * @author Rob Winch
  * @since 3.2
+ * @see WebSecurityConfigurerAdapter
  */
 public final class DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>>
 		extends AbstractHttpConfigurer<DefaultLoginPageConfigurer<H>, H> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
index 0f6758a5c8..e0c0d84394 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
@@ -774,11 +774,10 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
 	 * <li>Content-Security-Policy</li>
 	 * <li>Content-Security-Policy-Report-Only</li>
 	 * </ul>
-	 *
-	 * @see ContentSecurityPolicyHeaderWriter
-	 * @since 4.1
 	 * @return the {@link ContentSecurityPolicyConfig} for additional configuration
 	 * @throws IllegalArgumentException if policyDirectives is null or empty
+	 * @since 4.1
+	 * @see ContentSecurityPolicyHeaderWriter
 	 */
 	public ContentSecurityPolicyConfig contentSecurityPolicy(String policyDirectives) {
 		this.contentSecurityPolicy.writer = new ContentSecurityPolicyHeaderWriter(policyDirectives);
@@ -805,11 +804,10 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
 	 * <li>Content-Security-Policy</li>
 	 * <li>Content-Security-Policy-Report-Only</li>
 	 * </ul>
-	 *
-	 * @see ContentSecurityPolicyHeaderWriter
 	 * @param contentSecurityCustomizer the {@link Customizer} to provide more options for
 	 * the {@link ContentSecurityPolicyConfig}
 	 * @return the {@link HeadersConfigurer} for additional customizations
+	 * @see ContentSecurityPolicyHeaderWriter
 	 */
 	public HeadersConfigurer<H> contentSecurityPolicy(
 			Customizer<ContentSecurityPolicyConfig> contentSecurityCustomizer) {
@@ -944,10 +942,9 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
 	 * <pre>
 	 * Referrer-Policy: no-referrer
 	 * </pre>
-	 *
-	 * @see ReferrerPolicyHeaderWriter
-	 * @since 4.2
 	 * @return the {@link ReferrerPolicyConfig} for additional configuration
+	 * @since 4.2
+	 * @see ReferrerPolicyHeaderWriter
 	 */
 	public ReferrerPolicyConfig referrerPolicy() {
 		this.referrerPolicy.writer = new ReferrerPolicyHeaderWriter();
@@ -967,11 +964,10 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
 	 * <ul>
 	 * <li>Referrer-Policy</li>
 	 * </ul>
-	 *
-	 * @see ReferrerPolicyHeaderWriter
-	 * @since 4.2
 	 * @return the {@link ReferrerPolicyConfig} for additional configuration
 	 * @throws IllegalArgumentException if policy is null or empty
+	 * @since 4.2
+	 * @see ReferrerPolicyHeaderWriter
 	 */
 	public ReferrerPolicyConfig referrerPolicy(ReferrerPolicy policy) {
 		this.referrerPolicy.writer = new ReferrerPolicyHeaderWriter(policy);
@@ -991,11 +987,10 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
 	 * <ul>
 	 * <li>Referrer-Policy</li>
 	 * </ul>
-	 *
-	 * @see ReferrerPolicyHeaderWriter
 	 * @param referrerPolicyCustomizer the {@link Customizer} to provide more options for
 	 * the {@link ReferrerPolicyConfig}
 	 * @return the {@link HeadersConfigurer} for additional customizations
+	 * @see ReferrerPolicyHeaderWriter
 	 */
 	public HeadersConfigurer<H> referrerPolicy(Customizer<ReferrerPolicyConfig> referrerPolicyCustomizer) {
 		this.referrerPolicy.writer = new ReferrerPolicyHeaderWriter();
@@ -1036,11 +1031,10 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
 	 * <p>
 	 * Configuration is provided to the {@link FeaturePolicyHeaderWriter} which is
 	 * responsible for writing the header.
-	 *
-	 * @see FeaturePolicyHeaderWriter
-	 * @since 5.1
 	 * @return the {@link FeaturePolicyConfig} for additional configuration
 	 * @throws IllegalArgumentException if policyDirectives is {@code null} or empty
+	 * @since 5.1
+	 * @see FeaturePolicyHeaderWriter
 	 */
 	public FeaturePolicyConfig featurePolicy(String policyDirectives) {
 		this.featurePolicy.writer = new FeaturePolicyHeaderWriter(policyDirectives);
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
index da0028a54f..7b9aa5132a 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
@@ -143,11 +143,10 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
 	 * attacks</a>. If you really want to use an HTTP GET, you can use
 	 * <code>logoutRequestMatcher(new AntPathRequestMatcher(logoutUrl, "GET"));</code>
 	 * </p>
-	 *
-	 * @see #logoutRequestMatcher(RequestMatcher)
-	 * @see HttpSecurity#csrf()
 	 * @param logoutUrl the URL that will invoke logout.
 	 * @return the {@link LogoutConfigurer} for further customization
+	 * @see #logoutRequestMatcher(RequestMatcher)
+	 * @see HttpSecurity#csrf()
 	 */
 	public LogoutConfigurer<H> logoutUrl(String logoutUrl) {
 		this.logoutRequestMatcher = null;
@@ -158,11 +157,10 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
 	/**
 	 * The RequestMatcher that triggers log out to occur. In most circumstances users will
 	 * use {@link #logoutUrl(String)} which helps enforce good practices.
-	 *
-	 * @see #logoutUrl(String)
 	 * @param logoutRequestMatcher the RequestMatcher used to determine if logout should
 	 * occur.
 	 * @return the {@link LogoutConfigurer} for further customization
+	 * @see #logoutUrl(String)
 	 */
 	public LogoutConfigurer<H> logoutRequestMatcher(RequestMatcher logoutRequestMatcher) {
 		this.logoutRequestMatcher = logoutRequestMatcher;
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java
index acc55108bd..4507c58b1e 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java
@@ -214,8 +214,8 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 	 * @param sessionCreationPolicy the {@link SessionCreationPolicy} to use. Cannot be
 	 * null.
 	 * @return the {@link SessionManagementConfigurer} for further customizations
-	 * @see SessionCreationPolicy
 	 * @throws IllegalArgumentException if {@link SessionCreationPolicy} is null.
+	 * @see SessionCreationPolicy
 	 */
 	public SessionManagementConfigurer<H> sessionCreationPolicy(SessionCreationPolicy sessionCreationPolicy) {
 		Assert.notNull(sessionCreationPolicy, "sessionCreationPolicy cannot be null");
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
index f30b3f0428..09addf7ea9 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
@@ -163,10 +163,9 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 
 	/**
 	 * Sets the repository for authorized client(s).
-	 *
-	 * @since 5.1
 	 * @param authorizedClientRepository the authorized client repository
 	 * @return the {@link OAuth2LoginConfigurer} for further configuration
+	 * @since 5.1
 	 */
 	public OAuth2LoginConfigurer<B> authorizedClientRepository(
 			OAuth2AuthorizedClientRepository authorizedClientRepository) {
@@ -250,11 +249,10 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 
 		/**
 		 * Sets the resolver used for resolving {@link OAuth2AuthorizationRequest}'s.
-		 *
-		 * @since 5.1
 		 * @param authorizationRequestResolver the resolver used for resolving
 		 * {@link OAuth2AuthorizationRequest}'s
 		 * @return the {@link AuthorizationEndpointConfig} for further configuration
+		 * @since 5.1
 		 */
 		public AuthorizationEndpointConfig authorizationRequestResolver(
 				OAuth2AuthorizationRequestResolver authorizationRequestResolver) {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
index fd0ee07065..19f0fd4cdd 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
@@ -118,11 +118,11 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
  * </ul>
  *
  * @author Rob Winch
+ * @since 3.2
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @since 3.2
  */
 public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>>
 		extends AbstractAuthenticationFilterConfigurer<H, OpenIDLoginConfigurer<H>, OpenIDAuthenticationFilter> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java b/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java
index 404bc89236..78ef22909a 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java
@@ -40,8 +40,8 @@ import org.springframework.util.StringUtils;
  * Allows mapping security constraints using {@link MessageMatcher} to the security
  * expressions.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public class MessageSecurityMetadataSourceRegistry {
 
@@ -152,7 +152,7 @@ public class MessageSecurityMetadataSourceRegistry {
 	 * from. Uses
 	 * {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}.
 	 * @return the {@link Constraint} that is associated to the {@link MessageMatcher}
-	 * @see {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}
+	 * @see MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)
 	 */
 	private Constraint simpDestMatchers(SimpMessageType type, String... patterns) {
 		List<MatcherBuilder> matchers = new ArrayList<>(patterns.length);
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurity.java
index c0f7ec0c9b..33014b7e89 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurity.java
@@ -47,6 +47,7 @@ import java.lang.annotation.Target;
  *          return new MapReactiveUserDetailsService(user);
  *     }
  * }
+ * </pre>
  *
  * Below is the same as our minimal configuration, but explicitly declaring the
  * {@code ServerHttpSecurity}.
@@ -54,7 +55,6 @@ import java.lang.annotation.Target;
  * <pre class="code">
  * &#064;EnableWebFluxSecurity
  * public class MyExplicitSecurityConfiguration {
- *     // @formatter:off
  *     &#064;Bean
  *     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
  *          http
@@ -65,9 +65,7 @@ import java.lang.annotation.Target;
  *                    .formLogin();
  *          return http.build();
  *     }
- *     // @formatter:on
  *
- *     // @formatter:off
  *     &#064;Bean
  *     public MapReactiveUserDetailsService userDetailsService() {
  *          UserDetails user = User.withDefaultPasswordEncoder()
@@ -77,8 +75,8 @@ import java.lang.annotation.Target;
  *               .build();
  *          return new MapReactiveUserDetailsService(user);
  *     }
- *     // @formatter:on
  * }
+ * </pre>
  *
  * @author Rob Winch
  * @since 5.0
diff --git a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
index 5dd453fca2..dc02c12412 100644
--- a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
@@ -447,13 +447,13 @@ final class AuthenticationConfigBuilder {
 
 	/**
 	 * Parses OpenID 1.0 and 2.0 - related parts of configuration xmls
+	 * @param sessionStrategy sessionStrategy
+	 * @param openIDLoginElt the element from the xml file
+	 * @return the parsed filter as rootBeanDefinition
 	 * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
 	 * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
 	 * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
 	 * supported by <code>spring-security-oauth2</code>.
-	 * @param sessionStrategy sessionStrategy
-	 * @param openIDLoginElt the element from the xml file
-	 * @return the parsed filter as rootBeanDefinition
 	 */
 	private RootBeanDefinition parseOpenIDFilter(BeanReference sessionStrategy, Element openIDLoginElt) {
 		RootBeanDefinition openIDFilter;
diff --git a/config/src/main/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParser.java
index 326fc70713..e460c3365b 100644
--- a/config/src/main/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParser.java
@@ -55,8 +55,8 @@ import org.springframework.util.xml.DomUtils;
  * A {@link BeanDefinitionParser} for &lt;http&gt;'s &lt;oauth2-resource-server&gt;
  * element.
  *
- * @since 5.3
  * @author Josh Cummings
+ * @since 5.3
  */
 final class OAuth2ResourceServerBeanDefinitionParser implements BeanDefinitionParser {
 
diff --git a/config/src/main/java/org/springframework/security/config/ldap/ContextSourceSettingPostProcessor.java b/config/src/main/java/org/springframework/security/config/ldap/ContextSourceSettingPostProcessor.java
index a031988e83..9216cbd9d8 100644
--- a/config/src/main/java/org/springframework/security/config/ldap/ContextSourceSettingPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/ldap/ContextSourceSettingPostProcessor.java
@@ -26,10 +26,10 @@ import org.springframework.util.ClassUtils;
 
 /**
  * Checks for the presence of a ContextSource instance. Also supplies the standard
- * reference to any unconfigured <ldap-authentication-provider> or <ldap-user-service>
- * beans. This is necessary in cases where the user has given the server a specific Id,
- * but hasn't used the server-ref attribute to link this to the other ldap definitions.
- * See SEC-799.
+ * reference to any unconfigured &lt;ldap-authentication-provider&gt; or
+ * &lt;ldap-user-service&gt; beans. This is necessary in cases where the user has given
+ * the server a specific Id, but hasn't used the server-ref attribute to link this to the
+ * other ldap definitions. See SEC-799.
  *
  * @author Luke Taylor
  * @since 3.0
diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
index c2d7d13a28..aba685f3a3 100644
--- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -189,25 +189,51 @@ import static org.springframework.security.web.server.DelegatingServerAuthentica
  *
  * A minimal configuration can be found below:
  *
- * <pre class="code"> &#064;EnableWebFluxSecurity public class
- * MyMinimalSecurityConfiguration {
+ * <pre class="code">
+ * &#064;EnableWebFluxSecurity
+ * public class MyMinimalSecurityConfiguration {
  *
- * &#064;Bean public MapReactiveUserDetailsService userDetailsService() { UserDetails user
- * = User.withDefaultPasswordEncoder() .username("user") .password("password")
- * .roles("USER") .build(); return new MapReactiveUserDetailsService(user); } }
+ *     &#064;Bean
+ *     public MapReactiveUserDetailsService userDetailsService() {
+ *         UserDetails user = User.withDefaultPasswordEncoder()
+ *             .username("user")
+ *             .password("password")
+ *             .roles("USER")
+ *             .build();
+ *         return new MapReactiveUserDetailsService(user);
+ *     }
+ * }
+ * </pre>
  *
  * Below is the same as our minimal configuration, but explicitly declaring the
  * {@code ServerHttpSecurity}.
  *
- * <pre class="code"> &#064;EnableWebFluxSecurity public class
- * MyExplicitSecurityConfiguration { &#064;Bean public SecurityWebFilterChain
- * springSecurityFilterChain(ServerHttpSecurity http) { http .authorizeExchange()
- * .anyExchange().authenticated() .and() .httpBasic().and() .formLogin(); return
- * http.build(); }
+ * <pre class="code">
+ * &#064;EnableWebFluxSecurity
+ * public class MyExplicitSecurityConfiguration {
  *
- * &#064;Bean public MapReactiveUserDetailsService userDetailsService() { UserDetails user
- * = User.withDefaultPasswordEncoder() .username("user") .password("password")
- * .roles("USER") .build(); return new MapReactiveUserDetailsService(user); } }
+ *     &#064;Bean
+ *     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
+ *         http
+ *             .authorizeExchange()
+ *               .anyExchange().authenticated()
+ *             .and()
+ *               .httpBasic().and()
+ *               .formLogin();
+ *             return http.build();
+ *     }
+ *
+ *     &#064;Bean
+ *     public MapReactiveUserDetailsService userDetailsService() {
+ *         UserDetails user = User.withDefaultPasswordEncoder()
+ *             .username("user")
+ *             .password("password")
+ *             .roles("USER")
+ *             .build();
+ *         return new MapReactiveUserDetailsService(user);
+ *     }
+ * }
+ * </pre>
  *
  * @author Rob Winch
  * @author Vedran Pavic
@@ -829,11 +855,10 @@ public class ServerHttpSecurity {
 	 * Note that if extractor is not specified, {@link SubjectDnX509PrincipalExtractor}
 	 * will be used. If authenticationManager is not specified,
 	 * {@link ReactivePreAuthenticatedAuthenticationManager} will be used.
-	 *
-	 * @since 5.2
 	 * @param x509Customizer the {@link Customizer} to provide more options for the
 	 * {@link X509Spec}
 	 * @return the {@link ServerHttpSecurity} to customize
+	 * @since 5.2
 	 */
 	public ServerHttpSecurity x509(Customizer<X509Spec> x509Customizer) {
 		if (this.x509 == null) {
@@ -994,10 +1019,9 @@ public class ServerHttpSecurity {
 		 * The {@link ServerSecurityContextRepository} used to save the
 		 * {@code Authentication}. Defaults to
 		 * {@link WebSessionServerSecurityContextRepository}.
-		 *
-		 * @since 5.2
 		 * @param securityContextRepository the repository to use
 		 * @return the {@link OAuth2LoginSpec} to continue configuring
+		 * @since 5.2
 		 */
 		public OAuth2LoginSpec securityContextRepository(ServerSecurityContextRepository securityContextRepository) {
 			this.securityContextRepository = securityContextRepository;
@@ -1008,10 +1032,9 @@ public class ServerHttpSecurity {
 		 * The {@link ServerAuthenticationSuccessHandler} used after authentication
 		 * success. Defaults to {@link RedirectServerAuthenticationSuccessHandler}
 		 * redirecting to "/".
-		 *
-		 * @since 5.2
 		 * @param authenticationSuccessHandler the success handler to use
 		 * @return the {@link OAuth2LoginSpec} to customize
+		 * @since 5.2
 		 */
 		public OAuth2LoginSpec authenticationSuccessHandler(
 				ServerAuthenticationSuccessHandler authenticationSuccessHandler) {
@@ -1024,10 +1047,9 @@ public class ServerHttpSecurity {
 		 * The {@link ServerAuthenticationFailureHandler} used after authentication
 		 * failure. Defaults to {@link RedirectServerAuthenticationFailureHandler}
 		 * redirecting to "/login?error".
-		 *
-		 * @since 5.2
 		 * @param authenticationFailureHandler the failure handler to use
 		 * @return the {@link OAuth2LoginSpec} to customize
+		 * @since 5.2
 		 */
 		public OAuth2LoginSpec authenticationFailureHandler(
 				ServerAuthenticationFailureHandler authenticationFailureHandler) {
@@ -1121,11 +1143,10 @@ public class ServerHttpSecurity {
 
 		/**
 		 * Sets the repository to use for storing {@link OAuth2AuthorizationRequest}'s.
-		 *
-		 * @since 5.2
 		 * @param authorizationRequestRepository the repository to use for storing
 		 * {@link OAuth2AuthorizationRequest}'s
 		 * @return the {@link OAuth2LoginSpec} for further configuration
+		 * @since 5.2
 		 */
 		public OAuth2LoginSpec authorizationRequestRepository(
 				ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
@@ -1135,11 +1156,10 @@ public class ServerHttpSecurity {
 
 		/**
 		 * Sets the resolver used for resolving {@link OAuth2AuthorizationRequest}'s.
-		 *
-		 * @since 5.2
 		 * @param authorizationRequestResolver the resolver used for resolving
 		 * {@link OAuth2AuthorizationRequest}'s
 		 * @return the {@link OAuth2LoginSpec} for further configuration
+		 * @since 5.2
 		 */
 		public OAuth2LoginSpec authorizationRequestResolver(
 				ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) {
@@ -1150,11 +1170,10 @@ public class ServerHttpSecurity {
 		/**
 		 * Sets the {@link ServerWebExchangeMatcher matcher} used for determining if the
 		 * request is an authentication request.
-		 *
-		 * @since 5.2
 		 * @param authenticationMatcher the {@link ServerWebExchangeMatcher matcher} used
 		 * for determining if the request is an authentication request
 		 * @return the {@link OAuth2LoginSpec} for further configuration
+		 * @since 5.2
 		 */
 		public OAuth2LoginSpec authenticationMatcher(ServerWebExchangeMatcher authenticationMatcher) {
 			this.authenticationMatcher = authenticationMatcher;
@@ -1499,11 +1518,10 @@ public class ServerHttpSecurity {
 
 		/**
 		 * Sets the repository to use for storing {@link OAuth2AuthorizationRequest}'s.
-		 *
-		 * @since 5.2
 		 * @param authorizationRequestRepository the repository to use for storing
 		 * {@link OAuth2AuthorizationRequest}'s
 		 * @return the {@link OAuth2ClientSpec} to customize
+		 * @since 5.2
 		 */
 		public OAuth2ClientSpec authorizationRequestRepository(
 				ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
@@ -3689,8 +3707,8 @@ public class ServerHttpSecurity {
 		/**
 		 * Configures {@code Content-Security-Policy} response header.
 		 *
-		 * @see #contentSecurityPolicy(String)
 		 * @since 5.1
+		 * @see #contentSecurityPolicy(String)
 		 */
 		public class ContentSecurityPolicySpec {
 
@@ -3740,8 +3758,8 @@ public class ServerHttpSecurity {
 		/**
 		 * Configures {@code Feature-Policy} response header.
 		 *
-		 * @see #featurePolicy(String)
 		 * @since 5.1
+		 * @see #featurePolicy(String)
 		 */
 		public class FeaturePolicySpec {
 
@@ -3763,9 +3781,9 @@ public class ServerHttpSecurity {
 		/**
 		 * Configures {@code Referrer-Policy} response header.
 		 *
+		 * @since 5.1
 		 * @see #referrerPolicy()
 		 * @see #referrerPolicy(ReferrerPolicy)
-		 * @since 5.1
 		 */
 		public class ReferrerPolicySpec {
 
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java
index 0e779e9c4a..555ff3fd48 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java
@@ -109,29 +109,29 @@ public class SampleWebSecurityConfigurerAdapterTests {
 	}
 
