From 170f08f79733a3eb10e9b0c3148a3e603951260a Mon Sep 17 00:00:00 2001 From: Eleftheria Stein Date: Wed, 24 Jul 2019 12:15:32 -0400 Subject: [PATCH] Remove exceptions from lambda security configuration Fixes: gh-7128 --- .../security/config/Customizer.java | 6 +- .../web/configurers/HeadersConfigurer.java | 27 ++--- .../web/configurers/HttpBasicConfigurer.java | 5 +- .../SessionManagementConfigurer.java | 6 +- .../oauth2/client/OAuth2LoginConfigurer.java | 15 +-- .../OAuth2ResourceServerConfigurer.java | 7 +- .../openid/OpenIDLoginConfigurer.java | 7 +- .../config/web/server/ServerHttpSecurity.java | 108 +++++++----------- .../web/server/HttpsRedirectSpecTests.java | 6 +- .../web/server/OAuth2ClientSpecTests.java | 4 +- .../config/web/server/OAuth2LoginTests.java | 2 +- .../server/OAuth2ResourceServerSpecTests.java | 32 +++--- .../asciidoc/_includes/reactive/cors.adoc | 2 +- .../asciidoc/_includes/reactive/headers.adoc | 22 ++-- .../_includes/reactive/oauth2/login.adoc | 4 +- .../reactive/oauth2/resource-server.adoc | 12 +- .../_includes/reactive/redirect-https.adoc | 4 +- .../asciidoc/_includes/reactive/webflux.adoc | 2 +- .../asciidoc/_includes/reactive/x509.adoc | 4 +- ...h2ResourceServerSecurityConfiguration.java | 2 +- .../sample/WebfluxFormSecurityConfig.java | 2 +- .../java/sample/WebfluxX509Application.java | 2 +- .../www/BasicAuthenticationEntryPoint.java | 2 +- 23 files changed, 115 insertions(+), 168 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/Customizer.java b/config/src/main/java/org/springframework/security/config/Customizer.java index 3b8a02ab2d2..048ec1f3e0b 100644 --- a/config/src/main/java/org/springframework/security/config/Customizer.java +++ b/config/src/main/java/org/springframework/security/config/Customizer.java @@ -17,8 +17,7 @@ package org.springframework.security.config; /** - * Callback interface that accepts a single input argument and returns no result, - * with the ability to throw a (checked) exception. + * Callback interface that accepts a single input argument and returns no result. * * @author Eleftheria Stein * @param the type of the input to the operation @@ -31,9 +30,8 @@ public interface Customizer { * Performs the customizations on the input argument. * * @param t the input argument - * @throws Exception if any error occurs */ - void customize(T t) throws Exception; + void customize(T t); /** * Returns a {@link Customizer} that does not alter the input argument. diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java index f27a6bf6ce3..a4881346043 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java @@ -136,10 +136,8 @@ public ContentTypeOptionsConfig contentTypeOptions() { * @param contentTypeOptionsCustomizer the {@link Customizer} to provide more options for * the {@link ContentTypeOptionsConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer contentTypeOptions(Customizer contentTypeOptionsCustomizer) - throws Exception { + public HeadersConfigurer contentTypeOptions(Customizer contentTypeOptionsCustomizer) { contentTypeOptionsCustomizer.customize(contentTypeOptions.enable()); return HeadersConfigurer.this; } @@ -209,9 +207,8 @@ public XXssConfig xssProtection() { * @param xssCustomizer the {@link Customizer} to provide more options for * the {@link XXssConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer xssProtection(Customizer xssCustomizer) throws Exception { + public HeadersConfigurer xssProtection(Customizer xssCustomizer) { xssCustomizer.customize(xssProtection.enable()); return HeadersConfigurer.this; } @@ -322,14 +319,12 @@ public CacheControlConfig cacheControl() { * @param cacheControlCustomizer the {@link Customizer} to provide more options for * the {@link CacheControlConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer cacheControl(Customizer cacheControlCustomizer) throws Exception { + public HeadersConfigurer cacheControl(Customizer cacheControlCustomizer) { cacheControlCustomizer.customize(cacheControl.enable()); return HeadersConfigurer.this; } - public final class CacheControlConfig { private CacheControlHeadersWriter writer; @@ -389,9 +384,8 @@ public HstsConfig httpStrictTransportSecurity() { * @param hstsCustomizer the {@link Customizer} to provide more options for * the {@link HstsConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer httpStrictTransportSecurity(Customizer hstsCustomizer) throws Exception { + public HeadersConfigurer httpStrictTransportSecurity(Customizer hstsCustomizer) { hstsCustomizer.customize(hsts.enable()); return HeadersConfigurer.this; } @@ -523,9 +517,8 @@ public FrameOptionsConfig frameOptions() { * @param frameOptionsCustomizer the {@link Customizer} to provide more options for * the {@link FrameOptionsConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer frameOptions(Customizer frameOptionsCustomizer) throws Exception { + public HeadersConfigurer frameOptions(Customizer frameOptionsCustomizer) { frameOptionsCustomizer.customize(frameOptions.enable()); return HeadersConfigurer.this; } @@ -613,9 +606,8 @@ public HpkpConfig httpPublicKeyPinning() { * @param hpkpCustomizer the {@link Customizer} to provide more options for * the {@link HpkpConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer httpPublicKeyPinning(Customizer hpkpCustomizer) throws Exception { + public HeadersConfigurer httpPublicKeyPinning(Customizer hpkpCustomizer) { hpkpCustomizer.customize(hpkp.enable()); return HeadersConfigurer.this; } @@ -840,10 +832,8 @@ public ContentSecurityPolicyConfig contentSecurityPolicy(String policyDirectives * @param contentSecurityCustomizer the {@link Customizer} to provide more options for * the {@link ContentSecurityPolicyConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer contentSecurityPolicy(Customizer contentSecurityCustomizer) - throws Exception { + public HeadersConfigurer contentSecurityPolicy(Customizer contentSecurityCustomizer) { this.contentSecurityPolicy.writer = new ContentSecurityPolicyHeaderWriter(); contentSecurityCustomizer.customize(this.contentSecurityPolicy); @@ -1026,9 +1016,8 @@ public ReferrerPolicyConfig referrerPolicy(ReferrerPolicy policy) { * @param referrerPolicyCustomizer the {@link Customizer} to provide more options for * the {@link ReferrerPolicyConfig} * @return the {@link HeadersConfigurer} for additional customizations - * @throws Exception */ - public HeadersConfigurer referrerPolicy(Customizer referrerPolicyCustomizer) throws Exception { + public HeadersConfigurer referrerPolicy(Customizer referrerPolicyCustomizer) { this.referrerPolicy.writer = new ReferrerPolicyHeaderWriter(); referrerPolicyCustomizer.customize(this.referrerPolicy); return HeadersConfigurer.this; diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java index 624e026ec65..b81344c2134 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2019 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -113,9 +113,8 @@ public HttpBasicConfigurer() throws Exception { * * @param realmName the HTTP Basic realm to use * @return {@link HttpBasicConfigurer} for additional customization - * @throws Exception */ - public HttpBasicConfigurer realmName(String realmName) throws