Correct JavaDoc Class Reference

config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java

@@ -67,9 +67,7 @@ public class AuthenticationManagerBuilder
 
 	/**
 	 * Creates a new instance
-	 * @param objectPostProcessor the
-	 * {@link org.springframework.security.config.annotation.ObjectPostProcessor} instance
-	 * to use.
+	 * @param objectPostProcessor the {@link ObjectPostProcessor} instance to use.
 	 */
 	public AuthenticationManagerBuilder(ObjectPostProcessor<Object> objectPostProcessor) {
 		super(objectPostProcessor, true);

config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java

@@ -25,7 +25,6 @@ import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.ObjectPostProcessor;
 import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.authentication.ProviderManagerBuilder;
-import org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
@@ -133,7 +132,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
 	/**
 	 * Adds an {@link ObjectPostProcessor} for this class.
 	 * @param objectPostProcessor
-	 * @return the {@link ChannelSecurityConfigurer} for further customizations
+	 * @return the {@link LdapAuthenticationProviderConfigurer} for further customizations
 	 */
 	public LdapAuthenticationProviderConfigurer<B> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) {
 		addObjectPostProcessor(objectPostProcessor);

config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java

@@ -41,7 +41,6 @@ import org.springframework.http.HttpMethod;
 import org.springframework.lang.Nullable;
 import org.springframework.security.config.ObjectPostProcessor;
 import org.springframework.security.config.annotation.web.ServletRegistrationsSupport.RegistrationMapping;
-import org.springframework.security.config.annotation.web.configurers.AbstractConfigAttributeRequestMatcherRegistry;
 import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.web.util.matcher.AnyRequestMatcher;
@@ -170,7 +169,7 @@ public abstract class AbstractRequestMatcherRegistry<C> {
 
 	/**
 	 * Associates a list of {@link RequestMatcher} instances with the
-	 * {@link AbstractConfigAttributeRequestMatcherRegistry}
+	 * {@link AbstractRequestMatcherRegistry}
 	 * @param requestMatchers the {@link RequestMatcher} instances
 	 * @return the object that is chained after creating the {@link RequestMatcher}
 	 */

config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java

@@ -33,13 +33,6 @@ import org.springframework.security.web.csrf.CsrfToken;
  * Adds a Filter that will generate a login page if one is not specified otherwise when
  * using {@link EnableWebSecurity}.
  *
- * <p>
- * By default an
- * {@link org.springframework.security.web.access.channel.InsecureChannelProcessor} and a
- * {@link org.springframework.security.web.access.channel.SecureChannelProcessor} will be
- * registered.
- * </p>
- *
  * <h2>Security Filters</h2>
  *
  * The following Filters are conditionally populated
@@ -58,8 +51,6 @@ import org.springframework.security.web.csrf.CsrfToken;
  * The following shared objects are used:
  *
  * <ul>
- * <li>{@link org.springframework.security.web.PortMapper} is used to create the default
- * {@link org.springframework.security.web.access.channel.ChannelProcessor} instances</li>
  * <li>{@link FormLoginConfigurer} is used to determine if the
  * {@link DefaultLoginPageConfigurer} should be added and how to configure it.</li>
  * </ul>

messaging/src/main/java/org/springframework/security/messaging/access/intercept/MessageMatcherDelegatingAuthorizationManager.java

@@ -155,9 +155,9 @@ public final class MessageMatcherDelegatingAuthorizationManager implements Autho
 		/**
 		 * Maps a {@link List} of {@link SimpDestinationMessageMatcher} (or
 		 * {@link PathPatternMessageMatcher} if the application has configured a
-		 * {@link org.springframework.security.messaging.util.matcher.PathPatternMessageMatcherBuilderFactoryBean})
-		 * instances without regard to the {@link SimpMessageType}. If no destination is
-		 * found on the Message, then the Matcher returns false.
+		 * {@link PathPatternMessageMatcher.Builder} bean) instances without regard to the
+		 * {@link SimpMessageType}. If no destination is found on the Message, then the
+		 * Matcher returns false.
 		 * @param patterns the patterns to create {@code MessageMatcher}s from.
 		 */
 		public Builder.Constraint simpDestMatchers(String... patterns) {
@@ -167,9 +167,9 @@ public final class MessageMatcherDelegatingAuthorizationManager implements Autho
 		/**
 		 * Maps a {@link List} of {@link SimpDestinationMessageMatcher} (or
 		 * {@link PathPatternMessageMatcher} if the application has configured a
-		 * {@link org.springframework.security.messaging.util.matcher.PathPatternMessageMatcherBuilderFactoryBean})
-		 * instances that match on {@code SimpMessageType.MESSAGE}. If no destination is
-		 * found on the Message, then the Matcher returns false.
+		 * {@link PathPatternMessageMatcher.Builder} bean) instances that match on
+		 * {@code SimpMessageType.MESSAGE}. If no destination is found on the Message,
+		 * then the Matcher returns false.
 		 * @param patterns the patterns to create {@code MessageMatcher}s from.
 		 */
 		public Builder.Constraint simpMessageDestMatchers(String... patterns) {
@@ -179,9 +179,9 @@ public final class MessageMatcherDelegatingAuthorizationManager implements Autho
 		/**
 		 * Maps a {@link List} of {@link SimpDestinationMessageMatcher} (or
 		 * {@link PathPatternMessageMatcher} if the application has configured a
-		 * {@link org.springframework.security.messaging.util.matcher.PathPatternMessageMatcherBuilderFactoryBean})
-		 * instances that match on {@code SimpMessageType.SUBSCRIBE}. If no destination is
-		 * found on the Message, then the Matcher returns false.
+		 * {@link PathPatternMessageMatcher.Builder} bean) instances that match on
+		 * {@code SimpMessageType.SUBSCRIBE}. If no destination is found on the Message,
+		 * then the Matcher returns false.
 		 * @param patterns the patterns to create {@code MessageMatcher}s from.
 		 */
 		public Builder.Constraint simpSubscribeDestMatchers(String... patterns) {
@@ -189,10 +189,10 @@ public final class MessageMatcherDelegatingAuthorizationManager implements Autho
 		}
 
