root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Minor doc modifications

This commit is contained in:
Luke Taylor 2008-04-12 17:16:49 +00:00
parent c68ac55a8e
commit 6f289b3620
6 changed files with 38 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/docbkx/community.xml
View File

@ -7,8 +7,7 @@
<section xml:id="jira"> <section xml:id="jira">
<info><title>Use JIRA for Issue Tracking</title></info> <info><title>Issue Tracking</title></info>
<para>Spring Security uses JIRA to manage bug reports and enhancement <para>Spring Security uses JIRA to manage bug reports and enhancement
requests. If you find a bug, please log a report using JIRA. Do not requests. If you find a bug, please log a report using JIRA. Do not
@ -16,14 +15,15 @@
developers. Such approaches are ad-hoc and we prefer to manage bugs developers. Such approaches are ad-hoc and we prefer to manage bugs
using a more formal process.</para> using a more formal process.</para>
<para>If possible, in your JIRA report please provide a JUnit test <para>If possible, in your issue report please provide a JUnit test
that demonstrates any incorrect behaviour. Or, better yet, provide a that demonstrates any incorrect behaviour. Or, better yet, provide a
patch that corrects the issue. Similarly, enhancements are welcome to patch that corrects the issue. Similarly, enhancements are welcome to
be logged in JIRA, although we only accept commit enhancement requests be logged in the issue tracker, although we only accept commit enhancement requests
if you include corresponding unit tests. This is necessary to ensure if you include corresponding unit tests. This is necessary to ensure
project test coverage is adequately maintained.</para> project test coverage is adequately maintained.</para>
<para>You can access JIRA at <link xlink:href="http://jira.springframework.org/browse/SEC">http://jira.springframework.org/browse/SEC</link>.</para> <para>You can access the issue tracker at
<link xlink:href="http://jira.springframework.org/browse/SEC">http://jira.springframework.org/browse/SEC</link>.</para>
</section> </section>
<section xml:id="becoming-involved"><info><title>Becoming Involved</title></info> <section xml:id="becoming-involved"><info><title>Becoming Involved</title></info>
@ -41,17 +41,20 @@
project.</para> project.</para>
</section> </section>
<section xml:id="further-info"><info><title>Further Information</title></info> <section xml:id="further-info">
<info><title>Further Information</title></info>
<para>Questions and comments on Spring Security are welcome. You can use the
<para>Questions and comments on Spring Security are welcome. Please Spring Community Forum web site at
use the Spring Community Forum web site at <uri xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://forum.springframework.org">http://forum.springframework.org</uri> for all support <uri xlink:href="http://forum.springframework.org">http://forum.springframework.org</uri>
issues. Remember to use JIRA for bug reports, as explained above. to discuss Spring Security with other users of the framework.
Remember to use the JIRA for bug reports, as explained above.
Everyone is also welcome to join the Acegisecurity-developer mailing Everyone is also welcome to join the Acegisecurity-developer mailing
list and participate in design discussions. It's also a good way of list and participate in design discussions. It's also a good way of
finding out what's happening with regard to release timing, and the finding out what's happening with regard to release timing, and the
traffic volume is quite light. Finally, our project home page (where traffic volume is quite light. Finally, our project home page (where
you can obtain the latest release of the project and convenient links you can obtain the latest release of the project and convenient links
to Subversion, JIRA, mailing lists, forums etc) is at <uri xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="http://acegisecurity.org">http://acegisecurity.org</uri>.</para> to Subversion, JIRA, mailing lists, forums etc) is at
<uri xlink:href="http://static.springframework.org/spring-security/site/">http://static.springframework.org/spring-security/site/</uri>.</para>
</section> </section>
</chapter> </chapter>

8
src/docbkx/dao-auth-provider.xml
View File

@ -72,8 +72,8 @@
<para><programlisting><![CDATA[ <para><programlisting><![CDATA[
<bean id="daoAuthenticationProvider" <bean id="daoAuthenticationProvider"
class="org.springframework.security.providers.dao.DaoAuthenticationProvider"> class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"><ref bean="userDetailsService"/></property> <property name="userDetailsService" ref="userDetailsService"/>
<property name="userCache"><ref bean="userCache"/></property> <property name="userCache" ref="userCache"/>
</bean> </bean>
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
@ -98,6 +98,10 @@
Spring's factory classes, please refer to the Spring documentation for Spring's factory classes, please refer to the Spring documentation for
further details on how to optimise the cache storage location, memory further details on how to optimise the cache storage location, memory
usage, eviction policies, timeouts etc.</para> usage, eviction policies, timeouts etc.</para>
<note><para>In the majority of cases, where your application is a stateful web
application, you don't need to use a cache as the user's authentication
information will be stored in the <literal>HttpSession</literal>.
</para></note>
<para>A design decision was made not to support account locking in the <para>A design decision was made not to support account locking in the
<literal>DaoAuthenticationProvider</literal>, as doing so would have <literal>DaoAuthenticationProvider</literal>, as doing so would have

