Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-25 11:43:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix some list punctuation and capitalization in docs

Browse Source
This commit is contained in:
Dmitriy Bogdanov 2021-09-15 13:37:26 +04:00 committed by Josh Cummings
parent 31a8f8c4df
commit fe274e7553
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/manual/src/docs/asciidoc/_includes/about/authentication/password-storage.adoc
View File

@ -55,7 +55,7 @@ Based upon the <<authentication-password-storage-history,Password History>> sect
However, this ignores three real world problems: However, this ignores three real world problems:
- There are many applications using old password encodings that cannot easily migrate - There are many applications using old password encodings that cannot easily migrate
- The best practice for password storage will change again. - The best practice for password storage will change again
- As a framework Spring Security cannot make breaking changes frequently - As a framework Spring Security cannot make breaking changes frequently
Instead Spring Security introduces `DelegatingPasswordEncoder` which solves all of the problems by: Instead Spring Security introduces `DelegatingPasswordEncoder` which solves all of the problems by:

2
docs/manual/src/docs/asciidoc/_includes/servlet/authentication/architecture/authentication.adoc
View File

@ -12,7 +12,7 @@ The `Authentication` contains:
* `principal` - identifies the user. * `principal` - identifies the user.
When authenticating with a username/password this is often an instance of <<servlet-authentication-userdetails,`UserDetails`>>. When authenticating with a username/password this is often an instance of <<servlet-authentication-userdetails,`UserDetails`>>.
* `credentials` - Often a password. * `credentials` - often a password.
In many cases this will be cleared after the user is authenticated to ensure it is not leaked. In many cases this will be cleared after the user is authenticated to ensure it is not leaked.
* `authorities` - the <<servlet-authentication-granted-authority,``GrantedAuthority``s>> are high level permissions the user is granted. * `authorities` - the <<servlet-authentication-granted-authority,``GrantedAuthority``s>> are high level permissions the user is granted.
A few examples are roles or scopes. A few examples are roles or scopes.

16
docs/manual/src/docs/asciidoc/_includes/servlet/authentication/index.adoc
View File

@ -10,12 +10,12 @@ This section discusses:
This section describes the main architectural components of Spring Security's used in Servlet authentication. This section describes the main architectural components of Spring Security's used in Servlet authentication.
If you need concrete flows that explain how these pieces fit together, look at the <<servlet-authentication-mechanisms,Authentication Mechanism>> specific sections. If you need concrete flows that explain how these pieces fit together, look at the <<servlet-authentication-mechanisms,Authentication Mechanism>> specific sections.
* <<servlet-authentication-securitycontextholder>> - The `SecurityContextHolder` is where Spring Security stores the details of who is <<authentication,authenticated>>. * <<servlet-authentication-securitycontextholder>> - the `SecurityContextHolder` is where Spring Security stores the details of who is <<authentication,authenticated>>.
* <<servlet-authentication-securitycontext>> - is obtained from the `SecurityContextHolder` and contains the `Authentication` of the currently authenticated user. * <<servlet-authentication-securitycontext>> - is obtained from the `SecurityContextHolder` and contains the `Authentication` of the currently authenticated user.
* <<servlet-authentication-authentication>> - Can be the input to `AuthenticationManager` to provide the credentials a user has provided to authenticate or the current user from the `SecurityContext`. * <<servlet-authentication-authentication>> - can be the input to `AuthenticationManager` to provide the credentials a user has provided to authenticate or the current user from the `SecurityContext`.
* <<servlet-authentication-granted-authority>> - An authority that is granted to the principal on the `Authentication` (i.e. roles, scopes, etc.) * <<servlet-authentication-granted-authority>> - an authority that is granted to the principal on the `Authentication` (i.e. roles, scopes, etc.)
* <<servlet-authentication-authenticationmanager>> - the API that defines how Spring Security's Filters perform <<authentication,authentication>>. * <<servlet-authentication-authenticationmanager>> - the API that defines how Spring Security's Filters perform <<authentication,authentication>>.
* <<servlet-authentication-providermanager>> - the most common implementation of `AuthenticationManager`. * <<servlet-authentication-providermanager>> - the most common implementation of `AuthenticationManager`.
* <<servlet-authentication-authenticationprovider>> - used by `ProviderManager` to perform a specific type of authentication. * <<servlet-authentication-authenticationprovider>> - used by `ProviderManager` to perform a specific type of authentication.
* <<servlet-authentication-authenticationentrypoint>> - used for requesting credentials from a client (i.e. redirecting to a log in page, sending a `WWW-Authenticate` response, etc.) * <<servlet-authentication-authenticationentrypoint>> - used for requesting credentials from a client (i.e. redirecting to a log in page, sending a `WWW-Authenticate` response, etc.)
* <<servlet-authentication-abstractprocessingfilter>> - a base `Filter` used for authentication. * <<servlet-authentication-abstractprocessingfilter>> - a base `Filter` used for authentication.
@ -30,10 +30,10 @@ This also gives a good idea of the high level flow of authentication and how pie
* <<oauth2login,OAuth 2.0 Login>> - OAuth 2.0 Log In with OpenID Connect and non-standard OAuth 2.0 Login (i.e. GitHub) * <<oauth2login,OAuth 2.0 Login>> - OAuth 2.0 Log In with OpenID Connect and non-standard OAuth 2.0 Login (i.e. GitHub)
* <<servlet-saml2,SAML 2.0 Login>> - SAML 2.0 Log In * <<servlet-saml2,SAML 2.0 Login>> - SAML 2.0 Log In
* <<servlet-cas,Central Authentication Server (CAS)>> - Central Authentication Server (CAS) Support * <<servlet-cas,Central Authentication Server (CAS)>> - Central Authentication Server (CAS) Support
* <<servlet-rememberme, Remember Me>> - How to remember a user past session expiration * <<servlet-rememberme, Remember Me>> - how to remember a user past session expiration
* <<servlet-jaas, JAAS Authentication>> - Authenticate with JAAS * <<servlet-jaas, JAAS Authentication>> - authenticate with JAAS
* <<servlet-openid,OpenID>> - OpenID Authentication (not to be confused with OpenID Connect) * <<servlet-openid,OpenID>> - OpenID Authentication (not to be confused with OpenID Connect)
* <<servlet-preauth>> - Authenticate with an external mechanism such as https://www.siteminder.com/[SiteMinder] or Java EE security but still use Spring Security for authorization and protection against common exploits. * <<servlet-preauth>> - authenticate with an external mechanism such as https://www.siteminder.com/[SiteMinder] or Java EE security but still use Spring Security for authorization and protection against common exploits.
* <<servlet-x509,X509 Authentication>> - X509 Authentication * <<servlet-x509,X509 Authentication>> - X509 Authentication
// FIXME: Add other mechanisms // FIXME: Add other mechanisms