Exception { + public HttpBasicConfigurer realmName(String realmName) { this.basicAuthEntryPoint.setRealmName(realmName); this.basicAuthEntryPoint.afterPropertiesSet(); return this; diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java index ad8f4e033ac..fd4cf8db406 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java @@ -257,8 +257,7 @@ public SessionFixationConfigurer sessionFixation() { * the {@link SessionFixationConfigurer} * @return the {@link SessionManagementConfigurer} for further customizations */ - public SessionManagementConfigurer sessionFixation(Customizer sessionFixationCustomizer) - throws Exception { + public SessionManagementConfigurer sessionFixation(Customizer sessionFixationCustomizer) { sessionFixationCustomizer.customize(new SessionFixationConfigurer()); return this; } @@ -282,8 +281,7 @@ public ConcurrencyControlConfigurer maximumSessions(int maximumSessions) { * the {@link ConcurrencyControlConfigurer} * @return the {@link SessionManagementConfigurer} for further customizations */ - public SessionManagementConfigurer sessionConcurrency(Customizer sessionConcurrencyCustomizer) - throws Exception { + public SessionManagementConfigurer sessionConcurrency(Customizer sessionConcurrencyCustomizer) { sessionConcurrencyCustomizer.customize(new ConcurrencyControlConfigurer()); return this; } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java index b54b5225912..c9e4a04b05e 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java @@ -208,10 +208,8 @@ public AuthorizationEndpointConfig authorizationEndpoint() { * @param authorizationEndpointCustomizer the {@link Customizer} to provide more options for * the {@link AuthorizationEndpointConfig} * @return the {@link OAuth2LoginConfigurer} for further customizations - * @throws Exception */ - public OAuth2LoginConfigurer authorizationEndpoint(Customizer authorizationEndpointCustomizer) - throws Exception { + public OAuth2LoginConfigurer authorizationEndpoint(Customizer authorizationEndpointCustomizer) { authorizationEndpointCustomizer.customize(this.authorizationEndpointConfig); return this; } @@ -291,8 +289,7 @@ public TokenEndpointConfig tokenEndpoint() { * @return the {@link OAuth2LoginConfigurer} for further customizations * @throws Exception */ - public OAuth2LoginConfigurer tokenEndpoint(Customizer tokenEndpointCustomizer) - throws Exception { + public OAuth2LoginConfigurer tokenEndpoint(Customizer tokenEndpointCustomizer) { tokenEndpointCustomizer.customize(this.tokenEndpointConfig); return this; } @@ -345,10 +342,8 @@ public RedirectionEndpointConfig redirectionEndpoint() { * @param redirectionEndpointCustomizer the {@link Customizer} to provide more options for * the {@link RedirectionEndpointConfig} * @return the {@link OAuth2LoginConfigurer} for further customizations - * @throws Exception */ - public OAuth2LoginConfigurer redirectionEndpoint(Customizer redirectionEndpointCustomizer) - throws Exception { + public OAuth2LoginConfigurer redirectionEndpoint(Customizer redirectionEndpointCustomizer) { redirectionEndpointCustomizer.customize(this.redirectionEndpointConfig); return this; } @@ -399,10 +394,8 @@ public UserInfoEndpointConfig userInfoEndpoint() { * @param userInfoEndpointCustomizer the {@link Customizer} to provide more options for * the {@link UserInfoEndpointConfig} * @return the {@link OAuth2LoginConfigurer} for further customizations - * @throws Exception */ - public OAuth2LoginConfigurer userInfoEndpoint(Customizer userInfoEndpointCustomizer) - throws Exception { + public OAuth2LoginConfigurer userInfoEndpoint(Customizer userInfoEndpointCustomizer) { userInfoEndpointCustomizer.customize(this.userInfoEndpointConfig); return this; } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java index 589dd391e56..7f5baeff5f7 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java @@ -188,9 +188,8 @@ public JwtConfigurer jwt() { * @param jwtCustomizer the {@link Customizer} to provide more options for * the {@link JwtConfigurer} * @return the {@link OAuth2ResourceServerConfigurer} for further customizations - * @throws Exception */ - public OAuth2ResourceServerConfigurer jwt(Customizer jwtCustomizer) throws Exception { + public OAuth2ResourceServerConfigurer jwt(Customizer jwtCustomizer) { if ( this.jwtConfigurer == null ) { this.jwtConfigurer = new JwtConfigurer(this.context); } @@ -212,10 +211,8 @@ public OpaqueTokenConfigurer opaqueToken() { * @param opaqueTokenCustomizer the {@link Customizer} to provide more options for * the {@link OpaqueTokenConfigurer} * @return the {@link OAuth2ResourceServerConfigurer} for further customizations - * @throws Exception */ - public OAuth2ResourceServerConfigurer opaqueToken(Customizer opaqueTokenCustomizer) - throws Exception { + public OAuth2ResourceServerConfigurer opaqueToken(Customizer opaqueTokenCustomizer) { if (this.opaqueTokenConfigurer == null) { this.opaqueTokenConfigurer = new OpaqueTokenConfigurer(this.context); } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java index 0ec0077de1c..76c24f7e0d4 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java @@ -157,10 +157,8 @@ public AttributeExchangeConfigurer attributeExchange(String identifierPattern) { * @param attributeExchangeCustomizer the {@link Customizer} to provide more options for * the {@link AttributeExchangeConfigurer} * @return a {@link OpenIDLoginConfigurer} for further customizations - * @throws Exception */ - public OpenIDLoginConfigurer attributeExchange(Customizer attributeExchangeCustomizer) - throws Exception { + public OpenIDLoginConfigurer attributeExchange(Customizer attributeExchangeCustomizer) { AttributeExchangeConfigurer attributeExchangeConfigurer = new AttributeExchangeConfigurer(".*"); attributeExchangeCustomizer.customize(attributeExchangeConfigurer); this.attributeExchangeConfigurers.add(attributeExchangeConfigurer); @@ -458,9 +456,8 @@ public AttributeConfigurer attribute(String name) { * @param attributeCustomizer the {@link Customizer} to provide more options for * the {@link AttributeConfigurer} * @return a {@link AttributeExchangeConfigurer} for further customizations - * @throws Exception */ - public AttributeExchangeConfigurer attribute(Customizer attributeCustomizer) throws Exception { + public AttributeExchangeConfigurer attribute(Customizer attributeCustomizer) { AttributeConfigurer attributeConfigurer = new AttributeConfigurer(); attributeCustomizer.customize(attributeConfigurer); this.attributeConfigurers.add(attributeConfigurer); diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index a8b21aaa8d5..018167c579c 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -414,7 +414,7 @@ public HttpsRedirectSpec redirectToHttps() { * * 
 	 *  @Bean
-	 * 	public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 * 	public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 * 	    http
 	 * 	        // ...
 	 * 	        .redirectToHttps(redirectToHttps ->
@@ -429,9 +429,8 @@ public HttpsRedirectSpec redirectToHttps() {
 	 * @param httpsRedirectCustomizer the {@link Customizer} to provide more options for
