Add More role=primary/secondary

Issue gh-7801

Author: rwinch

docs/manual/src/docs/asciidoc/_includes/about/authentication/password-storage.adoc

@@ -342,32 +342,33 @@ However, this can be customized by exposing a `PasswordEncoder` as a Spring bean
 
 
 If you are migrating from Spring Security 4.2.x you can revert to the previous behavior by exposing a `NoOpPasswordEncoder` bean.
-For example, if you are using Java Configuration, you can create a configuration that looks like:
 
 [WARNING]
 ====
 Reverting to `NoOpPasswordEncoder` is not considered to be secure.
 You should instead migrate to using `DelegatingPasswordEncoder` to support secure password encoding.
 ====
 
-.NoOpPasswordEncoder with Java Configuration
+.NoOpPasswordEncoder
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Bean
 public static NoOpPasswordEncoder passwordEncoder() {
     return NoOpPasswordEncoder.getInstance();
 }
 ----
-====
 
-if you are using XML configuration, you can expose a `PasswordEncoder` with the id `passwordEncoder`:
-
-.NoPasswordEncoder with XML
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <b:bean id="passwordEncoder"
         class="org.springframework.security.crypto.password.NoOpPasswordEncoder" factory-method="getInstance"/>
 ----
 ====
+
+[NOTE]
+====
+XML Configuration requires the `NoOpPasswordEncoder` bean name to be `passwordEncoder`.
+====

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/unpwd/input/digest.adoc

@@ -37,9 +37,10 @@ key:              A private key to prevent modification of the nonce token
 You will need to ensure you <<authentication-password-storage-configuration,configure>> insecure plain text <<authentication-password-storage,Password Storage>> using NoOpPasswordEncoder`.
 The following provides an example of configuring Digest Authentication with Java Configuration:
 
-.Digest Authentication with Java Configuration
+.Digest Authentication
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Autowired
 UserDetailsService userDetailsService;
@@ -63,13 +64,9 @@ protected void configure(HttpSecurity http) throws Exception {
 		.addFilterBefore(digestFilter());
 }
 ----
-====
-
-The following provides an example of configuring Digest Authentication with XML Configuration:
 
-.Digest Authentication with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <b:bean id="digestFilter"
         class="org.springframework.security.web.authentication.www.DigestAuthenticationFilter"

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/unpwd/input/form.adoc

@@ -12,23 +12,20 @@ Spring Security form log in is enabled by default.
 However, as soon as any servlet based configuration is provided, form based log in must be explicitly provided.
 A minimal, explicit Java configuration can be found below:
 
-.Form Log In Java Configuration
+.Form Log
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 protected void configure(HttpSecurity http) {
 	http
 		// ...
 		.formLogin(withDefaults());
 }
 ----
-====
-
-A minimal XML configuration can be found below:
 
-.Form Log In XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -45,9 +42,10 @@ Most production applications will require a custom log in form.
 
 The configuration below demonstrates how to provide a custom log in form.
 
-.Custom Log In Form with Java Configuration
+.Custom Log In Form Configuration
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 protected void configure(HttpSecurity http) throws Exception {
 	http
@@ -58,13 +56,9 @@ protected void configure(HttpSecurity http) throws Exception {
 		);
 }
 ----
-====
-
-A minimal XML configuration can be found below:
 
-.Custom Log In Form with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -75,13 +69,12 @@ A minimal XML configuration can be found below:
 ====
 
 [[servlet-authentication-form-custom-html]]
-=== HTML Form
-
 When the login page is specified in the Spring Security configuration, you are responsible for rendering the page.
 Below is a https://www.thymeleaf.org/[Thymeleaf] template that produces an HTML login form that complies with a login page of `/login`.:
 
-.Log In Form src/main/resources/templates/login.html
+.Log In Form
 ====
+.src/main/resources/templates/login.html
 [source,xml]
 ----
 <!DOCTYPE html>
@@ -122,13 +115,12 @@ Many users will not need much more than to customize the log in page.
 However, if needed everything above can be customized with additional configuration.
 