 	/**
-	 * <code>
-	 *   <http>
-	 *     <intercept-url pattern="/resources/**" access="permitAll"/>
-	 *     <intercept-url pattern="/**" access="authenticated"/>
-	 *     <logout
+	 * <pre>
+	 *   &lt;http&gt;
+	 *     &lt;intercept-url pattern="/resources/**" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/**" access="authenticated"/&gt;
+	 *     &lt;logout
 	 *         logout-success-url="/login?logout"
 	 *         logout-url="/logout"
-	 *     <form-login
+	 *     &lt;form-login
 	 *         authentication-failure-url="/login?error"
-	 *         login-page="/login" <!-- Except Spring Security renders the login page -->
-	 *         login-processing-url="/login" <!-- but only POST -->
+	 *         login-page="/login" &lt;!-- Except Spring Security renders the login page --&gt;
+	 *         login-processing-url="/login" &lt;!-- but only POST --&gt;
 	 *         password-parameter="password"
 	 *         username-parameter="username"
-	 *     />
-	 *   </http>
-	 *   <authentication-manager>
-	 *     <authentication-provider>
-	 *       <user-service>
-	 *         <user username="user" password="password" authorities="ROLE_USER"/>
-	 *       </user-service>
-	 *     </authentication-provider>
-	 *   </authentication-manager>
-	 * </code>
+	 *     /&gt;
+	 *   &lt;/http&gt;
+	 *   &lt;authentication-manager&gt;
+	 *     &lt;authentication-provider&gt;
+	 *       &lt;user-service&gt;
+	 *         &lt;user username="user" password="password" authorities="ROLE_USER"/&gt;
+	 *       &lt;/user-service&gt;
+	 *     &lt;/authentication-provider&gt;
+	 *   &lt;/authentication-manager&gt;
+	 * </pre>
 	 *
 	 * @author Rob Winch
 	 */
@@ -183,35 +183,35 @@ public class SampleWebSecurityConfigurerAdapterTests {
 	}
 
 	/**
-	 * <code>
-	 *   <http security="none" pattern="/resources/**"/>
-	 *   <http>
-	 *     <intercept-url pattern="/logout" access="permitAll"/>
-	 *     <intercept-url pattern="/login" access="permitAll"/>
-	 *     <intercept-url pattern="/signup" access="permitAll"/>
-	 *     <intercept-url pattern="/about" access="permitAll"/>
-	 *     <intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
-	 *     <logout
+	 * <pre>
+	 *   &lt;http security="none" pattern="/resources/**"/&gt;
+	 *   &lt;http&gt;
+	 *     &lt;intercept-url pattern="/logout" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/login" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/signup" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/about" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/**" access="hasRole('ROLE_USER')"/&gt;
+	 *     &lt;logout
 	 *         logout-success-url="/login?logout"
 	 *         logout-url="/logout"
-	 *     <form-login
+	 *     &lt;form-login
 	 *         authentication-failure-url="/login?error"
 	 *         login-page="/login"
-	 *         login-processing-url="/login" <!-- but only POST -->
+	 *         login-processing-url="/login" &lt;!-- but only POST --&gt;
 	 *         password-parameter="password"
 	 *         username-parameter="username"
-	 *     />
-	 *   </http>
-	 *   <authentication-manager>
-	 *     <authentication-provider>
-	 *       <user-service>
-	 *         <user username="user" password="password" authorities="ROLE_USER"/>
-	 *         <user username="admin" password="password" authorities=
-	"ROLE_USER,ROLE_ADMIN"/>
-	 *       </user-service>
-	 *     </authentication-provider>
-	 *   </authentication-manager>
-	 * </code>
+	 *     /&gt;
+	 *   &lt;/http&gt;
+	 *   &lt;authentication-manager&gt;
+	 *     &lt;authentication-provider&gt;
+	 *       &lt;user-service&gt;
+	 *         &lt;user username="user" password="password" authorities="ROLE_USER"/&gt;
+	 *         &lt;user username="admin" password="password" authorities=
+	"ROLE_USER,ROLE_ADMIN"/&gt;
+	 *       &lt;/user-service&gt;
+	 *     &lt;/authentication-provider&gt;
+	 *   &lt;/authentication-manager&gt;
+	 * </pre>
 	 *
 	 * @author Rob Winch
 	 */
@@ -319,38 +319,38 @@ public class SampleWebSecurityConfigurerAdapterTests {
 
 	/**
 	 * <code>
-	 *   <http security="none" pattern="/resources/**"/>
-	 *   <http pattern="/api/**">
-	 *     <intercept-url pattern="/api/admin/**" access="hasRole('ROLE_ADMIN')"/>
-	 *     <intercept-url pattern="/api/**" access="hasRole('ROLE_USER')"/>
-	 *     <http-basic />
-	 *   </http>
-	 *   <http>
-	 *     <intercept-url pattern="/logout" access="permitAll"/>
-	 *     <intercept-url pattern="/login" access="permitAll"/>
-	 *     <intercept-url pattern="/signup" access="permitAll"/>
-	 *     <intercept-url pattern="/about" access="permitAll"/>
-	 *     <intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
-	 *     <logout
+	 *   &lt;http security="none" pattern="/resources/**"/&gt;
+	 *   &lt;http pattern="/api/**"&gt;
+	 *     &lt;intercept-url pattern="/api/admin/**" access="hasRole('ROLE_ADMIN')"/&gt;
+	 *     &lt;intercept-url pattern="/api/**" access="hasRole('ROLE_USER')"/&gt;
+	 *     &lt;http-basic /&gt;
+	 *   &lt;/http&gt;
+	 *   &lt;http&gt;
+	 *     &lt;intercept-url pattern="/logout" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/login" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/signup" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/about" access="permitAll"/&gt;
+	 *     &lt;intercept-url pattern="/**" access="hasRole('ROLE_USER')"/&gt;
+	 *     &lt;logout
 	 *         logout-success-url="/login?logout"
 	 *         logout-url="/logout"
-	 *     <form-login
+	 *     &lt;form-login
 	 *         authentication-failure-url="/login?error"
 	 *         login-page="/login"
-	 *         login-processing-url="/login" <!-- but only POST -->
+	 *         login-processing-url="/login" &lt;!-- but only POST --&gt;
 	 *         password-parameter="password"
 	 *         username-parameter="username"
-	 *     />
-	 *   </http>
-	 *   <authentication-manager>
-	 *     <authentication-provider>
-	 *       <user-service>
-	 *         <user username="user" password="password" authorities="ROLE_USER"/>
-	 *         <user username="admin" password="password" authorities=
-	"ROLE_USER,ROLE_ADMIN"/>
-	 *       </user-service>
-	 *     </authentication-provider>
-	 *   </authentication-manager>
+	 *     /&gt;
+	 *   &lt;/http&gt;
+	 *   &lt;authentication-manager&gt;
+	 *     &lt;authentication-provider&gt;
+	 *       &lt;user-service&gt;
+	 *         &lt;user username="user" password="password" authorities="ROLE_USER"/&gt;
+	 *         &lt;user username="admin" password="password" authorities=
+	"ROLE_USER,ROLE_ADMIN"/&gt;
+	 *       &lt;/user-service&gt;
+	 *     &lt;/authentication-provider&gt;
+	 *   &lt;/authentication-manager&gt;
 	 * </code>
 	 *
 	 * @author Rob Winch
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java
index ac5075b71c..556c3d1a49 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java
@@ -63,8 +63,8 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 
 /**
- * Tests to verify that all the functionality of <http> attributes are present in Java
- * Config.
+ * Tests to verify that all the functionality of &lt;http&gt; attributes are present in
+ * Java Config.
  *
  * @author Rob Winch
  * @author Joe Grandja
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java
index c7716f1d4b..ab96950277 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java
@@ -39,7 +39,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <anonymous> attributes is present
+ * Tests to verify that all the functionality of &lt;anonymous&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java
index e020066b5e..e587019f6c 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java
@@ -45,7 +45,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <http-basic> attributes is present
+ * Tests to verify that all the functionality of &lt;http-basic&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java
index 4bc72dc12c..da9f49f256 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java
@@ -46,7 +46,8 @@ import org.springframework.web.filter.OncePerRequestFilter;
 import static org.assertj.core.api.Assertions.assertThat;
 
 /**
- * Tests to verify that all the functionality of <custom-filter> attributes is present
+ * Tests to verify that all the functionality of &lt;custom-filter&gt; attributes is
+ * present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java
index 9b3e68ad68..eeab7c3e11 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java
@@ -45,7 +45,7 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 
 /**
- * Tests to verify that all the functionality of <expression-handler> attributes is
+ * Tests to verify that all the functionality of &lt;expression-handler&gt; attributes is
  * present
  *
  * @author Rob Winch
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java
index 75b24bdd09..146db2013d 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFirewallTests.java
@@ -36,7 +36,8 @@ import static org.assertj.core.api.Assertions.assertThatCode;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 
 /**
- * Tests to verify that all the functionality of <http-firewall> attributes is present
+ * Tests to verify that all the functionality of &lt;http-firewall&gt; attributes is
+ * present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java
index 66f4a2c207..0466f4f09a 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java
@@ -45,7 +45,7 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
 
 /**
- * Tests to verify that all the functionality of <form-login> attributes is present
+ * Tests to verify that all the functionality of &lt;form-login&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java
index 6c92e4a2f3..7ffd4c2dc7 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java
@@ -40,7 +40,7 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
 
 /**
- * Tests to verify that all the functionality of <headers> attributes is present
+ * Tests to verify that all the functionality of &lt;headers&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java
index 5e2f6e1fd7..a6e9d805d0 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java
@@ -41,7 +41,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <intercept-url> attributes is present
+ * Tests to verify that all the functionality of &lt;intercept-url&gt; attributes is
+ * present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java
index be01d6b2cf..d62421f8fc 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java
@@ -44,7 +44,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <jee> attributes is present
+ * Tests to verify that all the functionality of &lt;jee&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java
index 23cc3dbdf4..7471627b31 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java
@@ -48,7 +48,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <logout> attributes is present
+ * Tests to verify that all the functionality of &lt;logout&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java
index ca2ab7c267..1a0e881dc9 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java
@@ -70,7 +70,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <openid-login> attributes is present
+ * Tests to verify that all the functionality of &lt;openid-login&gt; attributes is
+ * present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java
index b57f8ea6e5..c7e2b79682 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java
@@ -30,7 +30,8 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
 
 /**
- * Tests to verify that all the functionality of <port-mappings> attributes is present
+ * Tests to verify that all the functionality of &lt;port-mappings&gt; attributes is
+ * present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java
index 6669eff98a..f83c874ce2 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java
@@ -42,7 +42,8 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <request-cache> attributes is present
+ * Tests to verify that all the functionality of &lt;request-cache&gt; attributes is
+ * present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java
index 75eca225e8..cb2523d9e4 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java
@@ -43,8 +43,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <access-denied-handler> attributes is
- * present
+ * Tests to verify that all the functionality of &lt;access-denied-handler&gt; attributes
+ * is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java
index 26f3c39a83..38276373ad 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java
@@ -51,8 +51,8 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 
 /**
- * Tests to verify that all the functionality of <x509> attributes is present in Java
- * config
+ * Tests to verify that all the functionality of &lt;x509&gt; attributes is present in
+ * Java config
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java
index 1fd45ff8e7..aeac564a92 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java
@@ -63,7 +63,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 /**
- * Tests to verify that all the functionality of <anonymous> attributes is present
+ * Tests to verify that all the functionality of &lt;anonymous&gt; attributes is present
  *
  * @author Rob Winch
  * @author Josh Cummings
diff --git a/core/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java b/core/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java
index 16f8cc04e0..f68952eac6 100644
--- a/core/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java
+++ b/core/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java
@@ -17,7 +17,9 @@ package org.springframework.security.access.prepost;
 
 import java.lang.annotation.Annotation;
 import java.lang.reflect.Method;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 
 import org.springframework.core.annotation.AnnotationUtils;
 import org.springframework.security.access.ConfigAttribute;
@@ -41,9 +43,9 @@ import org.springframework.util.ClassUtils;
  * combine annotations defined in multiple locations for a single method - they may be
  * defined on the method itself, or at interface or class level.
  *
- * @see PreInvocationAuthorizationAdviceVoter
  * @author Luke Taylor
  * @since 3.0
+ * @see PreInvocationAuthorizationAdviceVoter
  */
 public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecurityMetadataSource {
 
@@ -53,12 +55,13 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 		this.attributeFactory = attributeFactory;
 	}
 
+	@Override
 	public Collection<ConfigAttribute> getAttributes(Method method, Class<?> targetClass) {
 		if (method.getDeclaringClass() == Object.class) {
 			return Collections.emptyList();
 		}
 
-		logger.trace("Looking for Pre/Post annotations for method '" + method.getName() + "' on target class '"
+		this.logger.trace("Looking for Pre/Post annotations for method '" + method.getName() + "' on target class '"
 				+ targetClass + "'");
 		PreFilter preFilter = findAnnotation(method, targetClass, PreFilter.class);
 		PreAuthorize preAuthorize = findAnnotation(method, targetClass, PreAuthorize.class);
@@ -68,7 +71,7 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 
 		if (preFilter == null && preAuthorize == null && postFilter == null && postAuthorize == null) {
 			// There is no meta-data so return
-			logger.trace("No expression annotations found");
+			this.logger.trace("No expression annotations found");
 			return Collections.emptyList();
 		}
 
@@ -80,14 +83,14 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 
 		ArrayList<ConfigAttribute> attrs = new ArrayList<>(2);
 
-		PreInvocationAttribute pre = attributeFactory.createPreInvocationAttribute(preFilterAttribute, filterObject,
-				preAuthorizeAttribute);
+		PreInvocationAttribute pre = this.attributeFactory.createPreInvocationAttribute(preFilterAttribute,
+				filterObject, preAuthorizeAttribute);
 
 		if (pre != null) {
 			attrs.add(pre);
 		}
 
-		PostInvocationAttribute post = attributeFactory.createPostInvocationAttribute(postFilterAttribute,
+		PostInvocationAttribute post = this.attributeFactory.createPostInvocationAttribute(postFilterAttribute,
 				postAuthorizeAttribute);
 
 		if (post != null) {
@@ -99,6 +102,7 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 		return attrs;
 	}
 
+	@Override
 	public Collection<ConfigAttribute> getAllConfigAttributes() {
 		return null;
 	}
@@ -117,7 +121,7 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 		A annotation = AnnotationUtils.findAnnotation(specificMethod, annotationClass);
 
 		if (annotation != null) {
-			logger.debug(annotation + " found on specific method: " + specificMethod);
+			this.logger.debug(annotation + " found on specific method: " + specificMethod);
 			return annotation;
 		}
 
@@ -126,7 +130,7 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 			annotation = AnnotationUtils.findAnnotation(method, annotationClass);
 
 			if (annotation != null) {
-				logger.debug(annotation + " found on: " + method);
+				this.logger.debug(annotation + " found on: " + method);
 				return annotation;
 			}
 		}
@@ -136,7 +140,7 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 		annotation = AnnotationUtils.findAnnotation(specificMethod.getDeclaringClass(), annotationClass);
 
 		if (annotation != null) {
-			logger.debug(annotation + " found on: " + specificMethod.getDeclaringClass().getName());
+			this.logger.debug(annotation + " found on: " + specificMethod.getDeclaringClass().getName());
 			return annotation;
 		}
 
diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java
index f573856387..b458ddefd4 100644
--- a/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/authentication/jaas/JaasAuthenticationProvider.java
@@ -260,10 +260,9 @@ public class JaasAuthenticationProvider extends AbstractJaasAuthenticationProvid
 	/**
 	 * If set, a call to {@code Configuration#refresh()} will be made by
 	 * {@code #configureJaas(Resource) } method. Defaults to {@code true}.
-	 *
-	 * @see <a href="https://jira.springsource.org/browse/SEC-1320">SEC-1320</a>
 	 * @param refresh set to {@code false} to disable reloading of the configuration. May
 	 * be useful in some environments.
+	 * @see <a href="https://jira.springsource.org/browse/SEC-1320">SEC-1320</a>
 	 */
 	public void setRefreshConfigurationOnStartup(boolean refresh) {
 		this.refreshConfigurationOnStartup = refresh;
diff --git a/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java
index 8a78190efa..1d995be615 100644
--- a/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java
@@ -16,19 +16,19 @@
 
 package org.springframework.security.authorization;
 
+import reactor.core.publisher.Mono;
+
 import org.springframework.security.authentication.AuthenticationTrustResolver;
 import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
 import org.springframework.security.core.Authentication;
-import reactor.core.publisher.Mono;
 
 /**
  * A {@link ReactiveAuthorizationManager} that determines if the current user is
  * authenticated.
  *
- * @author Rob Winch
- * @since 5.0
  * @param <T> The type of object authorization is being performed against. This does not
- * matter since the authorization decision does not use the object.
+ * @author Rob Winch
+ * @since 5.0 matter since the authorization decision does not use the object.
  */
 public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
 
@@ -47,7 +47,7 @@ public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAut
 	 * @return <code>true</code> if not anonymous, otherwise <code>false</code>.
 	 */
 	private boolean isNotAnonymous(Authentication authentication) {
-		return !authTrustResolver.isAnonymous(authentication);
+		return !this.authTrustResolver.isAnonymous(authentication);
 	}
 
 	/**
diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java
index 31d85ebfb1..a1a2a4784a 100644
--- a/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java
@@ -16,20 +16,21 @@
 
 package org.springframework.security.authorization;
 
-import org.springframework.security.core.Authentication;
-import org.springframework.util.Assert;
-import reactor.core.publisher.Mono;
-
 import java.util.Arrays;
 import java.util.List;
 
+import reactor.core.publisher.Mono;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.util.Assert;
+
 /**
  * A {@link ReactiveAuthorizationManager} that determines if the current user is
  * authorized by evaluating if the {@link Authentication} contains a specified authority.
  *
+ * @param <T> the type of object being authorized
  * @author Rob Winch
  * @since 5.0
- * @param <T> the type of object being authorized
  */
 public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
 
diff --git a/core/src/main/java/org/springframework/security/authorization/ReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/ReactiveAuthorizationManager.java
index 92522b9e7a..87d1954e95 100644
--- a/core/src/main/java/org/springframework/security/authorization/ReactiveAuthorizationManager.java
+++ b/core/src/main/java/org/springframework/security/authorization/ReactiveAuthorizationManager.java
@@ -15,18 +15,18 @@
  */
 package org.springframework.security.authorization;
 
+import reactor.core.publisher.Mono;
+
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.core.Authentication;
 
-import reactor.core.publisher.Mono;
-
 /**
  * A reactive authorization manager which can determine if an {@link Authentication} has
  * access to a specific object.
  *
+ * @param <T> the type of object that the authorization check is being done one.
  * @author Rob Winch
  * @since 5.0
- * @param <T> the type of object that the authorization check is being done one.
  */
 public interface ReactiveAuthorizationManager<T> {
 
diff --git a/core/src/main/java/org/springframework/security/core/ComparableVersion.java b/core/src/main/java/org/springframework/security/core/ComparableVersion.java
index e34f04b3e4..1d1178492c 100644
--- a/core/src/main/java/org/springframework/security/core/ComparableVersion.java
+++ b/core/src/main/java/org/springframework/security/core/ComparableVersion.java
@@ -78,11 +78,11 @@ import java.util.Stack;
  * </ul>
  * </p>
  *
+ * @author Kenney Westerhof
+ * @author Hervé Boutemy
  * @see <a href=
  * "https://cwiki.apache.org/confluence/display/MAVENOLD/Versioning">"Versioning" on Maven
  * Wiki</a>
- * @author <a href="mailto:kenney@apache.org">Kenney Westerhof</a>
- * @author <a href="mailto:hboutemy@apache.org">Hervé Boutemy</a>
  */
 class ComparableVersion implements Comparable<ComparableVersion> {
 
@@ -134,18 +134,18 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 
 		@Override
 		public boolean isNull() {
-			return BigInteger_ZERO.equals(value);
+			return BigInteger_ZERO.equals(this.value);
 		}
 
 		@Override
 		public int compareTo(Item item) {
 			if (item == null) {
-				return BigInteger_ZERO.equals(value) ? 0 : 1; // 1.0 == 1, 1.1 > 1
+				return BigInteger_ZERO.equals(this.value) ? 0 : 1; // 1.0 == 1, 1.1 > 1
 			}
 
 			switch (item.getType()) {
 			case INTEGER_ITEM:
-				return value.compareTo(((IntegerItem) item).value);
+				return this.value.compareTo(((IntegerItem) item).value);
 
 			case STRING_ITEM:
 				return 1; // 1.1 > 1-sp
@@ -160,7 +160,7 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 
 		@Override
 		public String toString() {
-			return value.toString();
+			return this.value.toString();
 		}
 