 	 * the {@link HttpsRedirectSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity redirectToHttps(Customizer httpsRedirectCustomizer) throws Exception {
+	public ServerHttpSecurity redirectToHttps(Customizer httpsRedirectCustomizer)  {
 		this.httpsRedirectSpec = new HttpsRedirectSpec();
 		httpsRedirectCustomizer.customize(this.httpsRedirectSpec);
 		return this;
@@ -485,7 +484,7 @@ public CsrfSpec csrf() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .csrf(csrf ->
@@ -500,7 +499,7 @@ public CsrfSpec csrf() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .csrf(csrf ->
@@ -519,9 +518,8 @@ public CsrfSpec csrf() {
 	 * @param csrfCustomizer the {@link Customizer} to provide more options for
 	 * the {@link CsrfSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity csrf(Customizer csrfCustomizer) throws Exception {
+	public ServerHttpSecurity csrf(Customizer csrfCustomizer) {
 		if (this.csrf == null) {
 			this.csrf = new CsrfSpec();
 		}
@@ -550,9 +548,8 @@ public CorsSpec cors() {
 	 * @param corsCustomizer the {@link Customizer} to provide more options for
 	 * the {@link CorsSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity cors(Customizer corsCustomizer) throws Exception {
+	public ServerHttpSecurity cors(Customizer corsCustomizer) {
 		if (this.cors == null) {
 			this.cors = new CorsSpec();
 		}
@@ -589,7 +586,7 @@ public AnonymousSpec anonymous(){
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .anonymous(anonymous ->
@@ -604,9 +601,8 @@ public AnonymousSpec anonymous(){
 	 * @param anonymousCustomizer the {@link Customizer} to provide more options for
 	 * the {@link AnonymousSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity anonymous(Customizer anonymousCustomizer) throws Exception {
+	public ServerHttpSecurity anonymous(Customizer anonymousCustomizer) {
 		if (this.anonymous == null) {
 			this.anonymous = new AnonymousSpec();
 		}
@@ -706,7 +702,7 @@ public HttpBasicSpec httpBasic() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .httpBasic(httpBasic ->
@@ -723,9 +719,8 @@ public HttpBasicSpec httpBasic() {
 	 * @param httpBasicCustomizer the {@link Customizer} to provide more options for
 	 * the {@link HttpBasicSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity httpBasic(Customizer httpBasicCustomizer) throws Exception {
+	public ServerHttpSecurity httpBasic(Customizer httpBasicCustomizer) {
 		if (this.httpBasic == null) {
 			this.httpBasic = new HttpBasicSpec();
 		}
@@ -768,7 +763,7 @@ public FormLoginSpec formLogin() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .formLogin(formLogin ->
@@ -789,9 +784,8 @@ public FormLoginSpec formLogin() {
 	 * @param formLoginCustomizer the {@link Customizer} to provide more options for
 	 * the {@link FormLoginSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity formLogin(Customizer formLoginCustomizer) throws Exception {
+	public ServerHttpSecurity formLogin(Customizer formLoginCustomizer) {
 		if (this.formLogin == null) {
 			this.formLogin = new FormLoginSpec();
 		}
@@ -833,7 +827,7 @@ public X509Spec x509() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          .x509(x509 ->
 	 *              x509
@@ -851,9 +845,8 @@ public X509Spec x509() {
 	 * @param x509Customizer the {@link Customizer} to provide more options for
 	 * the {@link X509Spec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity x509(Customizer x509Customizer) throws Exception {
+	public ServerHttpSecurity x509(Customizer x509Customizer) {
 		if (this.x509 == null) {
 			this.x509 = new X509Spec();
 		}
@@ -949,7 +942,7 @@ public OAuth2LoginSpec oauth2Login() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .oauth2Login(oauth2Login ->
@@ -964,9 +957,8 @@ public OAuth2LoginSpec oauth2Login() {
 	 * @param oauth2LoginCustomizer the {@link Customizer} to provide more options for
 	 * the {@link OAuth2LoginSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity oauth2Login(Customizer oauth2LoginCustomizer) throws Exception {
+	public ServerHttpSecurity oauth2Login(Customizer oauth2LoginCustomizer) {
 		if (this.oauth2Login == null) {
 			this.oauth2Login = new OAuth2LoginSpec();
 		}
@@ -1272,7 +1264,7 @@ public OAuth2ClientSpec oauth2Client() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .oauth2Client(oauth2Client ->
@@ -1287,9 +1279,8 @@ public OAuth2ClientSpec oauth2Client() {
 	 * @param oauth2ClientCustomizer the {@link Customizer} to provide more options for
 	 * the {@link OAuth2ClientSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity oauth2Client(Customizer oauth2ClientCustomizer) throws Exception {
+	public ServerHttpSecurity oauth2Client(Customizer oauth2ClientCustomizer) {
 		if (this.client == null) {
 			this.client = new OAuth2ClientSpec();
 		}
@@ -1452,7 +1443,7 @@ public OAuth2ResourceServerSpec oauth2ResourceServer() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .oauth2ResourceServer(oauth2ResourceServer ->
@@ -1469,10 +1460,8 @@ public OAuth2ResourceServerSpec oauth2ResourceServer() {
 	 * @param oauth2ResourceServerCustomizer the {@link Customizer} to provide more options for
 	 * the {@link OAuth2ResourceServerSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity oauth2ResourceServer(Customizer oauth2ResourceServerCustomizer)
-			throws Exception {
+	public ServerHttpSecurity oauth2ResourceServer(Customizer oauth2ResourceServerCustomizer) {
 		if (this.resourceServer == null) {
 			this.resourceServer = new OAuth2ResourceServerSpec();
 		}
@@ -1569,9 +1558,8 @@ public JwtSpec jwt() {
 		 * @param jwtCustomizer the {@link Customizer} to provide more options for
 		 * the {@link JwtSpec}
 		 * @return the {@link OAuth2ResourceServerSpec} to customize
-		 * @throws Exception
 		 */
-		public OAuth2ResourceServerSpec jwt(Customizer jwtCustomizer) throws Exception {
+		public OAuth2ResourceServerSpec jwt(Customizer jwtCustomizer) {
 			if (this.jwt == null) {
 				this.jwt = new JwtSpec();
 			}
@@ -1597,9 +1585,8 @@ public OpaqueTokenSpec opaqueToken() {
 		 * @param opaqueTokenCustomizer the {@link Customizer} to provide more options for
 		 * the {@link OpaqueTokenSpec}
 		 * @return the {@link OAuth2ResourceServerSpec} to customize
-		 * @throws Exception
 		 */
-		public OAuth2ResourceServerSpec opaqueToken(Customizer opaqueTokenCustomizer) throws Exception {
+		public OAuth2ResourceServerSpec opaqueToken(Customizer opaqueTokenCustomizer) {
 			if (this.opaqueToken == null) {
 				this.opaqueToken = new OpaqueTokenSpec();
 			}
@@ -1947,7 +1934,7 @@ public HeaderSpec headers() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .headers(headers ->
@@ -1970,9 +1957,8 @@ public HeaderSpec headers() {
 	 * @param headerCustomizer the {@link Customizer} to provide more options for
 	 * the {@link HeaderSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity headers(Customizer headerCustomizer) throws Exception {
+	public ServerHttpSecurity headers(Customizer headerCustomizer) {
 		if (this.headers == null) {
 			this.headers = new HeaderSpec();
 		}
@@ -2011,7 +1997,7 @@ public ExceptionHandlingSpec exceptionHandling() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .exceptionHandling(exceptionHandling ->
