From b5f5665ea638a5a4d53b584defef2557a9353a85 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@vmware.com>
Date: Wed, 29 Jan 2014 09:28:51 -0600
Subject: [PATCH] SEC-2463: CSRF documentation includes EnableWebMvcSecurity

---
 docs/manual/src/asciidoc/index.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/manual/src/asciidoc/index.adoc b/docs/manual/src/asciidoc/index.adoc
index 3832818086..beb8b1725c 100644
--- a/docs/manual/src/asciidoc/index.adoc
+++ b/docs/manual/src/asciidoc/index.adoc
@@ -3140,7 +3140,7 @@ The last step is to ensure that you include the CSRF token in all PATCH, POST, P
 
 [NOTE]
 ====
-If you are using Spring MVC <form:form> tag or http://www.thymeleaf.org/whatsnew21.html#reqdata[Thymeleaf 2.1+], the `CsrfToken` is automatically included for you using the `CsrfRequestDataValueProcessor`.
+If you are using Spring MVC <form:form> tag or http://www.thymeleaf.org/whatsnew21.html#reqdata[Thymeleaf 2.1+], the `CsrfToken` is automatically included for you if you replace `@EnableWebSecurity` with `@EnableWebMvcSecurity` using the `CsrfRequestDataValueProcessor`.
 ====
 
 [[csrf-include-csrf-token-ajax]]