From febe5e6ddf3b62f0c5ac9abbaa3df0d7f65b851f Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Mon, 2 Sep 2024 02:09:59 +0700 Subject: [PATCH] docs: update --- docs/modules/ROOT/pages/servlet/architecture.adoc | 2 +- docs/modules/ROOT/pages/servlet/authentication/logout.adoc | 2 +- .../pages/servlet/authorization/authorize-http-requests.adoc | 2 +- .../ROOT/pages/servlet/authorization/method-security.adoc | 2 +- docs/modules/ROOT/pages/servlet/getting-started.adoc | 2 +- docs/spring-security-docs.gradle | 4 ++-- gradle.properties | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/architecture.adoc b/docs/modules/ROOT/pages/servlet/architecture.adoc index 657cbc552c..95954ffb5f 100644 --- a/docs/modules/ROOT/pages/servlet/architecture.adoc +++ b/docs/modules/ROOT/pages/servlet/architecture.adoc @@ -372,7 +372,7 @@ You can also use `HttpSecurity#addFilterAfter` to add the filter after a particu And that's it, now the `TenantFilter` will be invoked in the filter chain and will check if the current user has access to the tenant id. -Be careful when you declare your filter as a Spring bean, either by annotating it with `@Component` or by declaring it as a bean in your configuration, because Spring Boot will automatically {spring-boot-reference-url}web.html#web.servlet.embedded-container.servlets-filters-listeners.beans[register it with the embedded container]. +Be careful when you declare your filter as a Spring bean, either by annotating it with `@Component` or by declaring it as a bean in your configuration, because Spring Boot will automatically {spring-boot-reference-url}reference/web/servlet.html#web.servlet.embedded-container.servlets-filters-listeners.beans[register it with the embedded container]. That may cause the filter to be invoked twice, once by the container and once by Spring Security and in a different order. If you still want to declare your filter as a Spring bean to take advantage of dependency injection for example, and avoid the duplicate invocation, you can tell Spring Boot to not register it with the container by declaring a `FilterRegistrationBean` bean and setting its `enabled` property to `false`: diff --git a/docs/modules/ROOT/pages/servlet/authentication/logout.adoc b/docs/modules/ROOT/pages/servlet/authentication/logout.adoc index 45289c2ed5..81831928ac 100644 --- a/docs/modules/ROOT/pages/servlet/authentication/logout.adoc +++ b/docs/modules/ROOT/pages/servlet/authentication/logout.adoc @@ -19,7 +19,7 @@ The rest of this section covers a number of use cases for you to consider: [[logout-java-configuration]] == Understanding Logout's Architecture -When you include {spring-boot-reference-url}using.html#using.build-systems.starters[the `spring-boot-starter-security` dependency] or use the `@EnableWebSecurity` annotation, Spring Security will add its logout support and by default respond both to `GET /logout` and `POST /logout`. +When you include {spring-boot-reference-url}reference/using/build-systems.html#using.build-systems.starters[the `spring-boot-starter-security` dependency] or use the `@EnableWebSecurity` annotation, Spring Security will add its logout support and by default respond both to `GET /logout` and `POST /logout`. If you request `GET /logout`, then Spring Security displays a logout confirmation page. Aside from providing a valuable double-checking mechanism for the user, it also provides a simple way to provide xref:servlet/exploits/csrf.adoc[the needed CSRF token] to `POST /logout`. diff --git a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc index bbdd8474d6..391eb73379 100644 --- a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc +++ b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc @@ -124,7 +124,7 @@ In this case, authorization happens twice; once for authorizing `/endpoint` and For that reason, you may want to <>. -Another example of this principle is {spring-boot-reference-url}web.html#web.servlet.spring-mvc.error-handling[how Spring Boot handles errors]. +Another example of this principle is {spring-boot-reference-url}reference/web/servlet.html#web.servlet.spring-mvc.error-handling[how Spring Boot handles errors]. If the container catches an exception, say like the following: .Sample Erroring Spring MVC Controller diff --git a/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc b/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc index 883b4f8185..0ab024a3d3 100644 --- a/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc +++ b/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc @@ -35,7 +35,7 @@ Xml:: Then, you are immediately able to annotate any Spring-managed class or method with <>, <>, <>, and <> to authorize method invocations, including the input parameters and return values. [NOTE] -{spring-boot-reference-url}using.html#using.build-systems.starters[Spring Boot Starter Security] does not activate method-level authorization by default. +{spring-boot-reference-url}reference/using/build-systems.html#using.build-systems.starters[Spring Boot Starter Security] does not activate method-level authorization by default. Method Security supports many other use cases as well including <>, <>, and several configuration points. Consider learning about the following use cases: diff --git a/docs/modules/ROOT/pages/servlet/getting-started.adoc b/docs/modules/ROOT/pages/servlet/getting-started.adoc index 896511c380..4fecd048b1 100644 --- a/docs/modules/ROOT/pages/servlet/getting-started.adoc +++ b/docs/modules/ROOT/pages/servlet/getting-started.adoc @@ -17,7 +17,7 @@ You first need to add Spring Security to your application's classpath; two ways [[servlet-hello-starting]] == Starting Hello Spring Security Boot -With Spring Security <>, you can now {spring-boot-reference-url}#using.running-your-application[run the Spring Boot application]. +With Spring Security <>, you can now {spring-boot-reference-url}reference/using/running-your-application.html[run the Spring Boot application]. The following snippet shows some of the output that indicates that Spring Security is enabled in your application: .Running Spring Boot Application diff --git a/docs/spring-security-docs.gradle b/docs/spring-security-docs.gradle index fdd01e80b0..1658bf0439 100644 --- a/docs/spring-security-docs.gradle +++ b/docs/spring-security-docs.gradle @@ -56,8 +56,8 @@ def generateAttributes() { def securityReferenceUrl = "$securityDocsUrl/reference/html5/" def springFrameworkApiUrl = "https://docs.spring.io/spring-framework/docs/$springFrameworkVersion/javadoc-api/" def springFrameworkReferenceUrl = "https://docs.spring.io/spring-framework/reference/$springFrameworkVersion/" - def springBootReferenceUrl = "https://docs.spring.io/spring-boot/docs/$springBootVersion/reference/html/" - def springBootApiUrl = "https://docs.spring.io/spring-boot/docs/$springBootVersion/api/" + def springBootReferenceUrl = "https://docs.spring.io/spring-boot/$springBootVersion/" + def springBootApiUrl = "https://docs.spring.io/spring-boot/$springBootVersion/api/java/" return ['gh-old-samples-url': ghOldSamplesUrl.toString(), 'gh-samples-url': ghSamplesUrl.toString(), diff --git a/gradle.properties b/gradle.properties index b704b308ab..b56058f98a 100644 --- a/gradle.properties +++ b/gradle.properties @@ -14,7 +14,7 @@ # limitations under the License. # -springBootVersion=3.1.1 +springBootVersion=3.3.3 version=6.4.0-SNAPSHOT samplesBranch=main org.gradle.jvmargs=-Xmx3g -XX:+HeapDumpOnOutOfMemoryError