The phrasing in the section Adding SecuritySocketAcceptorInterceptor of the Spring Security documentation is confusing. It says:

In a Spring Boot application, you can do this automatically by using RSocketSecurityAutoConfiguration with the following code.

As I understand it, I have to add the snippet

https://github.com/spring-projects/spring-security/blob/47acdc7606b16aa0404f6c3cb35abb2242f981f9/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc#L73-L76

to a Spring Boot application to get it to work. However, this breaks the autoconfiguration as the same code is already applied by Spring Boot's autoconfiguration.

I'm not familiar with using RSocket without Spring Boot's autoconfiguration, therefore I do not feel qualified to suggest a better wording. If you need a sample to reproduce the problem, please let me know.

Comment From: jzheaux

Thanks for the feedback @aahlenst. I agree that it's confusing.

I think this:

In a Spring Boot application, you can do this automatically by using RSocketSecurityAutoConfiguration with the following code.

(snippet)

Should instead be this:

Spring Boot registers it automatically in RScoketSecurityAutoConfiguration when you include {gh-samples-url}/reactive/rsocket/hello-security/build.gradle[the correct dependencies].

Or, if you are not using Boot's auto-configuration, you can register it manually in the following way:

(snippet)

To customize the interceptor itself, use RSocketSecurity to add <> and <>.

I'll schedule this for the next batch of releases.