Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove Default URLs and Parameters Commentary 

This paragraph was originally there to explain why Spring Security was
moving from the old default URLs and parameters to new ones.

Now that the defaults are the same in XML and well as Java Config, the
explanation is now no longer relevant.

Fixes: gh-5242
This commit is contained in:
Josh Cummings 2018-04-19 08:21:50 -06:00
parent afdefe7b13
commit f8247fa346
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/manual/src/docs/asciidoc/_includes/preface/java-configuration.adoc
View File

@ -167,12 +167,6 @@ The Java Configuration equivalent of closing an XML tag is expressed using the `
If you read the code it also makes sense.
I want to configure authorized requests __and__ configure form login __and__ configure HTTP Basic authentication.
However, Java Configuration has different defaults URLs and parameters.
Keep this in mind when creating custom login pages.
The result is that our URLs are more RESTful.
Additionally, it is not quite so obvious we are using Spring Security which helps to prevent https://www.owasp.org/index.php/Information_Leak_(information_disclosure)[information leaks].
For example:
[[jc-form]]
=== Java Configuration and Form Login
You might be wondering where the login form came from when you were prompted to log in, since we made no mention of any HTML files or JSPs.