SEC-1725: Update docs to remove references to filter-chain-map.

2025-06-26 05:42:31 +00:00 · 2011-04-25 23:38:44 +01:00 · 2011-04-25 23:38:44 +01:00 · c4a1ce9f1a
commit c4a1ce9f1a
parent b5924db74d
3 changed files with 32 additions and 25 deletions
--- a/config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
+++ b/config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
@ -53,11 +53,11 @@
    <bean id="filterChain" class="org.springframework.security.web.FilterChainProxy">
        <constructor-arg>
-           <util:list>
+           <list>
               <sec:filter-chain request-matcher-ref="fooMatcher" filters="mockFilter"/>
               <sec:filter-chain pattern="/some/other/path/**" filters="mockFilter"/>
               <sec:filter-chain pattern="/do/not/filter" filters="none"/>
-           </util:list>
+           </list>
        </constructor-arg>
    </bean>
--- a/docs/manual/src/docbook/core-filters.xml
+++ b/docs/manual/src/docbook/core-filters.xml
@ -36,8 +36,8 @@
        <para>The <classname>FilterSecurityInterceptor</classname> can be configured with
            configuration attributes in two ways. The first, which is shown above, is using the
            <literal>&lt;filter-security-metadata-source&gt;</literal> namespace element. This is
-            similar to the <literal>&lt;filter-chain-map&gt;</literal> used to configure a
+            similar to the <literal>&lt;http&gt;</literal> element from the namespace chapter
-            <classname>FilterChainProxy</classname> but the <literal>&lt;intercept-url&gt;</literal>
+            but the <literal>&lt;intercept-url&gt;</literal>
            child elements only use the <literal>pattern</literal> and <literal>access</literal>
            attributes. Commas are used to delimit the different configuration attributes that apply
            to each HTTP URL. The second option is to write your own
--- a/docs/manual/src/docbook/security-filter-chain.xml
+++ b/docs/manual/src/docbook/security-filter-chain.xml
@ -63,7 +63,8 @@
            <quote>filterChainProxy</quote>. The filter chain is then declared in the application
            context with the same bean name. Here's an example: <programlisting language="xml"><![CDATA[
 <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
-  <sec:filter-chain-map path-type="ant">
+  <constructor-arg>
    <list>
      <sec:filter-chain pattern="/restful/**" filters="
           securityContextPersistenceFilterWithASCFalse,
           basicAuthenticationFilter,
@ -74,21 +75,27 @@
           formLoginFilter,
           exceptionTranslationFilter,
           filterSecurityInterceptor" />
-  </sec:filter-chain-map>
+    </list>
  </constructor-arg>
 </bean>
 ]]>
-            </programlisting> The namespace element <literal>filter-chain-map</literal> is used for convenience
+            </programlisting> The namespace element <literal>filter-chain</literal> is used for convenience
-            to set up the security filter chain(s) which are required within the application<footnote>
+            to set up the security filter chain(s) which are required within the application.
-            <para>Note that you'll need to include the security namespace in your application
+            <footnote><para>Note that you'll need to include the security namespace in your application
-                context XML file in order to use this syntax.</para>
+                context XML file in order to use this syntax. The older syntax which used a
-            </footnote>. It maps a particular URL pattern to a chain of filters built up from the
+                <literal>filter-chain-map</literal> is still supported, but is deprecated in favour of
-            bean names specified in the <literal>filters</literal> element. Both regular expressions
+                the constructor argument injection.</para>
-            and Ant Paths are supported, and the most specific URIs appear first. At runtime the
+            </footnote>. It maps a particular URL pattern to a list of filters built up from the
-            <classname>FilterChainProxy</classname> will locate the first URI pattern that matches
+            bean names specified in the <literal>filters</literal> element, and combines them in
-            the current web request and the list of filter beans specified by the
+            a bean of type <classname>SecurityFilterChain</classname>. The <literal>pattern</literal>
-            <literal>filters</literal> attribute will be applied to that request. The filters will
+            attribute takes an Ant Paths and the most specific URIs should appear first
-            be invoked in the order they are defined, so you have complete control over the filter
+            <footnote><para>Instead of a path pattern, the <literal>request-matcher-ref</literal> attribute
-            chain which is applied to a particular URL.</para>
+            can be used to specify a <interfacename>RequestMatcher</interfacename> instance for more powerful
            matching</para></footnote>. At runtime the <classname>FilterChainProxy</classname> will
            locate the first URI pattern that matches the current web request and the list of filter beans
            specified by the <literal>filters</literal> attribute will be applied to that request.
            The filters will be invoked in the order they are defined, so you have complete control
            over the filter chain which is applied to a particular URL.</para>
        <para>You may have noticed we have declared two
            <classname>SecurityContextPersistenceFilter</classname>s in the filter chain
            (<literal>ASC</literal> is short for <literal>allowSessionCreation</literal>, a property