SEC-1484: Documentation for some namespace attributes.

2025-03-01 10:59:16 +00:00 · 2010-06-05 17:35:24 +01:00 · 2010-06-05 17:35:24 +01:00 · 8bddc8f820
commit 8bddc8f820
parent 0d94e75a93
3 changed files with 15 additions and 2 deletions
--- a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.rnc
@ -299,7 +299,7 @@ http.attlist &=
    ## Deprecated in favour of the access-denied-handler element.
    attribute access-denied-page {xsd:token}?
 http.attlist &=
-    ##
+    ## Prevents the jsessionid parameter from being added to rendered URLs.
    attribute disable-url-rewriting {boolean}?

 access-denied-handler =
--- a/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.1.xsd
@ -777,7 +777,7 @@
    </xs:attribute>
    <xs:attribute name="disable-url-rewriting" type="security:boolean">
      <xs:annotation>
-        <xs:documentation/>
+        <xs:documentation>Prevents the jsessionid parameter from being added to rendered URLs.</xs:documentation>
      </xs:annotation>
    </xs:attribute>
  </xs:attributeGroup>
--- a/docs/manual/src/docbook/appendix-namespace.xml
+++ b/docs/manual/src/docbook/appendix-namespace.xml
@ -101,6 +101,13 @@
                        <interfacename>AuthenticationEntryPoint</interfacename> bean which will
                    start the authentication process. </para>
            </section>
+            <section xml:id="nsa-security-context-repo-ref">
+                <title><literal>security-context-repository-ref</literal></title>
+                <para>
+                    Allows injection of a custom <interfacename>SecurityContextRepository</interfacename>
+                    into the <classname>SecurityContextPersistenceFilter</classname>.
+                </para>
+            </section>
            <section xml:id="nsa-access-decision-manager-ref">
                <title><literal>access-decision-manager-ref</literal></title>
                <para> Optional attribute specifying the ID of the
@ -143,6 +150,12 @@
                    described in the chapter on <link xlink:href="#el-access-web">expression-based
                        access-control</link>. </para>
            </section>
+            <section xml:id="nsa-disable-url-rewriting">
+                <title><literal>disable-url-rewriting</literal></title>
+                <para>Prevents session IDs from being appended to URLs in the application.
+                    Clients must use cookies if this attribute is set to <literal>true</literal>.
+                </para>
+            </section>
        </section>
        <section xml:id="nsa-access-denied-handler">
            <title><literal>&lt;access-denied-handler></literal></title>