 [[servlet-authentication-form-custom-controller]]
-== LoginController
-
 If you are using Spring MVC, you will need a controller that maps `GET /login` to the login template we created.
 A minimal sample `LoginController` can be see below:
 
 .LoginController
 ====
+.src/main/java/example/LoginController.java
 [source,java]
 ----
 @Controller

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/unpwd/storage/in-memory.adoc

@@ -9,7 +9,8 @@ In this sample we use <<authentication-password-storage-boot-cli,Spring Boot CLI
 
 .InMemoryUserDetailsManager Java Configuration
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Bean
 public UserDetailsService users() {
@@ -26,13 +27,9 @@ public UserDetailsService users() {
 	return new InMemoryUserDetailsManager(user, admin);
 }
 ----
-====
-
-The same configuration in XML looks like:
 
-.<user-service> XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <user-service>
 	<user name="user"

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/unpwd/storage/index.adoc

@@ -1,7 +1,7 @@
 [[servlet-authentication-unpwd-storage]]
 = User Storage
 
-Spring Security's <<servlet-authentication-userdetailsservice,`UserDetailsService`>> allows for storing user information including a username and password.
+Spring Security's <<servlet-authentication-userdetailsservice,`UserDetailsService`>> allows for storing user information when authenticating with a username/password.
 `UserDetailsService` is used by Spring Security when it is configured to <<servlet-authentication-unpwd-input,accept a username/password>> for authentication.
 
 // FIXME: Once it is retrieved it is validated using DaoAuthenticationProvider

docs/manual/src/docs/asciidoc/_includes/servlet/authentication/unpwd/storage/jdbc.adoc

@@ -3,22 +3,14 @@
 
 Spring Security's `JdbcDaoImpl` implements <<servlet-authentication-userdetailsservice,UserDetailsService>> to provide support for username/password based authentication that is retrieved using JDBC.
 `JdbcUserDetailsManager` extends `JdbcDaoImpl` to provide management of `UserDetails` through the `UserDetailsManager` interface.
+`UserDetails` based authentication is used by Spring Security when it is configured to <<servlet-authentication-unpwd-input,accept a username/password>> for authentication.
 
 In the following sections we will discuss:
 
 * The <<servlet-authentication-jdbc-schema>> used by Spring Security JDBC Authentication
 * <<servlet-authentication-jdbc-datasource>>
 * <<servlet-authentication-jdbc-bean>>
 
-[[servlet-authentication-jdbc-when]]
-== When is it Used?
-
-JDBC authentication is used for authenticating a username and password.
-Spring Security leverages username/password based authentication when any of the following are enabled:
-
-* <<servlet-authentication-form>>
-* <<servlet-authentication-basic>>
-
 [[servlet-authentication-jdbc-schema]]
 == Default Schema
 
@@ -115,9 +107,10 @@ create table group_members (
 Before we configure `JdbcUserDetailsManager`, we must create a `DataSource`.
 In our example, we will setup an https://docs.spring.io/spring-framework/docs/current/spring-framework-reference/data-access.html#jdbc-embedded-database-support[embedded DataSource] that is initialized with the <<servlet-authentication-jdbc-schema,default user schema>>.
 
-.Embedded Data Source with Java Configuration
+.Embedded Data Source
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Bean
 DataSource dataSource() {
@@ -127,11 +120,9 @@ DataSource dataSource() {
 		.build();
 }
 ----
-====
 
-.Embedded Data Source with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <jdbc:embedded-database>
 	<jdbc:script location="classpath:org/springframework/security/core/userdetails/jdbc/users.ddl"/>
@@ -147,9 +138,11 @@ In a production environment, you will want to ensure you setup a connection to a
 In this sample we use <<authentication-password-storage-boot-cli,Spring Boot CLI>> to encode the password of `password` and get the encoded password of `{bcrypt}$2a$10$GRLdNijSQMUvl/au9ofL.eDwmoohzzS7.rmNSJZ.0FxO/BTk76klW`.
 See the <<authentication-password-storage,PasswordEncoder>> section for more details about how to store passwords.
 
-.JdbcUserDetailsManager with Java Configuration
+.JdbcUserDetailsManager
 ====
-[source,java]
+
+.Java
+[source,java,role="primary"]
 ----
 @Bean
 UserDetailsManager users(DataSource dataSource) {
@@ -167,13 +160,9 @@ UserDetailsManager users(DataSource dataSource) {
 	users.createUser()
 }
 ----
-====
 
-The same configuration in XML looks like:
-
-.<jdbc-user-service> XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <jdbc-user-service>
 	<user name="user"