Author: sohil.shah(a)jboss.com Date: 2009-10-06 15:18:36 -0400 (Tue, 06 Oct 2009) New Revision: 818 Added: authz/trunk/documentation/reference-guide/en/modules/core-components.xml Modified: authz/trunk/documentation/reference-guide/en/master.xml Log: core-components chapter Modified: authz/trunk/documentation/reference-guide/en/master.xml =================================================================== --- authz/trunk/documentation/reference-guide/en/master.xml 2009-10-06 18:02:54 UTC (rev 817) +++ authz/trunk/documentation/reference-guide/en/master.xml 2009-10-06 19:18:36 UTC (rev 818) @@ -20,8 +20,6 @@ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/getting-started.xml"/> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/framework.xml"/> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/authz-component-spec.xml"/> - <!-- + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/authz-component-spec.xml"/> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/core-components.xml"/> - --> </book> \ No newline at end of file Added: authz/trunk/documentation/reference-guide/en/modules/core-components.xml =================================================================== --- authz/trunk/documentation/reference-guide/en/modules/core-components.xml (rev 0) +++ authz/trunk/documentation/reference-guide/en/modules/core-components.xml 2009-10-06 19:18:36 UTC (rev 818) @@ -0,0 +1,302 @@ +<?xml version="1.0" encoding="UTF-8"?> +<chapter id="core-components"> + <chapterinfo> + <author> + <firstname>Sohil</firstname> + <surname>Shah</surname> + <email&gt;sshah(a)redhat.com&lt;/email&gt; + </author> + </chapterinfo> + <title>Core Components</title> + <sect1> + <title>Subject Components</title> + <sect2> + <title>Identity</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> Represents the unique identity of the authenticated user accessing the system + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.subject.Identity</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeLogic">Logic</link> + </listitem> + <listitem> + <table> + <title>Fields</title> + <tgroup cols="3" align="left" colsep="1" rowset="1"> + <colspec colname='c1'/> + <colspec colname='c2'/> + <colspec colname='c3'/> + <thead> + <row> + <entry align="center">Field Name</entry> + <entry align="center">Type</entry> + <entry align="center">Description</entry> + </row> + </thead> + <tbody> + <row> + <entry><emphasis role="bold">name</emphasis></entry> + <entry><emphasis role="bold">java.lang.String</emphasis></entry> + <entry>Unique id/name of the Identity</entry> + </row> + </tbody> + </tgroup> + </table> + </listitem> + </itemizedlist> + </para> + </sect2> + <sect2> + <title>Roles</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> represents the roles that are assigned to users/identities of the system + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.subject.Roles</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeLogic">Logic</link> + </listitem> + <listitem> + <emphasis role="bold">Boolean Expression Language:</emphasis><emphasis>Drools DRL</emphasis> + </listitem> + <listitem> + <table> + <title>Fields</title> + <tgroup cols="3" align="left" colsep="1" rowset="1"> + <colspec colname='c1'/> + <colspec colname='c2'/> + <colspec colname='c3'/> + <thead> + <row> + <entry align="center">Field Name</entry> + <entry align="center">Type</entry> + <entry align="center">Description</entry> + </row> + </thead> + <tbody> + <row> + <entry><emphasis role="bold">names</emphasis></entry> + <entry><emphasis role="bold">java.util.Set&lt;String&gt;</emphasis></entry> + <entry>A set of roles associated with the user accessing the system</entry> + </row> + <row> + <entry><emphasis role="bold">mustMatchAll</emphasis></entry> + <entry><emphasis role="bold">boolean (default: false)</emphasis></entry> + <entry>Indicates whether user must belong to all the specified roles or <emphasis>atleast</emphasis> one of them</entry> + </row> + </tbody> + </tgroup> + </table> + </listitem> + <listitem> + <table> + <title>Boolean Expressions</title> + <tgroup cols="2" align="left" colsep="1" rowset="1"> + <colspec colname='c1'/> + <colspec colname='c2'/> + <thead> + <row> + <entry align="center">Expression</entry> + <entry align="center">Description</entry> + </row> + </thead> + <tbody> + <row> + <entry><emphasis role="bold">allowExpression</emphasis></entry> + <entry>Suggests that the roles indicated by this object are permitted access to the 'Resource'</entry> + </row> + <row> + <entry><emphasis role="bold">denyExpression</emphasis></entry> + <entry>Suggests that the roles indicated by this object are denied access to the 'Resource'</entry> + </row> + </tbody> + </tgroup> + </table> + </listitem> + </itemizedlist> + </para> + </sect2> + </sect1> + <sect1> + <title>Resource