Merge branch '5.6.x' into 5.7.x

config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java

@@ -50,7 +50,8 @@ import org.springframework.security.web.csrf.CsrfToken;
  *
  * <h2>Shared Objects Created</h2>
  *
- * No shared objects are created. isLogoutRequest
+ * No shared objects are created.
+ *
  * <h2>Shared Objects Used</h2>
  *
  * The following shared objects are used:

config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java

@@ -49,10 +49,11 @@ import org.springframework.util.Assert;
  * </p>
  *
  * <pre>
- * protected void configure(HttpSecurity http) throws Exception {
- * 	http.apply(new UrlAuthorizationConfigurer&lt;HttpSecurity&gt;()).getRegistry()
- * 			.antMatchers(&quot;/users**&quot;, &quot;/sessions/**&quot;).hasRole(&quot;USER&quot;)
- * 			.antMatchers(&quot;/signup&quot;).hasRole(&quot;ANONYMOUS&quot;).anyRequest().hasRole(&quot;USER&quot;);
+ * &#64;Bean
+ * public SecurityFilterChain filterChain(HttpSecurity http, ApplicationContext context) throws Exception {
+ * 	http.apply(new UrlAuthorizationConfigurer&lt;HttpSecurity&gt;(context)).getRegistry()
+ * 			.requestMatchers(&quot;/users**&quot;, &quot;/sessions/**&quot;).hasRole(&quot;USER&quot;)
+ * 			.requestMatchers(&quot;/signup&quot;).hasRole(&quot;ANONYMOUS&quot;).anyRequest().hasRole(&quot;USER&quot;);
  * }
  * </pre>
  *

docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc

@@ -248,7 +248,7 @@ public class TenantJWSKeySelector
 	}
 
 	private JWSKeySelector<SecurityContext> fromTenant(String tenant) {
-		return Optional.ofNullable(this.tenantRepository.findById(tenant)) <3>
+		return Optional.ofNullable(this.tenants.findById(tenant)) <3>
 		        .map(t -> t.getAttrbute("jwks_uri"))
 				.map(this::fromUri)
 				.orElseThrow(() -> new IllegalArgumentException("unknown tenant"));