@@ -2026,10 +2012,8 @@ public ExceptionHandlingSpec exceptionHandling() {
 	 * @param exceptionHandlingCustomizer the {@link Customizer} to provide more options for
 	 * the {@link ExceptionHandlingSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity exceptionHandling(Customizer exceptionHandlingCustomizer)
-			throws Exception {
+	public ServerHttpSecurity exceptionHandling(Customizer exceptionHandlingCustomizer) {
 		if (this.exceptionHandling == null) {
 			this.exceptionHandling = new ExceptionHandlingSpec();
 		}
@@ -2080,7 +2064,7 @@ public AuthorizeExchangeSpec authorizeExchange() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .authorizeExchange(exchanges ->
@@ -2109,10 +2093,8 @@ public AuthorizeExchangeSpec authorizeExchange() {
 	 * @param authorizeExchangeCustomizer the {@link Customizer} to provide more options for
 	 * the {@link AuthorizeExchangeSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity authorizeExchange(Customizer authorizeExchangeCustomizer)
-			throws Exception {
+	public ServerHttpSecurity authorizeExchange(Customizer authorizeExchangeCustomizer) {
 		if (this.authorizeExchange == null) {
 			this.authorizeExchange = new AuthorizeExchangeSpec();
 		}
@@ -2152,7 +2134,7 @@ public LogoutSpec logout() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .logout(logout ->
@@ -2171,9 +2153,8 @@ public LogoutSpec logout() {
 	 * @param logoutCustomizer the {@link Customizer} to provide more options for
 	 * the {@link LogoutSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity logout(Customizer logoutCustomizer) throws Exception {
+	public ServerHttpSecurity logout(Customizer logoutCustomizer) {
 		if (this.logout == null) {
 			this.logout = new LogoutSpec();
 		}
@@ -2209,7 +2190,7 @@ public RequestCacheSpec requestCache() {
 	 *
 	 * 
 	 *  @Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
 	 *          .requestCache(requestCache ->
@@ -2224,9 +2205,8 @@ public RequestCacheSpec requestCache() {
 	 * @param requestCacheCustomizer the {@link Customizer} to provide more options for
 	 * the {@link RequestCacheSpec}
 	 * @return the {@link ServerHttpSecurity} to customize
-	 * @throws Exception
 	 */
-	public ServerHttpSecurity requestCache(Customizer requestCacheCustomizer) throws Exception {
+	public ServerHttpSecurity requestCache(Customizer requestCacheCustomizer) {
 		requestCacheCustomizer.customize(this.requestCache);
 		return this;
 	}
@@ -3113,9 +3093,8 @@ public CacheSpec cache() {
 		 * @param cacheCustomizer the {@link Customizer} to provide more options for
 		 * the {@link CacheSpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec cache(Customizer cacheCustomizer) throws Exception {
+		public HeaderSpec cache(Customizer cacheCustomizer) {
 			cacheCustomizer.customize(new CacheSpec());
 			return this;
 		}
@@ -3134,10 +3113,8 @@ public ContentTypeOptionsSpec contentTypeOptions() {
 		 * @param contentTypeOptionsCustomizer the {@link Customizer} to provide more options for
 		 * the {@link ContentTypeOptionsSpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec contentTypeOptions(Customizer contentTypeOptionsCustomizer)
-				throws Exception {
+		public HeaderSpec contentTypeOptions(Customizer contentTypeOptionsCustomizer) {
 			contentTypeOptionsCustomizer.customize(new ContentTypeOptionsSpec());
 			return this;
 		}
@@ -3156,9 +3133,8 @@ public FrameOptionsSpec frameOptions() {
 		 * @param frameOptionsCustomizer the {@link Customizer} to provide more options for
 		 * the {@link FrameOptionsSpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec frameOptions(Customizer frameOptionsCustomizer) throws Exception {
+		public HeaderSpec frameOptions(Customizer frameOptionsCustomizer) {
 			frameOptionsCustomizer.customize(new FrameOptionsSpec());
 			return this;
 		}
@@ -3177,9 +3153,8 @@ public HstsSpec hsts() {
 		 * @param hstsCustomizer the {@link Customizer} to provide more options for
 		 * the {@link HstsSpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec hsts(Customizer hstsCustomizer) throws Exception {
+		public HeaderSpec hsts(Customizer hstsCustomizer) {
 			hstsCustomizer.customize(new HstsSpec());
 			return this;
 		}
@@ -3204,9 +3179,8 @@ public XssProtectionSpec xssProtection() {
 		 * @param xssProtectionCustomizer the {@link Customizer} to provide more options for
 		 * the {@link XssProtectionSpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec xssProtection(Customizer xssProtectionCustomizer) throws Exception {
+		public HeaderSpec xssProtection(Customizer xssProtectionCustomizer) {
 			xssProtectionCustomizer.customize(new XssProtectionSpec());
 			return this;
 		}
@@ -3226,10 +3200,8 @@ public ContentSecurityPolicySpec contentSecurityPolicy(String policyDirectives)
 		 * @param contentSecurityPolicyCustomizer the {@link Customizer} to provide more options for
 		 * the {@link ContentSecurityPolicySpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec contentSecurityPolicy(Customizer contentSecurityPolicyCustomizer)
-				throws Exception {
+		public HeaderSpec contentSecurityPolicy(Customizer contentSecurityPolicyCustomizer) {
 			contentSecurityPolicyCustomizer.customize(new ContentSecurityPolicySpec());
 			return this;
 		}
@@ -3266,10 +3238,8 @@ public ReferrerPolicySpec referrerPolicy() {
 		 * @param referrerPolicyCustomizer the {@link Customizer} to provide more options for
 		 * the {@link ReferrerPolicySpec}
 		 * @return the {@link HeaderSpec} to customize
-		 * @throws Exception
 		 */
-		public HeaderSpec referrerPolicy(Customizer referrerPolicyCustomizer)
-				throws Exception {
+		public HeaderSpec referrerPolicy(Customizer referrerPolicyCustomizer) {
 			referrerPolicyCustomizer.customize(new ReferrerPolicySpec());
 			return this;
 		}
diff --git a/config/src/test/java/org/springframework/security/config/web/server/HttpsRedirectSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/HttpsRedirectSpecTests.java
index 5e2597e2f89..fa0f89940dc 100644
--- a/config/src/test/java/org/springframework/security/config/web/server/HttpsRedirectSpecTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/HttpsRedirectSpecTests.java
@@ -162,7 +162,7 @@ SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 	@EnableWebFluxSecurity
 	static class RedirectToHttpsInLambdaConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.redirectToHttps(withDefaults());
@@ -192,7 +192,7 @@ SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 	@EnableWebFluxSecurity
 	static class SometimesRedirectToHttpsInLambdaConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.redirectToHttps(redirectToHttps ->
@@ -229,7 +229,7 @@ public PortMapper portMapper() {
 	@EnableWebFluxSecurity
 	static class RedirectToHttpsViaCustomPortsInLambdaConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.redirectToHttps(redirectToHttps ->
diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java
index 4fa2585095e..6fec4cf5029 100644
--- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -219,7 +219,7 @@ static class OAuth2ClientInLambdaCustomConfig {
 		ServerAuthenticationConverter authenticationConverter = mock(ServerAuthenticationConverter.class);
 
 		@Bean
-		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) throws Exception {
+		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
 			http
 				.oauth2Client(oauth2Client ->
 					oauth2Client
diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
index c7cbec05a8c..bc3bc5a45d3 100644
--- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
@@ -324,7 +324,7 @@ static class OAuth2LoginMockAuthenticationManagerInLambdaConfig {
 		ServerAuthenticationSuccessHandler successHandler = mock(ServerAuthenticationSuccessHandler.class);
 
 		@Bean
-		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) throws Exception {
+		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
 			http
 				.authorizeExchange(exchanges ->
 					exchanges
diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java
index fa8b937d6cb..2d547016a3a 100644
--- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java
@@ -461,7 +461,7 @@ public void introspectWhenValidAndIntrospectionInLambdaThenReturnsOk() {
 	@EnableWebFluxSecurity
 	static class PublicKeyConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange()
@@ -481,7 +481,7 @@ SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception
 	@EnableWebFluxSecurity
 	static class PublicKeyInLambdaConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange(exchanges ->
@@ -508,7 +508,7 @@ static class PlaceholderConfig {
 		RSAPublicKey key;
 
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange()
@@ -560,7 +560,7 @@ static class JwkSetUriInLambdaConfig {
 		private MockWebServer mockWebServer = new MockWebServer();
 
