Fix links to Spring Security's reference documentation

Closes gh-28407
pull/28436/head
Andy Wilkinson 3 years ago
parent b4e4bfcf14
commit d52b649bd7

@ -228,6 +228,8 @@ tasks.withType(org.asciidoctor.gradle.jvm.AbstractAsciidoctorTask) {
} }
doFirst { doFirst {
def versionConstraints = dependencyVersions.versionConstraints def versionConstraints = dependencyVersions.versionConstraints
def securityVersion = versionConstraints["org.springframework.security:spring-security-core"]
securityVersion = securityVersion.substring(0, securityVersion.lastIndexOf("."))
attributes "embedded-mongo-version": versionConstraints["de.flapdoodle.embed:de.flapdoodle.embed.mongo"], attributes "embedded-mongo-version": versionConstraints["de.flapdoodle.embed:de.flapdoodle.embed.mongo"],
"jetty-version": versionConstraints["org.eclipse.jetty:jetty-server"], "jetty-version": versionConstraints["org.eclipse.jetty:jetty-server"],
"jooq-version": versionConstraints["org.jooq:jooq"], "jooq-version": versionConstraints["org.jooq:jooq"],
@ -247,7 +249,7 @@ tasks.withType(org.asciidoctor.gradle.jvm.AbstractAsciidoctorTask) {
"spring-framework-version": versionConstraints["org.springframework:spring-core"], "spring-framework-version": versionConstraints["org.springframework:spring-core"],
"spring-kafka-version": versionConstraints["org.springframework.kafka:spring-kafka"], "spring-kafka-version": versionConstraints["org.springframework.kafka:spring-kafka"],
"spring-integration-version": versionConstraints["org.springframework.integration:spring-integration-core"], "spring-integration-version": versionConstraints["org.springframework.integration:spring-integration-core"],
"spring-security-version": versionConstraints["org.springframework.security:spring-security-core"], "spring-security-version": securityVersion,
"spring-webservices-version": versionConstraints["org.springframework.ws:spring-ws-core"] "spring-webservices-version": versionConstraints["org.springframework.ws:spring-ws-core"]
} }
} }

@ -368,7 +368,7 @@ This means that the actuator endpoints that require a `POST` (shutdown and logge
NOTE: We recommend disabling CSRF protection completely only if you are creating a service that is used by non-browser clients. NOTE: We recommend disabling CSRF protection completely only if you are creating a service that is used by non-browser clients.
You can find additional information about CSRF protection in the {spring-security-docs}#csrf[Spring Security Reference Guide]. You can find additional information about CSRF protection in the {spring-security-docs}/features/exploits/csrf.html[Spring Security Reference Guide].

@ -86,7 +86,7 @@
:spring-kafka-docs: https://docs.spring.io/spring-kafka/docs/{spring-kafka-version}/reference/html/ :spring-kafka-docs: https://docs.spring.io/spring-kafka/docs/{spring-kafka-version}/reference/html/
:spring-restdocs: https://spring.io/projects/spring-restdocs :spring-restdocs: https://spring.io/projects/spring-restdocs
:spring-security: https://spring.io/projects/spring-security :spring-security: https://spring.io/projects/spring-security
:spring-security-docs: https://docs.spring.io/spring-security/site/docs/{spring-security-version}/reference/html5/ :spring-security-docs: https://docs.spring.io/spring-security/{spring-security-version}
:spring-security-oauth2: https://spring.io/projects/spring-security-oauth :spring-security-oauth2: https://spring.io/projects/spring-security-oauth
:spring-security-oauth2-docs: https://projects.spring.io/spring-security-oauth/docs/oauth2.html :spring-security-oauth2-docs: https://projects.spring.io/spring-security-oauth/docs/oauth2.html
:spring-session: https://spring.io/projects/spring-session :spring-session: https://spring.io/projects/spring-session

@ -15,7 +15,7 @@ If you define a `@Configuration` with a `WebSecurityConfigurerAdapter` or a `Sec
[[howto.security.change-user-details-service-and-add-user-accounts]] [[howto.security.change-user-details-service-and-add-user-accounts]]
=== Change the UserDetailsService and Add User Accounts === Change the UserDetailsService and Add User Accounts
If you provide a `@Bean` of type `AuthenticationManager`, `AuthenticationProvider`, or `UserDetailsService`, the default `@Bean` for `InMemoryUserDetailsManager` is not created. If you provide a `@Bean` of type `AuthenticationManager`, `AuthenticationProvider`, or `UserDetailsService`, the default `@Bean` for `InMemoryUserDetailsManager` is not created.
This means you have the full feature set of Spring Security available (such as {spring-security-docs}#servlet-authentication[various authentication options]). This means you have the full feature set of Spring Security available (such as {spring-security-docs}/servlet/authentication/index.html[various authentication options]).
The easiest way to add user accounts is to provide your own `UserDetailsService` bean. The easiest way to add user accounts is to provide your own `UserDetailsService` bean.

@ -17,7 +17,7 @@ include::{docs-java}/howto/testing/withspringsecurity/MySecurityTests.java[]
Spring Security provides comprehensive integration with Spring MVC Test and this can also be used when testing controllers using the `@WebMvcTest` slice and `MockMvc`. Spring Security provides comprehensive integration with Spring MVC Test and this can also be used when testing controllers using the `@WebMvcTest` slice and `MockMvc`.
For additional details on Spring Security's testing support, refer to Spring Security's {spring-security-docs}#test[reference documentation]). For additional details on Spring Security's testing support, refer to Spring Security's {spring-security-docs}/servlet/test/index.html[reference documentation].

@ -3,7 +3,7 @@
If {spring-security}[Spring Security] is on the classpath, then web applications are secured by default. If {spring-security}[Spring Security] is on the classpath, then web applications are secured by default.
Spring Boot relies on Spring Securitys content-negotiation strategy to determine whether to use `httpBasic` or `formLogin`. Spring Boot relies on Spring Securitys content-negotiation strategy to determine whether to use `httpBasic` or `formLogin`.
To add method-level security to a web application, you can also add `@EnableGlobalMethodSecurity` with your desired settings. To add method-level security to a web application, you can also add `@EnableGlobalMethodSecurity` with your desired settings.
Additional information can be found in the {spring-security-docs}#jc-method[Spring Security Reference Guide]. Additional information can be found in the {spring-security-docs}/servlet/authorization/method-security.html[Spring Security Reference Guide].
The default `UserDetailsService` has a single user. The default `UserDetailsService` has a single user.
The user name is `user`, and the password is random and is printed at INFO level when the application starts, as shown in the following example: The user name is `user`, and the password is random and is printed at INFO level when the application starts, as shown in the following example:

Loading…
Cancel
Save