12:44 a.m.
Author: chris.laprun(a)jboss.com
Date: 2007-10-14 01:44:03 -0400 (Sun, 14 Oct 2007)
New Revision: 8641
Modified:
docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/security.xml
docs/trunk/referenceGuide/en/modules/security.xml
Log:
- Fixed typos.
Modified: docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/security.xml
===================================================================
---
docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/security.xml 2007-10-14
03:23:50 UTC (rev 8640)
+++
docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/security.xml 2007-10-14
05:44:03 UTC (rev 8641)
@@ -56,7 +56,7 @@
</deployment>
</deployments>]]></programlisting>
</para>
- <para>The based principle of the security mechanism is that everything is
restricted unless you grant privileges.
+ <para>The basic principle of the security mechanism is that everything is
restricted unless you grant privileges.
You grant privilege on a portal node by adding a security constraint as
explained here:
<para>
<programlisting><![CDATA[<security-constraint>
@@ -120,12 +120,12 @@
<xref linkend="desc_example_portal"/>
</para>
</sect1>
-
+
<sect1 id="security.security_cms">
<title>Securing the Content Management System</title>
<para>
The JBoss Portal CMS system consists of a directory structure of Files organized
unto their respective Folders. Both Files and Folders are
- considered to be CMS resources that can be secured based on portal Roles and/or
Users.
+ considered to be CMS resources that can be secured based on portal Roles and/or
Users.
</para>
<para>
The following features are supported by the fine grained security system of Portal
CMS:
@@ -155,7 +155,7 @@
<row>
<entry align="center">Permissions</entry>
<entry align="center">Allowed Actions</entry>
- <entry align="center">Implies</entry>
+ <entry align="center">Implies</entry>
</row>
</thead>
<tbody>
@@ -179,10 +179,11 @@
</table>
</para>
<sect2 id="security.security_cms_configuration">
- <title>CMS Security Configuration</title>
- <para>
- The configuration for the CMS Security service is specified in the
jboss-portal.sar/portal-cms.sar/META-INF/jboss-service.xml file. The portion of
- the configuration relevant for securing the CMS service is listed as follows:
+ <title>CMS Security Configuration</title>
+ <para>
+ The configuration for the CMS Security service is specified in the
+
<literal>jboss-portal.sar/portal-cms.sar/META-INF/jboss-service.xml</literal>
+ file. The portion of the configuration relevant for securing the CMS
service is listed as follows:
<programlisting><![CDATA[<!-- interceptor factory where all cms
interceptors are registered -->
<mbean
code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory"
@@ -349,7 +350,7 @@
the Java Authorization Contract for Containers (JACC) which is implemented by J2EE
1.4 Application Servers. This section of
the documentation focuses on defining the framework and its usage and is not an
attempt to define what authorization
is or is not because it is out of scope of this context. Instead we will try to
straightforwardly describe the
- framework and how it is used. No specific knowledge is expected about JACC although
it is a recommanded read.</para>
+ framework and how it is used. No specific knowledge is expected about JACC although
it is a recommended read.</para>
<sect2>
<title>The portal permission</title>
<para>The
<emphasis>org.jboss.portal.security.PortalPermission</emphasis> object is used
to describe a permission for the portal. It extends the
<emphasis>java.security.Permission</emphasis>
@@ -389,7 +390,7 @@
</sect2>
<sect2>
<title>Making a programmatic security check</title>
- <para>Making a security check is an easy thing as it consists in created a
permission of the appropriate type and
+ <para>Making a security check is an easy thing as it consists in creating
a permission of the appropriate type and
make a check against the
<emphasis>org.jboss.portal.spi.auth.PortalAuthorizationManager</emphasis>
service. That
service is used by the portal to make security checks. It is connected to the
different authorization providers
in order to take decisions at runtime based on the type of the permission.
Access to that service is done
@@ -408,7 +409,7 @@
</mbean>
...