Components</title> + <sect2> + <title>URIResource</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> Represents any System Resource uniquely identified by a URI + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.resource.URIResource</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeTarget">Target</link> + </listitem> + <listitem> + <table> + <title>Fields</title> + <tgroup cols="3" align="left" colsep="1" rowset="1"> + <colspec colname='c1'/> + <colspec colname='c2'/> + <colspec colname='c3'/> + <thead> + <row> + <entry align="center">Field Name</entry> + <entry align="center">Type</entry> + <entry align="center">Description</entry> + </row> + </thead> + <tbody> + <row> + <entry><emphasis role="bold">uri</emphasis></entry> + <entry><emphasis role="bold">java.net.URI</emphasis></entry> + <entry>The unique URI that identifies this resource</entry> + </row> + </tbody> + </tgroup> + </table> + </listitem> + </itemizedlist> + </para> + </sect2> + </sect1> + <sect1> + <title>Action Components</title> + <sect2> + <title>Read</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> Represents a <emphasis>read</emphasis> action that can be performed on a Resource. In a <emphasis>CRUD (CREATE, READ, UPDATE, DELETE)</emphasis> + usecase this would represent protection for <emphasis>R</emphasis>. + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.action.Read</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeTarget">Target</link> + </listitem> + + </itemizedlist> + </para> + </sect2> + <sect2> + <title>Write</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> Represents a <emphasis>write</emphasis> action that can be performed on a Resource. In a <emphasis>CRUD (CREATE, READ, UPDATE, DELETE)</emphasis> + usecase this would represent protection for <emphasis>C</emphasis> and <emphasis>U</emphasis>. + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.action.Write</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeTarget">Target</link> + </listitem> + <listitem> + <emphasis role="bold">Implied Action:</emphasis> <emphasis>Read</emphasis> + </listitem> + </itemizedlist> + </para> + </sect2> + <sect2> + <title>Manage</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> Represents a <emphasis>manage</emphasis> action that can be performed on a Resource. In a <emphasis>CRUD (CREATE, READ, UPDATE, DELETE)</emphasis> + usecase this would represent protection for <emphasis>D</emphasis>. + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.action.Manage</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeTarget">Target</link> + </listitem> + <listitem> + <emphasis role="bold">Implied Action:</emphasis> <emphasis>Read</emphasis> and <emphasis>Write</emphasis> + </listitem> + </itemizedlist> + </para> + </sect2> + </sect1> + <sect1> + <title>Environment Components</title> + <sect2> + <title>TimeOfDay</title> + <para> + <itemizedlist> + <listitem> + <emphasis role="bold">Description: </emphasis> Represents the "Time of the Day" information to make an access decision + </listitem> + <listitem> + <emphasis role="bold">Class:</emphasis> <emphasis>org.jboss.security.authz.components.environment.TimeOfDay</emphasis> + </listitem> + <listitem> + <emphasis role="bold">ComponentType:</emphasis><link linkend="componentTypeLogic">Logic</link> + </listitem> + <listitem> + <emphasis role="bold">Boolean Expression Language:</emphasis><emphasis>Drools DRL</emphasis> + </listitem> + <listitem> + <table> + <title>Fields</title> + <tgroup cols="3" align="left" colsep="1" rowset="1"> + <colspec colname='c1'/> + <colspec colname='c2'/> + <colspec colname='c3'/> + <thead> + <row> + <entry align="center">Field Name</entry> + <entry align="center">Type</entry> + <entry align="center">Description</entry> + </row> + </thead> + <tbody> + <row> + <entry><emphasis role="bold">timeofDay</emphasis></entry> + <entry><emphasis role="bold">java.util.Calendar</emphasis></entry> + <entry>Time referring to the hour and minute of a day</entry> + </row> + </tbody> + </tgroup> + </table> + </listitem> + <listitem> + <table> + <title>Boolean Expressions</title> + <tgroup cols="2" align="left" colsep="1" rowset="1"> + <colspec colname='c1'/> + <colspec colname='c2'/> + <thead> + <row> + <entry align="center">Expression</entry> + <entry align="center">Description</entry> + </row> + </thead> + <tbody> + <row> + <entry><emphasis role="bold">matchIfBefore</emphasis></entry> + <entry>Suggests that access should be granted if its performed <emphasis>before</emphasis> the specified time of the day</entry> + </row> + <row> + <entry><emphasis role="bold">matchIfAfter</emphasis></entry> + <entry>Suggests that access should be granted if the its performed <emphasis>after</emphasis> the specified time of the day</entry> + </row> + </tbody> + </tgroup> + </table> + </listitem> + </itemizedlist> + </para> + </sect2> + </sect1> +</chapter>