 	}
@@ -215,7 +215,7 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 
 		@Override
 		public boolean isNull() {
-			return (comparableQualifier(value).compareTo(RELEASE_VERSION_INDEX) == 0);
+			return (comparableQualifier(this.value).compareTo(RELEASE_VERSION_INDEX) == 0);
 		}
 
 		/**
@@ -241,14 +241,14 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 		public int compareTo(Item item) {
 			if (item == null) {
 				// 1-rc < 1, 1-ga > 1
-				return comparableQualifier(value).compareTo(RELEASE_VERSION_INDEX);
+				return comparableQualifier(this.value).compareTo(RELEASE_VERSION_INDEX);
 			}
 			switch (item.getType()) {
 			case INTEGER_ITEM:
 				return -1; // 1.any < 1.1 ?
 
 			case STRING_ITEM:
-				return comparableQualifier(value).compareTo(comparableQualifier(((StringItem) item).value));
+				return comparableQualifier(this.value).compareTo(comparableQualifier(((StringItem) item).value));
 
 			case LIST_ITEM:
 				return -1; // 1.any < 1-1
@@ -260,7 +260,7 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 
 		@Override
 		public String toString() {
-			return value;
+			return this.value;
 		}
 
 	}
@@ -354,11 +354,11 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 	public final void parseVersion(String version) {
 		this.value = version;
 
-		items = new ListItem();
+		this.items = new ListItem();
 
 		version = version.toLowerCase(Locale.ENGLISH);
 
-		ListItem list = items;
+		ListItem list = this.items;
 
 		Stack<Item> stack = new Stack<>();
 		stack.push(list);
@@ -428,7 +428,7 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 			list.normalize();
 		}
 
-		canonical = items.toString();
+		this.canonical = this.items.toString();
 	}
 
 	private static Item parseItem(boolean isDigit, String buf) {
@@ -437,22 +437,22 @@ class ComparableVersion implements Comparable<ComparableVersion> {
 
 	@Override
 	public int compareTo(ComparableVersion o) {
-		return items.compareTo(o.items);
+		return this.items.compareTo(o.items);
 	}
 
 	@Override
 	public String toString() {
-		return value;
+		return this.value;
 	}
 
 	@Override
 	public boolean equals(Object o) {
-		return (o instanceof ComparableVersion) && canonical.equals(((ComparableVersion) o).canonical);
+		return (o instanceof ComparableVersion) && this.canonical.equals(((ComparableVersion) o).canonical);
 	}
 
 	@Override
 	public int hashCode() {
-		return canonical.hashCode();
+		return this.canonical.hashCode();
 	}
 
 }
diff --git a/core/src/main/java/org/springframework/security/core/parameters/AnnotationParameterNameDiscoverer.java b/core/src/main/java/org/springframework/security/core/parameters/AnnotationParameterNameDiscoverer.java
index 93777caf6d..897d8b46c3 100644
--- a/core/src/main/java/org/springframework/security/core/parameters/AnnotationParameterNameDiscoverer.java
+++ b/core/src/main/java/org/springframework/security/core/parameters/AnnotationParameterNameDiscoverer.java
@@ -81,9 +81,9 @@ import org.springframework.util.ReflectionUtils;
  * {@link PrioritizedParameterNameDiscoverer} are an all or nothing operation.
  * </p>
  *
- * @see DefaultSecurityParameterNameDiscoverer
  * @author Rob Winch
  * @since 3.2
+ * @see DefaultSecurityParameterNameDiscoverer
  */
 public class AnnotationParameterNameDiscoverer implements ParameterNameDiscoverer {
 
@@ -104,6 +104,7 @@ public class AnnotationParameterNameDiscoverer implements ParameterNameDiscovere
 	 * @see org.springframework.core.ParameterNameDiscoverer#getParameterNames(java
 	 * .lang.reflect.Method)
 	 */
+	@Override
 	public String[] getParameterNames(Method method) {
 		Method originalMethod = BridgeMethodResolver.findBridgedMethod(method);
 		String[] paramNames = lookupParameterNames(METHOD_METHODPARAM_FACTORY, originalMethod);
@@ -127,6 +128,7 @@ public class AnnotationParameterNameDiscoverer implements ParameterNameDiscovere
 	 * @see org.springframework.core.ParameterNameDiscoverer#getParameterNames(java
 	 * .lang.reflect.Constructor)
 	 */
+	@Override
 	public String[] getParameterNames(Constructor<?> constructor) {
 		return lookupParameterNames(CONSTRUCTOR_METHODPARAM_FACTORY, constructor);
 	}
@@ -164,7 +166,7 @@ public class AnnotationParameterNameDiscoverer implements ParameterNameDiscovere
 	 */
 	private String findParameterName(Annotation[] parameterAnnotations) {
 		for (Annotation paramAnnotation : parameterAnnotations) {
-			if (annotationClassesToUse.contains(paramAnnotation.annotationType().getName())) {
+			if (this.annotationClassesToUse.contains(paramAnnotation.annotationType().getName())) {
 				return (String) AnnotationUtils.getValue(paramAnnotation, "value");
 			}
 		}
@@ -180,9 +182,9 @@ public class AnnotationParameterNameDiscoverer implements ParameterNameDiscovere
 	/**
 	 * Strategy interface for looking up the parameter names.
 	 *
+	 * @param <T> the type to inspect (i.e. {@link Method} or {@link Constructor})
 	 * @author Rob Winch
 	 * @since 3.2
-	 * @param <T> the type to inspect (i.e. {@link Method} or {@link Constructor})
 	 */
 	private interface ParameterNameFactory<T extends AccessibleObject> {
 
diff --git a/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java b/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java
index 45161c67f6..055b311300 100644
--- a/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java
+++ b/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java
@@ -22,6 +22,7 @@ import java.util.Set;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+
 import org.springframework.core.DefaultParameterNameDiscoverer;
 import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
 import org.springframework.core.ParameterNameDiscoverer;
@@ -44,9 +45,9 @@ import org.springframework.util.ClassUtils;
  * {@link LocalVariableTableParameterNameDiscoverer} is added directly.</li>
  * </ul>
  *
- * @see AnnotationParameterNameDiscoverer
  * @author Rob Winch
  * @since 3.2
+ * @see AnnotationParameterNameDiscoverer
  */
 public class DefaultSecurityParameterNameDiscoverer extends PrioritizedParameterNameDiscoverer {
 
diff --git a/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java b/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java
index 224f28499b..0d648d8c38 100644
--- a/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java
+++ b/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java
@@ -16,16 +16,22 @@
 
 package org.springframework.security.core.session;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.context.ApplicationListener;
-import org.springframework.util.Assert;
-
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 import java.util.concurrent.CopyOnWriteArraySet;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.springframework.context.ApplicationListener;
+import org.springframework.util.Assert;
+
 /**
  * Default implementation of
  * {@link org.springframework.security.core.session.SessionRegistry SessionRegistry} which
@@ -44,10 +50,10 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 
 	protected final Log logger = LogFactory.getLog(SessionRegistryImpl.class);
 
-	/** <principal:Object,SessionIdSet> */
+	// <principal:Object,SessionIdSet>
 	private final ConcurrentMap<Object, Set<String>> principals;
 
-	/** <sessionId:Object,SessionInformation> */
+	// <sessionId:Object,SessionInformation>
 	private final Map<String, SessionInformation> sessionIds;
 
 	public SessionRegistryImpl() {
@@ -61,12 +67,14 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 		this.sessionIds = sessionIds;
 	}
 
+	@Override
 	public List<Object> getAllPrincipals() {
-		return new ArrayList<>(principals.keySet());
+		return new ArrayList<>(this.principals.keySet());
 	}
 
+	@Override
 	public List<SessionInformation> getAllSessions(Object principal, boolean includeExpiredSessions) {
-		final Set<String> sessionsUsedByPrincipal = principals.get(principal);
+		final Set<String> sessionsUsedByPrincipal = this.principals.get(principal);
 
 		if (sessionsUsedByPrincipal == null) {
 			return Collections.emptyList();
@@ -89,12 +97,14 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 		return list;
 	}
 
+	@Override
 	public SessionInformation getSessionInformation(String sessionId) {
 		Assert.hasText(sessionId, "SessionId required as per interface contract");
 
-		return sessionIds.get(sessionId);
+		return this.sessionIds.get(sessionId);
 	}
 
+	@Override
 	public void onApplicationEvent(AbstractSessionEvent event) {
 		if (event instanceof SessionDestroyedEvent) {
 			SessionDestroyedEvent sessionDestroyedEvent = (SessionDestroyedEvent) event;
@@ -104,12 +114,13 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 		else if (event instanceof SessionIdChangedEvent) {
 			SessionIdChangedEvent sessionIdChangedEvent = (SessionIdChangedEvent) event;
 			String oldSessionId = sessionIdChangedEvent.getOldSessionId();
-			Object principal = sessionIds.get(oldSessionId).getPrincipal();
+			Object principal = this.sessionIds.get(oldSessionId).getPrincipal();
 			removeSessionInformation(oldSessionId);
 			registerNewSession(sessionIdChangedEvent.getNewSessionId(), principal);
 		}
 	}
 
+	@Override
 	public void refreshLastRequest(String sessionId) {
 		Assert.hasText(sessionId, "SessionId required as per interface contract");
 
@@ -120,6 +131,7 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 		}
 	}
 
+	@Override
 	public void registerNewSession(String sessionId, Object principal) {
 		Assert.hasText(sessionId, "SessionId required as per interface contract");
 		Assert.notNull(principal, "Principal required as per interface contract");
@@ -128,25 +140,26 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 			removeSessionInformation(sessionId);
 		}
 
-		if (logger.isDebugEnabled()) {
-			logger.debug("Registering session " + sessionId + ", for principal " + principal);
+		if (this.logger.isDebugEnabled()) {
+			this.logger.debug("Registering session " + sessionId + ", for principal " + principal);
 		}
 
-		sessionIds.put(sessionId, new SessionInformation(principal, sessionId, new Date()));
+		this.sessionIds.put(sessionId, new SessionInformation(principal, sessionId, new Date()));
 
-		principals.compute(principal, (key, sessionsUsedByPrincipal) -> {
+		this.principals.compute(principal, (key, sessionsUsedByPrincipal) -> {
 			if (sessionsUsedByPrincipal == null) {
 				sessionsUsedByPrincipal = new CopyOnWriteArraySet<>();
 			}
 			sessionsUsedByPrincipal.add(sessionId);
 
-			if (logger.isTraceEnabled()) {
-				logger.trace("Sessions used by '" + principal + "' : " + sessionsUsedByPrincipal);
+			if (this.logger.isTraceEnabled()) {
+				this.logger.trace("Sessions used by '" + principal + "' : " + sessionsUsedByPrincipal);
 			}
 			return sessionsUsedByPrincipal;
 		});
 	}
 
+	@Override
 	public void removeSessionInformation(String sessionId) {
 		Assert.hasText(sessionId, "SessionId required as per interface contract");
 
@@ -156,29 +169,29 @@ public class SessionRegistryImpl implements SessionRegistry, ApplicationListener
 			return;
 		}
 
-		if (logger.isTraceEnabled()) {
-			logger.debug("Removing session " + sessionId + " from set of registered sessions");
+		if (this.logger.isTraceEnabled()) {
+			this.logger.debug("Removing session " + sessionId + " from set of registered sessions");
 		}
 
-		sessionIds.remove(sessionId);
+		this.sessionIds.remove(sessionId);
 
-		principals.computeIfPresent(info.getPrincipal(), (key, sessionsUsedByPrincipal) -> {
-			if (logger.isDebugEnabled()) {
-				logger.debug("Removing session " + sessionId + " from principal's set of registered sessions");
+		this.principals.computeIfPresent(info.getPrincipal(), (key, sessionsUsedByPrincipal) -> {
+			if (this.logger.isDebugEnabled()) {
+				this.logger.debug("Removing session " + sessionId + " from principal's set of registered sessions");
 			}
 
 			sessionsUsedByPrincipal.remove(sessionId);
 
 			if (sessionsUsedByPrincipal.isEmpty()) {
 				// No need to keep object in principals Map anymore
-				if (logger.isDebugEnabled()) {
-					logger.debug("Removing principal " + info.getPrincipal() + " from registry");
+				if (this.logger.isDebugEnabled()) {
+					this.logger.debug("Removing principal " + info.getPrincipal() + " from registry");
 				}
 				sessionsUsedByPrincipal = null;
 			}
 
-			if (logger.isTraceEnabled()) {
-				logger.trace("Sessions used by '" + info.getPrincipal() + "' : " + sessionsUsedByPrincipal);
+			if (this.logger.isTraceEnabled()) {
+				this.logger.trace("Sessions used by '" + info.getPrincipal() + "' : " + sessionsUsedByPrincipal);
 			}
 			return sessionsUsedByPrincipal;
 		});
diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserCache.java b/core/src/main/java/org/springframework/security/core/userdetails/UserCache.java
index 922413ce2e..d352a396b1 100644
--- a/core/src/main/java/org/springframework/security/core/userdetails/UserCache.java
+++ b/core/src/main/java/org/springframework/security/core/userdetails/UserCache.java
@@ -32,8 +32,8 @@ package org.springframework.security.core.userdetails;
  * configure a cache to store the <tt>UserDetails</tt> information rather than loading it
  * each time.
  *
- * @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
  * @author Ben Alex
+ * @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
  */
 public interface UserCache {
 
diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java b/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java
index ff9b3b50f0..664725631e 100644
--- a/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java
+++ b/core/src/main/java/org/springframework/security/core/userdetails/UserDetails.java
@@ -16,12 +16,12 @@
 
 package org.springframework.security.core.userdetails;
 
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-
 import java.io.Serializable;
 import java.util.Collection;
 
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+
 /**
  * Provides core user information.
  *
@@ -36,9 +36,9 @@ import java.util.Collection;
  * {@link org.springframework.security.core.userdetails.User} for a reference
  * implementation (which you might like to extend or use in your code).
  *
+ * @author Ben Alex
  * @see UserDetailsService
  * @see UserCache
- * @author Ben Alex
  */
 public interface UserDetails extends Serializable {
 
diff --git a/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java b/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java
index e48fb2c9da..22ac216297 100644
--- a/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java
+++ b/core/src/main/java/org/springframework/security/core/userdetails/UserDetailsService.java
@@ -27,9 +27,9 @@ package org.springframework.security.core.userdetails;
  * The interface requires only one read-only method, which simplifies support for new
  * data-access strategies.
  *
+ * @author Ben Alex
  * @see org.springframework.security.authentication.dao.DaoAuthenticationProvider
  * @see UserDetails
- * @author Ben Alex
  */
 public interface UserDetailsService {
 
diff --git a/core/src/main/java/org/springframework/security/jackson2/UnmodifiableListDeserializer.java b/core/src/main/java/org/springframework/security/jackson2/UnmodifiableListDeserializer.java
index a8b3273ceb..fd86dadccc 100644
--- a/core/src/main/java/org/springframework/security/jackson2/UnmodifiableListDeserializer.java
+++ b/core/src/main/java/org/springframework/security/jackson2/UnmodifiableListDeserializer.java
@@ -16,6 +16,11 @@
 
 package org.springframework.security.jackson2;
 
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
 import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.DeserializationContext;
@@ -24,17 +29,12 @@ import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ArrayNode;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
 /**
  * Custom deserializer for {@link UnmodifiableListDeserializer}.
  *
  * @author Rob Winch
- * @see UnmodifiableListMixin
  * @since 5.0.2
+ * @see UnmodifiableListMixin
  */
 class UnmodifiableListDeserializer extends JsonDeserializer<List> {
 
diff --git a/core/src/main/java/org/springframework/security/jackson2/UnmodifiableSetDeserializer.java b/core/src/main/java/org/springframework/security/jackson2/UnmodifiableSetDeserializer.java
index 4c5f5fd6b5..c26d6921b5 100644
--- a/core/src/main/java/org/springframework/security/jackson2/UnmodifiableSetDeserializer.java
+++ b/core/src/main/java/org/springframework/security/jackson2/UnmodifiableSetDeserializer.java
@@ -16,6 +16,11 @@
 
 package org.springframework.security.jackson2;
 
+import java.io.IOException;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
 import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.DeserializationContext;
@@ -24,17 +29,12 @@ import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ArrayNode;
 
-import java.io.IOException;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
 /**
  * Custom deserializer for {@link UnmodifiableSetMixin}.
  *
  * @author Jitendra Singh
- * @see UnmodifiableSetMixin
  * @since 4.2
+ * @see UnmodifiableSetMixin
  */
 class UnmodifiableSetDeserializer extends JsonDeserializer<Set> {
 
diff --git a/core/src/main/java/org/springframework/security/jackson2/UserDeserializer.java b/core/src/main/java/org/springframework/security/jackson2/UserDeserializer.java
index 23b11f2a3a..fd91f1ad9f 100644
--- a/core/src/main/java/org/springframework/security/jackson2/UserDeserializer.java
+++ b/core/src/main/java/org/springframework/security/jackson2/UserDeserializer.java
@@ -16,6 +16,9 @@
 
 package org.springframework.security.jackson2;
 
+import java.io.IOException;
+import java.util.Set;
+
 import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.core.type.TypeReference;
@@ -24,20 +27,18 @@ import com.fasterxml.jackson.databind.JsonDeserializer;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.MissingNode;
+
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.User;
 
-import java.io.IOException;
-import java.util.Set;
-
 /**
  * Custom Deserializer for {@link User} class. This is already registered with
  * {@link UserMixin}. You can also use it directly with your mixin class.
  *
  * @author Jitendra Singh
- * @see UserMixin
  * @since 4.2
+ * @see UserMixin
  */
 class UserDeserializer extends JsonDeserializer<User> {
 
diff --git a/core/src/main/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenDeserializer.java b/core/src/main/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenDeserializer.java
index 87fb7fa8a3..25e47eac9b 100644
--- a/core/src/main/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenDeserializer.java
+++ b/core/src/main/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenDeserializer.java
@@ -43,8 +43,8 @@ import org.springframework.security.core.GrantedAuthority;
  * @author Jitendra Singh
  * @author Greg Turnquist
  * @author Onur Kagan Ozcan
- * @see UsernamePasswordAuthenticationTokenMixin
  * @since 4.2
+ * @see UsernamePasswordAuthenticationTokenMixin
  */
 class UsernamePasswordAuthenticationTokenDeserializer extends JsonDeserializer<UsernamePasswordAuthenticationToken> {
 
diff --git a/core/src/test/java/org/springframework/security/access/annotation/sec2150/MethodInvocationFactory.java b/core/src/test/java/org/springframework/security/access/annotation/sec2150/MethodInvocationFactory.java
index bfde1eb1f5..9b9f15be8d 100644
--- a/core/src/test/java/org/springframework/security/access/annotation/sec2150/MethodInvocationFactory.java
+++ b/core/src/test/java/org/springframework/security/access/annotation/sec2150/MethodInvocationFactory.java
@@ -23,7 +23,7 @@ public class MethodInvocationFactory {
 	/**
 	 * In order to reproduce the bug for SEC-2150, we must have a proxy object that
 	 * implements TargetSourceAware and implements our annotated interface.
-	 * @return
+	 * @return the mock method invocation
 	 * @throws NoSuchMethodException
 	 */
 	public static MockMethodInvocation createSec2150MethodInvocation() throws NoSuchMethodException {
diff --git a/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java b/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java
index 8256c510e8..3a1e0c9366 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java
@@ -368,11 +368,11 @@ public final class Base64 {
 	 * @param len Length of data to convert
 	 * @param options Specified options
 	 * @return The Base64-encoded data as a String
-	 * @see Base64#DO_BREAK_LINES
 	 * @throws java.io.IOException if there is an error
 	 * @throws NullPointerException if source array is null
 	 * @throws IllegalArgumentException if source array, offset, or length are invalid
 	 * @since 2.3.1
+	 * @see Base64#DO_BREAK_LINES
 	 */
 	private static byte[] encodeBytesToBytes(byte[] source, int off, int len, int options) {
 
