SEC-2782: Polish Migrating from 3 to 4 Guide

2015-03-20 14:14:55 -05:00 · 2015-03-20 14:14:55 -05:00 · b262c198d8
parent a18fa3f1db
commit b262c198d8
2 changed files with 14 additions and 1477 deletions
--- a/docs/manual/src/docs/asciidoc/_includes/migrate-3-to-4.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/migrate-3-to-4.adoc
--- a/docs/manual/src/docs/asciidoc/index.adoc
+++ b/docs/manual/src/docs/asciidoc/index.adoc
@ -428,7 +428,20 @@ is the same as this more concise configuration:
 * https://jira.spring.io/browse/SEC-2790[Deprecate @EnableWebMvcSecurity] - by updating the minimum Spring Version, we can now allow defaulting MVC integration with `@EnableWebSecurity` but still allow it to be overridden


-include::{include-dir}/migrate-3-to-4.adoc[leveloffset=+2]
+[[m3to4]]
+=== Migrating from 3.x to 4.x
+
+As exploits against applications evolve, so must Spring Security.
+As a major release version, the Spring Security team took the opportunity to make some non-passive changes which focus on:
+
+* Ensuring Spring Security is more https://www.owasp.org/index.php/Establish_secure_defaults[secure by default]
+* Minimizing https://www.owasp.org/index.php/Information_Leakage[Information Leakage]
+* Removing deprecated APIs
+
+For complete details on migrating from Spring Security 3 to Spring Security 4 refer to one of the guides below:
+
+* http://docs.spring.io/spring-security/site/migrate/3-to-4/html5/migrate-3-to-4-xml.html[Migrating from Spring Security 3.x to 4.x (XML Configuration)]
+* http://docs.spring.io/spring-security/site/migrate/3-to-4/html5/migrate-3-to-4-jc.html[Migrating from Spring Security 3.x to 4.x (Java Configuration)]

 [[jc]]
 == Java Configuration