diff --git a/docs/manual/src/docbook/appendix-namespace.xml b/docs/manual/src/docbook/appendix-namespace.xml
index 90736e1e2f..8240db95e1 100644
--- a/docs/manual/src/docbook/appendix-namespace.xml
+++ b/docs/manual/src/docbook/appendix-namespace.xml
@@ -431,11 +431,20 @@
Similar to <form-login> and has the same attributes. The
default value for login-processing-url is
"/j_spring_openid_security_check". An
- OpenIDAuthenticationFilter and
- OpenIDAuthenticationProvider will be registered. The latter
- requires a reference to a UserDetailsService. Again,
- this can be specified by Id, using the user-service-ref
+ OpenIDAuthenticationFilter and
+ OpenIDAuthenticationProvider will be registered. The
+ latter requires a reference to a UserDetailsService.
+ Again, this can be specified by Id, using the user-service-ref
attribute, or will be located automatically in the application context.
+
+ The <literal><attribute-exchange></literal> Element
+ The attribute-exchange element defines the list of
+ attributes which should be requested from the identity provider. More than one
+ can be used, in which case each must have an identifier-match
+ attribute, containing a regular expression which is matched against the supplied
+ OpenID identifer. This allows different attribute lists to be fetched from
+ different providers (Google, Yahoo etc).
+ The <literal><logout></literal> Element
diff --git a/docs/manual/src/docbook/namespace-config.xml b/docs/manual/src/docbook/namespace-config.xml
index ffcb9d548d..2e1f61be89 100644
--- a/docs/manual/src/docbook/namespace-config.xml
+++ b/docs/manual/src/docbook/namespace-config.xml
@@ -548,20 +548,29 @@
]]>The type of each OpenID attribute is a URI,
determined by a particular schema, in this case http://axschema.org/. If an attribute
- must be retrieved for successful authentication, the required
- attribute can be set. The exact schema and attributes supported will depend on
- your OpenID provider. The attribute values are returned as part of the
- authentication process and can be accessed afterwards using the following code:
+ xlink:href="http://axschema.org/">http://axschema.org/. If an
+ attribute must be retrieved for successful authentication, the
+ required attribute can be set. The exact schema and
+ attributes supported will depend on your OpenID provider. The attribute values
+ are returned as part of the authentication process and can be accessed
+ afterwards using the following code:
OpenIDAuthenticationToken token =
(OpenIDAuthenticationToken)SecurityContextHolder.getContext().getAuthentication();
List<OpenIDAttribute> attributes = token.getAttributes();The
- OpenIDAttribute contains the attribute type and the
+ OpenIDAttribute contains the attribute type and the
retrieved value (or values in the case of multi-valued attributes). We'll see
more about how the SecurityContextHolder class is used
when we look at core Spring Security components in the technical overview chapter.
+ xlink:href="core-components">technical overview chapter. Multiple
+ attribute exchange configurations are also be supported, if you wish to use
+ multiple identity providers. You can supply multiple
+ attribute-exchange elements, using an
+ identifier-matcher attribute on each. This contains a
+ regular expression which will be matched against the OpenID identifier supplied
+ by the user. See the OpenID sample application in the codebase for an example
+ configuration, providing different attribute lists for the Google, Yahoo and
+ MyOpenID providers.