Various build time javadoc warnings fix

config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java

@@ -55,6 +55,7 @@
  * @param <B> the {@link ProviderManagerBuilder} type that this is configuring.
  * @author Rob Winch
  * @author Eddú Meléndez
+ * @author Tony Dalbrekt
  * @since 3.2
  */
 public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuilder<B>>
@@ -150,7 +151,6 @@ private LdapAuthoritiesPopulator getLdapAuthoritiesPopulator() {
 	 * {@link SimpleAuthorityMapper}
 	 * @return the {@link LdapAuthenticationProviderConfigurer} for further customizations
 	 *
-	 * @author Tony Dalbrekt
 	 * @since 4.1.1
 	 */
 	public LdapAuthenticationProviderConfigurer<B> authoritiesMapper(
@@ -315,8 +315,8 @@ public LdapAuthenticationProviderConfigurer<B> groupSearchBase(String groupSearc
 	/**
 	 * If set to true, a subtree scope search will be performed for group membership. If
 	 * false a single-level search is used.
-	 * @param searchSubtree set to true to enable searching of the entire tree below the
-	 * <tt>groupSearchBase</tt>.
+	 * @param groupSearchSubtree set to true to enable searching of the entire tree below
+	 * the <tt>groupSearchBase</tt>.
 	 * @return the {@link LdapAuthenticationProviderConfigurer} for further customizations
 	 */
 	public LdapAuthenticationProviderConfigurer<B> groupSearchSubtree(boolean groupSearchSubtree) {

config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java

@@ -1363,7 +1363,7 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * 	&#064;Override
 	 * 	protected void configure(HttpSecurity http) throws Exception {
 	 * 		http
-	 * 			.authorizeHttpRequests((authorizeHttpRequests) ->
+	 * 			.authorizeHttpRequests((authorizeHttpRequests) -&gt;
 	 * 				authorizeHttpRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
@@ -1384,7 +1384,7 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * 	&#064;Override
 	 * 	protected void configure(HttpSecurity http) throws Exception {
 	 * 		http
-	 * 			.authorizeHttpRequests((authorizeHttpRequests) ->
+	 * 			.authorizeHttpRequests((authorizeHttpRequests) -&gt;
 	 * 				authorizeHttpRequests
 	 * 					.antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@@ -1406,7 +1406,7 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * 	&#064;Override
 	 * 	protected void configure(HttpSecurity http) throws Exception {
 	 * 		http
-	 * 		 	.authorizeHttpRequests((authorizeHttpRequests) ->
+	 * 		 	.authorizeHttpRequests((authorizeHttpRequests) -&gt;
 	 * 		 		authorizeHttpRequests
 	 * 			 		.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			 		.antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
@@ -2249,7 +2249,7 @@ public HttpSecurity saml2Login(Customizer<Saml2LoginConfigurer<HttpSecurity>> sa
 	 *		&#064;Bean
 	 *		public SecurityFilterChain web(HttpSecurity http) throws Exception {
 	 *			http
-	 *				.authorizeRequests((authorize) -> authorize
+	 *				.authorizeRequests((authorize) -&gt; authorize
 	 *					.anyRequest().authenticated()
 	 *				)
 	 *				.saml2Login(withDefaults())
@@ -2839,11 +2839,11 @@ public HttpSecurity httpBasic(Customizer<HttpBasicConfigurer<HttpSecurity>> http
 	 * 	&#064;Override
 	 * 	protected void configure(HttpSecurity http) throws Exception {
 	 * 		http
-	 * 			.authorizeRequests(authorizeRequests ->
+	 * 			.authorizeRequests(authorizeRequests -&gt;
 	 * 				authorizeRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
-	 * 			.passwordManagement(passwordManagement ->
+	 * 			.passwordManagement(passwordManagement -&gt;
 	 * 				passwordManagement
 	 * 					.changePasswordPage(&quot;/custom-change-password-page&quot;)
 	 * 			);

config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java

@@ -69,6 +69,7 @@
  * @author Joe Grandja
  * @author Eddú Meléndez
  * @author Vedran Pavic
+ * @author Ankur Pathak
  * @since 3.2
  */
 public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
@@ -766,7 +767,6 @@ public HstsConfig includeSubDomains(boolean includeSubDomains) {
 		 * </p>
 		 * @param preload true to include preload, else false
 		 * @since 5.2.0
-		 * @author Ankur Pathak
 		 */
 		public HstsConfig preload(boolean preload) {
 			this.writer.setPreload(preload);