</server>]]></programlisting>
- <para>It be injected in the servlet context of a war file in the file
<emphasis>WEB-INF/jboss-portlet.xml</emphasis></para>
+ <para>It can be injected in the servlet context of a war file in the file
<emphasis>WEB-INF/jboss-portlet.xml</emphasis></para>
<programlisting><![CDATA[<?xml version="1.0"
encoding="UTF-8"?>
<!DOCTYPE portlet-app PUBLIC
"-//JBoss Portal//DTD JBoss Portlet 2.6//EN"
@@ -431,7 +432,7 @@
PortalObjectPermission perm = new PortalObjectPermission(id,
PortalObjectPermission.VIEW_MASK);
if (pam.checkPermission(perm) == false)
{
- System.out.println("Current is not authorization to view page " + id);
+ System.out.println("Current user is not authorized to view page " + id);
}</programlisting>
</sect2>
<sect2>
Modified: docs/trunk/referenceGuide/en/modules/security.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/security.xml 2007-10-14 03:23:50 UTC (rev 8640)
+++ docs/trunk/referenceGuide/en/modules/security.xml 2007-10-14 05:44:03 UTC (rev 8641)
@@ -56,7 +56,7 @@
</deployment>
</deployments>]]></programlisting>
</para>
- <para>The based principle of the security mechanism is that everything is
restricted unless you grant privileges.
+ <para>The basic principle of the security mechanism is that everything is
restricted unless you grant privileges.
You grant privilege on a portal node by adding a security constraint as
explained here:
<para>
<programlisting><![CDATA[<security-constraint>
@@ -179,10 +179,11 @@
</table>
</para>
<sect2 id="security.security_cms_configuration">
- <title>CMS Security Configuration</title>
- <para>
- The configuration for the CMS Security service is specified in the
jboss-portal.sar/portal-cms.sar/META-INF/jboss-service.xml file. The portion of
- the configuration relevant for securing the CMS service is listed as follows:
+ <title>CMS Security Configuration</title>
+ <para>
+ The configuration for the CMS Security service is specified in the
+
<literal>jboss-portal.sar/portal-cms.sar/META-INF/jboss-service.xml</literal>
+ file. The portion of the configuration relevant for securing the CMS
service is listed as follows:
<programlisting><![CDATA[<!-- interceptor factory where all cms
interceptors are registered -->
<mbean
code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory"
@@ -349,7 +350,7 @@
the Java Authorization Contract for Containers (JACC) which is implemented by J2EE
1.4 Application Servers. This section of
the documentation focuses on defining the framework and its usage and is not an
attempt to define what authorization
is or is not because it is out of scope of this context. Instead we will try to
straightforwardly describe the
- framework and how it is used. No specific knowledge is expected about JACC although
it is a recommanded read.</para>
+ framework and how it is used. No specific knowledge is expected about JACC although
it is a recommended read.</para>
<sect2>
<title>The portal permission</title>
<para>The
<emphasis>org.jboss.portal.security.PortalPermission</emphasis> object is used
to describe a permission for the portal. It extends the
<emphasis>java.security.Permission</emphasis>
@@ -389,7 +390,7 @@
</sect2>
<sect2>
<title>Making a programmatic security check</title>
- <para>Making a security check is an easy thing as it consists in created a
permission of the appropriate type and
+ <para>Making a security check is an easy thing as it consists in creating
a permission of the appropriate type and
make a check against the
<emphasis>org.jboss.portal.spi.auth.PortalAuthorizationManager</emphasis>
service. That
service is used by the portal to make security checks. It is connected to the
different authorization providers
in order to take decisions at runtime based on the type of the permission.
Access to that service is done
@@ -408,7 +409,7 @@
</mbean>
...
</server>]]></programlisting>
- <para>It be injected in the servlet context of a war file in the file
<emphasis>WEB-INF/jboss-portlet.xml</emphasis></para>
+ <para>It can be injected in the servlet context of a war file in the file
<emphasis>WEB-INF/jboss-portlet.xml</emphasis></para>
<programlisting><
portal-commits@lists.jboss.org