root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Address XsdDocumentedTests Errors 

Issue gh-16775
This commit is contained in:
Josh Cummings 2025-03-19 16:39:02 -06:00
parent 0091cf697c
commit a884c3c906
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
3 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/src/main/resources/org/springframework/security/config/spring-security-6.5.rnc
View File

@ -346,6 +346,7 @@ http.attlist &=
## Allows a RequestMatcher instance to be used, as an alternative to pattern-matching.
attribute request-matcher-ref { xsd:token }?
http.attlist &=
## Optional attribute specifying the ID of the RequestMatcher implementation used to decide whether to redirect a request to HTTPS
attribute redirect-to-https-request-matcher-ref { xsd:token }?
http.attlist &=
## A legacy attribute which automatically registers a login form, BASIC authentication and a logout URL and logout services. If unspecified, defaults to "false". We'd recommend you avoid using this and instead explicitly configure the services you require.
@ -1351,4 +1352,4 @@ position =
## The explicit position at which the custom-filter should be placed in the chain. Use if you are replacing a standard filter.
attribute position {named-security-filter}
named-security-filter = "FIRST" | "DISABLE_ENCODE_URL_FILTER" | "FORCE_EAGER_SESSION_FILTER" | "CHANNEL_FILTER" | "SECURITY_CONTEXT_FILTER" | "CONCURRENT_SESSION_FILTER" | "WEB_ASYNC_MANAGER_FILTER" | "HEADERS_FILTER" | "CORS_FILTER" | "SAML2_LOGOUT_REQUEST_FILTER" | "SAML2_LOGOUT_RESPONSE_FILTER" | "CSRF_FILTER" | "SAML2_LOGOUT_FILTER" | "LOGOUT_FILTER" | "OAUTH2_AUTHORIZATION_REQUEST_FILTER" | "SAML2_AUTHENTICATION_REQUEST_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "OAUTH2_LOGIN_FILTER" | "SAML2_AUTHENTICATION_FILTER" | "FORM_LOGIN_FILTER" | "DEFAULT_RESOURCES_FILTER" | "LOGIN_PAGE_FILTER" | "LOGOUT_PAGE_FILTER" | "DIGEST_AUTH_FILTER" | "BEARER_TOKEN_AUTH_FILTER" | "BASIC_AUTH_FILTER" | "REQUEST_CACHE_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "JAAS_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "OAUTH2_AUTHORIZATION_CODE_GRANT_FILTER" | "WELL_KNOWN_CHANGE_PASSWORD_REDIRECT_FILTER" | "SESSION_MANAGEMENT_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST"
named-security-filter = "FIRST" | "DISABLE_ENCODE_URL_FILTER" | "FORCE_EAGER_SESSION_FILTER" | "CHANNEL_FILTER" | "HTTPS_REDIRECT_FILTER" | "SECURITY_CONTEXT_FILTER" | "CONCURRENT_SESSION_FILTER" | "WEB_ASYNC_MANAGER_FILTER" | "HEADERS_FILTER" | "CORS_FILTER" | "SAML2_LOGOUT_REQUEST_FILTER" | "SAML2_LOGOUT_RESPONSE_FILTER" | "CSRF_FILTER" | "SAML2_LOGOUT_FILTER" | "LOGOUT_FILTER" | "OAUTH2_AUTHORIZATION_REQUEST_FILTER" | "SAML2_AUTHENTICATION_REQUEST_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_FILTER" | "OAUTH2_LOGIN_FILTER" | "SAML2_AUTHENTICATION_FILTER" | "FORM_LOGIN_FILTER" | "DEFAULT_RESOURCES_FILTER" | "LOGIN_PAGE_FILTER" | "LOGOUT_PAGE_FILTER" | "DIGEST_AUTH_FILTER" | "BEARER_TOKEN_AUTH_FILTER" | "BASIC_AUTH_FILTER" | "REQUEST_CACHE_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "JAAS_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "OAUTH2_AUTHORIZATION_CODE_GRANT_FILTER" | "WELL_KNOWN_CHANGE_PASSWORD_REDIRECT_FILTER" | "SESSION_MANAGEMENT_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER" | "LAST"

9
config/src/main/resources/org/springframework/security/config/spring-security-6.5.xsd
View File

@ -1242,7 +1242,13 @@
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="redirect-to-https-request-matcher-ref" type="xs:token"/>
<xs:attribute name="redirect-to-https-request-matcher-ref" type="xs:token">
<xs:annotation>
<xs:documentation>Optional attribute specifying the ID of the RequestMatcher implementation used to decide
whether to redirect a request to HTTPS
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="auto-config" type="xs:boolean">
<xs:annotation>
<xs:documentation>A legacy attribute which automatically registers a login form, BASIC authentication and a
@ -3789,6 +3795,7 @@
<xs:enumeration value="DISABLE_ENCODE_URL_FILTER"/>
<xs:enumeration value="FORCE_EAGER_SESSION_FILTER"/>
<xs:enumeration value="CHANNEL_FILTER"/>
<xs:enumeration value="HTTPS_REDIRECT_FILTER"/>
<xs:enumeration value="SECURITY_CONTEXT_FILTER"/>
<xs:enumeration value="CONCURRENT_SESSION_FILTER"/>
<xs:enumeration value="WEB_ASYNC_MANAGER_FILTER"/>

2
docs/modules/ROOT/pages/servlet/appendix/namespace/http.adoc
View File

@ -118,7 +118,7 @@ If no pattern is defined, all requests will be matched, so the most specific pat
Sets the realm name used for basic authentication (if enabled).
Corresponds to the `realmName` property on `BasicAuthenticationEntryPoint`.
[[nsa-redirect-to-https-request-matcher-ref]]
[[nsa-http-redirect-to-https-request-matcher-ref]]
* **redirect-to-https-request-matcher-ref**
A reference to a bean that implements `RequestMatcher` that will determine which requests must redirect to HTTPS.
This is helpful when, for example, wanting to run HTTP locally and HTTPS in production using a request header.