Fix rnc typo

Issue gh-11076

config/src/main/resources/org/springframework/security/config/spring-security-5.8.rnc

@@ -291,7 +291,7 @@ websocket-message-broker.attrlist &=
 websocket-message-broker.attrlist &=
 	## Disables the requirement for CSRF token to be present in the Stomp headers (default false). Changing the default is useful if it is necessary to allow other origins to make SockJS connections.
 	attribute same-origin-disabled {xsd:boolean}?
-websocket-message-broker.attlist &=
+websocket-message-broker.attrlist &=
 	## Use this AuthorizationManager instead of deriving one from <intercept-message> elements
 	attribute authorization-manager-ref {xsd:string}?
 websocket-message-broker.attrlist &=

config/src/main/resources/org/springframework/security/config/spring-security-5.8.xsd

@@ -915,17 +915,15 @@
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>
-      <xs:attribute name="use-authorization-manager" type="xs:boolean">
+      <xs:attribute name="authorization-manager-ref" type="xs:string">
          <xs:annotation>
-            <xs:documentation>Use AuthorizationManager API instead of SecurityMetadatasource
+            <xs:documentation>Use this AuthorizationManager instead of deriving one from &lt;intercept-message&gt; elements
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="websocket-message-broker.attlist">
-      <xs:attribute name="authorization-manager-ref" type="xs:string">
+      <xs:attribute name="use-authorization-manager" type="xs:boolean">
          <xs:annotation>
-            <xs:documentation>Use this AuthorizationManager instead of deriving one from &lt;intercept-message&gt; elements
+            <xs:documentation>Use AuthorizationManager API instead of SecurityMetadatasource
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>

config/src/main/resources/org/springframework/security/config/spring-security-6.0.rnc

@@ -291,7 +291,7 @@ websocket-message-broker.attrlist &=
 websocket-message-broker.attrlist &=
 	## Disables the requirement for CSRF token to be present in the Stomp headers (default false). Changing the default is useful if it is necessary to allow other origins to make SockJS connections.
 	attribute same-origin-disabled {xsd:boolean}?
-websocket-message-broker.attlist &=
+websocket-message-broker.attrlist &=
 	## Use this AuthorizationManager instead of deriving one from <intercept-message> elements
 	attribute authorization-manager-ref {xsd:string}?
 websocket-message-broker.attrlist &=

config/src/main/resources/org/springframework/security/config/spring-security-6.0.xsd

@@ -915,17 +915,15 @@
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>
-      <xs:attribute name="use-authorization-manager" type="xs:boolean">
+      <xs:attribute name="authorization-manager-ref" type="xs:string">
          <xs:annotation>
-            <xs:documentation>Use AuthorizationManager API instead of SecurityMetadatasource
+            <xs:documentation>Use this AuthorizationManager instead of deriving one from &lt;intercept-message&gt; elements
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="websocket-message-broker.attlist">
-      <xs:attribute name="authorization-manager-ref" type="xs:string">
+      <xs:attribute name="use-authorization-manager" type="xs:boolean">
          <xs:annotation>
-            <xs:documentation>Use this AuthorizationManager instead of deriving one from &lt;intercept-message&gt; elements
+            <xs:documentation>Use AuthorizationManager API instead of SecurityMetadatasource
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>