config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java

@@ -242,6 +242,8 @@
  * @author Eddú Meléndez
  * @author Joe Grandja
  * @author Parikshit Dutta
+ * @author Ankur Pathak
+ * @author Alexey Nesterov
  * @since 5.0
  */
 public class ServerHttpSecurity {
@@ -333,7 +335,6 @@ public ServerHttpSecurity addFilterAt(WebFilter webFilter, SecurityWebFiltersOrd
 	 * @param order the place before which to insert the {@link WebFilter}
 	 * @return the {@link ServerHttpSecurity} to continue configuring
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public ServerHttpSecurity addFilterBefore(WebFilter webFilter, SecurityWebFiltersOrder order) {
 		this.webFilters.add(new OrderedWebFilter(webFilter, order.getOrder() - 1));
@@ -346,7 +347,6 @@ public ServerHttpSecurity addFilterBefore(WebFilter webFilter, SecurityWebFilter
 	 * @param order the place after which to insert the {@link WebFilter}
 	 * @return the {@link ServerHttpSecurity} to continue configuring
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public ServerHttpSecurity addFilterAfter(WebFilter webFilter, SecurityWebFiltersOrder order) {
 		this.webFilters.add(new OrderedWebFilter(webFilter, order.getOrder() + 1));
@@ -593,7 +593,6 @@ public ServerHttpSecurity cors(Customizer<CorsSpec> corsCustomizer) {
 	 * </pre>
 	 * @return the {@link AnonymousSpec} to customize
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public AnonymousSpec anonymous() {
 		if (this.anonymous == null) {
@@ -716,7 +715,7 @@ public PasswordManagementSpec passwordManagement() {
 	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
-	 *          .passwordManagement(passwordManagement ->
+	 *          .passwordManagement(passwordManagement -&gt;
 	 *          	// Custom change password page.
 	 *          	passwordManagement.changePasswordPage("/custom-change-password-page")
 	 *          );
@@ -817,7 +816,6 @@ public ServerHttpSecurity formLogin(Customizer<FormLoginSpec> formLoginCustomize
 	 * will be used. If authenticationManager is not specified,
 	 * {@link ReactivePreAuthenticatedAuthenticationManager} will be used.
 	 * @return the {@link X509Spec} to customize
-	 * @author Alexey Nesterov
 	 * @since 5.2
 	 */
 	public X509Spec x509() {
@@ -2026,7 +2024,6 @@ public HttpBasicSpec securityContextRepository(ServerSecurityContextRepository s
 		 * use
 		 * @return {@link HttpBasicSpec} for additional customization
 		 * @since 5.2.0
-		 * @author Ankur Pathak
 		 */
 		public HttpBasicSpec authenticationEntryPoint(ServerAuthenticationEntryPoint authenticationEntryPoint) {
 			Assert.notNull(authenticationEntryPoint, "authenticationEntryPoint cannot be null");
@@ -2182,7 +2179,7 @@ public FormLoginSpec authenticationSuccessHandler(
 		 * generate a log in page at "/login" and a log out page at "/logout". If this is
 		 * customized:
 		 * <ul>
-		 * <li>The default log in & log out page are no longer provided</li>
+		 * <li>The default log in &amp; log out page are no longer provided</li>
 		 * <li>The application must render a log in page at the provided URL</li>
 		 * <li>The application must render an authentication error page at the provided
 		 * URL + "?error"</li>
@@ -2456,7 +2453,6 @@ public HeaderSpec frameOptions(Customizer<FrameOptionsSpec> frameOptionsCustomiz
 		 * custom headers writer
 		 * @return the {@link HeaderSpec} to customize
 		 * @since 5.3.0
-		 * @author Ankur Pathak
 		 */
 		public HeaderSpec writer(ServerHttpHeadersWriter serverHttpHeadersWriter) {
 			Assert.notNull(serverHttpHeadersWriter, "serverHttpHeadersWriter cannot be null");
@@ -2711,7 +2707,6 @@ public HstsSpec includeSubdomains(boolean includeSubDomains) {
 			 * @param preload if subdomains should be included
 			 * @return the {@link HstsSpec} to continue configuring
 			 * @since 5.2.0
-			 * @author Ankur Pathak
 			 */
 			public HstsSpec preload(boolean preload) {
 				HeaderSpec.this.hsts.setPreload(preload);
@@ -4119,7 +4114,6 @@ protected void configure(ServerHttpSecurity http) {
 	/**
 	 * Configures anonymous authentication
 	 *
-	 * @author Ankur Pathak
 	 * @since 5.2.0
 	 */
 	public final class AnonymousSpec {

core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java

@@ -31,6 +31,7 @@
  *
  * @param <T> the type of object being authorized
  * @author Rob Winch
+ * @author Robbie Martinus
  * @since 5.0
  */
 public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
@@ -67,8 +68,6 @@ public static <T> AuthorityReactiveAuthorizationManager<T> hasAuthority(String a
 	/**
 	 * Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
 	 * provided authorities.
-	 *
-	 * @author Robbie Martinus
 	 * @param authorities the authorities to check for
 	 * @param <T> the type of object being authorized
 	 * @return the new instance
@@ -96,8 +95,6 @@ public static <T> AuthorityReactiveAuthorizationManager<T> hasRole(String role)
 	/**
 	 * Creates an instance of {@link AuthorityReactiveAuthorizationManager} with the
 	 * provided authorities.
-	 *
-	 * @author Robbie Martinus
 	 * @param roles the authorities to check for prefixed with "ROLE_"
 	 * @param <T> the type of object being authorized
 	 * @return the new instance

rsocket/src/main/java/org/springframework/security/rsocket/metadata/BearerTokenMetadata.java

