Remove Duplicate Docs

Author: rwinch

docs/manual/src/docs/asciidoc/_includes/servlet/appendix/namespace.adoc

@@ -27,7 +27,7 @@ The positions of the standard filters are fixed (see
 You can, of course, still do this if you need full control of the configuration.
 
 
-All filters which require a reference to the `AuthenticationManager` will be automatically injected with the internal instance created by the namespace configuration (see the <<ns-auth-manager,introductory chapter>> for more on the `AuthenticationManager`).
+All filters which require a reference to the <<servlet-authentication-authenticationmanager,`AuthenticationManager`>> will be automatically injected with the internal instance created by the namespace configuration.
 
 Each `<http>` namespace block always creates an `SecurityContextPersistenceFilter`, an `ExceptionTranslationFilter` and a `FilterSecurityInterceptor`.
 These are fixed and cannot be replaced with alternatives.
@@ -2033,7 +2033,6 @@ All elements which create `AuthenticationProvider` instances should be children
 [[nsa-authentication-manager-alias]]
 * **alias**
 This attribute allows you to define an alias name for the internal instance for use in your own configuration.
-Its use is described in the <<ns-auth-manager,namespace introduction>>.
 
 
 [[nsa-authentication-manager-erase-credentials]]
@@ -2062,7 +2061,7 @@ It is the same as the alias element, but provides a more consistent experience w
 Unless used with a `ref` attribute, this element is shorthand for configuring a <<core-services-dao-provider,DaoAuthenticationProvider>>.
 `DaoAuthenticationProvider` loads user information from a `UserDetailsService` and compares the username/password combination with the values supplied at login.
 The `UserDetailsService` instance can be defined either by using an available namespace element (`jdbc-user-service` or by using the `user-service-ref` attribute to point to a bean defined elsewhere in the application context).
-You can find examples of these variations in the <<ns-auth-providers,namespace introduction>>.
+
 
 
 [[nsa-authentication-provider-parents]]

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/architecture/authentication-provider.adoc

@@ -0,0 +1,6 @@
+[[servlet-authentication-authenticationprovider]]
+= AuthenticationProvider
+
+Multiple {security-api-url}org/springframework/security/authentication/AuthenticationProvider.html[``AuthenticationProvider``s] can be injected into <<servlet-authentication-providermanager,`ProviderManager`>>.
+Each `AuthenticationProvider` performs a specific type of authentication.
+For example, `DaoAuthenticationProvider` supports username/password based authentication while `JwtAuthenticationProvider` supports authenticating a JWT token.

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/architecture/index.adoc

@@ -6,14 +6,17 @@ include::authentication.adoc[leveloffset=+1]
 
 include::granted-authority.adoc[leveloffset=+1]
 
-include::authentication-entry-point.adoc[leveloffset=+1]
-
-include::abstract-authentication-processing-filter.adoc[leveloffset=+1]
-
 include::authentication-manager.adoc[leveloffset=+1]
 
 include::provider-manager.adoc[leveloffset=+1]
 
-// authenticationprovider
+include::authentication-provider.adoc[leveloffset=+1]
+
+include::authentication-entry-point.adoc[leveloffset=+1]
+
+// FIXME: authenticationsuccesshandler
+// FIXME: authenticationfailurehandler
+
+include::abstract-authentication-processing-filter.adoc[leveloffset=+1]
 
 // daoauthenticationprovider (goes in username/password)

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/architecture/provider-manager.adoc

@@ -3,7 +3,7 @@
 :figures: images/servlet/authentication/architecture
 
 {security-api-url}org/springframework/security/authentication/ProviderManager.html[`ProviderManager`] is the most commonly used implementation of <<servlet-authentication-authenticationmanager,`AuthenticationManager`>>.
-`ProviderManager` delegates to a `List` of ``AuthenticationProvider``s.
+`ProviderManager` delegates to a `List` of <<servlet-authentication-authenticationprovider,``AuthenticationProvider``s>>.
 // FIXME: link to AuthenticationProvider
 Each `AuthenticationProvider` has an opportunity to indicate that authentication should be successful, fail, or indicate it cannot make a decision and allow a downstream `AuthenticationProvider` to decide.
 If none of the configured ``AuthenticationProvider``s can authenticate, then authentication will fail with a `ProviderNotFoundException` which is a special `AuthenticationException` that indicates the `ProviderManager` was not configured support the type of `Authentication` that was passed into it.