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			String jwkSetUri = mockWebServer().url("/.well-known/jwks.json").toString();
 
 			// @formatter:off
@@ -614,7 +614,7 @@ ReactiveJwtDecoder jwtDecoder() {
 	@EnableWebFluxSecurity
 	static class DenyAllConfig {
 		@Bean
-		SecurityWebFilterChain authorization(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain authorization(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange()
@@ -654,7 +654,7 @@ ReactiveAuthenticationManager authenticationManager() {
 	@EnableWebFluxSecurity
 	static class CustomAuthenticationManagerInLambdaConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.oauth2ResourceServer(oauth2ResourceServer ->
@@ -707,7 +707,7 @@ ReactiveAuthenticationManager authenticationManager() {
 	@EnableWebFluxSecurity
 	static class CustomBearerTokenServerAuthenticationConverter {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange()
@@ -733,7 +733,7 @@ ServerAuthenticationConverter bearerTokenAuthenticationConverter() {
 	@EnableWebFluxSecurity
 	static class CustomJwtAuthenticationConverterConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange()
@@ -765,7 +765,7 @@ Converter> jwtAuthenticationConverter() {
 	@EnableWebFluxSecurity
 	static class CustomErrorHandlingConfig {
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			// @formatter:off
 			http
 				.authorizeExchange()
@@ -820,7 +820,7 @@ static class IntrospectionInLambdaConfig {
 		private MockWebServer mockWebServer = new MockWebServer();
 
