Merge branch '5.7.x' into 5.8.x
This commit is contained in:
commit
b969179b5c
|
@ -207,7 +207,7 @@ The Redirection Endpoint is used by the Authorization Server for returning the A
|
|||
OAuth 2.0 Login leverages the Authorization Code Grant.
|
||||
Therefore, the authorization credential is the authorization code.
|
||||
|
||||
The default Authorization Response redirection endpoint is `/login/oauth2/code/{registrationId}`.
|
||||
The default Authorization Response redirection endpoint is `+/login/oauth2/code/{registrationId}+`.
|
||||
|
||||
If you would like to customize the Authorization Response redirection endpoint, configure it as shown in the following example:
|
||||
|
||||
|
@ -739,5 +739,5 @@ class OAuth2LoginSecurityConfig {
|
|||
----
|
||||
====
|
||||
|
||||
NOTE: `OidcClientInitiatedServerLogoutSuccessHandler` supports the `{baseUrl}` placeholder.
|
||||
NOTE: `OidcClientInitiatedServerLogoutSuccessHandler` supports the `+{baseUrl}+` placeholder.
|
||||
If used, the application's base URL, like `https://app.example.org`, will replace it at request time.
|
||||
|
|
|
@ -188,9 +188,11 @@ The {security-api-url}org/springframework/security/web/context/SecurityContextPe
|
|||
|
||||
image::{figures}/securitycontextpersistencefilter.png[]
|
||||
|
||||
<1> Before running the rest of the application, `SecurityContextPersistenceFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
|
||||
<2> Next, the application is ran.
|
||||
<3> Finally, if the `SecurityContext` has changed, we save the `SecurityContext` using the `SecurityContextPersistenceRepository`.
|
||||
image:{icondir}/number_1.png[] Before running the rest of the application, `SecurityContextPersistenceFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
|
||||
|
||||
image:{icondir}/number_2.png[] Next, the application is ran.
|
||||
|
||||
image:{icondir}/number_3.png[] Finally, if the `SecurityContext` has changed, we save the `SecurityContext` using the `SecurityContextPersistenceRepository`.
|
||||
This means that when using `SecurityContextPersistenceFilter`, just setting the `SecurityContextHolder` will ensure that the `SecurityContext` is persisted using `SecurityContextRepository`.
|
||||
|
||||
In some cases a response is committed and written to the client before the `SecurityContextPersisteneFilter` method completes.
|
||||
|
@ -207,11 +209,12 @@ The {security-api-url}org/springframework/security/web/context/SecurityContextHo
|
|||
|
||||
image::{figures}/securitycontextholderfilter.png[]
|
||||
|
||||
<1> Before running the rest of the application, `SecurityContextHolderFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
|
||||
<2> Next, the application is ran.
|
||||
image:{icondir}/number_1.png[] Before running the rest of the application, `SecurityContextHolderFilter` loads the `SecurityContext` from the `SecurityContextRepository` and sets it on the `SecurityContextHolder`.
|
||||
|
||||
image:{icondir}/number_2.png[] Next, the application is ran.
|
||||
|
||||
Unlike, xref:servlet/authentication/persistence.adoc#securitycontextpersistencefilter[`SecurityContextPersistenceFilter`], `SecurityContextHolderFilter` only loads the `SecurityContext` it does not save the `SecurityContext`.
|
||||
This means that when using `SecurityContextHolderFilter`, it is required that the `SecurityContext` is explicitly saved.
|
||||
|
||||
|
||||
include::partial$servlet/architecture/security-context-explicit.adoc[]
|
||||
include::partial$servlet/architecture/security-context-explicit.adoc[]
|
||||
|
|
|
@ -958,5 +958,5 @@ class OAuth2LoginSecurityConfig {
|
|||
----
|
||||
====
|
||||
|
||||
NOTE: `OidcClientInitiatedLogoutSuccessHandler` supports the `{baseUrl}` placeholder.
|
||||
NOTE: `OidcClientInitiatedLogoutSuccessHandler` supports the `+{baseUrl}+` placeholder.
|
||||
If used, the application's base URL, like `https://app.example.org`, will replace it at request time.
|
||||
|
|
Loading…
Reference in New Issue