@@ -603,8 +603,8 @@ public final class Base64 {
 			}
 			else {
 				// There's a bad input character in the Base64 stream.
-				throw new InvalidBase64CharacterException(String.format(
-						"Bad Base64 input character decimal %d in array position %d", ((int) source[i]) & 0xFF, i));
+				throw new InvalidBase64CharacterException(String
+						.format("Bad Base64 input character decimal %d in array position %d", (source[i]) & 0xFF, i));
 			}
 		}
 
diff --git a/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java b/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java
index 7ceef06107..6b972d9e59 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java
@@ -59,8 +59,7 @@ public class Encryptors {
 	 * @param salt a hex-encoded, random, site-global salt value to use to generate the
 	 * key
 	 *
-	 * @see #stronger(CharSequence, CharSequence), which uses the significatly more secure
-	 * GCM (instead of CBC)
+	 * @see #stronger(CharSequence, CharSequence)
 	 */
 	public static BytesEncryptor standard(CharSequence password, CharSequence salt) {
 		return new AesBytesEncryptor(password.toString(), salt, KeyGenerators.secureRandom(16));
diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
index fc04a346ca..e14b5111af 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
@@ -31,7 +31,7 @@ import java.util.Map;
  *
  * <pre>
  * String idForEncode = "bcrypt";
- * Map<String,PasswordEncoder> encoders = new HashMap<>();
+ * Map&lt;String,PasswordEncoder&gt; encoders = new HashMap<>();
  * encoders.put(idForEncode, new BCryptPasswordEncoder());
  * encoders.put("noop", NoOpPasswordEncoder.getInstance());
  * encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
@@ -114,10 +114,10 @@ import java.util.Map;
  * {@link IllegalArgumentException}. This behavior can be customized using
  * {@link #setDefaultPasswordEncoderForMatches(PasswordEncoder)}.
  *
- * @see org.springframework.security.crypto.factory.PasswordEncoderFactories
  * @author Rob Winch
  * @author Michael Simons
  * @since 5.0
+ * @see org.springframework.security.crypto.factory.PasswordEncoderFactories
  */
 public class DelegatingPasswordEncoder implements PasswordEncoder {
 
diff --git a/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java
index 01eeebcb0a..8c8889977b 100644
--- a/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java
+++ b/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java
@@ -178,7 +178,7 @@ public class BCryptPasswordEncoderTests {
 
 	/**
 	 * @see <a href=
-	 * "https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496">https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496</>
+	 * "https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496">https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496</a>
 	 */
 	@Test
 	public void upgradeFromNullOrEmpty() {
@@ -189,7 +189,7 @@ public class BCryptPasswordEncoderTests {
 
 	/**
 	 * @see <a href=
-	 * "https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496">https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496</>
+	 * "https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496">https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496</a>
 	 */
 	@Test(expected = IllegalArgumentException.class)
 	public void upgradeFromNonBCrypt() {
diff --git a/data/src/main/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtension.java b/data/src/main/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtension.java
index 6840537f3e..84d9f836c2 100644
--- a/data/src/main/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtension.java
+++ b/data/src/main/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtension.java
@@ -75,8 +75,8 @@ import org.springframework.security.core.context.SecurityContextHolder;
  * This works because the principal in this instance is a User which has an id field on
  * it.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public class SecurityEvaluationContextExtension implements EvaluationContextExtension {
 
@@ -97,6 +97,7 @@ public class SecurityEvaluationContextExtension implements EvaluationContextExte
 		this.authentication = authentication;
 	}
 
+	@Override
 	public String getExtensionId() {
 		return "security";
 	}
diff --git a/etc/checkstyle/checkstyle-suppressions.xml b/etc/checkstyle/checkstyle-suppressions.xml
index d530979445..b662b79441 100644
--- a/etc/checkstyle/checkstyle-suppressions.xml
+++ b/etc/checkstyle/checkstyle-suppressions.xml
@@ -3,7 +3,6 @@
 		"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
 		"https://checkstyle.org/dtds/suppressions_1_2.dtd">
 <suppressions>
-	<suppress files=".*" checks="AtclauseOrder" />
 	<suppress files=".*" checks="AvoidStarImport" />
 	<suppress files=".*" checks="EmptyBlock" />
 	<suppress files=".*" checks="FinalClass" />
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandler.java b/messaging/src/main/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandler.java
index c287fc8bf9..fd01c9d3f1 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandler.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandler.java
@@ -29,8 +29,8 @@ import org.springframework.util.Assert;
  * {@link MessageSecurityExpressionRoot}.
  *
  * @param <T> the type for the body of the Message
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public class DefaultMessageSecurityExpressionHandler<T> extends AbstractSecurityExpressionHandler<Message<T>> {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/expression/ExpressionBasedMessageSecurityMetadataSourceFactory.java b/messaging/src/main/java/org/springframework/security/messaging/access/expression/ExpressionBasedMessageSecurityMetadataSourceFactory.java
index b56c9de3ea..ba70ba0583 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/expression/ExpressionBasedMessageSecurityMetadataSourceFactory.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/expression/ExpressionBasedMessageSecurityMetadataSourceFactory.java
@@ -32,8 +32,8 @@ import org.springframework.security.messaging.util.matcher.MessageMatcher;
  * A class used to create a {@link MessageSecurityMetadataSource} that uses
  * {@link MessageMatcher} mapped to Spring Expressions.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public final class ExpressionBasedMessageSecurityMetadataSourceFactory {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageExpressionVoter.java b/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageExpressionVoter.java
index 401ee8ae7a..1d33bd50d0 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageExpressionVoter.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageExpressionVoter.java
@@ -33,9 +33,9 @@ import java.util.Collection;
  * If no {@code MessageExpressionConfigAttribute} is found, then {@code ACCESS_ABSTAIN} is
  * returned.
  *
- * @since 4.0
  * @author Rob Winch
  * @author Daniel Bustamante Ospina
+ * @since 4.0
  */
 public class MessageExpressionVoter<T> implements AccessDecisionVoter<Message<T>> {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageSecurityExpressionRoot.java b/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageSecurityExpressionRoot.java
index 82ba70c3b8..74238e5c59 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageSecurityExpressionRoot.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageSecurityExpressionRoot.java
@@ -22,8 +22,8 @@ import org.springframework.security.core.Authentication;
 /**
  * The {@link SecurityExpressionRoot} used for {@link Message} expressions.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public class MessageSecurityExpressionRoot extends SecurityExpressionRoot {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptor.java b/messaging/src/main/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptor.java
index 77d6c31c13..5f52ff39c1 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptor.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptor.java
@@ -33,8 +33,8 @@ import org.springframework.util.Assert;
  * <p>
  * Refer to {@link AbstractSecurityInterceptor} for details on the workflow.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public final class ChannelSecurityInterceptor extends AbstractSecurityInterceptor implements ChannelInterceptor {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/intercept/DefaultMessageSecurityMetadataSource.java b/messaging/src/main/java/org/springframework/security/messaging/access/intercept/DefaultMessageSecurityMetadataSource.java
index f3ccfc7474..ce32332255 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/intercept/DefaultMessageSecurityMetadataSource.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/intercept/DefaultMessageSecurityMetadataSource.java
@@ -31,10 +31,10 @@ import java.util.*;
  * {@code Collection<ConfigAttribute>} is returned.
  * </p>
  *
+ * @author Rob Winch
+ * @since 4.0
  * @see ChannelSecurityInterceptor
  * @see ExpressionBasedMessageSecurityMetadataSourceFactory
- * @since 4.0
- * @author Rob Winch
  */
 public final class DefaultMessageSecurityMetadataSource implements MessageSecurityMetadataSource {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/access/intercept/MessageSecurityMetadataSource.java b/messaging/src/main/java/org/springframework/security/messaging/access/intercept/MessageSecurityMetadataSource.java
index 0b48b857f9..d50f47ad62 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/access/intercept/MessageSecurityMetadataSource.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/access/intercept/MessageSecurityMetadataSource.java
@@ -21,10 +21,10 @@ import org.springframework.security.access.SecurityMetadataSource;
 /**
  * A {@link SecurityMetadataSource} that is used for securing {@link Message}
  *
+ * @author Rob Winch
+ * @since 4.0
  * @see ChannelSecurityInterceptor
  * @see DefaultMessageSecurityMetadataSource
- * @since 4.0
- * @author Rob Winch
  */
 public interface MessageSecurityMetadataSource extends SecurityMetadataSource {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptor.java b/messaging/src/main/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptor.java
index c391e39727..5549189cfd 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptor.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptor.java
@@ -36,8 +36,8 @@ import org.springframework.util.Assert;
  * {@link Authentication} from the specified {@link Message#getHeaders()}.
  * </p>
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public final class SecurityContextChannelInterceptor extends ChannelInterceptorAdapter
 		implements ExecutorChannelInterceptor {
diff --git a/messaging/src/main/java/org/springframework/security/messaging/util/matcher/MessageMatcher.java b/messaging/src/main/java/org/springframework/security/messaging/util/matcher/MessageMatcher.java
index cab226bb9f..414d431b37 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/util/matcher/MessageMatcher.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/util/matcher/MessageMatcher.java
@@ -20,8 +20,8 @@ import org.springframework.messaging.Message;
 /**
  * API for determining if a {@link Message} should be matched on.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public interface MessageMatcher<T> {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcher.java b/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcher.java
index 54bb2deb73..b1295d3215 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcher.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcher.java
@@ -32,8 +32,8 @@ import java.util.Map;
  * {@link SimpMessageType}.
  * </p>
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public final class SimpDestinationMessageMatcher implements MessageMatcher<Object> {
 
diff --git a/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcher.java b/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcher.java
index 41af99f63b..b441723ddc 100644
--- a/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcher.java
+++ b/messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcher.java
@@ -26,8 +26,8 @@ import org.springframework.util.ObjectUtils;
  * A {@link MessageMatcher} that matches if the provided {@link Message} has a type that
  * is the same as the {@link SimpMessageType} that was specified in the constructor.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  *
  */
 public class SimpMessageTypeMatcher implements MessageMatcher<Object> {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceOAuth2AuthorizedClientManager.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceOAuth2AuthorizedClientManager.java
index cc3eebd80c..2ca6eea561 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceOAuth2AuthorizedClientManager.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceOAuth2AuthorizedClientManager.java
@@ -219,8 +219,8 @@ public final class AuthorizedClientServiceOAuth2AuthorizedClientManager implemen
 	 * default.
 	 * @param authorizationFailureHandler the {@link OAuth2AuthorizationFailureHandler}
 	 * that handles authorization failures
-	 * @see RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
 	 * @since 5.3
+	 * @see RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
 	 */
 	public void setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler authorizationFailureHandler) {
 		Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.java
index 0439c6bc1a..26776668ed 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.java
@@ -70,12 +70,12 @@ import java.util.function.Function;
  *
  * @author Ankur Pathak
  * @author Phil Clay
+ * @since 5.2.2
  * @see ReactiveOAuth2AuthorizedClientManager
  * @see ReactiveOAuth2AuthorizedClientProvider
  * @see ReactiveOAuth2AuthorizedClientService
  * @see ReactiveOAuth2AuthorizationSuccessHandler
  * @see ReactiveOAuth2AuthorizationFailureHandler
- * @since 5.2.2
  */
 public final class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
 		implements ReactiveOAuth2AuthorizedClientManager {
@@ -221,8 +221,8 @@ public final class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager
 	 * by default.
 	 * </p>
 	 * @param authorizationFailureHandler the handler that handles authorization failures.
-	 * @see RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
 	 * @since 5.3
+	 * @see RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
 	 */
 	public void setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
 		Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientService.java
index 480a659dfe..a78bab512f 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientService.java
@@ -56,11 +56,10 @@ public final class InMemoryOAuth2AuthorizedClientService implements OAuth2Author
 	/**
 	 * Constructs an {@code InMemoryOAuth2AuthorizedClientService} using the provided
 	 * parameters.
-	 *
-	 * @since 5.2
 	 * @param clientRegistrationRepository the repository of client registrations
 	 * @param authorizedClients the initial {@code Map} of authorized client(s) keyed by
 	 * {@link OAuth2AuthorizedClientId}
+	 * @since 5.2
 	 */
 	public InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository clientRegistrationRepository,
 			Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java
index 4520b2628e..8009e84b65 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java
@@ -145,11 +145,10 @@ public final class OAuth2AuthorizeRequest {
 		/**
 		 * Sets the name of the {@code Principal} (to be) associated to the authorized
 		 * client.
-		 *
-		 * @since 5.3
 		 * @param principalName the name of the {@code Principal} (to be) associated to
 		 * the authorized client
 		 * @return the {@link Builder}
+		 * @since 5.3
 		 */
 		public Builder principal(String principalName) {
 			return principal(createAuthentication(principalName));
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClient.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClient.java
index 04fa5b8cd1..4538ae0d4b 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClient.java
@@ -107,9 +107,8 @@ public class OAuth2AuthorizedClient implements Serializable {
 
 	/**
 	 * Returns the {@link OAuth2RefreshToken refresh token} credential granted.
-	 *
-	 * @since 5.1
 	 * @return the {@link OAuth2RefreshToken}
+	 * @since 5.1
 	 */
 	public @Nullable OAuth2RefreshToken getRefreshToken() {
 		return this.refreshToken;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java
index e0976bbe98..d2d8f62b24 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java
@@ -154,9 +154,8 @@ public class OAuth2LoginAuthenticationToken extends AbstractAuthenticationToken
 
 	/**
 	 * Returns the {@link OAuth2RefreshToken refresh token}.
-	 *
-	 * @since 5.1
 	 * @return the {@link OAuth2RefreshToken}
+	 * @since 5.1
 	 */
 	public @Nullable OAuth2RefreshToken getRefreshToken() {
 		return this.refreshToken;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManager.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManager.java
index e157b3ae40..dc00fed7d0 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManager.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManager.java
@@ -109,10 +109,9 @@ public class OAuth2LoginReactiveAuthenticationManager implements ReactiveAuthent
 	 * Sets the {@link GrantedAuthoritiesMapper} used for mapping
 	 * {@link OAuth2User#getAuthorities()} to a new set of authorities which will be
 	 * associated to the {@link OAuth2LoginAuthenticationToken}.
-	 *
-	 * @since 5.4
 	 * @param authoritiesMapper the {@link GrantedAuthoritiesMapper} used for mapping the
 	 * user's authorities
+	 * @since 5.4
 	 */
 	public final void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) {
 		Assert.notNull(authoritiesMapper, "authoritiesMapper cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java
index a9397e8c2a..0e6cc41167 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java
@@ -46,9 +46,9 @@ import static org.springframework.security.oauth2.core.web.reactive.function.OAu
  * Accepts a JSON response body containing an OAuth 2.0 Access token or error.
  * </p>
  *
+ * @param <T> type of grant request
  * @author Phil Clay
  * @since 5.3
- * @param <T> type of grant request
  * @see <a href="https://tools.ietf.org/html/rfc6749#section-3.2">RFC-6749 Token
  * Endpoint</a>
  * @see WebClientReactiveAuthorizationCodeTokenResponseClient
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java
index 2aad49caa6..f0fc1990b0 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java
@@ -32,10 +32,10 @@ import java.io.IOException;
 /**
  * A {@link ResponseErrorHandler} that handles an {@link OAuth2Error OAuth 2.0 Error}.
  *
- * @see ResponseErrorHandler
- * @see OAuth2Error
  * @author Joe Grandja
  * @since 5.1
+ * @see ResponseErrorHandler
+ * @see OAuth2Error
  */
 public class OAuth2ErrorResponseErrorHandler implements ResponseErrorHandler {
 
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
index afe63b2b23..ff935bd0bf 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
@@ -205,10 +205,9 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
 	 * Sets the {@link JwtDecoderFactory} used for {@link OidcIdToken} signature
 	 * verification. The factory returns a {@link JwtDecoder} associated to the provided
 	 * {@link ClientRegistration}.
-	 *
-	 * @since 5.2
 	 * @param jwtDecoderFactory the {@link JwtDecoderFactory} used for {@link OidcIdToken}
 	 * signature verification
+	 * @since 5.2
 	 */
 	public final void setJwtDecoderFactory(JwtDecoderFactory<ClientRegistration> jwtDecoderFactory) {
 		Assert.notNull(jwtDecoderFactory, "jwtDecoderFactory cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeReactiveAuthenticationManager.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeReactiveAuthenticationManager.java
index f1b8ef5b19..09522ad275 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeReactiveAuthenticationManager.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeReactiveAuthenticationManager.java
@@ -160,10 +160,9 @@ public class OidcAuthorizationCodeReactiveAuthenticationManager implements React
 	 * Sets the {@link ReactiveJwtDecoderFactory} used for {@link OidcIdToken} signature
 	 * verification. The factory returns a {@link ReactiveJwtDecoder} associated to the
 	 * provided {@link ClientRegistration}.
-	 *
-	 * @since 5.2
 	 * @param jwtDecoderFactory the {@link ReactiveJwtDecoderFactory} used for
 	 * {@link OidcIdToken} signature verification
+	 * @since 5.2
 	 */
 	public final void setJwtDecoderFactory(ReactiveJwtDecoderFactory<ClientRegistration> jwtDecoderFactory) {
 		Assert.notNull(jwtDecoderFactory, "jwtDecoderFactory cannot be null");
@@ -174,10 +173,9 @@ public class OidcAuthorizationCodeReactiveAuthenticationManager implements React
 	 * Sets the {@link GrantedAuthoritiesMapper} used for mapping
 	 * {@link OidcUser#getAuthorities()} to a new set of authorities which will be
 	 * associated to the {@link OAuth2LoginAuthenticationToken}.
-	 *
-	 * @since 5.4
 	 * @param authoritiesMapper the {@link GrantedAuthoritiesMapper} used for mapping the
 	 * user's authorities
+	 * @since 5.4
 	 */
 	public final void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) {
 		Assert.notNull(authoritiesMapper, "authoritiesMapper cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java
index 21a80d8b14..cc1921210f 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java
@@ -136,9 +136,8 @@ public final class OidcIdTokenValidator implements OAuth2TokenValidator<Jwt> {
 	 * Sets the maximum acceptable clock skew. The default is 60 seconds. The clock skew
 	 * is used when validating the {@link JwtClaimNames#EXP exp} and
 	 * {@link JwtClaimNames#IAT iat} claims.
-	 *
-	 * @since 5.2
 	 * @param clockSkew the maximum acceptable clock skew
+	 * @since 5.2
 	 */
 	public void setClockSkew(Duration clockSkew) {
 		Assert.notNull(clockSkew, "clockSkew cannot be null");
@@ -149,9 +148,8 @@ public final class OidcIdTokenValidator implements OAuth2TokenValidator<Jwt> {
 	/**
 	 * Sets the {@link Clock} used in {@link Instant#now(Clock)} when validating the
 	 * {@link JwtClaimNames#EXP exp} and {@link JwtClaimNames#IAT iat} claims.
-	 *
-	 * @since 5.3
 	 * @param clock the clock
+	 * @since 5.3
 	 */
 	public void setClock(Clock clock) {
 		Assert.notNull(clock, "clock cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserService.java
index 713c696f3d..21f575b522 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserService.java
@@ -71,10 +71,9 @@ public class OidcReactiveOAuth2UserService implements ReactiveOAuth2UserService<
 	/**
 	 * Returns the default {@link Converter}'s used for type conversion of claim values
 	 * for an {@link OidcUserInfo}.
-	 *
-	 * @since 5.2
 	 * @return a {@link Map} of {@link Converter}'s keyed by {@link StandardClaimNames
 	 * claim name}
+	 * @since 5.2
 	 */
 	public static Map<String, Converter<Object, ?>> createDefaultClaimTypeConverters() {
 		Converter<Object, ?> booleanConverter = getConverter(TypeDescriptor.valueOf(Boolean.class));
@@ -148,11 +147,10 @@ public class OidcReactiveOAuth2UserService implements ReactiveOAuth2UserService<
 	 * Sets the factory that provides a {@link Converter} used for type conversion of
 	 * claim values for an {@link OidcUserInfo}. The default is {@link ClaimTypeConverter}
 	 * for all {@link ClientRegistration clients}.
-	 *
-	 * @since 5.2
 	 * @param claimTypeConverterFactory the factory that provides a {@link Converter} used
 	 * for type conversion of claim values for a specific {@link ClientRegistration
 	 * client}
+	 * @since 5.2
 	 */
 	public final void setClaimTypeConverterFactory(
 			Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>> claimTypeConverterFactory) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserRequest.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserRequest.java
index 33f4c4a004..39c1b3e8b3 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserRequest.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserRequest.java
@@ -52,12 +52,11 @@ public class OidcUserRequest extends OAuth2UserRequest {
 
 	/**
 	 * Constructs an {@code OidcUserRequest} using the provided parameters.
-	 *
-	 * @since 5.1
 	 * @param clientRegistration the client registration
 	 * @param accessToken the access token credential
 	 * @param idToken the ID Token
 	 * @param additionalParameters the additional parameters, may be empty
+	 * @since 5.1
 	 */
 	public OidcUserRequest(ClientRegistration clientRegistration, OAuth2AccessToken accessToken, OidcIdToken idToken,
 			Map<String, Object> additionalParameters) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java
index 7d30cee451..76bb9a6401 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java
@@ -78,10 +78,9 @@ public class OidcUserService implements OAuth2UserService<OidcUserRequest, OidcU
 	/**
 	 * Returns the default {@link Converter}'s used for type conversion of claim values
 	 * for an {@link OidcUserInfo}.
-	 *
-	 * @since 5.2
 	 * @return a {@link Map} of {@link Converter}'s keyed by {@link StandardClaimNames
 	 * claim name}
+	 * @since 5.2
 	 */
 	public static Map<String, Converter<Object, ?>> createDefaultClaimTypeConverters() {
 		Converter<Object, ?> booleanConverter = getConverter(TypeDescriptor.valueOf(Boolean.class));
@@ -190,10 +189,9 @@ public class OidcUserService implements OAuth2UserService<OidcUserRequest, OidcU
 