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/authentication-entry-point.adoc

@@ -139,7 +139,7 @@ The following beans should be configured to commence the CAS authentication proc
 ----
 
 For CAS to operate, the `ExceptionTranslationFilter` must have its `authenticationEntryPoint` property set to the `CasAuthenticationEntryPoint` bean.
-This can easily be done using <<ns-entry-point-ref,entry-point-ref>> as is done in the example above.
+This can easily be done using <<nsa-http-entry-point-ref,entry-point-ref>> as is done in the example above.
 The `CasAuthenticationEntryPoint` must refer to the `ServiceProperties` bean (discussed above), which provides the URL to the enterprise's CAS login server.
 This is where the user's browser will be redirected.
 

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/authentication-manager.adoc

@@ -15,11 +15,12 @@ If you need concrete flows that explain how these pieces fit together, look in s
 * <<servlet-authentication-securitycontext>> - is obtained from the `SecurityContextHolder` and contains the `Authentication` of the currently authenticated user.
 * <<servlet-authentication-authentication>> - Can be the input to `AuthenticationManager` to provide the credentials a user has provided to authenticate or the current user from the `SecurityContext`.
 * <<servlet-authentication-granted-authority>> - An authority that is granted to the principal on the `Authentication` (i.e. roles, scopes, etc.)
+* <<servlet-authentication-authenticationmanager>> -  the API that defines how Spring Security's Filters perform  <<authentication,authentication>>.
+* <<servlet-authentication-providermanager>> -  the most common implementation of `AuthenticationManager`.
+* <<servlet-authentication-authenticationprovider>> - used by `ProviderManager` to perform a specific type of authentication.
 * <<servlet-authentication-authenticationentrypoint>> - used for requesting credentials from a client (i.e. redirecting to a log in page, sending a `WWW-Authenticate` response, etc.)
 * <<servlet-authentication-abstractprocessingfilter>> - a base `Filter` used for authentication.
 This also gives a good idea of the high level flow of authentication and how pieces work together.
-* <<servlet-authentication-authenticationmanager>> -  the API that defines how Spring Security's Filters perform  <<authentication,authentication>>.
-* <<servlet-authentication-providermanager>> -  the most common implementation of `AuthenticationManager`.
 
 [[servlet-authentication-mechanisms]]
 *Authentication Mechanisms*
@@ -34,10 +35,6 @@ include::architecture/index.adoc[]
 
 include::unpwd/index.adoc[leveloffset=+1]
 
-include::authentication-provider.adoc[]
-
-include::authentication-manager.adoc[]
-
 include::session-management.adoc[]
 
 include::rememberme.adoc[]
@@ -58,4 +55,3 @@ include::runas.adoc[]
 
 include::logout.adoc[]
 
-include::authentication-entry-point.adoc[]

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/authentication-provider.adoc

@@ -19,7 +19,6 @@ You should then register yourself with an OpenID provider (such as myopenid.com)
 
 You should be able to login using the `myopenid.com` site to authenticate.
 It is also possible to select a specific `UserDetailsService` bean for use OpenID by setting the `user-service-ref` attribute on the `openid-login` element.
-See the previous section on <<ns-auth-providers,authentication providers>> for more information.
 Note that we have omitted the password attribute from the above user configuration, since this set of user data is only being used to load the authorities for the user.
 A random password will be generated internally, preventing you from accidentally using this user data as an authentication source elsewhere in your configuration.