Home Verkennen Help
Registreren Inloggen
github
/
spring-security
spiegel van https://github.com/spring-projects/spring-security
2
0
Vork 0
Bestanden Issues 0 Wiki
Bladeren bron

Merge branch '5.7.x' into 5.8.x

Closes gh-12286
Marcus Da Coregio 2 jaren geleden
bovenliggende
87c074fc26 9b3f834bff
commit
5db7ac4ce3
3 gewijzigde bestanden met toevoegingen van 3 en 5 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. BIN
      docs/modules/ROOT/assets/images/servlet/authorization/authorizationfilter.odg
  2. BIN
      docs/modules/ROOT/assets/images/servlet/authorization/authorizationfilter.png
  3. 3 5
      docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc

BIN
docs/modules/ROOT/assets/images/servlet/authorization/authorizationfilter.odg
Bestand weergeven


BIN
docs/modules/ROOT/assets/images/servlet/authorization/authorizationfilter.png
Bestand weergeven


+ 3 - 5
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
Bestand weergeven 

@@ -48,12 +48,10 @@ image::{figures}/authorizationfilter.png[]
 
 
 * image:{icondir}/number_1.png[] First, the `AuthorizationFilter` obtains an  xref:servlet/authentication/architecture.adoc#servlet-authentication-authentication[Authentication] from the xref:servlet/authentication/architecture.adoc#servlet-authentication-securitycontextholder[SecurityContextHolder].
 
 It wraps this in an `Supplier` in order to delay lookup.
 
-* image:{icondir}/number_2.png[] Second, `AuthorizationFilter` creates a {security-api-url}org/springframework/security/web/FilterInvocation.html[`FilterInvocation`] from the `HttpServletRequest`, `HttpServletResponse`, and `FilterChain`.
 
-// FIXME: link to FilterInvocation
 
-* image:{icondir}/number_3.png[] Next, it passes the `Supplier<Authentication>` and `FilterInvocation` to the xref:servlet/architecture.adoc#authz-authorization-manager[`AuthorizationManager`].
 
-** image:{icondir}/number_4.png[] If authorization is denied, an `AccessDeniedException` is thrown.
 
+* image:{icondir}/number_2.png[] Second, it passes the `Supplier<Authentication>` and the `HttpServletRequest` to the xref:servlet/architecture.adoc#authz-authorization-manager[`AuthorizationManager`].
 
+** image:{icondir}/number_3.png[] If authorization is denied, an `AccessDeniedException` is thrown.
 
 In this case the xref:servlet/architecture.adoc#servlet-exceptiontranslationfilter[`ExceptionTranslationFilter`] handles the `AccessDeniedException`.
 
-** image:{icondir}/number_5.png[] If access is granted, `AuthorizationFilter` continues with the xref:servlet/architecture.adoc#servlet-filters-review[FilterChain] which allows the application to process normally.
 
+** image:{icondir}/number_4.png[] If access is granted, `AuthorizationFilter` continues with the xref:servlet/architecture.adoc#servlet-filters-review[FilterChain] which allows the application to process normally.
 
 
 We can configure Spring Security to have different rules by adding more rules in order of precedence.