Spring Security Filter order documentation appears to be inconsistent

Describe the bug The order of the security filters is documented at org.springframework.security.config.annotation.web.HttpSecurityBuilder#addFilter, but that order does not appear to be consistent with what the actual code at org.springframework.security.config.annotation.web.builders.FilterOrderRegistration#FilterOrderRegistration does. Notice, for instance, that the order of ForceEagerSessionCreationFilter and DisableEncodeUrlFilter are switched between the documentation and the actual code.

Comment From: jpmsilva

Quick comment regarding the PR #14533: I mentioned the order of ForceEagerSessionCreationFilter and DisableEncodeUrlFilter merely as an example. There are other inconsistencies between the documentation and the actual implementation.

WebAsyncManagerIntegrationFilter, SecurityContextHolderFilter, HeaderWriterFilter, CorsFilter, CsrfFilter, OAuth2AuthorizationRequestRedirectFilter, Saml2WebSsoAuthenticationRequestFilter, OAuth2LoginAuthenticationFilter, Saml2WebSsoAuthenticationFilter, OAuth2AuthorizationCodeGrantFilter, AuthorizationFilter are missing from the documentation.

Comment From: marcusdacoregio

Closing in favor of https://github.com/spring-projects/spring-security/pull/14552