From 7ec9188f5b1b8901663a58ebf7b568d10195465e Mon Sep 17 00:00:00 2001 From: Krishna Chaitanya Surapaneni Date: Mon, 25 Dec 2023 19:52:40 -0700 Subject: [PATCH] Remove Irrelevant Documentation Lines Refactor: Remove two lines that lack proper context due to earlier deletions/movements. They are no longer relevant and contribute little to the overall meaning. Issue gh-12974 --- .../ROOT/pages/servlet/authorization/method-security.adoc | 5 ----- 1 file changed, 5 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc b/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc index e7a2d2e5aed..8f875979afe 100644 --- a/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc +++ b/docs/modules/ROOT/pages/servlet/authorization/method-security.adoc @@ -394,11 +394,6 @@ fun readAccountWithWrongRoleThenAccessDenied() { While `@PreAuthorize` is quite helpful for declaring needed authorities, it can also be used to evaluate more complex <>. -The above two snippets are ensuring that the user can only request orders that belong to them by comparing the username parameter to xref:servlet/authentication/architecture.adoc#servlet-authentication-authentication[`Authentication#getName`]. - -The result is that the above method will only be invoked if the `username` in the request path matches the logged-in user's `name`. -If not, Spring Security will throw an `AccessDeniedException` and return a 403 status code. - [[use-postauthorize]] === Authorization Method Results with `@PostAuthorize`