From 784c02aabf4c14b93b5bd291a6476b408205aaae Mon Sep 17 00:00:00 2001
From: Dmitry Spikhalsky <dmitry@spikhalskiy.com>
Date: Sat, 30 Nov 2024 16:29:31 -0500
Subject: [PATCH 1/2] Improve AuthorizationManager configuration error messages

Closes gh-16193
---
 .../security/config/http/AuthorizationFilterParser.java       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java b/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java
index 48967d47cb2..e9cdb2ea776 100644
--- a/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java
+++ b/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java
@@ -76,12 +76,12 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 	public BeanDefinition parse(Element element, ParserContext parserContext) {
 		if (!isUseExpressions(element)) {
 			parserContext.getReaderContext()
-				.error("AuthorizationManager must be used with `use-expressions=\"true\"", element);
+				.error("AuthorizationManager must be used with `use-expressions=\"true\"; Add `use-authorization-manager=\"false\"` or enable use of expressions in `<http>` block", element);
 			return null;
 		}
 		if (StringUtils.hasText(element.getAttribute(ATT_ACCESS_DECISION_MANAGER_REF))) {
 			parserContext.getReaderContext()
-				.error("AuthorizationManager cannot be used in conjunction with `access-decision-manager-ref`",
+				.error("AuthorizationManager cannot be used in conjunction with `access-decision-manager-ref`; either remove the reference to AccessDecisionManager or add `use-authorization-manager=\"false\"` to `<http>` block",
 						element);
 			return null;
 		}

From 5ca64c1f9cab38dafcf3e5b9ed3719c5f50046c4 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Thu, 5 Dec 2024 14:48:35 -0700
Subject: [PATCH 2/2] Polish Error Messages

- aligned the grammar
- formatted using gradlew format
- updated copyright year

Issue gh-16193
---
 .../security/config/http/AuthorizationFilterParser.java    | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java b/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java
index e9cdb2ea776..53ff1238b0e 100644
--- a/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java
+++ b/config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -76,12 +76,13 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 	public BeanDefinition parse(Element element, ParserContext parserContext) {
 		if (!isUseExpressions(element)) {
 			parserContext.getReaderContext()
-				.error("AuthorizationManager must be used with `use-expressions=\"true\"; Add `use-authorization-manager=\"false\"` or enable use of expressions in `<http>` block", element);
+				.error("AuthorizationManager must be used with `use-expressions=\"true\"; either add `use-authorization-manager=\"false\"` or `use-expressions=`\"false\"` in your `<http>` block",
+						element);
 			return null;
 		}
 		if (StringUtils.hasText(element.getAttribute(ATT_ACCESS_DECISION_MANAGER_REF))) {
 			parserContext.getReaderContext()
-				.error("AuthorizationManager cannot be used in conjunction with `access-decision-manager-ref`; either remove the reference to AccessDecisionManager or add `use-authorization-manager=\"false\"` to `<http>` block",
+				.error("AuthorizationManager cannot be used in conjunction with `access-decision-manager-ref`; either remove the reference to AccessDecisionManager or add `use-authorization-manager=\"false\"` to your `<http>` block",
 						element);
 			return null;
 		}