Merge branch '3.3.x'

Closes spring-projectsgh-41639
hseungho · Jul 29, 2024 · 9c4399c · 9c4399c
2 parents a021d3c + 16ba01a
commit 9c4399c
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/...ring-boot-docs/src/docs/antora/modules/reference/pages/web/spring-security.adoc b/...ring-boot-docs/src/docs/antora/modules/reference/pages/web/spring-security.adoc
@@ -37,8 +37,8 @@ You can provide a different `AuthenticationEventPublisher` by adding a bean for
 The default security configuration is implemented in `SecurityAutoConfiguration` and `UserDetailsServiceAutoConfiguration`.
 `SecurityAutoConfiguration` imports `SpringBootWebSecurityConfiguration` for web security and `UserDetailsServiceAutoConfiguration` configures authentication, which is also relevant in non-web applications.
 
-To switch off the default web application security configuration completely or to combine multiple Spring Security components such as OAuth2 Client and Resource Server, add a bean of type `SecurityFilterChain` (doing so does not disable the `UserDetailsService` configuration or Actuator's security).
-To also switch off the `UserDetailsService` configuration, you can add a bean of type `UserDetailsService`, `AuthenticationProvider`, or `AuthenticationManager`.
+To completely switch off the default web application security configuration, including Actuator security, or to combine multiple Spring Security components such as OAuth2 Client and Resource Server, add a bean of type `SecurityFilterChain` (doing so does not disable the `UserDetailsService` configuration).
+To also switch off the `UserDetailsService` configuration, add a bean of type `UserDetailsService`, `AuthenticationProvider`, or `AuthenticationManager`.
 
 The auto-configuration of a `UserDetailsService` will also back off any of the following Spring Security modules is on the classpath:
 
@@ -62,8 +62,8 @@ Similar to Spring MVC applications, you can secure your WebFlux applications by
 The default security configuration is implemented in `ReactiveSecurityAutoConfiguration` and `UserDetailsServiceAutoConfiguration`.
 `ReactiveSecurityAutoConfiguration` imports `WebFluxSecurityConfiguration` for web security and `UserDetailsServiceAutoConfiguration` configures authentication, which is also relevant in non-web applications.
 
-To switch off the default web application security configuration completely, you can add a bean of type `WebFilterChainProxy` (doing so does not disable the `UserDetailsService` configuration or Actuator's security).
-To also switch off the `UserDetailsService` configuration, you can add a bean of type `ReactiveUserDetailsService` or `ReactiveAuthenticationManager`.
+To completely switch off the default web application security configuration, including Actuator security, add a bean of type `WebFilterChainProxy` (doing so does not disable the `UserDetailsService` configuration).
+To also switch off the `UserDetailsService` configuration, add a bean of type `ReactiveUserDetailsService` or `ReactiveAuthenticationManager`.
 
 The auto-configuration will also back off when any of the following Spring Security modules is on the classpath: