Seam SVN: r9193 - trunk/doc/Seam_Reference_Guide/en-US. - seam-commits

Sunday, 5 October 2008

Author: shane.bryzak(a)jboss.com
Date: 2008-10-05 02:49:45 -0400 (Sun, 05 Oct 2008)
New Revision: 9193

Modified:
   trunk/doc/Seam_Reference_Guide/en-US/Security.xml
Log:
JBSEAM-3446

Modified: trunk/doc/Seam_Reference_Guide/en-US/Security.xml
===================================================================

--- trunk/doc/Seam_Reference_Guide/en-US/Security.xml	2008-10-04 16:04:51 UTC (rev 9192)
+++ trunk/doc/Seam_Reference_Guide/en-US/Security.xml	2008-10-05 06:49:45 UTC (rev 9193)
@@ -133,9 +133,10 @@
         to authenticate users.  This method takes no parameters, and is expected to
return a boolean, which indicates
         whether authentication is successful or not.  The user's username and
password can be obtained from
         <literal>Credentials.getUsername()</literal> and
<literal>Credentials.getPassword()</literal>,
-        respectively.  Any roles that the user is a member of should be assigned using
-        <literal>Identity.addRole()</literal>. Here's a complete example
of an authentication method
-        inside a POJO component:
+        respectively (you can get a reference to the
<literal>credentials</literal> component via
+        <literal>Identity.instance().getCredentials()</literal>).  Any roles
that the user is a member of 
+        should be assigned using <literal>Identity.addRole()</literal>.
Here's a complete example of an 
+        authentication method inside a POJO component:
       </para>
 
       <programlisting
role="JAVA"><![CDATA[@Name("authenticator")
@@ -2824,10 +2825,9 @@
 
       <para>
         If no expression is specified in the <literal>@Restrict</literal>
annotation, the default security check
-        that is performed is a permission check of
<literal>entityName:action</literal>,
-        where <literal>entityName</literal> is the Seam component name of the
entity (or the fully-qualified class name if no @Name is
-        specified), and the <literal>action</literal> is either
<literal>read</literal>,
-        <literal>insert</literal>, <literal>update</literal> or
<literal>delete</literal>.
+        that is performed is a permission check of
<literal>entity:action</literal>, where the permission target 
+        is the entity instance, and the <literal>action</literal> is either
<literal>read</literal>, <literal>insert</literal>, 
+        <literal>update</literal> or <literal>delete</literal>.
       </para>
 
       <para>


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Seam SVN: r9193 - trunk/doc/Seam_Reference_Guide/en-US.