From 61ca5aacf7ef274aec5ba033f92bfa04b632e006 Mon Sep 17 00:00:00 2001 From: Marcel Date: Wed, 6 May 2026 12:16:07 +0200 Subject: [PATCH] =?UTF-8?q?docs(c4):=20fix=203a=20secFilter=20description?= =?UTF-8?q?=20=E2=80=94=20BCrypt=20validation=20is=20in=20DaoAuthenticatio?= =?UTF-8?q?nProvider?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Sonnet 4.6 --- docs/architecture/c4-diagrams.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/c4-diagrams.md b/docs/architecture/c4-diagrams.md index ec010c6d..032897b0 100644 --- a/docs/architecture/c4-diagrams.md +++ b/docs/architecture/c4-diagrams.md @@ -73,7 +73,7 @@ C4Component ContainerDb(db, "PostgreSQL") System_Boundary(backend, "API Backend (Spring Boot)") { - Component(secFilter, "Security Filter Chain", "Spring Security", "Enforces authentication on all requests. Parses Basic Auth header and validates credentials via BCrypt. Permits password-reset, invite, and register endpoints without authentication.") + Component(secFilter, "Security Filter Chain", "Spring Security", "Enforces authentication on all requests. Parses Basic Auth header and constructs an Authentication token; delegates credential validation to DaoAuthenticationProvider via BCrypt. Permits password-reset, invite, and register endpoints without authentication.") Component(permAspect, "PermissionAspect", "Spring AOP", "Intercepts methods annotated with @RequirePermission. Checks user's granted authorities against the required permission. Throws 401/403 if denied.") Component(secConf, "SecurityConfig", "Spring @Configuration", "Configures filter chain: all routes require authentication, CSRF disabled, BCrypt password encoder, DaoAuthenticationProvider with CustomUserDetailsService.") Component(userDetails, "CustomUserDetailsService", "Spring Security UserDetailsService", "Loads AppUser by email from DB. Converts group permissions to Spring GrantedAuthority objects. Logs unknown permissions.")