From 85b48f83923a2f3c1482edc1a9d6daac6ea9a749 Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Wed, 19 Mar 2025 17:34:35 -0600 Subject: [PATCH] Deprecate AccessDecisionManager Closes gh-11302 --- .../authentication/InsufficientAuthenticationException.java | 6 +++--- .../org/springframework/security/core/GrantedAuthority.java | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java index f475934927..5ffe8ee769 100644 --- a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java +++ b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java @@ -24,9 +24,9 @@ import org.springframework.security.core.AuthenticationException; * Thrown if an authentication request is rejected because the credentials are not * sufficiently trusted. *
- * {@link org.springframework.security.access.AccessDecisionVoter}s will typically throw - * this exception if they are dissatisfied with the level of the authentication, such as - * if performed using a remember-me mechanism or anonymously. The + * {@link org.springframework.security.authorization.AuthorizationManager}s will typically + * throw this exception if they are dissatisfied with the level of the authentication, + * such as if performed using a remember-me mechanism or anonymously. The * {@code ExceptionTranslationFilter} will then typically cause the * {@code AuthenticationEntryPoint} to be called, allowing the principal to authenticate * with a stronger level of authentication. diff --git a/core/src/main/java/org/springframework/security/core/GrantedAuthority.java b/core/src/main/java/org/springframework/security/core/GrantedAuthority.java index 463bf5432f..143b254b85 100644 --- a/core/src/main/java/org/springframework/security/core/GrantedAuthority.java +++ b/core/src/main/java/org/springframework/security/core/GrantedAuthority.java @@ -18,14 +18,14 @@ package org.springframework.security.core; import java.io.Serializable; -import org.springframework.security.access.AccessDecisionManager; +import org.springframework.security.authorization.AuthorizationManager; /** * Represents an authority granted to an {@link Authentication} object. * *
* A GrantedAuthority
must either represent itself as a String
- * or be specifically supported by an {@link AccessDecisionManager}.
+ * or be specifically supported by an {@link AuthorizationManager}.
*
* @author Ben Alex
*/
@@ -34,7 +34,7 @@ public interface GrantedAuthority extends Serializable {
/**
* If the GrantedAuthority
can be represented as a String
* and that String
is sufficient in precision to be relied upon for an
- * access control decision by an {@link AccessDecisionManager} (or delegate), this
+ * access control decision by an {@link AuthorizationManager} (or delegate), this
* method should return such a String
.
*
* If the GrantedAuthority
cannot be expressed with sufficient precision