14
src/docbkx/introduction.xml
View File

@ -75,6 +75,10 @@
needs)</para> needs)</para>
</listitem> </listitem>
<listitem>
<para>OpenID authentication</para>
</listitem>
<listitem> <listitem>
<para>Computer Associates Siteminder</para> <para>Computer Associates Siteminder</para>
</listitem> </listitem>
@ -251,14 +255,14 @@
use in numerous production software projects and many hundreds of use in numerous production software projects and many hundreds of
improvements and community contributions.</para> improvements and community contributions.</para>
<para>Since work began on the 2.0 release, the project has been <para>Acegi Security became an official Spring Portfolio project
rebranded as "Spring Security".</para> towards the end of 2007 and was rebranded as "Spring Security".</para>
<para>Today Spring Security enjoys a strong and active open source <para>Today Spring Security enjoys a strong and active open source
community. There are thousands of messages about Spring Security on community. There are thousands of messages about Spring Security on
the support forums. Fourteen developers work on the code itself, with the support forums. There is an active core of developers work
an active community who also regularly share patches and support their who work on the code itself and an active community which also
peers.</para> regularly share patches and support their peers.</para>
</sect1> </sect1>
<sect1 xml:id="release-numbering"> <sect1 xml:id="release-numbering">

2
src/docbkx/springsecurity.xml
View File

@ -88,7 +88,7 @@
framework architecture and implementation classes, an understanding of which is important framework architecture and implementation classes, an understanding of which is important
if you need to do any serious customization. In this part, we take a slightly if you need to do any serious customization. In this part, we take a slightly
gentler look at how to get started using some of the features of Spring Security 2.0. gentler look at how to get started using some of the features of Spring Security 2.0.
In particular, the use of namespace configuration provides a much simpler path to securing In particular, we'll look at namespace configuration which provides a much simpler path to securing
your application with little or no knowledge of the classes involved, unlike the traditional your application with little or no knowledge of the classes involved, unlike the traditional
Spring bean approach which required you to configure large numbers of beans. Spring bean approach which required you to configure large numbers of beans.
</para> </para>

11
src/docbkx/technical-overview.xml
View File

@ -73,12 +73,13 @@
object. You can use the following code block - from anywhere in your object. You can use the following code block - from anywhere in your
application - to do this:</para> application - to do this:</para>
<programlisting>Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); <programlisting>
Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
if (obj instanceof UserDetails) { if (obj instanceof UserDetails) {
String username = ((UserDetails)obj).getUsername(); String username = ((UserDetails)obj).getUsername();
} else { } else {
String username = obj.toString(); String username = obj.toString();
}</programlisting> }</programlisting>
<para>The above code introduces a number of interesting relationships <para>The above code introduces a number of interesting relationships
@ -221,8 +222,8 @@ String username = obj.toString();
authentication.</para> authentication.</para>
</section> </section>
<section xml:id="common-authentication"><info><title>Authentication</title></info> <section xml:id="common-authentication">
<info><title>Authentication</title></info>
<para>As mentioned in the beginning of this reference guide, Spring <para>As mentioned in the beginning of this reference guide, Spring
Security can participate in many different authentication Security can participate in many different authentication

3
src/docbkx/x509-auth-provider.xml
View File

@ -54,7 +54,8 @@
then the security context will remain empty. This means that you can easily use X.509 then the security context will remain empty. This means that you can easily use X.509
authentication with other options such as a form-based login. </para> authentication with other options such as a form-based login. </para>
</section> </section>
<section xml:id="x509-ssl-config"><info><title>Setting up SSL in Tomcat</title></info> <section xml:id="x509-ssl-config">
<info><title>Setting up SSL in Tomcat</title></info>
<para>There are some pre-generated certificates in the <para>There are some pre-generated certificates in the
<filename>samples/certificate</filename> directory in the Spring Security project. <filename>samples/certificate</filename> directory in the Spring Security project.