 		@Bean
-		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
+		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			String introspectionUri = mockWebServer().url("/introspect").toString();
 
 			// @formatter:off
@@ -889,13 +889,19 @@ private static MockResponse unauthorized() {
 		return new MockResponse().setResponseCode(401);
 	}
 
-	private static RSAPublicKey publicKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
+	private static RSAPublicKey publicKey() {
 		String modulus = "26323220897278656456354815752829448539647589990395639665273015355787577386000316054335559633864476469390247312823732994485311378484154955583861993455004584140858982659817218753831620205191028763754231454775026027780771426040997832758235764611119743390612035457533732596799927628476322029280486807310749948064176545712270582940917249337311592011920620009965129181413510845780806191965771671528886508636605814099711121026468495328702234901200169245493126030184941412539949521815665744267183140084667383643755535107759061065656273783542590997725982989978433493861515415520051342321336460543070448417126615154138673620797";
 		String exponent = "65537";
 
 		RSAPublicKeySpec spec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(exponent));
-		KeyFactory factory = KeyFactory.getInstance("RSA");
-		return (RSAPublicKey) factory.generatePublic(spec);
+		RSAPublicKey rsaPublicKey = null;
+		try {
+			KeyFactory factory = KeyFactory.getInstance("RSA");
+			rsaPublicKey = (RSAPublicKey) factory.generatePublic(spec);
+		} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+			e.printStackTrace();
+		}
+		return rsaPublicKey;
 	}
 
 	private GenericWebApplicationContext autowireWebServerGenericWebApplicationContext() {
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/cors.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/cors.adoc
index 968db86d14d..0b9623e5baf 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/cors.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/cors.adoc
@@ -28,7 +28,7 @@ The following will disable the CORS integration within Spring Security:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.cors(cors -> cors.disable());
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc
index 22b886482a7..a1a8409e2df 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc
@@ -53,7 +53,7 @@ You can easily do this with the following Java Configuration:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -80,7 +80,7 @@ If necessary, you can disable all of the HTTP Security response headers with the
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -114,7 +114,7 @@ You can also disable cache control using the following Java Configuration:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -155,7 +155,7 @@ However, if need to disable the header, the following may be used:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -202,7 +202,7 @@ You can customize HSTS headers with Java Configuration:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -250,7 +250,7 @@ You can customize X-Frame-Options with Java Configuration using the following:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -286,7 +286,7 @@ However, we can customize with Java Configuration with the following:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -368,7 +368,7 @@ You can enable the CSP header using Java configuration as shown below:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -387,7 +387,7 @@ To enable the CSP _'report-only'_ header, provide the following Java configurati
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -438,7 +438,7 @@ You can enable the Referrer-Policy header using Java configuration as shown belo
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
@@ -476,7 +476,7 @@ You can enable the Feature-Policy header using Java configuration as shown below
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.headers(headers ->
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/login.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/login.adoc
index fea6fa26294..09fc66dc04a 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/login.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/login.adoc
@@ -128,7 +128,7 @@ ReactiveClientRegistrationRepository clientRegistrations() {
 }
 