 	/**
 	 * Sets the {@link OAuth2UserService} used when requesting the user info resource.
-	 *
-	 * @since 5.1
 	 * @param oauth2UserService the {@link OAuth2UserService} used when requesting the
 	 * user info resource.
+	 * @since 5.1
 	 */
 	public final void setOauth2UserService(OAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService) {
 		Assert.notNull(oauth2UserService, "oauth2UserService cannot be null");
@@ -204,11 +202,10 @@ public class OidcUserService implements OAuth2UserService<OidcUserRequest, OidcU
 	 * Sets the factory that provides a {@link Converter} used for type conversion of
 	 * claim values for an {@link OidcUserInfo}. The default is {@link ClaimTypeConverter}
 	 * for all {@link ClientRegistration clients}.
-	 *
-	 * @since 5.2
 	 * @param claimTypeConverterFactory the factory that provides a {@link Converter} used
 	 * for type conversion of claim values for a specific {@link ClientRegistration
 	 * client}
+	 * @since 5.2
 	 */
 	public final void setClaimTypeConverterFactory(
 			Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>> claimTypeConverterFactory) {
@@ -224,9 +221,8 @@ public class OidcUserService implements OAuth2UserService<OidcUserRequest, OidcU
 	 * {@link OidcUserRequest#getAccessToken() access token} to determine if the user info
 	 * resource is accessible or not. If there is at least one match, the user info
 	 * resource will be requested, otherwise it will not.
-	 *
-	 * @since 5.2
 	 * @param accessibleScopes the scope(s) that allow access to the user info resource
+	 * @since 5.2
 	 */
 	public final void setAccessibleScopes(Set<String> accessibleScopes) {
 		Assert.notNull(accessibleScopes, "accessibleScopes cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
index 241fb22755..807f915db6 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
@@ -136,9 +136,8 @@ public final class ClientRegistration implements Serializable {
 	 * Configuring uri template variables is especially useful when the client is running
 	 * behind a Proxy Server. This ensures that the X-Forwarded-* headers are used when
 	 * expanding the redirect-uri.
-	 *
-	 * @since 5.4
 	 * @return the uri (or uri template) for the redirection endpoint
+	 * @since 5.4
 	 */
 	public String getRedirectUri() {
 		return this.redirectUri;
@@ -234,10 +233,9 @@ public final class ClientRegistration implements Serializable {
 		/**
 		 * Returns the issuer identifier uri for the OpenID Connect 1.0 provider or the
 		 * OAuth 2.0 Authorization Server.
-		 *
-		 * @since 5.4
 		 * @return the issuer identifier uri for the OpenID Connect 1.0 provider or the
 		 * OAuth 2.0 Authorization Server
+		 * @since 5.4
 		 */
 		public String getIssuerUri() {
 			return this.issuerUri;
@@ -245,9 +243,8 @@ public final class ClientRegistration implements Serializable {
 
 		/**
 		 * Returns a {@code Map} of the metadata describing the provider's configuration.
-		 *
-		 * @since 5.1
 		 * @return a {@code Map} of the metadata describing the provider's configuration
+		 * @since 5.1
 		 */
 		public Map<String, Object> getConfigurationMetadata() {
 			return this.configurationMetadata;
@@ -279,9 +276,8 @@ public final class ClientRegistration implements Serializable {
 
 			/**
 			 * Returns the authentication method for the user info endpoint.
-			 *
-			 * @since 5.1
 			 * @return the {@link AuthenticationMethod} for the user info endpoint.
+			 * @since 5.1
 			 */
 			public AuthenticationMethod getAuthenticationMethod() {
 				return this.authenticationMethod;
@@ -467,10 +463,9 @@ public final class ClientRegistration implements Serializable {
 		 * Configuring uri template variables is especially useful when the client is
 		 * running behind a Proxy Server. This ensures that the X-Forwarded-* headers are
 		 * used when expanding the redirect-uri.
-		 *
-		 * @since 5.4
 		 * @param redirectUri the uri (or uri template) for the redirection endpoint
 		 * @return the {@link Builder}
+		 * @since 5.4
 		 */
 		public Builder redirectUri(String redirectUri) {
 			this.redirectUri = redirectUri;
@@ -533,11 +528,10 @@ public final class ClientRegistration implements Serializable {
 
 		/**
 		 * Sets the authentication method for the user info endpoint.
-		 *
-		 * @since 5.1
 		 * @param userInfoAuthenticationMethod the authentication method for the user info
 		 * endpoint
 		 * @return the {@link Builder}
+		 * @since 5.1
 		 */
 		public Builder userInfoAuthenticationMethod(AuthenticationMethod userInfoAuthenticationMethod) {
 			this.userInfoAuthenticationMethod = userInfoAuthenticationMethod;
@@ -569,11 +563,10 @@ public final class ClientRegistration implements Serializable {
 		/**
 		 * Sets the issuer identifier uri for the OpenID Connect 1.0 provider or the OAuth
 		 * 2.0 Authorization Server.
-		 *
-		 * @since 5.4
 		 * @param issuerUri the issuer identifier uri for the OpenID Connect 1.0 provider
 		 * or the OAuth 2.0 Authorization Server
 		 * @return the {@link Builder}
+		 * @since 5.4
 		 */
 		public Builder issuerUri(String issuerUri) {
 			this.issuerUri = issuerUri;
@@ -582,11 +575,10 @@ public final class ClientRegistration implements Serializable {
 
 		/**
 		 * Sets the metadata describing the provider's configuration.
-		 *
-		 * @since 5.1
 		 * @param configurationMetadata the metadata describing the provider's
 		 * configuration
 		 * @return the {@link Builder}
+		 * @since 5.1
 		 */
 		public Builder providerConfigurationMetadata(Map<String, Object> configurationMetadata) {
 			if (configurationMetadata != null) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepository.java
index ca81eeee9b..b50e5fee8e 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepository.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepository.java
@@ -78,9 +78,8 @@ public final class InMemoryClientRegistrationRepository
 	 * Constructs an {@code InMemoryClientRegistrationRepository} using the provided
 	 * {@code Map} of {@link ClientRegistration#getRegistrationId() registration id} to
 	 * {@link ClientRegistration}.
-	 *
-	 * @since 5.2
 	 * @param registrations the {@code Map} of client registration(s)
+	 * @since 5.2
 	 */
 	public InMemoryClientRegistrationRepository(Map<String, ClientRegistration> registrations) {
 		Assert.notNull(registrations, "registrations cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/CustomUserTypesOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/CustomUserTypesOAuth2UserService.java
index d50ea1e56c..e8cc175587 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/CustomUserTypesOAuth2UserService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/CustomUserTypesOAuth2UserService.java
@@ -108,10 +108,9 @@ public class CustomUserTypesOAuth2UserService implements OAuth2UserService<OAuth
 	/**
 	 * Sets the {@link Converter} used for converting the {@link OAuth2UserRequest} to a
 	 * {@link RequestEntity} representation of the UserInfo Request.
-	 *
-	 * @since 5.1
 	 * @param requestEntityConverter the {@link Converter} used for converting to a
 	 * {@link RequestEntity} representation of the UserInfo Request
+	 * @since 5.1
 	 */
 	public final void setRequestEntityConverter(Converter<OAuth2UserRequest, RequestEntity<?>> requestEntityConverter) {
 		Assert.notNull(requestEntityConverter, "requestEntityConverter cannot be null");
@@ -127,10 +126,9 @@ public class CustomUserTypesOAuth2UserService implements OAuth2UserService<OAuth
 	 * <ol>
 	 * <li>{@link ResponseErrorHandler} - {@link OAuth2ErrorResponseErrorHandler}</li>
 	 * </ol>
-	 *
-	 * @since 5.1
 	 * @param restOperations the {@link RestOperations} used when requesting the UserInfo
 	 * resource
+	 * @since 5.1
 	 */
 	public final void setRestOperations(RestOperations restOperations) {
 		Assert.notNull(restOperations, "restOperations cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java
index 98bd846240..83641346ef 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java
@@ -159,10 +159,9 @@ public class DefaultOAuth2UserService implements OAuth2UserService<OAuth2UserReq
 	/**
 	 * Sets the {@link Converter} used for converting the {@link OAuth2UserRequest} to a
 	 * {@link RequestEntity} representation of the UserInfo Request.
-	 *
-	 * @since 5.1
 	 * @param requestEntityConverter the {@link Converter} used for converting to a
 	 * {@link RequestEntity} representation of the UserInfo Request
+	 * @since 5.1
 	 */
 	public final void setRequestEntityConverter(Converter<OAuth2UserRequest, RequestEntity<?>> requestEntityConverter) {
 		Assert.notNull(requestEntityConverter, "requestEntityConverter cannot be null");
@@ -178,10 +177,9 @@ public class DefaultOAuth2UserService implements OAuth2UserService<OAuth2UserReq
 	 * <ol>
 	 * <li>{@link ResponseErrorHandler} - {@link OAuth2ErrorResponseErrorHandler}</li>
 	 * </ol>
-	 *
-	 * @since 5.1
 	 * @param restOperations the {@link RestOperations} used when requesting the UserInfo
 	 * resource
+	 * @since 5.1
 	 */
 	public final void setRestOperations(RestOperations restOperations) {
 		Assert.notNull(restOperations, "restOperations cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserService.java
index 3105049c01..1012c4c978 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserService.java
@@ -32,13 +32,13 @@ import java.util.Objects;
  * {@link OAuth2UserService#loadUser(OAuth2UserRequest) load} an {@link OAuth2User} with
  * the first {@code non-null} {@link OAuth2User} being returned.
  *
+ * @param <R> The type of OAuth 2.0 User Request
+ * @param <U> The type of OAuth 2.0 User
  * @author Joe Grandja
  * @since 5.0
  * @see OAuth2UserService
  * @see OAuth2UserRequest
  * @see OAuth2User
- * @param <R> The type of OAuth 2.0 User Request
- * @param <U> The type of OAuth 2.0 User
  */
 public class DelegatingOAuth2UserService<R extends OAuth2UserRequest, U extends OAuth2User>
 		implements OAuth2UserService<R, U> {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/OAuth2UserRequest.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/OAuth2UserRequest.java
index 0b0490c9f5..a295d6dc7a 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/OAuth2UserRequest.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/OAuth2UserRequest.java
@@ -53,11 +53,10 @@ public class OAuth2UserRequest {
 
 	/**
 	 * Constructs an {@code OAuth2UserRequest} using the provided parameters.
-	 *
-	 * @since 5.1
 	 * @param clientRegistration the client registration
 	 * @param accessToken the access token
 	 * @param additionalParameters the additional parameters, may be empty
+	 * @since 5.1
 	 */
 	public OAuth2UserRequest(ClientRegistration clientRegistration, OAuth2AccessToken accessToken,
 			Map<String, Object> additionalParameters) {
@@ -87,9 +86,8 @@ public class OAuth2UserRequest {
 
 	/**
 	 * Returns the additional parameters that may be used in the request.
-	 *
-	 * @since 5.1
 	 * @return a {@code Map} of the additional parameters, may be empty.
+	 * @since 5.1
 	 */
 	public Map<String, Object> getAdditionalParameters() {
 		return this.additionalParameters;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
index 46a0d041e1..e4d5c4e9d7 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
@@ -30,11 +30,11 @@ import javax.servlet.http.HttpServletResponse;
  * used by the {@link OAuth2LoginAuthenticationFilter} for resolving the associated
  * Authorization Request when handling the callback of the Authorization Response.
  *
+ * @param <T> The type of OAuth 2.0 Authorization Request
  * @author Joe Grandja
  * @since 5.0
  * @see OAuth2AuthorizationRequest
  * @see HttpSessionOAuth2AuthorizationRequestRepository
- * @param <T> The type of OAuth 2.0 Authorization Request
  */
 public interface AuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> {
 
@@ -72,11 +72,10 @@ public interface AuthorizationRequestRepository<T extends OAuth2AuthorizationReq
 	 * Removes and returns the {@link OAuth2AuthorizationRequest} associated to the
 	 * provided {@code HttpServletRequest} and {@code HttpServletResponse} or if not
 	 * available returns {@code null}.
-	 *
-	 * @since 5.1
 	 * @param request the {@code HttpServletRequest}
 	 * @param response the {@code HttpServletResponse}
 	 * @return the {@link OAuth2AuthorizationRequest} or {@code null} if not available
+	 * @since 5.1
 	 */
 	default T removeAuthorizationRequest(HttpServletRequest request, HttpServletResponse response) {
 		return removeAuthorizationRequest(request);
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
index ae4665a735..e86e2bfc89 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
@@ -118,10 +118,9 @@ public final class DefaultOAuth2AuthorizationRequestResolver implements OAuth2Au
 	/**
 	 * Sets the {@code Consumer} to be provided the
 	 * {@link OAuth2AuthorizationRequest.Builder} allowing for further customizations.
-	 *
-	 * @since 5.3
 	 * @param authorizationRequestCustomizer the {@code Consumer} to be provided the
 	 * {@link OAuth2AuthorizationRequest.Builder}
+	 * @since 5.3
 	 */
 	public void setAuthorizationRequestCustomizer(
 			Consumer<OAuth2AuthorizationRequest.Builder> authorizationRequestCustomizer) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizedClientManager.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizedClientManager.java
index 78bc7af340..9c64cb9bcb 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizedClientManager.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizedClientManager.java
@@ -270,8 +270,8 @@ public final class DefaultOAuth2AuthorizedClientManager implements OAuth2Authori
 	 * default.
 	 * @param authorizationFailureHandler the {@link OAuth2AuthorizationFailureHandler}
 	 * that handles authorization failures
-	 * @see RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
 	 * @since 5.3
+	 * @see RemoveAuthorizedClientOAuth2AuthorizationFailureHandler
 	 */
 	public void setAuthorizationFailureHandler(OAuth2AuthorizationFailureHandler authorizationFailureHandler) {
 		Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManager.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManager.java
index c7fac35606..59589f8bfe 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManager.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManager.java
@@ -271,8 +271,8 @@ public final class DefaultReactiveOAuth2AuthorizedClientManager implements React
 	 * by default.
 	 * </p>
 	 * @param authorizationFailureHandler the handler that handles authorization failures.
-	 * @see RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
 	 * @since 5.3
+	 * @see RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler
 	 */
 	public void setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
 		Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java
index 96be281fba..8f963b1669 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java
@@ -147,10 +147,9 @@ public class OAuth2AuthorizationCodeGrantFilter extends OncePerRequestFilter {
 	 * Sets the {@link RequestCache} used for loading a previously saved request (if
 	 * available) and replaying it after completing the processing of the OAuth 2.0
 	 * Authorization Response.
-	 *
-	 * @since 5.4
 	 * @param requestCache the cache used for loading a previously saved request (if
 	 * available)
+	 * @since 5.4
 	 */
 	public final void setRequestCache(RequestCache requestCache) {
 		Assert.notNull(requestCache, "requestCache cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
index 2544f57fa5..32420b09ce 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
@@ -127,10 +127,9 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
 	/**
 	 * Constructs an {@code OAuth2AuthorizationRequestRedirectFilter} using the provided
 	 * parameters.
-	 *
-	 * @since 5.1
 	 * @param authorizationRequestResolver the resolver used for resolving authorization
 	 * requests
+	 * @since 5.1
 	 */
 	public OAuth2AuthorizationRequestRedirectFilter(OAuth2AuthorizationRequestResolver authorizationRequestResolver) {
 		Assert.notNull(authorizationRequestResolver, "authorizationRequestResolver cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
index b622d9019e..3ed0e8096f 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
@@ -139,12 +139,11 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 	/**
 	 * Constructs an {@code OAuth2LoginAuthenticationFilter} using the provided
 	 * parameters.
-	 *
-	 * @since 5.1
 	 * @param clientRegistrationRepository the repository of client registrations
 	 * @param authorizedClientRepository the authorized client repository
 	 * @param filterProcessesUrl the {@code URI} where this {@code Filter} will process
 	 * the authentication requests
+	 * @since 5.1
 	 */
 	public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
 			OAuth2AuthorizedClientRepository authorizedClientRepository, String filterProcessesUrl) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
index c01e94da0c..1d0760b5ad 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
@@ -78,10 +78,9 @@ public final class OAuth2AuthorizedClientArgumentResolver implements HandlerMeth
 	/**
 	 * Constructs an {@code OAuth2AuthorizedClientArgumentResolver} using the provided
 	 * parameters.
-	 *
-	 * @since 5.2
 	 * @param authorizedClientManager the {@link OAuth2AuthorizedClientManager} which
 	 * manages the authorized client(s)
+	 * @since 5.2
 	 */
 	public OAuth2AuthorizedClientArgumentResolver(OAuth2AuthorizedClientManager authorizedClientManager) {
 		Assert.notNull(authorizedClientManager, "authorizedClientManager cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
index 945f6e68e7..5ffbe25106 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
@@ -177,10 +177,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 	 * will result in removing the authorized client, so that a new token is retrieved for
 	 * future requests.
 	 * </p>
-	 *
-	 * @since 5.2
 	 * @param authorizedClientManager the {@link ReactiveOAuth2AuthorizedClientManager}
 	 * which manages the authorized client(s)
+	 * @since 5.2
 	 */
 	public ServerOAuth2AuthorizedClientExchangeFilterFunction(
 			ReactiveOAuth2AuthorizedClientManager authorizedClientManager) {
@@ -258,7 +257,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 	 * WebClient webClient = WebClient.builder()
 	 *    .filter(new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager))
 	 *    .build();
-	 * Mono<String> response = webClient
+	 * Mono&lt;String&gt; response = webClient
 	 *    .get()
 	 *    .uri(uri)
 	 *    .attributes(oauth2AuthorizedClient(authorizedClient))
@@ -297,7 +296,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 	 * WebClient webClient = WebClient.builder()
 	 *    .filter(new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager))
 	 *    .build();
-	 * Mono<String> response = webClient
+	 * Mono&lt;String&gt; response = webClient
 	 *    .get()
 	 *    .uri(uri)
 	 *    .attributes(serverWebExchange(serverWebExchange))
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
index 3acaede9b3..8b1b21850b 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
@@ -84,7 +84,7 @@ import java.util.stream.Stream;
  * WebClient webClient = WebClient.builder()
  *    .apply(oauth2.oauth2Configuration())
  *    .build();
- * Mono<String> response = webClient
+ * Mono&lt;String&gt; response = webClient
  *    .get()
  *    .uri(uri)
  *    .attributes(oauth2AuthorizedClient(authorizedClient))
@@ -190,10 +190,9 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
 	 * authentication and authorization failures returned from a Resource Server will
 	 * result in removing the authorized client, so that a new token is retrieved for
 	 * future requests.
-	 *
-	 * @since 5.2
 	 * @param authorizedClientManager the {@link OAuth2AuthorizedClientManager} which
 	 * manages the authorized client(s)
+	 * @since 5.2
 	 */
 	public ServletOAuth2AuthorizedClientExchangeFilterFunction(OAuth2AuthorizedClientManager authorizedClientManager) {
 		Assert.notNull(authorizedClientManager, "authorizedClientManager cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/result/method/annotation/OAuth2AuthorizedClientArgumentResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/result/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
index b79bce181f..0179740229 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/result/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/result/method/annotation/OAuth2AuthorizedClientArgumentResolver.java
@@ -69,10 +69,9 @@ public final class OAuth2AuthorizedClientArgumentResolver implements HandlerMeth
 	/**
 	 * Constructs an {@code OAuth2AuthorizedClientArgumentResolver} using the provided
 	 * parameters.
-	 *
-	 * @since 5.2
 	 * @param authorizedClientManager the {@link ReactiveOAuth2AuthorizedClientManager}
 	 * which manages the authorized client(s)
+	 * @since 5.2
 	 */
 	public OAuth2AuthorizedClientArgumentResolver(ReactiveOAuth2AuthorizedClientManager authorizedClientManager) {
 		Assert.notNull(authorizedClientManager, "authorizedClientManager cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java
index ca751132f3..c18dc66864 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java
@@ -134,10 +134,9 @@ public class DefaultServerOAuth2AuthorizationRequestResolver implements ServerOA
 	/**
 	 * Sets the {@code Consumer} to be provided the
 	 * {@link OAuth2AuthorizationRequest.Builder} allowing for further customizations.
-	 *
-	 * @since 5.3
 	 * @param authorizationRequestCustomizer the {@code Consumer} to be provided the
 	 * {@link OAuth2AuthorizationRequest.Builder}
+	 * @since 5.3
 	 */
 	public final void setAuthorizationRequestCustomizer(
 			Consumer<OAuth2AuthorizationRequest.Builder> authorizationRequestCustomizer) {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilter.java
index 30d860bff7..f39e4a2ad2 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilter.java
@@ -162,10 +162,9 @@ public class OAuth2AuthorizationCodeGrantWebFilter implements WebFilter {
 	/**
 	 * Sets the repository used for storing {@link OAuth2AuthorizationRequest}'s. The
 	 * default is {@link WebSessionOAuth2ServerAuthorizationRequestRepository}.
-	 *
-	 * @since 5.2
 	 * @param authorizationRequestRepository the repository used for storing
 	 * {@link OAuth2AuthorizationRequest}'s
+	 * @since 5.2
 	 */
 	public final void setAuthorizationRequestRepository(
 			ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
@@ -185,10 +184,9 @@ public class OAuth2AuthorizationCodeGrantWebFilter implements WebFilter {
 	 * Sets the {@link ServerRequestCache} used for loading a previously saved request (if
 	 * available) and replaying it after completing the processing of the OAuth 2.0
 	 * Authorization Response.
-	 *
-	 * @since 5.4
 	 * @param requestCache the cache used for loading a previously saved request (if
 	 * available)
+	 * @since 5.4
 	 */
 	public final void setRequestCache(ServerRequestCache requestCache) {
 		Assert.notNull(requestCache, "requestCache cannot be null");
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/ServerAuthorizationRequestRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/ServerAuthorizationRequestRepository.java
index b102117a97..0dde709779 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/ServerAuthorizationRequestRepository.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/ServerAuthorizationRequestRepository.java
@@ -34,11 +34,11 @@ import reactor.core.publisher.Mono;
  * used by the {@link OAuth2LoginAuthenticationFilter} for resolving the associated
  * Authorization Request when handling the callback of the Authorization Response.
  *
+ * @param <T> The type of OAuth 2.0 Authorization Request
  * @author Rob Winch
  * @since 5.1
  * @see OAuth2AuthorizationRequest
  * @see HttpSessionOAuth2AuthorizationRequestRepository
- * @param <T> The type of OAuth 2.0 Authorization Request
  */
 public interface ServerAuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> {
 