 		/**
-		 * Maps a {@link List} of {@link SimpDestinationMessageMatcher} instances, or
+		 * Maps a {@link List} of {@link SimpDestinationMessageMatcher} (or
 		 * {@link PathPatternMessageMatcher} if the application has configured a
-		 * {@link org.springframework.security.messaging.util.matcher.PathPatternMessageMatcherBuilderFactoryBean}.
-		 * If no destination is found on the Message, then the Matcher returns false.
+		 * {@link PathPatternMessageMatcher.Builder} bean) instances. If no destination is
+		 * found on the Message, then the Matcher returns false.
 		 * @param type the {@link SimpMessageType} to match on. If null, the
 		 * {@link SimpMessageType} is not considered for matching.
 		 * @param patterns the patterns to create {@code MessageMatcher}s from.

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/metadata/RequestMatcherMetadataResponseResolver.java

@@ -62,8 +62,7 @@ public class RequestMatcherMetadataResponseResolver implements Saml2MetadataResp
 	private final Saml2MetadataResolver metadata;
 
 	/**
-	 * Construct a
-	 * {@link org.springframework.security.saml2.provider.service.metadata.RequestMatcherMetadataResponseResolver}
+	 * Construct a {@link RequestMatcherMetadataResponseResolver}
 	 * @param registrations the source for relying party metadata
 	 * @param metadata the strategy for converting {@link RelyingPartyRegistration}s into
 	 * metadata

web/src/main/java/org/springframework/security/web/access/ExceptionTranslationFilter.java

@@ -56,8 +56,7 @@ import org.springframework.web.filter.GenericFilterBean;
  * <p>
  * If an {@link AuthenticationException} is detected, the filter will launch the
  * <code>authenticationEntryPoint</code>. This allows common handling of authentication
- * failures originating from any subclass of
- * {@link org.springframework.security.access.intercept.AbstractSecurityInterceptor}.
+ * failures originating from Web or Method Security.
  * <p>
  * If an {@link AccessDeniedException} is detected, the filter will determine whether or
  * not the user is an anonymous user. If they are an anonymous user, the

web/src/main/java/org/springframework/security/web/header/writers/frameoptions/XFrameOptionsHeaderWriter.java

@@ -30,7 +30,6 @@ import org.springframework.util.Assert;
  * @author Rob Winch
  * @author Ankur Pathak
  * @since 3.2
- * @see AllowFromStrategy
  */
 public final class XFrameOptionsHeaderWriter implements HeaderWriter {
 
@@ -50,8 +49,9 @@ public final class XFrameOptionsHeaderWriter implements HeaderWriter {
 	/**
 	 * Creates a new instance
 	 * @param frameOptionsMode the {@link XFrameOptionsMode} to use. If using
-	 * {@link XFrameOptionsMode#ALLOW_FROM}, use
-	 * {@link #XFrameOptionsHeaderWriter(AllowFromStrategy)} instead.
+	 * {@link XFrameOptionsMode#ALLOW_FROM}, use Content-Security-Policy with the <a href=
+	 * "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors">frame-ancestors</a>
+	 * directive instead.
 	 */
 	public XFrameOptionsHeaderWriter(XFrameOptionsMode frameOptionsMode) {
 		Assert.notNull(frameOptionsMode, "frameOptionsMode cannot be null");
@@ -70,6 +70,7 @@ public final class XFrameOptionsHeaderWriter implements HeaderWriter {
 	 * browsers. Instead use Content-Security-Policy with the <a href=
 	 * "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors">frame-ancestors</a>
 	 * directive.
+	 * @see AllowFromStrategy
 	 */
 	@Deprecated
 	public XFrameOptionsHeaderWriter(AllowFromStrategy allowFromStrategy) {