Deprecate AccessDecisionManager

jzheaux · jzheaux · commit 85b48f83923a · 2025-03-19T17:41:20.000-06:00
Closes gh-11302
diff --git a/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java b/core/src/main/java/org/springframework/security/authentication/InsufficientAuthenticationException.java
@@ -24,9 +24,9 @@
  * Thrown if an authentication request is rejected because the credentials are not
  * sufficiently trusted.
  * <p>
- * {@link org.springframework.security.access.AccessDecisionVoter}s will typically throw
- * this exception if they are dissatisfied with the level of the authentication, such as
- * if performed using a remember-me mechanism or anonymously. The
+ * {@link org.springframework.security.authorization.AuthorizationManager}s will typically
+ * throw this exception if they are dissatisfied with the level of the authentication,
+ * such as if performed using a remember-me mechanism or anonymously. The
  * {@code ExceptionTranslationFilter} will then typically cause the
  * {@code AuthenticationEntryPoint} to be called, allowing the principal to authenticate
  * with a stronger level of authentication.
diff --git a/core/src/main/java/org/springframework/security/core/GrantedAuthority.java b/core/src/main/java/org/springframework/security/core/GrantedAuthority.java
@@ -18,14 +18,14 @@
 
 import java.io.Serializable;
 
-import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.authorization.AuthorizationManager;
 
 /**
  * Represents an authority granted to an {@link Authentication} object.
  *
  * <p>
  * A <code>GrantedAuthority</code> must either represent itself as a <code>String</code>
- * or be specifically supported by an {@link AccessDecisionManager}.
+ * or be specifically supported by an {@link AuthorizationManager}.
  *
  * @author Ben Alex
  */
@@ -34,7 +34,7 @@ public interface GrantedAuthority extends Serializable {
 	/**
 	 * If the <code>GrantedAuthority</code> can be represented as a <code>String</code>
 	 * and that <code>String</code> is sufficient in precision to be relied upon for an
-	 * access control decision by an {@link AccessDecisionManager} (or delegate), this
+	 * access control decision by an {@link AuthorizationManager} (or delegate), this
 	 * method should return such a <code>String</code>.
 	 * <p>
 	 * If the <code>GrantedAuthority</code> cannot be expressed with sufficient precision