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java
index 56399c53bc..9c050cc6a7 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java
@@ -57,9 +57,8 @@ public final class OAuth2AccessTokenResponse {
 
 	/**
 	 * Returns the {@link OAuth2RefreshToken Refresh Token}.
-	 *
-	 * @since 5.1
 	 * @return the {@link OAuth2RefreshToken}
+	 * @since 5.1
 	 */
 	public @Nullable OAuth2RefreshToken getRefreshToken() {
 		return this.refreshToken;
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
index 48274effe8..e7696604d0 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
@@ -147,9 +147,8 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 
 	/**
 	 * Returns the attribute(s) associated to the request.
-	 *
-	 * @since 5.2
 	 * @return a {@code Map} of the attribute(s), or an empty {@code Map} if not available
+	 * @since 5.2
 	 */
 	public Map<String, Object> getAttributes() {
 		return this.attributes;
@@ -157,12 +156,11 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 
 	/**
 	 * Returns the value of an attribute associated to the request.
-	 *
-	 * @since 5.2
-	 * @param name the name of the attribute
 	 * @param <T> the type of the attribute
+	 * @param name the name of the attribute
 	 * @return the value of the attribute associated to the request, or {@code null} if
 	 * not available
+	 * @since 5.2
 	 */
 	@SuppressWarnings("unchecked")
 	public <T> T getAttribute(String name) {
@@ -176,10 +174,9 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 	 * <p>
 	 * <b>NOTE:</b> The {@code URI} string is encoded in the
 	 * {@code application/x-www-form-urlencoded} MIME format.
-	 *
-	 * @since 5.1
 	 * @return the {@code URI} string representation of the OAuth 2.0 Authorization
 	 * Request
+	 * @since 5.1
 	 */
 	public String getAuthorizationRequestUri() {
 		return this.authorizationRequestUri;
@@ -195,12 +192,12 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 
 	/**
 	 * Returns a new {@link Builder}, initialized with the implicit grant type.
+	 * @return the {@link Builder}
 	 * @deprecated It is not recommended to use the implicit flow due to the inherent
 	 * risks of returning access tokens in an HTTP redirect without any confirmation that
 	 * it has been received by the client.
 	 * @see <a target="_blank" href="https://oauth.net/2/grant-types/implicit/">OAuth 2.0
 	 * Implicit Grant</a>
-	 * @return the {@link Builder}
 	 */
 	@Deprecated
 	public static Builder implicit() {
@@ -210,11 +207,10 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 	/**
 	 * Returns a new {@link Builder}, initialized with the values from the provided
 	 * {@code authorizationRequest}.
-	 *
-	 * @since 5.1
 	 * @param authorizationRequest the authorization request used for initializing the
 	 * {@link Builder}
 	 * @return the {@link Builder}
+	 * @since 5.1
 	 */
 	public static Builder from(OAuth2AuthorizationRequest authorizationRequest) {
 		Assert.notNull(authorizationRequest, "authorizationRequest cannot be null");
@@ -352,10 +348,9 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 		/**
 		 * A {@code Consumer} to be provided access to the additional parameter(s)
 		 * allowing the ability to add, replace, or remove.
-		 *
-		 * @since 5.3
 		 * @param additionalParametersConsumer a {@code Consumer} of the additional
 		 * parameters
+		 * @since 5.3
 		 */
 		public Builder additionalParameters(Consumer<Map<String, Object>> additionalParametersConsumer) {
 			if (additionalParametersConsumer != null) {
@@ -367,9 +362,8 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 		/**
 		 * A {@code Consumer} to be provided access to all the parameters allowing the
 		 * ability to add, replace, or remove.
-		 *
-		 * @since 5.3
 		 * @param parametersConsumer a {@code Consumer} of all the parameters
+		 * @since 5.3
 		 */
 		public Builder parameters(Consumer<Map<String, Object>> parametersConsumer) {
 			if (parametersConsumer != null) {
@@ -380,10 +374,9 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 
 		/**
 		 * Sets the attributes associated to the request.
-		 *
-		 * @since 5.2
 		 * @param attributes the attributes associated to the request
 		 * @return the {@link Builder}
+		 * @since 5.2
 		 */
 		public Builder attributes(Map<String, Object> attributes) {
 			if (!CollectionUtils.isEmpty(attributes)) {
@@ -395,9 +388,8 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 		/**
 		 * A {@code Consumer} to be provided access to the attribute(s) allowing the
 		 * ability to add, replace, or remove.
-		 *
-		 * @since 5.3
 		 * @param attributesConsumer a {@code Consumer} of the attribute(s)
+		 * @since 5.3
 		 */
 		public Builder attributes(Consumer<Map<String, Object>> attributesConsumer) {
 			if (attributesConsumer != null) {
@@ -413,11 +405,10 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 		 * <p>
 		 * <b>NOTE:</b> The {@code URI} string is <b>required</b> to be encoded in the
 		 * {@code application/x-www-form-urlencoded} MIME format.
-		 *
-		 * @since 5.1
 		 * @param authorizationRequestUri the {@code URI} string representation of the
 		 * OAuth 2.0 Authorization Request
 		 * @return the {@link Builder}
+		 * @since 5.1
 		 */
 		public Builder authorizationRequestUri(String authorizationRequestUri) {
 			this.authorizationRequestUri = authorizationRequestUri;
@@ -427,10 +418,9 @@ public final class OAuth2AuthorizationRequest implements Serializable {
 		/**
 		 * A {@code Function} to be provided a {@code UriBuilder} representation of the
 		 * OAuth 2.0 Authorization Request allowing for further customizations.
-		 *
-		 * @since 5.3
 		 * @param authorizationRequestUriFunction a {@code Function} to be provided a
 		 * {@code UriBuilder} representation of the OAuth 2.0 Authorization Request
+		 * @since 5.3
 		 */
 		public Builder authorizationRequestUri(Function<UriBuilder, URI> authorizationRequestUriFunction) {
 			if (authorizationRequestUriFunction != null) {
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2AccessTokenResponseHttpMessageConverter.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2AccessTokenResponseHttpMessageConverter.java
index 020cc32874..f50e82f668 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2AccessTokenResponseHttpMessageConverter.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2AccessTokenResponseHttpMessageConverter.java
@@ -39,10 +39,10 @@ import org.springframework.util.Assert;
  * A {@link HttpMessageConverter} for an {@link OAuth2AccessTokenResponse OAuth 2.0 Access
  * Token Response}.
  *
- * @see AbstractHttpMessageConverter
- * @see OAuth2AccessTokenResponse
  * @author Joe Grandja
  * @since 5.1
+ * @see AbstractHttpMessageConverter
+ * @see OAuth2AccessTokenResponse
  */
 public class OAuth2AccessTokenResponseHttpMessageConverter
 		extends AbstractHttpMessageConverter<OAuth2AccessTokenResponse> {
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2ErrorHttpMessageConverter.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2ErrorHttpMessageConverter.java
index 52082de420..a5e854aff2 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2ErrorHttpMessageConverter.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2ErrorHttpMessageConverter.java
@@ -39,10 +39,10 @@ import java.util.stream.Collectors;
 /**
  * A {@link HttpMessageConverter} for an {@link OAuth2Error OAuth 2.0 Error}.
  *
- * @see AbstractHttpMessageConverter
- * @see OAuth2Error
  * @author Joe Grandja
  * @since 5.1
+ * @see AbstractHttpMessageConverter
+ * @see OAuth2Error
  */
 public class OAuth2ErrorHttpMessageConverter extends AbstractHttpMessageConverter<OAuth2Error> {
 
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimAccessor.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimAccessor.java
index beb6107052..1cb14aff5a 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimAccessor.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimAccessor.java
@@ -26,6 +26,8 @@ import java.util.List;
  * Token, which provides information about the authentication of an End-User by an
  * Authorization Server.
  *
+ * @author Joe Grandja
+ * @since 5.0
  * @see ClaimAccessor
  * @see StandardClaimAccessor
  * @see StandardClaimNames
@@ -36,8 +38,6 @@ import java.util.List;
  * @see <a target="_blank" href=
  * "https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard
  * Claims</a>
- * @author Joe Grandja
- * @since 5.0
  */
 public interface IdTokenClaimAccessor extends StandardClaimAccessor {
 
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimAccessor.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimAccessor.java
index e99c53959c..497a823ed0 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimAccessor.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimAccessor.java
@@ -25,6 +25,8 @@ import java.util.Map;
  * A {@link ClaimAccessor} for the &quot;Standard Claims&quot; that can be returned either
  * in the UserInfo Response or the ID Token.
  *
+ * @author Joe Grandja
+ * @since 5.0
  * @see ClaimAccessor
  * @see StandardClaimNames
  * @see OidcUserInfo
@@ -34,8 +36,6 @@ import java.util.Map;
  * @see <a target="_blank" href=
  * "https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard
  * Claims</a>
- * @author Joe Grandja
- * @since 5.0
  */
 public interface StandardClaimAccessor extends ClaimAccessor {
 
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
index c31312a8ad..97805ca257 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
@@ -42,8 +42,8 @@ import java.util.LinkedHashSet;
  *
  * @author Joe Grandja
  * @author Eddú Meléndez
- * @see OAuth2User
  * @since 5.0
+ * @see OAuth2User
  */
 public class DefaultOAuth2User implements OAuth2User, Serializable {
 
diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java
index cc028423e0..34c8ab3ce1 100644
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtValidationException.java
@@ -43,7 +43,7 @@ public class JwtValidationException extends BadJwtException {
 	 *
 	 * <pre>
 	 * 	if ( result.hasErrors() ) {
-	 *  	Collection<OAuth2Error> errors = result.getErrors();
+	 *  	Collection&lt;OAuth2Error&gt; errors = result.getErrors();
 	 *  	throw new JwtValidationException(errors.iterator().next().getDescription(), errors);
 	 * 	}
 	 * </pre>
diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderJwkSupport.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderJwkSupport.java
index c8b4f435a6..8accd3ed23 100644
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderJwkSupport.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderJwkSupport.java
@@ -119,10 +119,9 @@ public final class NimbusJwtDecoderJwkSupport implements JwtDecoder {
 
 	/**
 	 * Sets the {@link RestOperations} used when requesting the JSON Web Key (JWK) Set.
-	 *
-	 * @since 5.1
 	 * @param restOperations the {@link RestOperations} used when requesting the JSON Web
 	 * Key (JWK) Set
+	 * @since 5.1
 	 */
 	public void setRestOperations(RestOperations restOperations) {
 		Assert.notNull(restOperations, "restOperations cannot be null");
diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java
index 6a9ae1f38b..06abfecd4e 100644
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java
+++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java
@@ -38,10 +38,10 @@ import org.springframework.util.StringUtils;
  * and populate {@code WWW-Authenticate} HTTP header.
  *
  * @author Vedran Pavic
+ * @since 5.1
  * @see BearerTokenError
  * @see <a href="https://tools.ietf.org/html/rfc6750#section-3" target="_blank">RFC 6750
  * Section 3: The WWW-Authenticate Response Header Field</a>
- * @since 5.1
  */
 public final class BearerTokenAuthenticationEntryPoint implements AuthenticationEntryPoint {
 
diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java
index e5f027e5e1..ee3beb886e 100644
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java
+++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java
@@ -41,10 +41,10 @@ import java.util.Map;
  * and populate {@code WWW-Authenticate} HTTP header.
  *
  * @author Rob Winch
+ * @since 5.1
  * @see BearerTokenError
  * @see <a href="https://tools.ietf.org/html/rfc6750#section-3" target="_blank">RFC 6750
  * Section 3: The WWW-Authenticate Response Header Field</a>
- * @since 5.1
  */
 public final class BearerTokenServerAuthenticationEntryPoint implements ServerAuthenticationEntryPoint {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java b/openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
index fa623b7d7e..01d9f9840f 100644
--- a/openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
+++ b/openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
@@ -20,11 +20,11 @@ import org.springframework.security.core.AuthenticationException;
 /**
  * Indicates that OpenID authentication was cancelled
  *
+ * @author Robin Bramley, Opsera Ltd
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Robin Bramley, Opsera Ltd
  */
 public class AuthenticationCancelledException extends AuthenticationException {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java b/openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java
index d279f333d5..57d5287702 100644
--- a/openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java
+++ b/openid/src/main/java/org/springframework/security/openid/AxFetchListFactory.java
@@ -24,12 +24,12 @@ import java.util.List;
  * This allows the list of attributes for a fetch request to be tailored for different
  * OpenID providers, since they do not all support the same attributes.
  *
+ * @author Luke Taylor
+ * @since 3.1
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Luke Taylor
- * @since 3.1
  */
 public interface AxFetchListFactory {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java b/openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java
index 5cea1bba77..152eb442db 100644
--- a/openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java
+++ b/openid/src/main/java/org/springframework/security/openid/NullAxFetchListFactory.java
@@ -19,12 +19,12 @@ import java.util.Collections;
 import java.util.List;
 
 /**
+ * @author Luke Taylor
+ * @since 3.1
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Luke Taylor
- * @since 3.1
  */
 public class NullAxFetchListFactory implements AxFetchListFactory {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
index 1f82bb8ea1..ff7a63ecc4 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
@@ -27,12 +27,12 @@ import org.springframework.util.Assert;
  * should be requested during a fetch request, or to hold values for an attribute which
  * are returned during the authentication process.
  *
+ * @author Luke Taylor
+ * @since 3.0
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Luke Taylor
- * @since 3.0
  */
 public class OpenIDAttribute implements Serializable {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
index cd75656ffb..89ff57f6d3 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
@@ -59,15 +59,15 @@ import java.util.*;
  * where it should (normally) be processed by an <tt>OpenIDAuthenticationProvider</tt> in
  * order to load the authorities for the user.
  *
- * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
- * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
- * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
- * supported by <code>spring-security-oauth2</code>.
  * @author Robin Bramley
  * @author Ray Krueger
  * @author Luke Taylor
  * @since 2.0
  * @see OpenIDAuthenticationProvider
+ * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
+ * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
+ * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
+ * supported by <code>spring-security-oauth2</code>.
  */
 public class OpenIDAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
index cbc20858de..bdc9ee62fc 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
@@ -44,12 +44,12 @@ import org.springframework.util.Assert;
  * {@code Authentication} token, so additional properties such as email addresses,
  * telephone numbers etc can easily be stored.
  *
+ * @author Robin Bramley, Opsera Ltd.
+ * @author Luke Taylor
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Robin Bramley, Opsera Ltd.
- * @author Luke Taylor
  */
 public class OpenIDAuthenticationProvider implements AuthenticationProvider, InitializingBean {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
index 1f038cb090..a95c579104 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
@@ -17,13 +17,13 @@ package org.springframework.security.openid;
 
 /**
  * Authentication status codes, based on JanRain status codes
+ * @author JanRain Inc.
+ * @author Robin Bramley, Opsera Ltd
+ * @author Luke Taylor
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author JanRain Inc.
- * @author Robin Bramley, Opsera Ltd
- * @author Luke Taylor
  */
 public enum OpenIDAuthenticationStatus {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
index 60e0f52637..f854080877 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
@@ -26,11 +26,11 @@ import org.springframework.security.core.SpringSecurityCoreVersion;
 /**
  * OpenID Authentication Token
  *
+ * @author Robin Bramley
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Robin Bramley
  */
 public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java b/openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
index 540e661df8..d49143b9f4 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
@@ -20,12 +20,12 @@ import javax.servlet.http.HttpServletRequest;
 /**
  * An interface for OpenID library implementations
  *
+ * @author Ray Krueger
+ * @author Robin Bramley, Opsera Ltd
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Ray Krueger
- * @author Robin Bramley, Opsera Ltd
  */
 public interface OpenIDConsumer {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java b/openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
index 937a35091d..1410eb32c0 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
@@ -18,11 +18,11 @@ package org.springframework.security.openid;
 /**
  * Thrown by an OpenIDConsumer if it cannot process a request
  *
+ * @author Robin Bramley, Opsera Ltd
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Robin Bramley, Opsera Ltd
  */
 public class OpenIDConsumerException extends Exception {
 
diff --git a/openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java b/openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java
index 3f5b413662..39a0018530 100644
--- a/openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java
+++ b/openid/src/main/java/org/springframework/security/openid/RegexBasedAxFetchListFactory.java
@@ -22,12 +22,12 @@ import java.util.Map;
 import java.util.regex.Pattern;
 
 /**
+ * @author Luke Taylor
+ * @since 3.1
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Luke Taylor
- * @since 3.1
  */
 public class RegexBasedAxFetchListFactory implements AxFetchListFactory {
 
diff --git a/openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java b/openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
index 67dbcc9b5a..9228c022c6 100644
--- a/openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
+++ b/openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
@@ -18,11 +18,11 @@ package org.springframework.security.openid;
 import javax.servlet.http.HttpServletRequest;
 
 /**
+ * @author Robin Bramley, Opsera Ltd
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Robin Bramley, Opsera Ltd
  */
 public class MockOpenIDConsumer implements OpenIDConsumer {
 
diff --git a/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java b/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java
index f185a46066..f71600c629 100644
--- a/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java
+++ b/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java
@@ -40,11 +40,11 @@ import org.springframework.mock.web.MockHttpServletRequest;
 import java.util.*;
 
 /**
+ * @author Luke Taylor
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Luke Taylor
  */
 public class OpenID4JavaConsumerTests {
 
diff --git a/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java b/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
index aef409a22c..bb1d2c10fc 100644
--- a/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
+++ b/openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
@@ -35,11 +35,11 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 /**
  * Tests {@link OpenIDAuthenticationProvider}
  *
+ * @author Robin Bramley, Opsera Ltd
  * @deprecated The OpenID 1.0 and 2.0 protocols have been deprecated and users are
  * <a href="https://openid.net/specs/openid-connect-migration-1_0.html">encouraged to
  * migrate</a> to <a href="https://openid.net/connect/">OpenID Connect</a>, which is
  * supported by <code>spring-security-oauth2</code>.
- * @author Robin Bramley, Opsera Ltd
  */
 public class OpenIDAuthenticationProviderTests {
 
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
index 1aeb1649bf..4ce1cd7530 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2X509Credential.java
@@ -34,9 +34,9 @@ import static org.springframework.util.Assert.state;
  * "https://www.oasis-open.org/committees/download.php/8958/sstc-saml-implementation-guidelines-draft-01.pdf">
  * usages </a> (Line 584, Section 4.3 Credentials).
  *
- * @since 5.4
  * @author Filip Hanik
  * @author Josh Cummings
+ * @since 5.4
  */
 public final class Saml2X509Credential {
 
