spring-projects / spring-security

Spring Security
http://spring.io/projects/spring-security
Apache License 2.0
8.79k stars 5.9k forks source link

Wrong class referenced in Spring Security documentation #15541

Open Hercules270 opened 2 months ago

Hercules270 commented 2 months ago

Expected Behavior I have found one inconsistency in the spring security documentation. More specifically on this page https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html under the section "Each Annotation Has Its Own Method Interceptor", there is listing of Method security annotations and there corresponding Interceptors. However, in my opinion, for the @PostAuthorize annotation, the interceptor is incorrect and instead of: AuthorizationManagerBeforeMethodInterceptor#postAuthorize, there should be: AuthorizationManagerAfterMethodInterceptor#postAuthorize

Current Behavior Currently for @PostAuthorize annotation, interceptor class is documented as AuthorizationManagerBeforeMethodInterceptor.

ahmd-nabil commented 2 months ago

Fixed in commit #15222