@@ -20,7 +20,8 @@
 import org.springframework.util.MimeType;
 
 /**
- * Represents a bearer token that has been encoded into a {@link Payload#metadata()}.
+ * Represents a bearer token that has been encoded into a
+ * {@link io.rsocket.Payload#metadata() Payload#metadata()}.
  *
  * @author Rob Winch
  * @since 5.2

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2MetadataFilter.java

@@ -60,7 +60,7 @@ public final class Saml2MetadataFilter extends OncePerRequestFilter {
 	 * @param relyingPartyRegistrationResolver
 	 * @param saml2MetadataResolver
 	 * @deprecated Use
-	 * {@link Saml2MetadataFilter#Saml2MetadataFilter(RelyingPartyRegistrationResolver)}
+	 * {@link Saml2MetadataFilter#Saml2MetadataFilter(RelyingPartyRegistrationResolver, Saml2MetadataResolver)}
 	 * instead
 	 */
 	@Deprecated

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutRequestFilter.java

@@ -62,7 +62,6 @@
  * @author Josh Cummings
  * @since 5.6
  * @see Saml2LogoutRequestValidator
- * @see Saml2AssertingPartyInitiatedLogoutSuccessHandler
  */
 public final class Saml2LogoutRequestFilter extends OncePerRequestFilter {
 

web/src/main/java/org/springframework/security/web/authentication/AuthenticationFilter.java

@@ -49,11 +49,12 @@
  * is made. If the result is empty, then the filter does nothing more and the
  * {@link FilterChain} is continued. If it does create an {@link Authentication}...</li>
  * <li>The {@link AuthenticationManager} specified in
- * {@link #GenericAuthenticationFilter(AuthenticationManager)} is used to perform
- * authentication.</li>
+ * {@link #AuthenticationFilter(AuthenticationManager, AuthenticationConverter)} is used
+ * to perform authentication.</li>
  * <li>The {@link AuthenticationManagerResolver} specified in
- * {@link #GenericAuthenticationFilter(AuthenticationManagerResolver)} is used to resolve
- * the appropriate authentication manager from context to perform authentication.</li>
+ * {@link #AuthenticationFilter(AuthenticationManagerResolver, AuthenticationConverter)}
+ * is used to resolve the appropriate authentication manager from context to perform
+ * authentication.</li>
  * <li>If authentication is successful, {@link AuthenticationSuccessHandler} is invoked
  * and the authentication is set on {@link SecurityContextHolder}, else
  * {@link AuthenticationFailureHandler} is invoked</li>

web/src/main/java/org/springframework/security/web/header/HeaderWriterFilter.java

@@ -104,7 +104,6 @@ void writeHeaders(HttpServletRequest request, HttpServletResponse response) {
 	 * Allow writing headers at the beginning of the request.
 	 * @param shouldWriteHeadersEagerly boolean to allow writing headers at the beginning
 	 * of the request.
-	 * @author Ankur Pathak
 	 * @since 5.2
 	 */
 	public void setShouldWriteHeadersEagerly(boolean shouldWriteHeadersEagerly) {

web/src/main/java/org/springframework/security/web/header/writers/HstsHeaderWriter.java

@@ -82,7 +82,6 @@ public final class HstsHeaderWriter implements HeaderWriter {
 	 * @param includeSubDomains maps to {@link #setIncludeSubDomains(boolean)}
 	 * @param preload maps to {@link #setPreload(boolean)}
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public HstsHeaderWriter(RequestMatcher requestMatcher, long maxAgeInSeconds, boolean includeSubDomains,
 			boolean preload) {
@@ -109,7 +108,6 @@ public HstsHeaderWriter(RequestMatcher requestMatcher, long maxAgeInSeconds, boo
 	 * @param includeSubDomains maps to {@link #setIncludeSubDomains(boolean)}
 	 * @param preload maps to {@link #setPreload(boolean)}
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public HstsHeaderWriter(long maxAgeInSeconds, boolean includeSubDomains, boolean preload) {
 		this(new SecureRequestMatcher(), maxAgeInSeconds, includeSubDomains, preload);
@@ -222,7 +220,6 @@ public void setIncludeSubDomains(boolean includeSubDomains) {
 	 * </p>
 	 * @param preload true to include preload, else false
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public void setPreload(boolean preload) {
 		this.preload = preload;

web/src/main/java/org/springframework/security/web/server/header/StrictTransportSecurityServerHttpHeadersWriter.java

@@ -27,6 +27,7 @@
  * Writes the Strict-Transport-Security if the request is secure.
  *
  * @author Rob Winch
+ * @author Ankur Pathak
  * @since 5.0
  */
 public final class StrictTransportSecurityServerHttpHeadersWriter implements ServerHttpHeadersWriter {
@@ -73,7 +74,6 @@ public void setIncludeSubDomains(boolean includeSubDomains) {
 	 * </p>
 	 * @param preload if preload should be included
 	 * @since 5.2.0
-	 * @author Ankur Pathak
 	 */
 	public void setPreload(boolean preload) {
 		this.preload = preload ? " ; preload" : "";