@@ -140,7 +140,7 @@ public final class Saml2X509Credential {
 	/**
 	 * Get the private key for this credential
 	 * @return the private key, may be null
-	 * @see {@link #Saml2X509Credential(PrivateKey, X509Certificate, Saml2X509CredentialType...)}
+	 * @see #Saml2X509Credential(PrivateKey, X509Certificate, Saml2X509CredentialType...)
 	 */
 	public PrivateKey getPrivateKey() {
 		return this.privateKey;
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/credentials/Saml2X509Credential.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/credentials/Saml2X509Credential.java
index f329ff08f8..648cb0d715 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/credentials/Saml2X509Credential.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/credentials/Saml2X509Credential.java
@@ -157,7 +157,7 @@ public class Saml2X509Credential {
 	/**
 	 * Returns the private key, or null if this credential type doesn't require one.
 	 * @return the private key, or null
-	 * @see {@link #Saml2X509Credential(PrivateKey, X509Certificate, Saml2X509CredentialType...)}
+	 * @see #Saml2X509Credential(PrivateKey, X509Certificate, Saml2X509CredentialType...)
 	 */
 	public PrivateKey getPrivateKey() {
 		return this.privateKey;
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/AbstractSaml2AuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/AbstractSaml2AuthenticationRequest.java
index 3b3b6536fc..486d8b26a4 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/AbstractSaml2AuthenticationRequest.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/AbstractSaml2AuthenticationRequest.java
@@ -30,9 +30,9 @@ import java.nio.charset.Charset;
  * https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf
  * (line 2031)
  *
+ * @since 5.3
  * @see Saml2AuthenticationRequestFactory#createPostAuthenticationRequest(Saml2AuthenticationRequestContext)
  * @see Saml2AuthenticationRequestFactory#createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext)
- * @since 5.3
  */
 abstract class AbstractSaml2AuthenticationRequest {
 
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java
index c922a8c117..fbcdbf4f1d 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java
@@ -185,7 +185,7 @@ public final class Saml2AuthenticationRequest {
 		/**
 		 * Creates a {@link Saml2AuthenticationRequest} object.
 		 * @return the Saml2AuthenticationRequest object
-		 * @throws {@link IllegalArgumentException} if a required property is not set
+		 * @throws IllegalArgumentException if a required property is not set
 		 */
 		public Saml2AuthenticationRequest build() {
 			return new Saml2AuthenticationRequest(this.issuer, this.destination, this.assertionConsumerServiceUrl,
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java
index 5902571aa9..690ebbd98a 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java
@@ -25,9 +25,9 @@ import org.springframework.util.Assert;
  * "https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf">
  * Assertions and Protocols for SAML 2 (line 2031)</a>
  *
+ * @since 5.3
  * @see Saml2AuthenticationRequestFactory#createPostAuthenticationRequest(Saml2AuthenticationRequestContext)
  * @see Saml2AuthenticationRequestFactory#createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext)
- * @since 5.3
  */
 public class Saml2AuthenticationRequestContext {
 
@@ -167,7 +167,7 @@ public class Saml2AuthenticationRequestContext {
 		/**
 		 * Creates a {@link Saml2AuthenticationRequestContext} object.
 		 * @return the Saml2AuthenticationRequest object
-		 * @throws {@link IllegalArgumentException} if a required property is not set
+		 * @throws IllegalArgumentException if a required property is not set
 		 */
 		public Saml2AuthenticationRequestContext build() {
 			return new Saml2AuthenticationRequestContext(this.relyingPartyRegistration, this.issuer,
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
index a266dd93ec..22f042c328 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
@@ -30,9 +30,9 @@ import static org.springframework.security.saml2.provider.service.registration.R
  * Represents an incoming SAML 2.0 response containing an assertion that has not been
  * validated. {@link Saml2AuthenticationToken#isAuthenticated()} will always return false.
  *
- * @since 5.2
  * @author Filip Hanik
  * @author Josh Cummings
+ * @since 5.2
  */
 public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 
@@ -71,7 +71,7 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 	 * @param localSpEntityId the configured local SP, the relying party, entity ID
 	 * @param credentials the credentials configured for signature verification and
 	 * decryption
-	 * @deprecated Use {@link Saml2AuthenticationToken(RelyingPartyRegistration, String)}
+	 * @deprecated Use {@link #Saml2AuthenticationToken(RelyingPartyRegistration, String)}
 	 * instead
 	 */
 	@Deprecated
@@ -125,8 +125,7 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 	 * Returns the URI that the SAML 2 Response object came in on
 	 * @return URI as a string
 	 * @deprecated Use
-	 * {@link #getRelyingPartyRegistration().getAssertionConsumerServiceLocation()}
-	 * instead
+	 * {@code getRelyingPartyRegistration().getAssertionConsumerServiceLocation()} instead
 	 */
 	@Deprecated
 	public String getRecipientUri() {
@@ -136,7 +135,7 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 	/**
 	 * Returns the configured entity ID of the receiving relying party, SP
 	 * @return an entityID for the configured local relying party
-	 * @deprecated Use {@link #getRelyingPartyRegistration().getEntityId()} instead
+	 * @deprecated Use {@code getRelyingPartyRegistration().getEntityId()} instead
 	 */
 	@Deprecated
 	public String getLocalSpEntityId() {
@@ -145,7 +144,7 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 
 	/**
 	 * Returns all the credentials associated with the relying party configuraiton
-	 * @return
+	 * @return all associated credentials
 	 * @deprecated Get the credentials through {@link #getRelyingPartyRegistration()}
 	 * instead
 	 */
@@ -165,7 +164,6 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 	/**
 	 * The state of this object cannot be changed. Will always throw an exception
 	 * @param authenticated ignored
-	 * @throws {@link IllegalArgumentException}
 	 */
 	@Override
 	public void setAuthenticated(boolean authenticated) {
@@ -176,7 +174,7 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 	 * Returns the configured IDP, asserting party, entity ID
 	 * @return a string representing the entity ID
 	 * @deprecated Use
-	 * {@link #getRelyingPartyRegistration().getAssertingPartyDetails().getEntityId()}
+	 * {@code getRelyingPartyRegistration().getAssertingPartyDetails().getEntityId()}
 	 * instead
 	 */
 	@Deprecated
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java
index 7d3f3aab41..b767af35e6 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java
@@ -26,8 +26,8 @@ import static org.springframework.security.saml2.provider.service.registration.S
  * https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf
  * (line 2031)
  *
- * @see Saml2AuthenticationRequestFactory
  * @since 5.3
+ * @see Saml2AuthenticationRequestFactory
  */
 public class Saml2PostAuthenticationRequest extends AbstractSaml2AuthenticationRequest {
 
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java
index d5ae3c32c5..a4b0d25c95 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java
@@ -26,8 +26,8 @@ import static org.springframework.security.saml2.provider.service.registration.S
  * https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf
  * (line 2031)
  *
- * @see Saml2AuthenticationRequestFactory
  * @since 5.3
+ * @see Saml2AuthenticationRequestFactory
  */
 public class Saml2RedirectAuthenticationRequest extends AbstractSaml2AuthenticationRequest {
 
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
index e275c51161..17dede124a 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java
@@ -67,9 +67,9 @@ import org.springframework.util.Assert;
  * 			.build();
  * </pre>
  *
- * @since 5.2
  * @author Filip Hanik
  * @author Josh Cummings
+ * @since 5.2
  */
 public class RelyingPartyRegistration {
 
@@ -284,7 +284,7 @@ public class RelyingPartyRegistration {
 	 * @return a filtered list containing only credentials of type
 	 * {@link org.springframework.security.saml2.credentials.Saml2X509Credential.Saml2X509CredentialType#VERIFICATION}.
 	 * Returns an empty list of credentials are not found
-	 * @deprecated Use {@link #getAssertingPartyDetails().getSigningX509Credentials()}
+	 * @deprecated Use {code #getAssertingPartyDetails().getSigningX509Credentials()}
 	 * instead
 	 */
 	@Deprecated
@@ -909,8 +909,8 @@ public class RelyingPartyRegistration {
 		 * Provider.
 		 * @param entityId the IDP entityId
 		 * @return this object
-		 * @deprecated use {@link #assertingPartyDetails(Consumer<
-		 * AssertingPartyDetails.Builder >)}
+		 * @deprecated use
+		 * {@code #assertingPartyDetails(Consumer<AssertingPartyDetails.Builder >)}
 		 */
 		@Deprecated
 		public Builder remoteIdpEntityId(String entityId) {
@@ -923,8 +923,8 @@ public class RelyingPartyRegistration {
 		 * @param url - a URL that accepts authentication requests via REDIRECT or POST
 		 * bindings
 		 * @return this object
-		 * @deprecated use {@link #assertingPartyDetails(Consumer<
-		 * AssertingPartyDetails.Builder >)}
+		 * @deprecated use
+		 * {@code #assertingPartyDetails(Consumer<AssertingPartyDetails.Builder >)}
 		 */
 		@Deprecated
 		public Builder idpWebSsoUrl(String url) {
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationRepository.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationRepository.java
index 48e6419ff5..1c681d92a3 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationRepository.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistrationRepository.java
@@ -19,8 +19,8 @@ package org.springframework.security.saml2.provider.service.registration;
 /**
  * A repository for {@link RelyingPartyRegistration}s
  *
- * @since 5.2
  * @author Filip Hanik
+ * @since 5.2
  */
 public interface RelyingPartyRegistrationRepository {
 
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationRequestFilter.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationRequestFilter.java
index ea3520147c..70b595cb45 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationRequestFilter.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/servlet/filter/Saml2WebSsoAuthenticationRequestFilter.java
@@ -64,9 +64,9 @@ import static java.nio.charset.StandardCharsets.ISO_8859_1;
  * {@link RelyingPartyRegistration#getRegistrationId() registration identifier} of the
  * relying party that is used for initiating the authentication request.
  *
- * @since 5.2
  * @author Filip Hanik
  * @author Josh Cummings
+ * @since 5.2
  */
 public class Saml2WebSsoAuthenticationRequestFilter extends OncePerRequestFilter {
 
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java
index bdc60fcc0b..c7acd46e51 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.java
@@ -40,8 +40,8 @@ import static org.springframework.web.util.UriComponentsBuilder.fromHttpUrl;
  * registration id from the request, querying a
  * {@link RelyingPartyRegistrationRepository}, and resolving any template values.
  *
- * @since 5.4
  * @author Josh Cummings
+ * @since 5.4
  */
 public final class DefaultRelyingPartyRegistrationResolver
 		implements Converter<HttpServletRequest, RelyingPartyRegistration> {
diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/authz/JspAuthorizeTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/authz/JspAuthorizeTag.java
index de9d1bb675..6584e3ee5e 100644
--- a/taglibs/src/main/java/org/springframework/security/taglibs/authz/JspAuthorizeTag.java
+++ b/taglibs/src/main/java/org/springframework/security/taglibs/authz/JspAuthorizeTag.java
@@ -43,8 +43,8 @@ import org.springframework.security.web.FilterInvocation;
  * A JSP {@link Tag} implementation of {@link AbstractAuthorizeTag}.
  *
  * @author Rossen Stoyanchev
- * @see AbstractAuthorizeTag
  * @since 3.1.0
+ * @see AbstractAuthorizeTag
  */
 public class JspAuthorizeTag extends AbstractAuthorizeTag implements Tag {
 
diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/csrf/AbstractCsrfTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/csrf/AbstractCsrfTag.java
index 366a8fcfe4..3dbe9cee9a 100644
--- a/taglibs/src/main/java/org/springframework/security/taglibs/csrf/AbstractCsrfTag.java
+++ b/taglibs/src/main/java/org/springframework/security/taglibs/csrf/AbstractCsrfTag.java
@@ -25,8 +25,8 @@ import java.io.IOException;
 /**
  * An abstract tag for handling CSRF operations.
  *
- * @since 3.2.2
  * @author Nick Williams
+ * @since 3.2.2
  */
 abstract class AbstractCsrfTag extends TagSupport {
 
diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfInputTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfInputTag.java
index ade138fb54..799c0eab6b 100644
--- a/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfInputTag.java
+++ b/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfInputTag.java
@@ -22,8 +22,8 @@ import org.springframework.security.web.csrf.CsrfToken;
  * A JSP tag that prints out a hidden form field for the CSRF token. See the JSP Tab
  * Library documentation for more information.
  *
- * @since 3.2.2
  * @author Nick Williams
+ * @since 3.2.2
  */
 public class CsrfInputTag extends AbstractCsrfTag {
 
diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfMetaTagsTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfMetaTagsTag.java
index e196dd8a2e..389dd3d51c 100644
--- a/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfMetaTagsTag.java
+++ b/taglibs/src/main/java/org/springframework/security/taglibs/csrf/CsrfMetaTagsTag.java
@@ -22,8 +22,8 @@ import org.springframework.security.web.csrf.CsrfToken;
  * A JSP tag that prints out a meta tags holding the CSRF form field name and token value
  * for use in JavaScrip code. See the JSP Tab Library documentation for more information.
  *
- * @since 3.2.2
  * @author Nick Williams
+ * @since 3.2.2
  */
 public class CsrfMetaTagsTag extends AbstractCsrfTag {
 
diff --git a/test/src/main/java/org/springframework/security/test/context/support/WithAnonymousUserSecurityContextFactory.java b/test/src/main/java/org/springframework/security/test/context/support/WithAnonymousUserSecurityContextFactory.java
index 11409e1d8b..b5e35ee06c 100644
--- a/test/src/main/java/org/springframework/security/test/context/support/WithAnonymousUserSecurityContextFactory.java
+++ b/test/src/main/java/org/springframework/security/test/context/support/WithAnonymousUserSecurityContextFactory.java
@@ -28,11 +28,10 @@ import org.springframework.security.core.context.SecurityContextHolder;
  * A {@link WithAnonymousUserSecurityContextFactory} that runs with an
  * {@link AnonymousAuthenticationToken}. .
  *
- * @see WithUserDetails
  * @author Rob Winch
  * @since 4.1
+ * @see WithUserDetails
  */
-
 final class WithAnonymousUserSecurityContextFactory implements WithSecurityContextFactory<WithAnonymousUser> {
 
 	public SecurityContext createSecurityContext(WithAnonymousUser withUser) {
diff --git a/test/src/main/java/org/springframework/security/test/context/support/WithSecurityContextFactory.java b/test/src/main/java/org/springframework/security/test/context/support/WithSecurityContextFactory.java
index c00e589fab..72c58cc84d 100644
--- a/test/src/main/java/org/springframework/security/test/context/support/WithSecurityContextFactory.java
+++ b/test/src/main/java/org/springframework/security/test/context/support/WithSecurityContextFactory.java
@@ -24,12 +24,12 @@ import org.springframework.security.test.context.TestSecurityContextHolder;
  * An API that works with WithUserTestExcecutionListener for creating a
  * {@link SecurityContext} that is populated in the {@link TestSecurityContextHolder}.
  *
- * @author Rob Winch
  * @param <A>
+ * @author Rob Winch
+ * @since 4.0
  * @see WithSecurityContext
  * @see WithMockUser
  * @see WithUserDetails
- * @since 4.0
  */
 public interface WithSecurityContextFactory<A extends Annotation> {
 
diff --git a/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java b/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java
index 0bb706ddfb..55b3d48060 100644
--- a/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java
+++ b/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java
@@ -35,11 +35,10 @@ import org.springframework.util.StringUtils;
  * A {@link WithUserDetailsSecurityContextFactory} that works with {@link WithUserDetails}
  * .
  *
- * @see WithUserDetails
  * @author Rob Winch
  * @since 4.0
+ * @see WithUserDetails
  */
-
 final class WithUserDetailsSecurityContextFactory implements WithSecurityContextFactory<WithUserDetails> {
 
 	private static final boolean reactorPresent = ClassUtils.isPresent("reactor.core.publisher.Mono",
diff --git a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java
index 1821fa1ab6..a0fe23aa6b 100644
--- a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java
+++ b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java
@@ -947,9 +947,9 @@ public final class SecurityMockMvcRequestPostProcessors {
 		 * @param roles The roles to populate. Note that if the role does not start with
 		 * {@link #ROLE_PREFIX} it will automatically be prepended. This means by default
 		 * {@code roles("ROLE_USER")} and {@code roles("USER")} are equivalent.
+		 * @return the UserRequestPostProcessor for further customizations
 		 * @see #authorities(GrantedAuthority...)
 		 * @see #ROLE_PREFIX
-		 * @return the UserRequestPostProcessor for further customizations
 		 */
 		public UserRequestPostProcessor roles(String... roles) {
 			List<GrantedAuthority> authorities = new ArrayList<>(roles.length);
@@ -969,8 +969,8 @@ public final class SecurityMockMvcRequestPostProcessors {
 		/**
 		 * Populates the user's {@link GrantedAuthority}'s. The default is ROLE_USER.
 		 * @param authorities
-		 * @see #roles(String...)
 		 * @return the UserRequestPostProcessor for further customizations
+		 * @see #roles(String...)
 		 */
 		public UserRequestPostProcessor authorities(GrantedAuthority... authorities) {
 			return authorities(Arrays.asList(authorities));
@@ -979,8 +979,8 @@ public final class SecurityMockMvcRequestPostProcessors {
 		/**
 		 * Populates the user's {@link GrantedAuthority}'s. The default is ROLE_USER.
 		 * @param authorities
-		 * @see #roles(String...)
 		 * @return the UserRequestPostProcessor for further customizations
+		 * @see #roles(String...)
 		 */
 		public UserRequestPostProcessor authorities(Collection<? extends GrantedAuthority> authorities) {
 			this.authorities = authorities;
diff --git a/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurers.java b/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurers.java
index 0f4f748e32..1fa2af9be4 100644
--- a/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurers.java
+++ b/test/src/main/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurers.java
@@ -24,8 +24,8 @@ import javax.servlet.Filter;
  * Provides Security related
  * {@link org.springframework.test.web.servlet.setup.MockMvcConfigurer} implementations.
  *
- * @since 4.0
  * @author Rob Winch
+ * @since 4.0
  */
 public final class SecurityMockMvcConfigurers {
 
diff --git a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java
index e67db58754..6796b3a6a2 100644
--- a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java
+++ b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java
@@ -267,9 +267,8 @@ public class FilterChainProxy extends GenericFilterBean {
 	/**
 	 * Sets the {@link RequestRejectedHandler} to be used for requests rejected by the
 	 * firewall.
-	 *
-	 * @since 5.2
 	 * @param requestRejectedHandler the {@link RequestRejectedHandler}
+	 * @since 5.2
 	 */
 	public void setRequestRejectedHandler(RequestRejectedHandler requestRejectedHandler) {
 		Assert.notNull(requestRejectedHandler, "requestRejectedHandler may not be null");
diff --git a/web/src/main/java/org/springframework/security/web/WebAttributes.java b/web/src/main/java/org/springframework/security/web/WebAttributes.java
index 38ea04be0e..bb1c279ccb 100644
--- a/web/src/main/java/org/springframework/security/web/WebAttributes.java
+++ b/web/src/main/java/org/springframework/security/web/WebAttributes.java
@@ -45,8 +45,8 @@ public final class WebAttributes {
 	 * Set as a request attribute to override the default
 	 * {@link WebInvocationPrivilegeEvaluator}
 	 *
-	 * @see WebInvocationPrivilegeEvaluator
 	 * @since 3.1.3
+	 * @see WebInvocationPrivilegeEvaluator
 	 */
 	public static final String WEB_INVOCATION_PRIVILEGE_EVALUATOR_ATTRIBUTE = WebAttributes.class.getName()
 			+ ".WEB_INVOCATION_PRIVILEGE_EVALUATOR_ATTRIBUTE";
diff --git a/web/src/main/java/org/springframework/security/web/access/expression/EvaluationContextPostProcessor.java b/web/src/main/java/org/springframework/security/web/access/expression/EvaluationContextPostProcessor.java
index 5b77e7fc2c..5f700fa6c3 100644
--- a/web/src/main/java/org/springframework/security/web/access/expression/EvaluationContextPostProcessor.java
+++ b/web/src/main/java/org/springframework/security/web/access/expression/EvaluationContextPostProcessor.java
@@ -25,9 +25,9 @@ import org.springframework.expression.EvaluationContext;
  * This API is intentionally kept package scope as it may evolve over time.
  * </p>
  *
+ * @param <I> the invocation to use for post processing
  * @author Rob Winch
  * @since 4.1
- * @param <I> the invocation to use for post processing
  */
 interface EvaluationContextPostProcessor<I> {
 
diff --git a/web/src/main/java/org/springframework/security/web/authentication/Http403ForbiddenEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/Http403ForbiddenEntryPoint.java
index b80125ec44..a9f54f952f 100755
--- a/web/src/main/java/org/springframework/security/web/authentication/Http403ForbiddenEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/Http403ForbiddenEntryPoint.java
@@ -38,10 +38,10 @@ import org.springframework.security.web.AuthenticationEntryPoint;
  * The <code>commence</code> method will always return an
  * <code>HttpServletResponse.SC_FORBIDDEN</code> (403 error).
  *
- * @see org.springframework.security.web.access.ExceptionTranslationFilter
  * @author Luke Taylor
  * @author Ruud Senden
  * @since 2.0
+ * @see org.springframework.security.web.access.ExceptionTranslationFilter
  */
 public class Http403ForbiddenEntryPoint implements AuthenticationEntryPoint {
 
diff --git a/web/src/main/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandler.java
index d7cb534bbd..7b88d97dab 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandler.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandler.java
@@ -55,8 +55,8 @@ public final class CookieClearingLogoutHandler implements LogoutHandler {
 	}
 
 	/**
-	 * @since 5.2
 	 * @param cookiesToClear - One or more Cookie objects that must have maxAge of 0
+	 * @since 5.2
 	 */
 	public CookieClearingLogoutHandler(Cookie... cookiesToClear) {
 		Assert.notNull(cookiesToClear, "List of cookies cannot be null");
diff --git a/web/src/main/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandler.java b/web/src/main/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandler.java
index a95bad8ffd..cc5ce0309c 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandler.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandler.java
@@ -34,7 +34,7 @@ public final class HeaderWriterLogoutHandler implements LogoutHandler {
 	/**
 	 * Constructs a new instance using the passed {@link HeaderWriter} implementation
 	 * @param headerWriter
-	 * @throws {@link IllegalArgumentException} if headerWriter is null.
+	 * @throws IllegalArgumentException if headerWriter is null.
 	 */
 	public HeaderWriterLogoutHandler(HeaderWriter headerWriter) {
 		Assert.notNull(headerWriter, "headerWriter cannot be null");
diff --git a/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenRepository.java b/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenRepository.java
index f6b1a1c228..8e61af9934 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenRepository.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/rememberme/PersistentTokenRepository.java
@@ -21,10 +21,10 @@ import java.util.Date;
  * The abstraction used by {@link PersistentTokenBasedRememberMeServices} to store the
  * persistent login tokens for a user.
  *
- * @see JdbcTokenRepositoryImpl
- * @see InMemoryTokenRepositoryImpl
  * @author Luke Taylor
  * @since 2.0
+ * @see JdbcTokenRepositoryImpl
+ * @see InMemoryTokenRepositoryImpl
  */
 public interface PersistentTokenRepository {
 
diff --git a/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategy.java b/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategy.java
index 976fc44920..936ff6efcc 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategy.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategy.java
@@ -61,10 +61,10 @@ import org.springframework.util.Assert;
  * {@link CompositeSessionAuthenticationStrategy}.
  * </p>
  *
- * @see CompositeSessionAuthenticationStrategy
  * @author Luke Taylor
  * @author Rob Winch
  * @since 3.2
+ * @see CompositeSessionAuthenticationStrategy
  */
 public class ConcurrentSessionControlAuthenticationStrategy
 		implements MessageSourceAware, SessionAuthenticationStrategy {
diff --git a/web/src/main/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategy.java b/web/src/main/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategy.java
index 8681163a6b..1f72780e57 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategy.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategy.java
@@ -38,10 +38,10 @@ import org.springframework.util.Assert;
  * timed out sessions) are removed. This is typically done by adding
  * {@link HttpSessionEventPublisher}.
  *
- * @see CompositeSessionAuthenticationStrategy
  * @author Luke Taylor
  * @author Rob Winch
  * @since 3.2
+ * @see CompositeSessionAuthenticationStrategy
  */
 public class RegisterSessionAuthenticationStrategy implements SessionAuthenticationStrategy {
 
diff --git a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
index 4858607a06..090cd33774 100644
--- a/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
+++ b/web/src/main/java/org/springframework/security/web/context/HttpSessionSecurityContextRepository.java
@@ -279,9 +279,8 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo
 
 	/**
 	 * Wrapper that is applied to every request/response to update the
-	 * <code>HttpSession<code> with
-	 * the <code>SecurityContext</code> when a <code>sendError()</code> or
-	 * <code>sendRedirect</code> happens. See SEC-398.
+	 * <code>HttpSession</code> with the <code>SecurityContext</code> when a
+	 * <code>sendError()</code> or <code>sendRedirect</code> happens. See SEC-398.
 	 * <p>
 	 * Stores the necessary state from the start of the request in order to make a
 	 * decision about whether the security context has changed before saving it.
diff --git a/web/src/main/java/org/springframework/security/web/context/support/SecurityWebApplicationContextUtils.java b/web/src/main/java/org/springframework/security/web/context/support/SecurityWebApplicationContextUtils.java
index afc88e9aa5..b97b5fd6d7 100644
--- a/web/src/main/java/org/springframework/security/web/context/support/SecurityWebApplicationContextUtils.java
+++ b/web/src/main/java/org/springframework/security/web/context/support/SecurityWebApplicationContextUtils.java
@@ -40,9 +40,9 @@ public abstract class SecurityWebApplicationContextUtils extends WebApplicationC
 	 * {@code DispatcherServlet} registrations in the web app.
 	 * @param servletContext ServletContext to find the web application context for
 	 * @return the desired WebApplicationContext for this web app
+	 * @throws IllegalStateException if no WebApplicationContext can be found
 	 * @see #getWebApplicationContext(ServletContext)
 	 * @see ServletContext#getAttributeNames()
-	 * @throws IllegalStateException if no WebApplicationContext can be found
 	 */
 	public static WebApplicationContext findRequiredWebApplicationContext(ServletContext servletContext) {
 		WebApplicationContext wac = _findWebApplicationContext(servletContext);
diff --git a/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java
index a5193af78a..a5a6f69c61 100644
--- a/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java
+++ b/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java
@@ -190,10 +190,9 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository {
 	/**
 	 * Sets the domain of the cookie that the expected CSRF token is saved to and read
 	 * from.
-	 *
-	 * @since 5.2
 	 * @param cookieDomain the domain of the cookie that the expected CSRF token is saved
 	 * to and read from
+	 * @since 5.2
 	 */
 	public void setCookieDomain(String cookieDomain) {
 		this.cookieDomain = cookieDomain;
@@ -202,10 +201,9 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository {
 	/**
 	 * Sets secure flag of the cookie that the expected CSRF token is saved to and read
 	 * from. By default secure flag depends on {@link ServletRequest#isSecure()}
-	 *
-	 * @since 5.4
 	 * @param secure the secure flag of the cookie that the expected CSRF token is saved
 	 * to and read from
+	 * @since 5.4
 	 */
 	public void setSecure(Boolean secure) {
 		this.secure = secure;
diff --git a/web/src/main/java/org/springframework/security/web/csrf/CsrfToken.java b/web/src/main/java/org/springframework/security/web/csrf/CsrfToken.java
index c3139a58c1..4056cda997 100644
--- a/web/src/main/java/org/springframework/security/web/csrf/CsrfToken.java
+++ b/web/src/main/java/org/springframework/security/web/csrf/CsrfToken.java
@@ -20,9 +20,9 @@ import java.io.Serializable;
 /**
  * Provides the information about an expected CSRF token.
  *
- * @see DefaultCsrfToken
  * @author Rob Winch
  * @since 3.2
+ * @see DefaultCsrfToken
  *
  */
 public interface CsrfToken extends Serializable {
diff --git a/web/src/main/java/org/springframework/security/web/csrf/CsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/csrf/CsrfTokenRepository.java
index 7b0945e898..fa3877ab3b 100644
--- a/web/src/main/java/org/springframework/security/web/csrf/CsrfTokenRepository.java
+++ b/web/src/main/java/org/springframework/security/web/csrf/CsrfTokenRepository.java
@@ -24,10 +24,9 @@ import javax.servlet.http.HttpSession;
  * associated to the {@link HttpServletRequest}. For example, it may be stored in
  * {@link HttpSession}.
  *
- * @see HttpSessionCsrfTokenRepository
  * @author Rob Winch
  * @since 3.2
- *
+ * @see HttpSessionCsrfTokenRepository
  */
 public interface CsrfTokenRepository {
 
diff --git a/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java b/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java
index f65c0b4419..8fcd7b9107 100644
--- a/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java
+++ b/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java
@@ -71,10 +71,10 @@ import org.springframework.http.HttpMethod;
  * {@link #setAllowedParameterValues(Predicate)}</li>
  * </ul>
  *
- * @see DefaultHttpFirewall
  * @author Rob Winch
  * @author Eddú Meléndez
  * @since 4.2.4
+ * @see DefaultHttpFirewall
  */
 public class StrictHttpFirewall implements HttpFirewall {
 
@@ -146,8 +146,8 @@ public class StrictHttpFirewall implements HttpFirewall {
 	 * Verb tampering and XST attacks</a>
 	 * @param unsafeAllowAnyHttpMethod if true, disables HTTP method validation, else
 	 * resets back to the defaults. Default is false.
-	 * @see #setAllowedHttpMethods(Collection)
 	 * @since 5.1
+	 * @see #setAllowedHttpMethods(Collection)
 	 */
 	public void setUnsafeAllowAnyHttpMethod(boolean unsafeAllowAnyHttpMethod) {
 		this.allowedHttpMethods = unsafeAllowAnyHttpMethod ? ALLOW_ANY_HTTP_METHOD : createDefaultAllowedHttpMethods();
@@ -160,8 +160,8 @@ public class StrictHttpFirewall implements HttpFirewall {
 	 * </p>
 	 * @param allowedHttpMethods the case-sensitive collection of HTTP methods that are
 	 * allowed.
-	 * @see #setUnsafeAllowAnyHttpMethod(boolean)
 	 * @since 5.1
+	 * @see #setUnsafeAllowAnyHttpMethod(boolean)
 	 */
 	public void setAllowedHttpMethods(Collection<String> allowedHttpMethods) {
 		if (allowedHttpMethods == null) {
@@ -355,9 +355,9 @@ public class StrictHttpFirewall implements HttpFirewall {
 	 * names that contain ISO control characters and characters that are not defined.
 	 * </p>
 	 * @param allowedHeaderNames the predicate for testing header names
+	 * @since 5.4
 	 * @see Character#isISOControl(int)
 	 * @see Character#isDefined(int)
-	 * @since 5.4
 	 */
 	public void setAllowedHeaderNames(Predicate<String> allowedHeaderNames) {
 		if (allowedHeaderNames == null) {
@@ -372,9 +372,9 @@ public class StrictHttpFirewall implements HttpFirewall {
 	 * values that contain ISO control characters and characters that are not defined.
 	 * </p>
 	 * @param allowedHeaderValues the predicate for testing hostnames
+	 * @since 5.4
 	 * @see Character#isISOControl(int)
 	 * @see Character#isDefined(int)
-	 * @since 5.4
 	 */
 	public void setAllowedHeaderValues(Predicate<String> allowedHeaderValues) {
 		if (allowedHeaderValues == null) {
diff --git a/web/src/main/java/org/springframework/security/web/header/HeaderWriter.java b/web/src/main/java/org/springframework/security/web/header/HeaderWriter.java
index 5ef940a6ec..cf4b1945eb 100644
--- a/web/src/main/java/org/springframework/security/web/header/HeaderWriter.java
+++ b/web/src/main/java/org/springframework/security/web/header/HeaderWriter.java
@@ -21,10 +21,10 @@ import javax.servlet.http.HttpServletResponse;
 /**
  * Contract for writing headers to a {@link HttpServletResponse}
  *
- * @see HeaderWriterFilter
  * @author Marten Deinum
  * @author Rob Winch
  * @since 3.2
+ * @see HeaderWriterFilter
  */
 public interface HeaderWriter {
 
diff --git a/web/src/main/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriter.java b/web/src/main/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriter.java
index d230e236d6..e761f41299 100644
--- a/web/src/main/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriter.java
+++ b/web/src/main/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriter.java
@@ -61,7 +61,7 @@ public final class ClearSiteDataHeaderWriter implements HeaderWriter {
 	 * request is secure as per the <b>Incomplete Clearing</b> section.
 	 * </p>
 	 * @param directives (i.e. "cache", "cookies", "storage", "executionContexts" or "*")
-	 * @throws {@link IllegalArgumentException} if sources is null or empty.
+	 * @throws IllegalArgumentException if sources is null or empty.
 	 */
 	public ClearSiteDataHeaderWriter(Directive... directives) {
 		Assert.notEmpty(directives, "directives cannot be empty or null");
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java b/web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java
index 9e020cb5a8..6dc09a05cb 100644
--- a/web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java
@@ -35,8 +35,8 @@ import java.io.IOException;
  * registered with {@link CookieMixin} but you can also use it with your own mixin.
  *
  * @author Jitendra Singh
- * @see CookieMixin
  * @since 4.2
+ * @see CookieMixin
  */
 class CookieDeserializer extends JsonDeserializer<Cookie> {
 
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/PreAuthenticatedAuthenticationTokenDeserializer.java b/web/src/main/java/org/springframework/security/web/jackson2/PreAuthenticatedAuthenticationTokenDeserializer.java
index 37d796b488..0b1ded683a 100644
--- a/web/src/main/java/org/springframework/security/web/jackson2/PreAuthenticatedAuthenticationTokenDeserializer.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/PreAuthenticatedAuthenticationTokenDeserializer.java
@@ -41,8 +41,8 @@ import com.fasterxml.jackson.databind.node.MissingNode;
  * your own mixin class.
  *
  * @author Jitendra Singh
- * @see PreAuthenticatedAuthenticationTokenMixin
  * @since 4.2
+ * @see PreAuthenticatedAuthenticationTokenMixin
  */
 class PreAuthenticatedAuthenticationTokenDeserializer extends JsonDeserializer<PreAuthenticatedAuthenticationToken> {
 
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java
index 8a19a7d584..49d1d21039 100644
--- a/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java
@@ -37,8 +37,8 @@ import com.fasterxml.jackson.databind.module.SimpleModule;
  * of all security modules.</b>
  *
  * @author Jitendra Singh
- * @see SecurityJackson2Modules
  * @since 4.2
+ * @see SecurityJackson2Modules
  */
 public class WebJackson2Module extends SimpleModule {
 
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
index 8e71d6c007..1727edf74c 100644
--- a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
+++ b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
@@ -41,8 +41,8 @@ import com.fasterxml.jackson.databind.module.SimpleModule;
  * of all security modules.</b>
  *
  * @author Boris Finkelshteyn
- * @see SecurityJackson2Modules
  * @since 5.1
+ * @see SecurityJackson2Modules
  */
 public class WebServletJackson2Module extends SimpleModule {
 
diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
index b21a7b4a09..33ab29fab5 100644
--- a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java
@@ -86,8 +86,8 @@ import java.util.Optional;
  * </pre>
  *
  * @author Artur Otrzonsek
- * @see SwitchUserGrantedAuthority
  * @since 5.4
+ * @see SwitchUserGrantedAuthority
  */
 public class SwitchUserWebFilter implements WebFilter {
 
diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/ServerCsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/server/csrf/ServerCsrfTokenRepository.java
index aa834a8253..85871853dd 100644
--- a/web/src/main/java/org/springframework/security/web/server/csrf/ServerCsrfTokenRepository.java
+++ b/web/src/main/java/org/springframework/security/web/server/csrf/ServerCsrfTokenRepository.java
@@ -23,9 +23,9 @@ import reactor.core.publisher.Mono;
  * associated to the {@link ServerWebExchange}. For example, it may be stored in
  * {@link org.springframework.web.server.WebSession}.
  *
- * @see WebSessionServerCsrfTokenRepository
  * @author Rob Winch
  * @since 5.0
+ * @see WebSessionServerCsrfTokenRepository
  *
  */
 public interface ServerCsrfTokenRepository {
diff --git a/web/src/main/java/org/springframework/security/web/server/jackson2/WebServerJackson2Module.java b/web/src/main/java/org/springframework/security/web/server/jackson2/WebServerJackson2Module.java
index dea20278de..20f7616275 100644
--- a/web/src/main/java/org/springframework/security/web/server/jackson2/WebServerJackson2Module.java
+++ b/web/src/main/java/org/springframework/security/web/server/jackson2/WebServerJackson2Module.java
@@ -34,8 +34,8 @@ import org.springframework.security.web.server.csrf.DefaultCsrfToken;
  * of all security modules.</b>
  *
  * @author Boris Finkelshteyn
- * @see SecurityJackson2Modules
  * @since 5.1
+ * @see SecurityJackson2Modules
  */
 public class WebServerJackson2Module extends SimpleModule {
 
diff --git a/web/src/main/java/org/springframework/security/web/servletapi/HttpServlet3RequestFactory.java b/web/src/main/java/org/springframework/security/web/servletapi/HttpServlet3RequestFactory.java
index 1fcd137bbf..09b80e2716 100644
--- a/web/src/main/java/org/springframework/security/web/servletapi/HttpServlet3RequestFactory.java
+++ b/web/src/main/java/org/springframework/security/web/servletapi/HttpServlet3RequestFactory.java
@@ -140,7 +140,7 @@ final class HttpServlet3RequestFactory implements HttpServletRequestFactory {
 	 * If the value is null (default), the default container behavior will be retained
 	 * when invoking {@link HttpServletRequest#logout()}.
 	 * </p>
-	 * @param logoutHandlers the {@link List<LogoutHandler>}s when invoking
+	 * @param logoutHandlers the {@code List<LogoutHandler>}s when invoking
 	 * {@link HttpServletRequest#logout()}.
 	 */
 	public void setLogoutHandlers(List<LogoutHandler> logoutHandlers) {
diff --git a/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java b/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java
index 518352bf1f..6fa6aec689 100644
--- a/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java
+++ b/web/src/main/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.java
@@ -41,11 +41,11 @@ import org.springframework.util.Assert;
  * <li>{@link HttpServletRequestWrapper#getRemoteUser()}.</li>
  * </ul>
  *
- * @see SecurityContextHolderAwareRequestFilter
  * @author Orlando Garcia Carmona
  * @author Ben Alex
  * @author Luke Taylor
  * @author Rob Winch
+ * @see SecurityContextHolderAwareRequestFilter
  */
 public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequestWrapper {
 
diff --git a/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java b/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java
index 9166e175f3..307c1c9190 100644
--- a/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java
+++ b/web/src/main/java/org/springframework/security/web/util/OnCommittedResponseWrapper.java
@@ -28,8 +28,8 @@ import javax.servlet.http.HttpServletResponseWrapper;
  * Base class for response wrappers which encapsulate the logic for handling an event when
  * the {@link javax.servlet.http.HttpServletResponse} is committed.
  *
- * @since 4.0.2
  * @author Rob Winch
+ * @since 4.0.2
  */
 public abstract class OnCommittedResponseWrapper extends HttpServletResponseWrapper {
 
diff --git a/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java b/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java
index 50711b3307..c272f7c576 100755
--- a/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java
+++ b/web/src/main/java/org/springframework/security/web/util/ThrowableAnalyzer.java
@@ -71,7 +71,7 @@ public class ThrowableAnalyzer {
 	};
 
 	/**
-	 * Map of registered cause extractors. key: Class<Throwable>; value:
+	 * Map of registered cause extractors. key: Class&lt;Throwable&gt;; value:
 	 * ThrowableCauseExctractor
 	 */
 	private final Map<Class<? extends Throwable>, ThrowableCauseExtractor> extractorMap;
diff --git a/web/src/test/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandlerTests.java b/web/src/test/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandlerTests.java
index 393278683d..716c164db1 100644
--- a/web/src/test/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandlerTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/logout/HeaderWriterLogoutHandlerTests.java
@@ -32,7 +32,7 @@ import static org.mockito.Mockito.verify;
 /**
  * @author Rafiullah Hamedy
  * @author Josh Cummings
- * @see {@link HeaderWriterLogoutHandler}
+ * @see HeaderWriterLogoutHandler
  */
 public class HeaderWriterLogoutHandlerTests {
 
diff --git a/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java b/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java
index 775ba32252..412a63f81e 100644
--- a/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java
@@ -386,7 +386,7 @@ public class CsrfFilterTests {
 	private static class CsrfTokenAssert extends AbstractObjectAssert<CsrfTokenAssert, CsrfToken> {
 
 		/**
-		 * Creates a new </code>{@link ObjectAssert}</code>.
+		 * Creates a new {@link ObjectAssert}.
 		 * @param actual the target to verify.
 		 */
 		protected CsrfTokenAssert(CsrfToken actual) {
diff --git a/web/src/test/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriterTests.java
index 91baa9a62b..46be30a595 100644
--- a/web/src/test/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriterTests.java
+++ b/web/src/test/java/org/springframework/security/web/header/writers/ClearSiteDataHeaderWriterTests.java
@@ -33,7 +33,7 @@ import static org.springframework.security.web.header.writers.ClearSiteDataHeade
 /**
  * @author Rafiullah Hamedy
  * @author Josh Cummings
- * @see {@link ClearSiteDataHeaderWriter}
+ * @see ClearSiteDataHeaderWriter
  */
 public class ClearSiteDataHeaderWriterTests {