- Combined explanation of method attribute with usage recommendations
- Used one sentence per line format
Issue gh-16530
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Closes gh-16530
This aligns the JSP documentation with the changes made in gh-16529.
Added a NOTE to clarify that the method attribute is required when the underlying RequestMatcher is method-specific.
Signed-off-by: onhann <gusgus1467@naver.com>
In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.
Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:
> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.
Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
Replaced `angular.io` links with their corresponding `angular.dev` URLs.
This change ensures that users referencing CSRF documentation are
directed to the most current Angular resources.
Signed-off-by: Michał Sobkiewicz <perceptron8@users.noreply.github.com>
This commit adds a documentation note explaining the importance of
overriding equals() and hashCode() in custom UserDetails implementations.
The default SessionRegistryImpl in Spring Security uses an in-memory
ConcurrentMap<Object, Set<String>>, Map<String,SessionInformation> to
associate principals with sessions. If a custom UserDetails class does
not properly override equals() and hashCode(), user sessions may not
be tracked or matched correctly.
I believe this helps developers avoid subtle session management issues
when implementing custom authentication logic.
Signed-off-by: Gurunathan <129361658+Gurunathan16@users.noreply.github.com>
This adds a dedicated migration guide for users moving from the Spring Security SAML Extension to the built-in SAML 2.0 support.
Includes:
- Content migrated from the project wiki
- xref links for `saml2Login`, `saml2Logout`, and `saml2Metadata`
- Metadata example moved to Examples Matrix
- Cleanup and naming per review feedback
Closes gh-11161
Signed-off-by: snowykte0426 <snowykte0426@naver.com>
Rob Winch