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.oauth2Login(withDefaults());
@@ -141,7 +141,7 @@ Additional configuration options can be seen below:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.oauth2Login(oauth2Login ->
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/resource-server.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/resource-server.adoc
index 17886682491..7b3a88f96f4 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/resource-server.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/resource-server.adoc
@@ -121,7 +121,7 @@ The first is a `SecurityWebFilterChain` that configures the app as a resource se
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		.authorizeExchange(exchanges ->
 			exchanges
@@ -142,7 +142,7 @@ Replacing this is as simple as exposing the bean within the application:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		.authorizeExchange(exchanges ->
 			exchanges
@@ -183,7 +183,7 @@ An authorization server's JWK Set Uri can be configured <
 			exchanges
@@ -210,7 +210,7 @@ More powerful than `jwkSetUri()` is `decoder()`, which will completely replace a
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		.authorizeExchange(exchanges ->
 			exchanges
@@ -256,7 +256,7 @@ This means that to protect an endpoint or method with a scope derived from a JWT
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		.authorizeExchange(exchanges ->
 			exchanges
@@ -292,7 +292,7 @@ To this end, the DSL exposes `jwtAuthenticationConverter()`:
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		.authorizeExchange(exchanges ->
 			exchanges
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc
index 9e9020d1e56..755daac20ea 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc
@@ -7,7 +7,7 @@ Spring Security can be configured to perform a redirect to https using the follo
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.redirectToHttps(withDefaults());
@@ -22,7 +22,7 @@ For example, if the production environment adds a header named `X-Forwarded-Prot
 [source,java]
 ----
 @Bean
-SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
 		.redirectToHttps(redirectToHttps ->
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/webflux.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/webflux.adoc
index 03cd665fe8f..a00e3790620 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/webflux.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/webflux.adoc
@@ -52,7 +52,7 @@ public class HelloWebfluxSecurityConfig {
 	}
 
 	@Bean
-	public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 		http
 			.authorizeExchange(exchanges ->
 				exchanges
diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc
index 211cf3ace7c..0f2bf6e4c5e 100644
--- a/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc
@@ -7,7 +7,7 @@ Below is an example of a reactive x509 security configuration:
 [source,java]
 ----
 @Bean
-public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception {
+public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 	http
 		.x509(withDefaults())
 		.authorizeExchange(exchanges ->
@@ -25,7 +25,7 @@ The next example demonstrates how these defaults can be overridden.
 [source,java]
 ----
 @Bean
-public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception {
+public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 	SubjectDnX509PrincipalExtractor principalExtractor =
 	        new SubjectDnX509PrincipalExtractor();
 
diff --git a/samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java b/samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
index 67d74d9e256..bdc248d5aae 100644
--- a/samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
+++ b/samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
@@ -53,7 +53,7 @@ protected void configure(HttpSecurity http) throws Exception {
 	}
 
 	@Bean
-	JwtDecoder jwtDecoder() throws Exception {
+	JwtDecoder jwtDecoder() {
 		return NimbusJwtDecoder.withPublicKey(this.key).build();
 	}
 }
diff --git a/samples/boot/webflux-form/src/main/java/sample/WebfluxFormSecurityConfig.java b/samples/boot/webflux-form/src/main/java/sample/WebfluxFormSecurityConfig.java
index 3b291f709c2..c87bc0a4af3 100644
--- a/samples/boot/webflux-form/src/main/java/sample/WebfluxFormSecurityConfig.java
+++ b/samples/boot/webflux-form/src/main/java/sample/WebfluxFormSecurityConfig.java
@@ -44,7 +44,7 @@ public MapReactiveUserDetailsService userDetailsService() {
 	}
 
 	@Bean
-	SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
+	SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 		http
 			.authorizeExchange(exchanges ->
 				exchanges
diff --git a/samples/boot/webflux-x509/src/main/java/sample/WebfluxX509Application.java b/samples/boot/webflux-x509/src/main/java/sample/WebfluxX509Application.java
index b4ce0c0a9af..02e145c14b6 100644
--- a/samples/boot/webflux-x509/src/main/java/sample/WebfluxX509Application.java
+++ b/samples/boot/webflux-x509/src/main/java/sample/WebfluxX509Application.java
@@ -42,7 +42,7 @@ public ReactiveUserDetailsService reactiveUserDetailsService() {
 	}
 
 	@Bean
-	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception {
+	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		// @formatter:off
 		http
 			.x509(withDefaults())
diff --git a/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationEntryPoint.java
index e25d239147a..abb422b0fc8 100644
--- a/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationEntryPoint.java
@@ -51,7 +51,7 @@ public class BasicAuthenticationEntryPoint implements AuthenticationEntryPoint,
 	// ~ Methods
 	// ========================================================================================================
 
-	public void afterPropertiesSet() throws Exception {
+	public void afterPropertiesSet() {
 		Assert.hasText(realmName, "realmName must be specified");
 	}